$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2716/39H3nJFNdMnuyTYMETANeVXeXOA.roa File: 39H3nJFNdMnuyTYMETANeVXeXOA.roa (raw, json) Hash identifier: J8gc9jE/fWv1uI9a8DlY2fjAb3nIpb/A0SMg4gN2XcY= Subject key identifier: DF:D1:F7:9C:91:4D:74:C9:EE:C9:36:0C:11:30:0D:79:55:DE:5C:E0 Certificate issuer: /CN=39EE852FE138CDEDC5B42D11A34295D109AD4925 Certificate serial: 2B Authority key identifier: 39:EE:85:2F:E1:38:CD:ED:C5:B4:2D:11:A3:42:95:D1:09:AD:49:25 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Oe6FL-E4ze3FtC0Ro0KV0QmtSSU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2716/39H3nJFNdMnuyTYMETANeVXeXOA.roa Signing time: Thu 17 Apr 2025 11:34:27 +0000 ROA not before: Thu 17 Apr 2025 11:34:27 +0000 ROA not after: Wed 15 Apr 2026 09:08:30 +0000 asID: 55933 IP address blocks: 103.118.240.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2716/Oe6FL-E4ze3FtC0Ro0KV0QmtSSU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2716/Oe6FL-E4ze3FtC0Ro0KV0QmtSSU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Oe6FL-E4ze3FtC0Ro0KV0QmtSSU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 26 Apr 2025 15:36:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 43 (0x2b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=39EE852FE138CDEDC5B42D11A34295D109AD4925 Validity Not Before: Apr 17 11:34:27 2025 GMT Not After : Apr 15 09:08:30 2026 GMT Subject: CN=DFD1F79C914D74C9EEC9360C11300D7955DE5CE0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:44:f5:59:bc:ff:a6:39:54:3a:9f:37:7a:8a: 81:95:87:d7:f8:18:2a:8c:90:01:79:e9:46:7c:2d: 42:41:4c:ec:1f:35:dd:8a:b4:9c:f7:88:81:b7:18: 27:56:34:53:1f:16:5f:91:7a:45:9b:76:b9:48:40: 67:ab:77:65:3c:a6:4c:61:d5:a0:68:cf:58:94:02: f7:c1:34:aa:ad:8f:87:dc:48:88:01:50:db:77:da: 69:fa:8b:71:4c:0f:6a:49:ae:d9:bb:b0:79:bd:11: 97:d7:22:fb:27:2f:d8:f2:c8:d0:1f:a5:94:b9:b2: ef:70:f0:ae:72:2d:df:a6:3b:24:2b:22:11:7e:46: 9b:8d:83:f0:ec:22:67:11:2c:ec:a5:fe:67:1a:57: 43:38:f1:63:98:67:23:1d:51:41:c8:38:fa:0f:92: ca:59:8e:3c:53:ae:59:83:fd:55:12:4c:5c:01:b5: de:56:fe:b4:16:84:d8:80:35:34:44:5e:7b:47:07: e4:03:27:f6:e9:8f:6f:2a:93:10:7b:33:fc:d4:62: 96:a1:5c:35:14:3e:eb:05:a4:e8:ac:f4:57:50:22: 57:82:5d:f5:63:66:df:b2:10:48:ea:cd:d4:b5:8f: 68:c5:9a:bc:cd:59:67:50:10:4b:8c:4f:a4:81:cb: 3f:21 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DF:D1:F7:9C:91:4D:74:C9:EE:C9:36:0C:11:30:0D:79:55:DE:5C:E0 X509v3 Authority Key Identifier: keyid:39:EE:85:2F:E1:38:CD:ED:C5:B4:2D:11:A3:42:95:D1:09:AD:49:25 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2716/Oe6FL-E4ze3FtC0Ro0KV0QmtSSU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Oe6FL-E4ze3FtC0Ro0KV0QmtSSU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2716/39H3nJFNdMnuyTYMETANeVXeXOA.