$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2716/ASx3AAaMDHrTWga3TlhLZoJtslE.roa File: ASx3AAaMDHrTWga3TlhLZoJtslE.roa (raw, json) Hash identifier: x3iZQareiEVvVFSCfKJwoXTtLBpOPJyxppDpjSut5eE= Subject key identifier: 01:2C:77:00:06:8C:0C:7A:D3:5A:06:B7:4E:58:4B:66:82:6D:B2:51 Certificate issuer: /CN=39EE852FE138CDEDC5B42D11A34295D109AD4925 Certificate serial: 27 Authority key identifier: 39:EE:85:2F:E1:38:CD:ED:C5:B4:2D:11:A3:42:95:D1:09:AD:49:25 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Oe6FL-E4ze3FtC0Ro0KV0QmtSSU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2716/ASx3AAaMDHrTWga3TlhLZoJtslE.roa Signing time: Thu 17 Apr 2025 11:34:26 +0000 ROA not before: Thu 17 Apr 2025 11:34:26 +0000 ROA not after: Wed 15 Apr 2026 09:08:30 +0000 asID: 138968 IP address blocks: 103.115.64.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2716/Oe6FL-E4ze3FtC0Ro0KV0QmtSSU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2716/Oe6FL-E4ze3FtC0Ro0KV0QmtSSU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Oe6FL-E4ze3FtC0Ro0KV0QmtSSU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 26 Apr 2025 20:36:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 39 (0x27) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=39EE852FE138CDEDC5B42D11A34295D109AD4925 Validity Not Before: Apr 17 11:34:26 2025 GMT Not After : Apr 15 09:08:30 2026 GMT Subject: CN=012C7700068C0C7AD35A06B74E584B66826DB251 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:5d:1d:74:5d:0d:31:2b:f6:2d:15:c5:7d:c3: dd:47:6a:35:8c:31:1e:8f:66:ec:d4:49:52:67:e3: dc:8b:bc:db:b4:da:2e:1f:6a:9e:10:0a:89:15:f6: 86:c7:4e:85:9b:62:7b:96:be:55:4b:18:df:e5:0b: d9:89:91:ad:33:55:32:13:bb:b0:88:b6:ab:e3:79: 38:a8:ba:b4:57:56:b7:86:df:b7:92:6c:09:25:1c: 55:49:5e:f5:6a:85:6e:b6:d0:36:e4:8f:6f:09:97: 9c:77:d9:59:fa:c5:58:ba:43:ee:db:9c:36:0a:81: 58:85:34:0d:33:bc:72:58:36:7a:00:d5:35:76:a4: ef:7b:fe:00:b6:65:e1:45:a4:da:e3:ca:f0:d5:83: 2d:0b:91:e9:b0:8e:9c:6d:a7:7e:09:6b:c3:1c:16: 15:d0:ab:05:d6:e6:b5:d9:01:da:38:20:07:3e:93: 27:cd:5e:5f:52:fa:2f:d0:1e:fc:6d:d9:2e:ac:08: cb:fb:e2:6c:4a:ae:a5:d7:19:af:d9:0c:d6:c0:7f: 82:65:27:d4:10:3d:03:0a:04:1b:c0:88:a4:ea:d2: e7:b7:21:e3:ce:45:ff:7d:80:2f:0e:e0:f4:35:d5: 85:db:8b:94:84:96:66:6b:6e:59:89:09:e0:fe:1d: fe:1b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 01:2C:77:00:06:8C:0C:7A:D3:5A:06:B7:4E:58:4B:66:82:6D:B2:51 X509v3 Authority Key Identifier: keyid:39:EE:85:2F:E1:38:CD:ED:C5:B4:2D:11:A3:42:95:D1:09:AD:49:25 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2716/Oe6FL-E4ze3FtC0Ro0KV0QmtSSU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Oe6FL-E4ze3FtC0Ro0KV0QmtSSU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2716/ASx3AAaMDHrTWga3TlhLZoJtslE.