$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2716/qU_IuRgRgENR2LtpbULYBG3sT10.roa File: qU_IuRgRgENR2LtpbULYBG3sT10.roa (raw, json) Hash identifier: yM7tw5SqTdZaAzRdEXg5QHc6wzaX1pIvKC8XGk7d7uw= Subject key identifier: A9:4F:C8:B9:18:11:80:43:51:D8:BB:69:6D:42:D8:04:6D:EC:4F:5D Certificate issuer: /CN=39EE852FE138CDEDC5B42D11A34295D109AD4925 Certificate serial: 2A Authority key identifier: 39:EE:85:2F:E1:38:CD:ED:C5:B4:2D:11:A3:42:95:D1:09:AD:49:25 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Oe6FL-E4ze3FtC0Ro0KV0QmtSSU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2716/qU_IuRgRgENR2LtpbULYBG3sT10.roa Signing time: Thu 17 Apr 2025 11:34:27 +0000 ROA not before: Thu 17 Apr 2025 11:34:27 +0000 ROA not after: Wed 15 Apr 2026 09:08:30 +0000 asID: 55933 IP address blocks: 103.115.64.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2716/Oe6FL-E4ze3FtC0Ro0KV0QmtSSU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2716/Oe6FL-E4ze3FtC0Ro0KV0QmtSSU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Oe6FL-E4ze3FtC0Ro0KV0QmtSSU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 26 Apr 2025 15:36:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 42 (0x2a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=39EE852FE138CDEDC5B42D11A34295D109AD4925 Validity Not Before: Apr 17 11:34:27 2025 GMT Not After : Apr 15 09:08:30 2026 GMT Subject: CN=A94FC8B91811804351D8BB696D42D8046DEC4F5D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:5c:a4:1f:9f:13:22:03:27:7a:b2:bf:4d:36: 12:56:65:f9:70:72:8b:58:e9:66:86:77:17:40:41: a3:ce:1c:a1:a7:dd:c8:4e:76:a5:f2:05:c5:0b:60: 0c:f2:9d:1a:ba:b5:b8:02:0e:e5:43:b7:1d:d1:0d: 70:43:c3:cb:58:ad:9e:75:6d:df:c5:5e:be:2a:c2: 56:02:fd:cd:34:d7:d6:e2:19:2c:35:3a:f9:80:e7: 41:ca:0b:e7:30:a5:12:58:75:c5:bf:1b:b6:5c:44: 0d:3c:1e:2e:33:3c:fe:bb:b2:69:7c:13:ea:13:b4: db:a3:7a:e0:1c:ce:07:dd:37:6f:e5:17:96:c8:d8: 79:a5:44:de:4d:83:e7:0c:ef:be:db:be:e5:2c:0c: f9:64:92:4a:89:2e:d2:76:f0:d2:b6:ea:b2:af:44: 8e:3f:0a:56:82:cd:a8:1b:2f:16:03:48:d8:cf:93: 29:e2:06:00:2b:82:a3:ef:70:b9:21:e9:13:7e:5a: 34:f5:e8:3d:0e:83:67:4c:8e:cc:4f:cd:39:f0:13: 40:25:27:43:cd:31:4f:87:99:de:83:d5:70:ec:0a: db:4b:f0:b2:3c:73:dc:18:c9:b4:62:43:15:99:77: 1c:f2:af:ed:91:a8:ba:df:17:11:20:6b:ba:fd:72: 29:87 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A9:4F:C8:B9:18:11:80:43:51:D8:BB:69:6D:42:D8:04:6D:EC:4F:5D X509v3 Authority Key Identifier: keyid:39:EE:85:2F:E1:38:CD:ED:C5:B4:2D:11:A3:42:95:D1:09:AD:49:25 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2716/Oe6FL-E4ze3FtC0Ro0KV0QmtSSU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Oe6FL-E4ze3FtC0Ro0KV0QmtSSU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2716/qU_IuRgRgENR2LtpbULYBG3sT10.