$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2716/ZN0bra7cpetuIRyGb5gVKAIcquA.roa File: ZN0bra7cpetuIRyGb5gVKAIcquA.roa (raw, json) Hash identifier: Cxkikasml3hgmyrKi0emy26YCXPd4/W+zxwUktWsde4= Subject key identifier: 64:DD:1B:AD:AE:DC:A5:EB:6E:21:1C:86:6F:98:15:28:02:1C:AA:E0 Certificate issuer: /CN=39EE852FE138CDEDC5B42D11A34295D109AD4925 Certificate serial: 19 Authority key identifier: 39:EE:85:2F:E1:38:CD:ED:C5:B4:2D:11:A3:42:95:D1:09:AD:49:25 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Oe6FL-E4ze3FtC0Ro0KV0QmtSSU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2716/ZN0bra7cpetuIRyGb5gVKAIcquA.roa Signing time: Thu 17 Apr 2025 11:31:17 +0000 ROA not before: Thu 17 Apr 2025 11:31:17 +0000 ROA not after: Wed 15 Apr 2026 09:08:30 +0000 asID: 55933 IP address blocks: 103.118.204.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2716/Oe6FL-E4ze3FtC0Ro0KV0QmtSSU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2716/Oe6FL-E4ze3FtC0Ro0KV0QmtSSU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Oe6FL-E4ze3FtC0Ro0KV0QmtSSU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 26 Apr 2025 15:36:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 25 (0x19) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=39EE852FE138CDEDC5B42D11A34295D109AD4925 Validity Not Before: Apr 17 11:31:17 2025 GMT Not After : Apr 15 09:08:30 2026 GMT Subject: CN=64DD1BADAEDCA5EB6E211C866F981528021CAAE0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:17:a2:f5:ff:a6:11:1f:be:43:ce:24:fd:74: 92:6e:b8:32:97:f0:08:2b:17:0f:bd:6e:af:46:7f: 7d:27:14:d3:55:ae:fa:c9:43:bd:fe:e0:f8:73:04: 1d:53:5d:2e:29:17:76:f5:35:d5:00:ed:5c:35:46: a7:ea:35:e9:17:22:f3:f0:a8:55:7f:18:28:9e:a2: ed:68:59:ab:3a:14:df:07:82:fd:c8:64:8d:f4:fd: a2:90:df:45:26:55:65:f9:82:85:46:b6:20:5d:e0: 35:47:e7:cf:58:86:63:c0:fc:b7:93:d8:72:57:73: 8d:ce:ce:25:eb:1a:e1:65:4c:ae:95:99:2b:83:ae: 6a:84:9d:e9:27:b8:51:b2:b4:27:5f:b4:8e:91:1e: 0e:9d:26:ee:2a:9a:fb:8c:5f:fa:8a:7f:14:ca:7a: d1:e6:76:8a:32:96:27:81:28:9d:59:89:1b:c3:09: df:60:59:7a:7d:d0:81:7e:29:b3:38:53:8c:9e:66: 3d:b3:f7:bf:67:1e:e2:88:98:ea:b4:75:13:37:43: 29:a2:45:70:d1:3f:fe:c1:23:54:81:1e:37:f4:09: 18:80:75:18:ea:8f:c0:6c:12:85:1b:bd:f6:fc:67: fd:db:2c:3e:67:94:57:ac:bf:22:d3:95:a2:15:66: 09:59 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 64:DD:1B:AD:AE:DC:A5:EB:6E:21:1C:86:6F:98:15:28:02:1C:AA:E0 X509v3 Authority Key Identifier: keyid:39:EE:85:2F:E1:38:CD:ED:C5:B4:2D:11:A3:42:95:D1:09:AD:49:25 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2716/Oe6FL-E4ze3FtC0Ro0KV0QmtSSU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Oe6FL-E4ze3FtC0Ro0KV0QmtSSU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2716/ZN0bra7cpetuIRyGb5gVKAIcquA.