$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2716/qIW7MxfGlwkjlmKezycENoP_rOo.roa File: qIW7MxfGlwkjlmKezycENoP_rOo.roa (raw, json) Hash identifier: OqWylIRmPskLKjP++jeW2/9k0ENN3wN1g3Heby0OlX4= Subject key identifier: A8:85:BB:33:17:C6:97:09:23:96:62:9E:CF:27:04:36:83:FF:AC:EA Certificate issuer: /CN=39EE852FE138CDEDC5B42D11A34295D109AD4925 Certificate serial: 35 Authority key identifier: 39:EE:85:2F:E1:38:CD:ED:C5:B4:2D:11:A3:42:95:D1:09:AD:49:25 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Oe6FL-E4ze3FtC0Ro0KV0QmtSSU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2716/qIW7MxfGlwkjlmKezycENoP_rOo.roa Signing time: Thu 17 Apr 2025 11:34:32 +0000 ROA not before: Thu 17 Apr 2025 11:34:32 +0000 ROA not after: Wed 15 Apr 2026 09:08:30 +0000 asID: 138968 IP address blocks: 103.118.240.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2716/Oe6FL-E4ze3FtC0Ro0KV0QmtSSU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2716/Oe6FL-E4ze3FtC0Ro0KV0QmtSSU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Oe6FL-E4ze3FtC0Ro0KV0QmtSSU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 26 Apr 2025 20:36:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 53 (0x35) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=39EE852FE138CDEDC5B42D11A34295D109AD4925 Validity Not Before: Apr 17 11:34:32 2025 GMT Not After : Apr 15 09:08:30 2026 GMT Subject: CN=A885BB3317C697092396629ECF27043683FFACEA Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9c:c8:42:21:d5:d6:c1:b5:99:35:d5:71:72:d0: f7:5e:75:7a:aa:f7:56:8a:5a:cf:4e:74:db:5c:a1: f8:de:a0:10:80:a5:cd:c0:8d:c3:1b:ec:28:50:12: 09:05:7c:82:04:32:57:ac:e7:25:9d:8c:ba:09:c6: 8c:6f:7d:5c:63:c4:56:14:06:af:07:89:16:88:ea: d3:05:75:1e:d2:0f:68:54:23:1f:dd:b8:3e:ad:1b: f7:9e:b3:6a:ce:1e:31:3e:eb:52:8c:b0:4e:94:46: 90:61:a5:02:fd:c5:20:1b:78:bd:9a:48:28:99:ff: 4d:02:3b:2e:89:04:f2:f8:0d:87:a5:27:2f:5e:90: 7a:0c:fe:bf:0c:e8:ad:b3:ca:37:8b:ad:f0:3f:25: 66:88:60:78:1d:b9:a6:de:78:ab:27:6c:61:34:01: e2:44:c5:ec:a8:31:66:61:aa:6c:f8:d1:8d:16:1f: 94:a4:9d:6d:79:dc:3f:a0:c9:f0:36:a7:f9:dc:f7: 47:15:0c:d2:1e:51:f2:8d:6b:4d:d3:d0:53:55:32: 60:d4:f5:c6:d1:60:5e:ae:90:d8:b5:30:70:06:c3: 62:15:fc:ef:7d:71:60:2e:a3:a6:a7:64:03:f0:38: 11:d9:7f:08:52:6b:24:86:ff:2e:24:17:b3:5d:b6: 03:4b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A8:85:BB:33:17:C6:97:09:23:96:62:9E:CF:27:04:36:83:FF:AC:EA X509v3 Authority Key Identifier: keyid:39:EE:85:2F:E1:38:CD:ED:C5:B4:2D:11:A3:42:95:D1:09:AD:49:25 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2716/Oe6FL-E4ze3FtC0Ro0KV0QmtSSU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Oe6FL-E4ze3FtC0Ro0KV0QmtSSU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2716/qIW7MxfGlwkjlmKezycENoP_rOo.