$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2716/_oEwGDSaHoV6sCOLGc4UL4IOXmg.roa File: _oEwGDSaHoV6sCOLGc4UL4IOXmg.roa (raw, json) Hash identifier: g3UXnHH7Ubgg/PhZKNHrscxP6a8PWxrdG88eCM7imEw= Subject key identifier: FE:81:30:18:34:9A:1E:85:7A:B0:23:8B:19:CE:14:2F:82:0E:5E:68 Certificate issuer: /CN=39EE852FE138CDEDC5B42D11A34295D109AD4925 Certificate serial: 02B3 Authority key identifier: 39:EE:85:2F:E1:38:CD:ED:C5:B4:2D:11:A3:42:95:D1:09:AD:49:25 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Oe6FL-E4ze3FtC0Ro0KV0QmtSSU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2716/_oEwGDSaHoV6sCOLGc4UL4IOXmg.roa Signing time: Mon 04 Aug 2025 02:59:31 +0000 ROA not before: Mon 04 Aug 2025 02:59:31 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 51847 IP address blocks: 103.118.242.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2716/Oe6FL-E4ze3FtC0Ro0KV0QmtSSU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2716/Oe6FL-E4ze3FtC0Ro0KV0QmtSSU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Oe6FL-E4ze3FtC0Ro0KV0QmtSSU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 11 Aug 2025 10:32:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 691 (0x2b3) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=39EE852FE138CDEDC5B42D11A34295D109AD4925 Validity Not Before: Aug 4 02:59:31 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=FE813018349A1E857AB0238B19CE142F820E5E68 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a1:fa:7e:7c:bf:a1:58:e8:dc:5d:c8:14:e2:0f: 73:26:78:2d:bd:45:52:8a:b5:37:4b:31:b1:4e:75: 4c:40:43:ab:fa:e4:e5:a6:cf:81:01:12:6f:8a:c3: c3:a6:73:6a:22:e4:f3:38:ac:30:77:68:9c:4a:03: 0e:9b:44:c0:1d:30:90:b5:46:43:6e:fb:86:28:b8: 69:ab:af:b1:00:44:22:75:6d:0f:1b:1e:08:36:1d: 71:a4:f1:c8:7f:3b:87:ca:cf:9d:2d:13:44:cb:8b: b8:67:dd:cc:4a:e3:9d:63:fc:0d:1f:7f:93:7c:13: 0c:9e:e1:2d:de:e1:6f:ab:ac:78:0f:91:87:32:ef: 4a:59:e0:8c:b8:71:94:82:70:56:4c:98:9c:4e:ed: a7:dc:fa:51:1a:04:8d:50:79:57:af:24:29:1e:8e: d6:69:b9:3c:b1:af:2b:f0:24:f0:95:0d:6c:b6:d7: da:7e:37:e3:63:cb:eb:42:f6:d2:50:2e:22:7e:77: b2:60:98:cc:ac:79:88:ab:00:61:3e:32:e7:9d:bd: 6e:f8:f3:dc:bb:09:aa:91:1f:f9:d6:16:e6:2f:0e: 42:6f:ad:d3:34:f4:04:e9:8e:b6:70:a4:04:0f:50: f7:01:89:86:6f:ce:65:e9:73:5f:38:56:b2:03:ed: ab:07 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FE:81:30:18:34:9A:1E:85:7A:B0:23:8B:19:CE:14:2F:82:0E:5E:68 X509v3 Authority Key Identifier: keyid:39:EE:85:2F:E1:38:CD:ED:C5:B4:2D:11:A3:42:95:D1:09:AD:49:25 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2716/Oe6FL-E4ze3FtC0Ro0KV0QmtSSU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Oe6FL-E4ze3FtC0Ro0KV0QmtSSU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2716/_oEwGDSaHoV6sCOLGc4UL4IOXmg.