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.115.64.0/22 Signature Algorithm: sha256WithRSAEncryption 6a:d2:e4:df:28:b8:de:84:58:f9:57:96:fa:17:c7:c4:3a:00: f9:16:1f:6b:d3:1a:ed:d9:81:30:61:87:98:f4:ef:97:c6:66: 9e:58:ca:68:c3:72:53:ea:56:50:89:10:09:2b:6b:ee:4d:d2: b6:53:3a:4c:dc:40:ea:d6:3a:23:55:c7:c8:1d:ac:e5:c9:66: 9f:95:6f:a8:99:25:1f:db:d9:8d:54:4f:56:89:30:83:68:97: be:45:62:4b:40:df:c3:18:0c:82:1b:26:09:d8:8c:94:4d:66: b8:c0:28:3d:0e:5a:0b:51:74:ec:8d:d5:c6:8e:0b:96:2c:59: 7d:89:0b:e5:ee:eb:e2:04:f6:9f:4f:4a:10:11:89:ea:2c:12: 60:b2:71:52:a0:bf:2d:8d:0d:d0:f0:5d:53:1d:40:3c:2f:52: fc:a3:65:81:0d:33:e3:c7:6b:5d:4a:cb:30:16:0d:87:b1:67: a6:e8:4a:cf:a7:29:aa:3d:37:2f:d5:65:70:32:fd:3b:03:46: 2b:b5:79:aa:9a:86:68:39:d9:d8:4e:30:6e:e4:e5:a2:a0:49: 63:3f:a4:8b:ae:7c:c1:0a:a3:72:c3:cb:d6:8b:42:8f:86:1d: 51:f9:e2:9c:74:5f:b1:58:eb:d5:24:8a:81:6c:93:dc:ae:86: ac:8b:23:ea -----BEGIN CERTIFICATE----- MIIE1jCCA76gAwIBAgIBJzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygzOUVF ODUyRkUxMzhDREVEQzVCNDJEMTFBMzQyOTVEMTA5QUQ0OTI1MB4XDTI1MDQxNzEx MzQyNloXDTI2MDQxNTA5MDgzMFowMzExMC8GA1UEAxMoMDEyQzc3MDAwNjhDMEM3 QUQzNUEwNkI3NEU1ODRCNjY4MjZEQjI1MTCCASIwDQYJKoZIhvcNAQEBBQADggEP ADCCAQoCggEBAMBdHXRdDTEr9i0VxX3D3UdqNYwxHo9m7NRJUmfj3Iu827TaLh9q nhAKiRX2hsdOhZtie5a+VUsY3+UL2YmRrTNVMhO7sIi2q+N5OKi6tFdWt4bft5Js CSUcVUle9WqFbrbQNuSPbwmXnHfZWfrFWLpD7tucNgqBWIU0DTO8clg2egDVNXak 73v+ALZl4UWk2uPK8NWDLQuR6bCOnG2nfglrwxwWFdCrBdbmtdkB2jggBz6TJ81e X1L6L9Ae/G3ZLqwIy/vibEqupdcZr9kM1sB/gmUn1BA9AwoEG8CIpOrS57ch485F /32ALw7g9DXVhduLlISWZmtuWYkJ4P4d/hsCAwEAAaOCAfMwggHvMB0GA1UdDgQW BBQBLHcABowMetNaBrdOWEtmgm2yUTAfBgNVHSMEGDAWgBQ57oUv4TjN7cW0LRGj QpXRCa1JJTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMF0GA1UdHwRWMFQwUqBQ oE6GTHJzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC8yNzE2 L09lNkZMLUU0emUzRnRDMFJvMEtWMFFtdFNTVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvT2U2RkwtRTR6ZTNGdEMwUm8wS1YwUW10U1NVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZ0GCCsGAQUFBwELBIGQMIGNMFgGCCsGAQUFBzALhkxyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjcxNi9BU3gzQUFhTURIclRX Z2EzVGxoTFpvSnRzbEUucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25u aWMuY24vcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQCZ3NAMA0GCSqGSIb3DQEBCwUAA4IBAQBq0uTfKLjehFj5V5b6F8fEOgD5Fh9r 0xrt2YEwYYeY9O+XxmaeWMpow3JT6lZQiRAJK2vuTdK2UzpM3EDq1jojVcfIHazl yWaflW+omSUf29mNVE9WiTCDaJe+RWJLQN/DGAyCGyYJ2IyUTWa4wCg9DloLUXTs jdXGjguWLFl9iQvl7uviBPafT0oQEYnqLBJgsnFSoL8tjQ3Q8F1THUA8L1L8o2WB DTPjx2tdSsswFg2HsWem6ErPpymqPTcv1WVwMv07A0YrtXmqmoZoOdnYTjBu5OWi oEljP6SLrnzBCqNyw8vWi0KPhh1R+eKcdF+xWOvVJIqBbJPcroasiyPq -----END CERTIFICATE-----Generated at Sat Apr 26 17:33:21 2025 by rpki-client