$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2716/M2-YzrvnOVitIpdiFLlkpB0r26w.roa File: M2-YzrvnOVitIpdiFLlkpB0r26w.roa (raw, json) Hash identifier: OVNYX7C7n7PCDfAYWaoShUnXRu2byyciFekfEdGVooM= Subject key identifier: 33:6F:98:CE:BB:E7:39:58:AD:22:97:62:14:B9:64:A4:1D:2B:DB:AC Certificate issuer: /CN=39EE852FE138CDEDC5B42D11A34295D109AD4925 Certificate serial: 22 Authority key identifier: 39:EE:85:2F:E1:38:CD:ED:C5:B4:2D:11:A3:42:95:D1:09:AD:49:25 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Oe6FL-E4ze3FtC0Ro0KV0QmtSSU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2716/M2-YzrvnOVitIpdiFLlkpB0r26w.roa Signing time: Thu 17 Apr 2025 11:31:19 +0000 ROA not before: Thu 17 Apr 2025 11:31:19 +0000 ROA not after: Wed 15 Apr 2026 09:08:30 +0000 asID: 55933 IP address blocks: 103.132.164.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2716/Oe6FL-E4ze3FtC0Ro0KV0QmtSSU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2716/Oe6FL-E4ze3FtC0Ro0KV0QmtSSU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Oe6FL-E4ze3FtC0Ro0KV0QmtSSU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 26 Apr 2025 15:36:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 34 (0x22) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=39EE852FE138CDEDC5B42D11A34295D109AD4925 Validity Not Before: Apr 17 11:31:19 2025 GMT Not After : Apr 15 09:08:30 2026 GMT Subject: CN=336F98CEBBE73958AD22976214B964A41D2BDBAC Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d1:20:5a:92:80:85:a5:3f:cb:9a:3a:fd:13:1a: 51:ec:ba:0a:57:5d:5e:53:bc:e4:a7:bb:0b:d5:71: 4f:aa:5e:8d:6e:62:8c:50:2c:f6:80:a9:8f:86:b5: eb:57:64:80:9b:90:8c:69:79:bc:06:df:2d:8e:94: 62:8b:c9:0f:a5:fb:94:cf:d7:68:0f:33:71:cc:da: f6:c6:26:d5:4d:73:04:87:d9:37:bc:94:a8:04:4e: cf:19:6d:7b:d4:7b:17:e1:24:1c:78:3a:54:24:54: 99:61:f1:ec:5e:0f:c4:81:15:95:5c:9f:ae:08:64: 3c:8c:cc:55:14:e0:26:4c:21:d6:3b:2c:37:be:e8: fe:c4:4c:33:85:78:dc:fd:00:4a:12:89:3a:e9:a7: 79:36:72:8e:3d:79:f5:d1:c4:0d:68:c0:15:b5:75: df:bd:9c:ca:eb:c1:26:17:0c:11:24:3d:09:47:20: 0e:39:c2:4f:39:57:5a:58:74:8b:83:3c:11:ad:88: 1a:93:01:e7:68:8c:99:c6:20:e0:0a:01:ef:37:07: ed:b3:e0:9f:55:79:50:74:99:2c:e4:10:99:a8:35: e9:4c:b1:b6:2b:17:e4:8a:94:fd:81:d4:6a:ae:39: b0:b4:84:ed:c5:27:ff:d1:a2:e6:79:9a:46:7f:83: 6e:ad Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 33:6F:98:CE:BB:E7:39:58:AD:22:97:62:14:B9:64:A4:1D:2B:DB:AC X509v3 Authority Key Identifier: keyid:39:EE:85:2F:E1:38:CD:ED:C5:B4:2D:11:A3:42:95:D1:09:AD:49:25 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2716/Oe6FL-E4ze3FtC0Ro0KV0QmtSSU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Oe6FL-E4ze3FtC0Ro0KV0QmtSSU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2716/M2-YzrvnOVitIpdiFLlkpB0r26w.