$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2716/49dUJyCbZlP6V1UUscvcIGmwu4k.roa File: 49dUJyCbZlP6V1UUscvcIGmwu4k.roa (raw, json) Hash identifier: OaGZIk8Vnq97/yBwlhfpJMIOHWm+xwmwAM/+tMdoahM= Subject key identifier: E3:D7:54:27:20:9B:66:53:FA:57:55:14:B1:CB:DC:20:69:B0:BB:89 Certificate issuer: /CN=39EE852FE138CDEDC5B42D11A34295D109AD4925 Certificate serial: 18 Authority key identifier: 39:EE:85:2F:E1:38:CD:ED:C5:B4:2D:11:A3:42:95:D1:09:AD:49:25 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Oe6FL-E4ze3FtC0Ro0KV0QmtSSU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2716/49dUJyCbZlP6V1UUscvcIGmwu4k.roa Signing time: Thu 17 Apr 2025 11:31:17 +0000 ROA not before: Thu 17 Apr 2025 11:31:17 +0000 ROA not after: Wed 15 Apr 2026 09:08:30 +0000 asID: 55933 IP address blocks: 103.118.200.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2716/Oe6FL-E4ze3FtC0Ro0KV0QmtSSU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2716/Oe6FL-E4ze3FtC0Ro0KV0QmtSSU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Oe6FL-E4ze3FtC0Ro0KV0QmtSSU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 26 Apr 2025 15:36:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 24 (0x18) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=39EE852FE138CDEDC5B42D11A34295D109AD4925 Validity Not Before: Apr 17 11:31:17 2025 GMT Not After : Apr 15 09:08:30 2026 GMT Subject: CN=E3D75427209B6653FA575514B1CBDC2069B0BB89 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dc:d3:99:ed:14:82:8a:e1:3c:97:86:60:cb:49: ad:fd:ba:3e:48:0a:36:7a:c2:19:1d:4c:6d:01:aa: e8:27:36:5f:f8:a0:69:d5:0c:b6:c9:c4:85:c1:f0: 25:2c:81:fc:a8:25:81:0e:53:4e:b5:07:2b:0e:b8: e4:8d:a4:04:0c:95:46:bc:5e:7d:7c:e0:79:6f:c2: 15:ac:5a:43:0f:c5:ae:cd:3c:bb:84:0a:bc:2d:d9: 4d:69:46:c7:ac:40:da:3e:9f:5c:5b:96:78:f1:7d: 59:d1:c3:72:0c:58:93:c8:01:7b:22:b7:53:3b:8f: fb:b7:96:db:74:95:ae:95:8f:08:ad:b3:09:a1:fb: 9d:47:b9:bc:80:fb:2f:e4:f8:c3:6c:39:20:69:a2: 00:8f:7e:e4:d6:a9:db:e0:92:67:c8:13:55:af:a4: bc:63:63:f9:13:90:d3:5f:d4:56:6b:8c:47:8e:74: f5:f4:89:e2:5a:c8:35:34:a4:da:12:e8:97:85:b9: a4:e2:90:32:5e:2f:00:c5:06:80:29:3a:da:2d:28: 87:cb:b8:ca:af:e8:22:84:6d:71:52:f0:02:9f:3c: 14:d8:2d:67:14:90:06:e0:b5:fd:43:6f:cc:68:c9: 8f:e9:d1:cb:00:66:c4:69:72:79:ca:fe:ab:ec:8a: b1:15 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E3:D7:54:27:20:9B:66:53:FA:57:55:14:B1:CB:DC:20:69:B0:BB:89 X509v3 Authority Key Identifier: keyid:39:EE:85:2F:E1:38:CD:ED:C5:B4:2D:11:A3:42:95:D1:09:AD:49:25 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2716/Oe6FL-E4ze3FtC0Ro0KV0QmtSSU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Oe6FL-E4ze3FtC0Ro0KV0QmtSSU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2716/49dUJyCbZlP6V1UUscvcIGmwu4k.