$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2716/jRftxEiFLRyvWGbIeB71szq0GyA.roa File: jRftxEiFLRyvWGbIeB71szq0GyA.roa (raw, json) Hash identifier: WewVUjEJGxIXs5tn9svh1v64+vhoN9nrMRlu7NJ+low= Subject key identifier: 8D:17:ED:C4:48:85:2D:1C:AF:58:66:C8:78:1E:F5:B3:3A:B4:1B:20 Certificate issuer: /CN=39EE852FE138CDEDC5B42D11A34295D109AD4925 Certificate serial: 33 Authority key identifier: 39:EE:85:2F:E1:38:CD:ED:C5:B4:2D:11:A3:42:95:D1:09:AD:49:25 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Oe6FL-E4ze3FtC0Ro0KV0QmtSSU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2716/jRftxEiFLRyvWGbIeB71szq0GyA.roa Signing time: Thu 17 Apr 2025 11:34:31 +0000 ROA not before: Thu 17 Apr 2025 11:34:31 +0000 ROA not after: Wed 15 Apr 2026 09:08:30 +0000 asID: 55933 IP address blocks: 103.119.16.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2716/Oe6FL-E4ze3FtC0Ro0KV0QmtSSU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2716/Oe6FL-E4ze3FtC0Ro0KV0QmtSSU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Oe6FL-E4ze3FtC0Ro0KV0QmtSSU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 26 Apr 2025 15:36:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 51 (0x33) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=39EE852FE138CDEDC5B42D11A34295D109AD4925 Validity Not Before: Apr 17 11:34:31 2025 GMT Not After : Apr 15 09:08:30 2026 GMT Subject: CN=8D17EDC448852D1CAF5866C8781EF5B33AB41B20 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:45:6d:e7:9d:2b:f4:42:74:fc:4c:11:96:a2: c4:d2:9d:4b:7d:e2:e4:96:75:28:c3:e7:ce:7d:e3: 53:c6:81:a6:ca:8c:16:69:d3:b7:38:e3:50:72:4a: 20:e9:fc:eb:f5:b0:e6:8c:0e:73:cd:c5:60:f6:2c: 43:81:d3:ce:ad:83:aa:05:f8:d0:13:44:1f:39:87: 7c:70:d6:5b:de:a1:ce:70:19:f7:54:0d:78:cd:a8: f5:e6:27:5d:af:3e:36:96:b3:c7:3d:a7:0a:2f:ca: b8:ca:38:ab:a8:db:e1:a9:c3:75:8b:45:dc:0a:f1: 8f:48:aa:7c:50:14:97:85:a6:4c:79:3b:6b:ce:ec: 47:61:30:24:dc:db:ee:be:cb:5b:4c:37:f1:c2:dc: 2f:91:c8:32:16:79:d2:23:3d:bf:bf:eb:47:74:c3: ca:a5:c4:a4:65:66:6d:40:f5:88:c9:b6:3b:54:0a: 15:06:f1:0d:57:b9:57:28:d6:69:8f:4f:3a:78:35: 0e:b5:bd:6a:2d:9d:11:29:3b:a3:9f:dd:c0:bc:ce: 45:aa:c0:15:63:8e:4c:e0:06:c8:8e:d9:45:b8:87: 6e:48:60:ce:c8:72:ed:73:c8:95:b2:f2:b8:68:16: 8e:03:9c:02:6a:31:4c:11:67:5a:4a:43:c3:fe:73: 73:39 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8D:17:ED:C4:48:85:2D:1C:AF:58:66:C8:78:1E:F5:B3:3A:B4:1B:20 X509v3 Authority Key Identifier: keyid:39:EE:85:2F:E1:38:CD:ED:C5:B4:2D:11:A3:42:95:D1:09:AD:49:25 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2716/Oe6FL-E4ze3FtC0Ro0KV0QmtSSU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Oe6FL-E4ze3FtC0Ro0KV0QmtSSU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2716/jRftxEiFLRyvWGbIeB71szq0GyA.