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.118.240.0/22 Signature Algorithm: sha256WithRSAEncryption be:b3:e7:d8:32:fb:53:2a:ee:7d:5e:34:93:39:b1:b2:08:a9: 12:9b:64:1c:94:07:12:ee:c1:73:27:7a:31:4b:a4:10:81:b2: c5:40:92:87:1a:5a:14:58:7e:6a:25:0a:2f:e9:69:20:9e:61: 73:7d:13:7c:9f:9a:68:6d:d1:12:38:7b:90:0b:62:85:48:49: 0c:c1:2d:58:0d:73:ac:1e:f9:c2:b8:ec:16:b6:a5:19:d7:25: bd:28:3e:ed:a8:1b:dd:f1:59:9a:5f:82:c5:e8:d4:11:92:30: 2b:50:c7:68:a7:1e:48:3d:bf:31:f6:5f:78:d8:60:47:aa:97: ca:d8:d3:33:07:4f:2a:9a:2c:dc:d3:da:88:bf:38:3e:f2:0c: 2c:ff:1c:95:50:90:59:ed:db:20:26:2c:8d:4a:fd:7c:c6:93: e7:c7:eb:87:63:74:bc:83:c6:f7:a5:d1:68:7d:7f:3f:1b:4d: 54:7a:57:f5:b6:c6:5d:cd:e7:4d:34:94:00:d8:7d:d8:84:bb: 1e:8c:b3:6a:15:cc:cc:fe:98:24:a3:9e:b4:96:49:23:4d:1e: da:d4:53:fc:a4:53:31:79:bb:82:c0:49:d2:a1:4a:26:4f:a1: 2f:86:03:8f:c7:76:6a:08:57:a9:b9:4d:02:fc:48:de:b3:70: d1:7d:68:0a -----BEGIN CERTIFICATE----- MIIE1jCCA76gAwIBAgIBKzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygzOUVF ODUyRkUxMzhDREVEQzVCNDJEMTFBMzQyOTVEMTA5QUQ0OTI1MB4XDTI1MDQxNzEx MzQyN1oXDTI2MDQxNTA5MDgzMFowMzExMC8GA1UEAxMoREZEMUY3OUM5MTRENzRD OUVFQzkzNjBDMTEzMDBENzk1NURFNUNFMDCCASIwDQYJKoZIhvcNAQEBBQADggEP ADCCAQoCggEBAKRE9Vm8/6Y5VDqfN3qKgZWH1/gYKoyQAXnpRnwtQkFM7B813Yq0 nPeIgbcYJ1Y0Ux8WX5F6RZt2uUhAZ6t3ZTymTGHVoGjPWJQC98E0qq2Ph9xIiAFQ 23faafqLcUwPakmu2buweb0Rl9ci+ycv2PLI0B+llLmy73DwrnIt36Y7JCsiEX5G m42D8OwiZxEs7KX+ZxpXQzjxY5hnIx1RQcg4+g+SylmOPFOuWYP9VRJMXAG13lb+ tBaE2IA1NERee0cH5AMn9umPbyqTEHsz/NRilqFcNRQ+6wWk6Kz0V1AiV4Jd9WNm 37IQSOrN1LWPaMWavM1ZZ1AQS4xPpIHLPyECAwEAAaOCAfMwggHvMB0GA1UdDgQW BBTf0feckU10ye7JNgwRMA15Vd5c4DAfBgNVHSMEGDAWgBQ57oUv4TjN7cW0LRGj QpXRCa1JJTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMF0GA1UdHwRWMFQwUqBQ oE6GTHJzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC8yNzE2 L09lNkZMLUU0emUzRnRDMFJvMEtWMFFtdFNTVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvT2U2RkwtRTR6ZTNGdEMwUm8wS1YwUW10U1NVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZ0GCCsGAQUFBwELBIGQMIGNMFgGCCsGAQUFBzALhkxyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjcxNi8zOUgzbkpGTmRNbnV5 VFlNRVRBTmVWWGVYT0Eucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25u aWMuY24vcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQCZ3bwMA0GCSqGSIb3DQEBCwUAA4IBAQC+s+fYMvtTKu59XjSTObGyCKkSm2Qc lAcS7sFzJ3oxS6QQgbLFQJKHGloUWH5qJQov6WkgnmFzfRN8n5pobdESOHuQC2KF SEkMwS1YDXOsHvnCuOwWtqUZ1yW9KD7tqBvd8VmaX4LF6NQRkjArUMdopx5IPb8x 9l942GBHqpfK2NMzB08qmizc09qIvzg+8gws/xyVUJBZ7dsgJiyNSv18xpPnx+uH Y3S8g8b3pdFofX8/G01Uelf1tsZdzedNNJQA2H3YhLsejLNqFczM/pgko560lkkj TR7a1FP8pFMxebuCwEnSoUomT6EvhgOPx3ZqCFepuU0C/Ejes3DRfWgK -----END CERTIFICATE-----Generated at Sat Apr 26 15:23:47 2025 by rpki-client