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.132.164.0/22 Signature Algorithm: sha256WithRSAEncryption ad:dd:41:35:ec:1c:e8:1e:d0:00:5d:b0:48:e7:e1:b1:e3:46: be:00:ae:a2:a3:a9:c2:0d:1e:5e:e7:3b:b0:65:4a:13:71:95: fc:50:0f:27:c9:3d:b2:66:01:3d:99:e6:ef:9b:40:3f:e3:fd: b1:5e:00:28:04:eb:49:9d:14:0c:05:c9:04:4b:10:bb:e3:33: c5:17:0f:fb:04:8d:4a:54:7f:d5:ab:8e:70:65:ce:85:04:eb: 24:62:45:75:f8:c6:56:2c:6c:fe:a4:82:3d:33:9d:f5:fc:16: 8e:56:ad:a4:d8:c3:6b:77:a1:a9:58:fd:e1:c4:98:49:c6:28: 94:7d:ec:6c:b1:fc:96:cd:fe:75:f4:3d:c9:0a:35:f3:6d:2f: 80:95:9c:ee:fe:77:d9:b3:5e:1d:48:ac:f0:20:85:8d:38:62: ce:b0:88:a9:30:63:9d:a1:0c:69:aa:63:4c:d4:b5:d6:33:14: 81:7d:3a:46:7b:f5:1b:04:67:e6:c0:40:40:c1:33:8f:4f:8c: f9:43:83:2b:4a:2e:07:8a:5a:c0:ce:15:66:77:ff:09:c3:6e: 29:a0:22:33:21:0c:4e:7b:c2:96:0b:dc:aa:fa:e4:d5:13:94: a1:10:2b:a0:af:dc:71:95:a4:43:35:04:99:be:48:b8:09:89: 36:97:a2:2e -----BEGIN CERTIFICATE----- MIIE1jCCA76gAwIBAgIBIjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygzOUVF ODUyRkUxMzhDREVEQzVCNDJEMTFBMzQyOTVEMTA5QUQ0OTI1MB4XDTI1MDQxNzEx MzExOVoXDTI2MDQxNTA5MDgzMFowMzExMC8GA1UEAxMoMzM2Rjk4Q0VCQkU3Mzk1 OEFEMjI5NzYyMTRCOTY0QTQxRDJCREJBQzCCASIwDQYJKoZIhvcNAQEBBQADggEP ADCCAQoCggEBANEgWpKAhaU/y5o6/RMaUey6ClddXlO85Ke7C9VxT6pejW5ijFAs 9oCpj4a161dkgJuQjGl5vAbfLY6UYovJD6X7lM/XaA8zccza9sYm1U1zBIfZN7yU qAROzxlte9R7F+EkHHg6VCRUmWHx7F4PxIEVlVyfrghkPIzMVRTgJkwh1jssN77o /sRMM4V43P0AShKJOumneTZyjj159dHEDWjAFbV1372cyuvBJhcMESQ9CUcgDjnC TzlXWlh0i4M8Ea2IGpMB52iMmcYg4AoB7zcH7bPgn1V5UHSZLOQQmag16UyxtisX 5IqU/YHUaq45sLSE7cUn/9Gi5nmaRn+Dbq0CAwEAAaOCAfMwggHvMB0GA1UdDgQW BBQzb5jOu+c5WK0il2IUuWSkHSvbrDAfBgNVHSMEGDAWgBQ57oUv4TjN7cW0LRGj QpXRCa1JJTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMF0GA1UdHwRWMFQwUqBQ oE6GTHJzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC8yNzE2 L09lNkZMLUU0emUzRnRDMFJvMEtWMFFtdFNTVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvT2U2RkwtRTR6ZTNGdEMwUm8wS1YwUW10U1NVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZ0GCCsGAQUFBwELBIGQMIGNMFgGCCsGAQUFBzALhkxyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjcxNi9NMi1ZenJ2bk9WaXRJ cGRpRkxsa3BCMHIyNncucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25u aWMuY24vcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQCZ4SkMA0GCSqGSIb3DQEBCwUAA4IBAQCt3UE17BzoHtAAXbBI5+Gx40a+AK6i o6nCDR5e5zuwZUoTcZX8UA8nyT2yZgE9mebvm0A/4/2xXgAoBOtJnRQMBckESxC7 4zPFFw/7BI1KVH/Vq45wZc6FBOskYkV1+MZWLGz+pII9M531/BaOVq2k2MNrd6Gp WP3hxJhJxiiUfexssfyWzf519D3JCjXzbS+AlZzu/nfZs14dSKzwIIWNOGLOsIip MGOdoQxpqmNM1LXWMxSBfTpGe/UbBGfmwEBAwTOPT4z5Q4MrSi4HilrAzhVmd/8J w24poCIzIQxOe8KWC9yq+uTVE5ShECugr9xxlaRDNQSZvki4CYk2l6Iu -----END CERTIFICATE-----Generated at Sat Apr 26 15:23:07 2025 by rpki-client