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.115.64.0/22 Signature Algorithm: sha256WithRSAEncryption 4e:9d:46:1c:65:df:b0:dc:0c:0f:68:2a:49:dc:2b:05:f5:80: a3:b8:72:d5:3e:83:8a:b7:fb:6a:96:35:35:69:15:d3:22:1a: 6c:7b:52:1c:7d:25:c0:9a:8b:f3:6e:16:33:3d:e9:21:89:ce: a5:bd:59:31:12:b5:f7:01:bb:66:50:87:82:ba:d5:c0:23:11: 3d:3a:88:ee:bd:52:eb:74:c5:6f:4e:e1:12:8e:8c:b0:53:4a: 18:77:b9:2f:e7:14:05:1e:8d:1f:34:c8:34:64:d8:79:30:72: d5:8f:ef:59:3e:f9:94:c2:a9:9e:36:9e:3e:89:84:af:1c:45: 9b:de:15:c8:19:97:c2:a7:b7:88:36:35:f9:de:a8:1f:d8:14: b7:ad:b8:71:db:06:93:82:8f:d8:82:1d:fc:ab:d0:6d:14:0d: 26:f7:7f:80:7e:dd:35:02:87:e8:f9:2b:a6:83:83:82:cf:cf: d2:ce:9c:94:d3:ef:66:ca:2a:24:ea:be:7e:e4:5e:89:30:99: c7:69:fb:b6:f3:ad:c9:a3:d7:30:5c:c9:75:5d:ec:60:63:09: 03:aa:8e:d6:76:6b:a1:b1:e7:d4:a3:1b:70:a5:cc:14:07:72: 4f:51:57:7e:af:1e:2f:63:7e:f8:c2:a3:e6:31:cb:4b:98:53: 1a:8f:5d:e5 -----BEGIN CERTIFICATE----- MIIE1jCCA76gAwIBAgIBKjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygzOUVF ODUyRkUxMzhDREVEQzVCNDJEMTFBMzQyOTVEMTA5QUQ0OTI1MB4XDTI1MDQxNzEx MzQyN1oXDTI2MDQxNTA5MDgzMFowMzExMC8GA1UEAxMoQTk0RkM4QjkxODExODA0 MzUxRDhCQjY5NkQ0MkQ4MDQ2REVDNEY1RDCCASIwDQYJKoZIhvcNAQEBBQADggEP ADCCAQoCggEBAK5cpB+fEyIDJ3qyv002ElZl+XByi1jpZoZ3F0BBo84coafdyE52 pfIFxQtgDPKdGrq1uAIO5UO3HdENcEPDy1itnnVt38VevirCVgL9zTTX1uIZLDU6 +YDnQcoL5zClElh1xb8btlxEDTweLjM8/ruyaXwT6hO026N64BzOB903b+UXlsjY eaVE3k2D5wzvvtu+5SwM+WSSSoku0nbw0rbqsq9Ejj8KVoLNqBsvFgNI2M+TKeIG ACuCo+9wuSHpE35aNPXoPQ6DZ0yOzE/NOfATQCUnQ80xT4eZ3oPVcOwK20vwsjxz 3BjJtGJDFZl3HPKv7ZGout8XESBruv1yKYcCAwEAAaOCAfMwggHvMB0GA1UdDgQW BBSpT8i5GBGAQ1HYu2ltQtgEbexPXTAfBgNVHSMEGDAWgBQ57oUv4TjN7cW0LRGj QpXRCa1JJTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMF0GA1UdHwRWMFQwUqBQ oE6GTHJzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC8yNzE2 L09lNkZMLUU0emUzRnRDMFJvMEtWMFFtdFNTVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvT2U2RkwtRTR6ZTNGdEMwUm8wS1YwUW10U1NVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZ0GCCsGAQUFBwELBIGQMIGNMFgGCCsGAQUFBzALhkxyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjcxNi9xVV9JdVJnUmdFTlIy THRwYlVMWUJHM3NUMTAucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25u aWMuY24vcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQCZ3NAMA0GCSqGSIb3DQEBCwUAA4IBAQBOnUYcZd+w3AwPaCpJ3CsF9YCjuHLV PoOKt/tqljU1aRXTIhpse1IcfSXAmovzbhYzPekhic6lvVkxErX3AbtmUIeCutXA IxE9OojuvVLrdMVvTuESjoywU0oYd7kv5xQFHo0fNMg0ZNh5MHLVj+9ZPvmUwqme Np4+iYSvHEWb3hXIGZfCp7eINjX53qgf2BS3rbhx2waTgo/Ygh38q9BtFA0m93+A ft01Aofo+Sumg4OCz8/SzpyU0+9myiok6r5+5F6JMJnHafu2863Jo9cwXMl1Xexg YwkDqo7WdmuhsefUoxtwpcwUB3JPUVd+rx4vY374wqPmMctLmFMaj13l -----END CERTIFICATE-----Generated at Sat Apr 26 15:23:01 2025 by rpki-client