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.118.200.0/22 Signature Algorithm: sha256WithRSAEncryption 9f:28:5a:e1:94:35:54:82:cb:9a:de:2e:69:03:16:3c:11:44: 65:fd:00:22:7a:d8:63:38:9c:eb:7c:c2:ac:b2:ff:8d:67:59: b9:bc:d9:48:a5:b2:5b:03:82:63:fa:e1:86:46:1a:7f:c8:c2: 4a:08:9c:23:63:19:63:5a:81:cc:4d:cd:ee:08:46:5e:fe:97: b3:ea:58:8a:a3:bc:05:34:78:b4:e2:ea:6c:7e:e4:68:14:66: 9f:71:d8:ed:a6:c3:e9:00:c1:48:95:04:40:70:12:13:a3:d6: b8:19:4c:bf:e7:e6:8d:a4:aa:f0:bb:56:6e:ec:b6:d3:66:06: a9:0c:5d:2e:5e:71:02:ac:cf:15:c0:6f:e6:f8:e2:f0:b1:7d: f7:4c:7f:9d:20:30:16:38:bd:6d:7c:c7:17:69:21:6c:f7:73: b7:58:68:82:6f:e8:cb:5e:87:ea:a7:f3:ea:f9:14:f5:85:fd: c3:2a:89:dd:96:ce:9b:47:2f:61:7d:5d:d3:5b:a7:7f:8c:f5: de:01:6c:8e:55:56:4d:8b:61:7d:5a:02:60:d2:59:56:7d:b9: 1c:61:ef:04:bf:b9:73:3a:36:1e:d4:ba:5e:cc:b2:83:7e:49: f1:55:02:ec:c2:07:04:13:e2:d1:f3:a4:71:a2:0a:6c:8e:b5: fc:4c:8a:06 -----BEGIN CERTIFICATE----- MIIE1jCCA76gAwIBAgIBGDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygzOUVF ODUyRkUxMzhDREVEQzVCNDJEMTFBMzQyOTVEMTA5QUQ0OTI1MB4XDTI1MDQxNzEx MzExN1oXDTI2MDQxNTA5MDgzMFowMzExMC8GA1UEAxMoRTNENzU0MjcyMDlCNjY1 M0ZBNTc1NTE0QjFDQkRDMjA2OUIwQkI4OTCCASIwDQYJKoZIhvcNAQEBBQADggEP ADCCAQoCggEBANzTme0UgorhPJeGYMtJrf26PkgKNnrCGR1MbQGq6Cc2X/igadUM tsnEhcHwJSyB/KglgQ5TTrUHKw645I2kBAyVRrxefXzgeW/CFaxaQw/Frs08u4QK vC3ZTWlGx6xA2j6fXFuWePF9WdHDcgxYk8gBeyK3UzuP+7eW23SVrpWPCK2zCaH7 nUe5vID7L+T4w2w5IGmiAI9+5Nap2+CSZ8gTVa+kvGNj+ROQ01/UVmuMR4509fSJ 4lrINTSk2hLol4W5pOKQMl4vAMUGgCk62i0oh8u4yq/oIoRtcVLwAp88FNgtZxSQ BuC1/UNvzGjJj+nRywBmxGlyecr+q+yKsRUCAwEAAaOCAfMwggHvMB0GA1UdDgQW BBTj11QnIJtmU/pXVRSxy9wgabC7iTAfBgNVHSMEGDAWgBQ57oUv4TjN7cW0LRGj QpXRCa1JJTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMF0GA1UdHwRWMFQwUqBQ oE6GTHJzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC8yNzE2 L09lNkZMLUU0emUzRnRDMFJvMEtWMFFtdFNTVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvT2U2RkwtRTR6ZTNGdEMwUm8wS1YwUW10U1NVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZ0GCCsGAQUFBwELBIGQMIGNMFgGCCsGAQUFBzALhkxyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjcxNi80OWRVSnlDYlpsUDZW MVVVc2N2Y0lHbXd1NGsucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25u aWMuY24vcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQCZ3bIMA0GCSqGSIb3DQEBCwUAA4IBAQCfKFrhlDVUgsua3i5pAxY8EURl/QAi ethjOJzrfMKssv+NZ1m5vNlIpbJbA4Jj+uGGRhp/yMJKCJwjYxljWoHMTc3uCEZe /pez6liKo7wFNHi04upsfuRoFGafcdjtpsPpAMFIlQRAcBITo9a4GUy/5+aNpKrw u1Zu7LbTZgapDF0uXnECrM8VwG/m+OLwsX33TH+dIDAWOL1tfMcXaSFs93O3WGiC b+jLXofqp/Pq+RT1hf3DKondls6bRy9hfV3TW6d/jPXeAWyOVVZNi2F9WgJg0llW fbkcYe8Ev7lzOjYe1LpezLKDfknxVQLswgcEE+LR86RxogpsjrX8TIoG -----END CERTIFICATE-----Generated at Sat Apr 26 15:27:24 2025 by rpki-client