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.119.16.0/22 Signature Algorithm: sha256WithRSAEncryption 0a:fc:40:1c:d7:bf:ba:cc:df:ee:99:42:09:34:eb:c6:b5:97: 41:61:26:b3:a1:b7:dc:9b:17:a0:2d:30:4b:b2:df:0d:91:72: 13:fb:9c:f4:3a:8d:bd:b5:90:02:5b:bd:39:5c:f6:19:c4:69: 1c:a4:3b:5e:d0:6b:31:c0:1d:7b:9f:14:e3:06:a9:6b:cb:6a: d0:dd:79:c8:d9:d9:87:c2:d0:c5:5e:d5:94:3f:b0:c5:c6:58: 42:d8:38:ab:bb:03:cf:a9:47:fc:10:bf:2e:86:94:88:33:e0: 12:b3:e2:da:47:f5:f5:b9:a7:7b:ec:a2:4d:1c:7c:51:1d:fc: 95:04:55:3c:ed:cc:d3:e0:ab:eb:10:c1:83:f1:f0:59:d3:ff: 7e:60:1d:f5:63:ea:e9:c5:78:f1:25:da:27:73:14:a1:3f:20: 9f:82:c3:5e:5c:c4:18:bd:b7:ed:6e:15:4a:04:91:43:07:df: 77:a2:d9:f5:ea:7c:2a:00:d7:a5:1b:c1:77:9b:fa:4d:38:e9: 43:9c:c3:53:9a:68:25:a8:ad:2f:f7:37:96:39:22:a1:c2:a3: 89:e2:2e:8b:7e:75:07:01:3d:10:5b:a3:4c:87:c9:6d:bf:21: f3:71:9b:a5:1a:78:15:9d:be:e5:bf:ec:6c:c5:c5:90:22:65: 34:40:50:5a -----BEGIN CERTIFICATE----- MIIE1jCCA76gAwIBAgIBMzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygzOUVF ODUyRkUxMzhDREVEQzVCNDJEMTFBMzQyOTVEMTA5QUQ0OTI1MB4XDTI1MDQxNzEx MzQzMVoXDTI2MDQxNTA5MDgzMFowMzExMC8GA1UEAxMoOEQxN0VEQzQ0ODg1MkQx Q0FGNTg2NkM4NzgxRUY1QjMzQUI0MUIyMDCCASIwDQYJKoZIhvcNAQEBBQADggEP ADCCAQoCggEBAK5FbeedK/RCdPxMEZaixNKdS33i5JZ1KMPnzn3jU8aBpsqMFmnT tzjjUHJKIOn86/Ww5owOc83FYPYsQ4HTzq2DqgX40BNEHzmHfHDWW96hznAZ91QN eM2o9eYnXa8+Npazxz2nCi/KuMo4q6jb4anDdYtF3Arxj0iqfFAUl4WmTHk7a87s R2EwJNzb7r7LW0w38cLcL5HIMhZ50iM9v7/rR3TDyqXEpGVmbUD1iMm2O1QKFQbx DVe5VyjWaY9POng1DrW9ai2dESk7o5/dwLzORarAFWOOTOAGyI7ZRbiHbkhgzshy 7XPIlbLyuGgWjgOcAmoxTBFnWkpDw/5zczkCAwEAAaOCAfMwggHvMB0GA1UdDgQW BBSNF+3ESIUtHK9YZsh4HvWzOrQbIDAfBgNVHSMEGDAWgBQ57oUv4TjN7cW0LRGj QpXRCa1JJTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMF0GA1UdHwRWMFQwUqBQ oE6GTHJzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC8yNzE2 L09lNkZMLUU0emUzRnRDMFJvMEtWMFFtdFNTVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvT2U2RkwtRTR6ZTNGdEMwUm8wS1YwUW10U1NVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZ0GCCsGAQUFBwELBIGQMIGNMFgGCCsGAQUFBzALhkxyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjcxNi9qUmZ0eEVpRkxSeXZX R2JJZUI3MXN6cTBHeUEucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25u aWMuY24vcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQCZ3cQMA0GCSqGSIb3DQEBCwUAA4IBAQAK/EAc17+6zN/umUIJNOvGtZdBYSaz obfcmxegLTBLst8NkXIT+5z0Oo29tZACW705XPYZxGkcpDte0GsxwB17nxTjBqlr y2rQ3XnI2dmHwtDFXtWUP7DFxlhC2DiruwPPqUf8EL8uhpSIM+ASs+LaR/X1uad7 7KJNHHxRHfyVBFU87czT4KvrEMGD8fBZ0/9+YB31Y+rpxXjxJdoncxShPyCfgsNe XMQYvbftbhVKBJFDB993otn16nwqANelG8F3m/pNOOlDnMNTmmglqK0v9zeWOSKh wqOJ4i6LfnUHAT0QW6NMh8ltvyHzcZulGngVnb7lv+xsxcWQImU0QFBa -----END CERTIFICATE-----Generated at Sat Apr 26 15:25:13 2025 by rpki-client