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.118.240.0/22 Signature Algorithm: sha256WithRSAEncryption 1e:88:7c:b8:6c:04:80:de:9b:c0:f2:e6:15:64:4c:c2:6a:f8: 86:63:91:8a:e0:1d:cf:86:b3:57:45:8a:91:d6:27:86:c1:24: b0:e0:db:34:70:59:06:34:2b:20:fc:65:7b:37:32:05:c5:f1: 44:1a:d1:a7:09:e5:d8:ea:3e:76:b8:45:5f:ad:74:f7:08:12: 4b:c8:4c:18:9b:7c:82:08:75:64:ec:4e:58:e2:e8:1b:65:88: a3:7a:67:82:49:59:51:94:8d:12:db:65:ba:01:79:fa:46:96: 6e:aa:72:ae:c6:47:c0:c2:43:3e:b9:ef:ff:92:01:df:0f:d1: 36:96:4c:1e:d4:ac:f1:bd:4d:b3:f3:68:09:39:0d:3d:ee:ca: 82:a8:59:4d:6e:54:ea:0f:ce:0a:d8:14:d8:ad:47:ca:49:6b: 20:ae:9a:24:91:88:f7:1c:ec:a2:e9:78:99:7f:ff:33:69:c7: 21:b7:11:c6:ad:11:a4:76:ed:98:59:b4:ce:a8:2e:1e:38:85: e2:42:43:cb:5a:d6:86:81:4d:be:4c:5d:03:6e:47:38:f6:6f: 8f:e9:fa:36:52:ad:ee:72:1a:f1:24:ee:06:a1:0b:2a:be:9c: 03:99:23:0b:7b:a0:2d:ed:93:7b:bb:60:20:3d:1e:10:c0:03: 34:74:0c:93 -----BEGIN CERTIFICATE----- MIIE1jCCA76gAwIBAgIBNTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygzOUVF ODUyRkUxMzhDREVEQzVCNDJEMTFBMzQyOTVEMTA5QUQ0OTI1MB4XDTI1MDQxNzEx MzQzMloXDTI2MDQxNTA5MDgzMFowMzExMC8GA1UEAxMoQTg4NUJCMzMxN0M2OTcw OTIzOTY2MjlFQ0YyNzA0MzY4M0ZGQUNFQTCCASIwDQYJKoZIhvcNAQEBBQADggEP ADCCAQoCggEBAJzIQiHV1sG1mTXVcXLQ9151eqr3Vopaz05021yh+N6gEIClzcCN wxvsKFASCQV8ggQyV6znJZ2MugnGjG99XGPEVhQGrweJFojq0wV1HtIPaFQjH924 Pq0b956zas4eMT7rUoywTpRGkGGlAv3FIBt4vZpIKJn/TQI7LokE8vgNh6UnL16Q egz+vwzorbPKN4ut8D8lZohgeB25pt54qydsYTQB4kTF7KgxZmGqbPjRjRYflKSd bXncP6DJ8Dan+dz3RxUM0h5R8o1rTdPQU1UyYNT1xtFgXq6Q2LUwcAbDYhX8731x YC6jpqdkA/A4Edl/CFJrJIb/LiQXs122A0sCAwEAAaOCAfMwggHvMB0GA1UdDgQW BBSohbszF8aXCSOWYp7PJwQ2g/+s6jAfBgNVHSMEGDAWgBQ57oUv4TjN7cW0LRGj QpXRCa1JJTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMF0GA1UdHwRWMFQwUqBQ oE6GTHJzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC8yNzE2 L09lNkZMLUU0emUzRnRDMFJvMEtWMFFtdFNTVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvT2U2RkwtRTR6ZTNGdEMwUm8wS1YwUW10U1NVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZ0GCCsGAQUFBwELBIGQMIGNMFgGCCsGAQUFBzALhkxyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjcxNi9xSVc3TXhmR2x3a2ps bUtlenljRU5vUF9yT28ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25u aWMuY24vcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQCZ3bwMA0GCSqGSIb3DQEBCwUAA4IBAQAeiHy4bASA3pvA8uYVZEzCaviGY5GK 4B3PhrNXRYqR1ieGwSSw4Ns0cFkGNCsg/GV7NzIFxfFEGtGnCeXY6j52uEVfrXT3 CBJLyEwYm3yCCHVk7E5Y4ugbZYijemeCSVlRlI0S22W6AXn6RpZuqnKuxkfAwkM+ ue//kgHfD9E2lkwe1KzxvU2z82gJOQ097sqCqFlNblTqD84K2BTYrUfKSWsgrpok kYj3HOyi6XiZf/8zacchtxHGrRGkdu2YWbTOqC4eOIXiQkPLWtaGgU2+TF0Dbkc4 9m+P6fo2Uq3uchrxJO4GoQsqvpwDmSMLe6At7ZN7u2AgPR4QwAM0dAyT -----END CERTIFICATE-----Generated at Sat Apr 26 17:34:18 2025 by rpki-client