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.118.242.0/24 Signature Algorithm: sha256WithRSAEncryption 44:54:85:11:d2:a0:84:38:31:13:f7:e2:81:db:c1:19:cb:f3: 66:70:51:de:5a:c0:b5:29:13:92:b6:90:cc:95:10:e5:06:84: c1:7e:69:47:0f:42:6a:a3:b1:ae:e5:b5:53:8c:99:a0:cc:d0: e1:7f:84:42:b6:91:16:77:bf:96:f3:ef:a4:22:b9:ff:f1:9a: ec:4d:ee:a4:b6:e4:0a:10:c0:c4:8f:53:eb:52:b5:28:15:8b: d0:e2:68:12:fc:e9:ac:f8:55:5b:36:b3:e9:68:61:87:c1:4e: 61:35:f0:ba:a0:e0:6a:28:54:04:ef:7e:e9:f1:b5:25:f0:e7: 45:39:10:6d:ec:57:cb:4e:fc:12:e2:78:d6:e5:e5:b2:1f:3e: 97:09:4e:f2:f0:86:f1:33:d4:15:d5:56:ca:db:b1:25:b5:2c: 1a:f8:d5:82:79:66:26:a0:e2:6f:73:ec:40:ac:09:02:4a:ce: f9:69:b3:b5:6e:44:0d:b6:76:f0:e5:05:b4:bd:0c:c7:a3:34: 59:1f:55:ce:dd:f7:00:fc:22:68:1a:07:cd:9e:05:e7:f7:08: 13:0d:26:85:49:95:89:85:10:ff:c6:1d:6d:8d:bb:cc:5c:0a: a0:b0:30:40:93:6c:f7:72:5c:48:a7:f0:9a:d9:3a:4f:79:93: 84:2d:cb:2e -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICArMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzlF RTg1MkZFMTM4Q0RFREM1QjQyRDExQTM0Mjk1RDEwOUFENDkyNTAeFw0yNTA4MDQw MjU5MzFaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKEZFODEzMDE4MzQ5QTFF ODU3QUIwMjM4QjE5Q0UxNDJGODIwRTVFNjgwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCh+n58v6FY6NxdyBTiD3MmeC29RVKKtTdLMbFOdUxAQ6v65OWm z4EBEm+Kw8Omc2oi5PM4rDB3aJxKAw6bRMAdMJC1RkNu+4YouGmrr7EARCJ1bQ8b Hgg2HXGk8ch/O4fKz50tE0TLi7hn3cxK451j/A0ff5N8Ewye4S3e4W+rrHgPkYcy 70pZ4Iy4cZSCcFZMmJxO7afc+lEaBI1QeVevJCkejtZpuTyxryvwJPCVDWy219p+ N+Njy+tC9tJQLiJ+d7JgmMyseYirAGE+MuedvW7489y7CaqRH/nWFuYvDkJvrdM0 9ATpjrZwpAQPUPcBiYZvzmXpc184VrID7asHAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQU/oEwGDSaHoV6sCOLGc4UL4IOXmgwHwYDVR0jBBgwFoAUOe6FL+E4ze3FtC0R o0KV0QmtSSUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjcx Ni9PZTZGTC1FNHplM0Z0QzBSbzBLVjBRbXRTU1UuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL09lNkZMLUU0emUzRnRDMFJvMEtWMFFtdFNTVS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI3MTYvX29Fd0dEU2FIb1Y2 c0NPTEdjNFVMNElPWG1nLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAGd28jANBgkqhkiG9w0BAQsFAAOCAQEARFSFEdKghDgxE/figdvBGcvzZnBR 3lrAtSkTkraQzJUQ5QaEwX5pRw9CaqOxruW1U4yZoMzQ4X+EQraRFne/lvPvpCK5 //Ga7E3upLbkChDAxI9T61K1KBWL0OJoEvzprPhVWzaz6Whhh8FOYTXwuqDgaihU BO9+6fG1JfDnRTkQbexXy078EuJ41uXlsh8+lwlO8vCG8TPUFdVWytuxJbUsGvjV gnlmJqDib3PsQKwJAkrO+WmztW5EDbZ28OUFtL0Mx6M0WR9Vzt33APwiaBoHzZ4F 5/cIEw0mhUmViYUQ/8YdbY27zFwKoLAwQJNs93JcSKfwmtk6T3mThC3LLg== -----END CERTIFICATE-----Generated at Mon Aug 11 07:45:03 2025 by rpki-client