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.118.204.0/22 Signature Algorithm: sha256WithRSAEncryption 14:8d:7b:51:75:f3:a7:5c:a8:85:69:d6:1b:33:66:75:f4:3d: 8e:63:ce:04:b4:7f:ec:22:ae:f8:23:5f:d2:1e:05:b2:4a:5b: d3:4f:f3:f4:8c:10:d8:b9:7f:51:86:eb:99:6c:fe:b5:fe:9d: 28:66:7d:50:3f:9d:00:30:41:a2:89:54:b7:3a:ef:9f:b8:02: ae:9f:9e:dd:e1:99:84:39:f2:ea:a3:d6:6c:5a:ad:67:98:b5: e2:24:86:31:bd:15:b1:ec:7c:08:97:ee:92:30:47:ff:95:8c: 59:38:ab:bd:e2:82:9c:89:df:6d:2f:06:33:01:9e:96:97:f3: de:d5:6b:21:94:82:ce:0e:dd:e0:b5:bc:e0:d8:b6:dc:90:25: af:92:37:7d:44:af:b5:e4:76:f6:37:1e:3d:42:75:13:87:d0: 85:14:17:1f:1a:28:e4:81:c4:f9:e1:47:bc:c2:c1:08:34:8b: 11:cf:e6:89:7a:b4:4f:8e:32:4f:7f:34:b6:b2:3c:c3:4f:75: 20:7e:70:98:8c:29:ba:84:cb:8d:67:2d:eb:68:8a:20:9a:52: 16:0d:cd:7c:45:b1:52:e0:f8:48:df:a6:a4:5f:aa:8d:75:94: f6:56:7e:93:24:d7:df:0e:9c:ab:dd:f9:43:cf:54:65:23:eb: 74:86:ab:6d -----BEGIN CERTIFICATE----- MIIE1jCCA76gAwIBAgIBGTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygzOUVF ODUyRkUxMzhDREVEQzVCNDJEMTFBMzQyOTVEMTA5QUQ0OTI1MB4XDTI1MDQxNzEx MzExN1oXDTI2MDQxNTA5MDgzMFowMzExMC8GA1UEAxMoNjRERDFCQURBRURDQTVF QjZFMjExQzg2NkY5ODE1MjgwMjFDQUFFMDCCASIwDQYJKoZIhvcNAQEBBQADggEP ADCCAQoCggEBAL8XovX/phEfvkPOJP10km64MpfwCCsXD71ur0Z/fScU01Wu+slD vf7g+HMEHVNdLikXdvU11QDtXDVGp+o16Rci8/CoVX8YKJ6i7WhZqzoU3weC/chk jfT9opDfRSZVZfmChUa2IF3gNUfnz1iGY8D8t5PYcldzjc7OJesa4WVMrpWZK4Ou aoSd6Se4UbK0J1+0jpEeDp0m7iqa+4xf+op/FMp60eZ2ijKWJ4EonVmJG8MJ32BZ en3QgX4pszhTjJ5mPbP3v2ce4oiY6rR1EzdDKaJFcNE//sEjVIEeN/QJGIB1GOqP wGwShRu99vxn/dssPmeUV6y/ItOVohVmCVkCAwEAAaOCAfMwggHvMB0GA1UdDgQW BBRk3Rutrtyl624hHIZvmBUoAhyq4DAfBgNVHSMEGDAWgBQ57oUv4TjN7cW0LRGj QpXRCa1JJTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMF0GA1UdHwRWMFQwUqBQ oE6GTHJzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC8yNzE2 L09lNkZMLUU0emUzRnRDMFJvMEtWMFFtdFNTVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvT2U2RkwtRTR6ZTNGdEMwUm8wS1YwUW10U1NVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZ0GCCsGAQUFBwELBIGQMIGNMFgGCCsGAQUFBzALhkxyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjcxNi9aTjBicmE3Y3BldHVJ UnlHYjVnVktBSWNxdUEucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25u aWMuY24vcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQCZ3bMMA0GCSqGSIb3DQEBCwUAA4IBAQAUjXtRdfOnXKiFadYbM2Z19D2OY84E tH/sIq74I1/SHgWySlvTT/P0jBDYuX9RhuuZbP61/p0oZn1QP50AMEGiiVS3Ou+f uAKun57d4ZmEOfLqo9ZsWq1nmLXiJIYxvRWx7HwIl+6SMEf/lYxZOKu94oKcid9t LwYzAZ6Wl/Pe1WshlILODt3gtbzg2LbckCWvkjd9RK+15Hb2Nx49QnUTh9CFFBcf GijkgcT54Ue8wsEINIsRz+aJerRPjjJPfzS2sjzDT3UgfnCYjCm6hMuNZy3raIog mlIWDc18RbFS4PhI36akX6qNdZT2Vn6TJNffDpyr3flDz1RlI+t0hqtt -----END CERTIFICATE-----Generated at Sat Apr 26 15:26:06 2025 by rpki-client