$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2716/yMm4TOJNzQc8JfMP5TVSAnVLx08.roa File: yMm4TOJNzQc8JfMP5TVSAnVLx08.roa (raw, json) Hash identifier: J/kRtvlL3X6PYODp2+YZNLI5lqI+k63ouSUxisQ8Y/g= Subject key identifier: C8:C9:B8:4C:E2:4D:CD:07:3C:25:F3:0F:E5:35:52:02:75:4B:C7:4F Certificate issuer: /CN=39EE852FE138CDEDC5B42D11A34295D109AD4925 Certificate serial: 6E Authority key identifier: 39:EE:85:2F:E1:38:CD:ED:C5:B4:2D:11:A3:42:95:D1:09:AD:49:25 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Oe6FL-E4ze3FtC0Ro0KV0QmtSSU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2716/yMm4TOJNzQc8JfMP5TVSAnVLx08.roa Signing time: Mon 21 Apr 2025 18:15:56 +0000 ROA not before: Mon 21 Apr 2025 18:15:56 +0000 ROA not after: Wed 15 Apr 2026 09:08:30 +0000 asID: 55933 IP address blocks: 103.118.252.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2716/Oe6FL-E4ze3FtC0Ro0KV0QmtSSU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2716/Oe6FL-E4ze3FtC0Ro0KV0QmtSSU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Oe6FL-E4ze3FtC0Ro0KV0QmtSSU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 26 Apr 2025 15:36:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 110 (0x6e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=39EE852FE138CDEDC5B42D11A34295D109AD4925 Validity Not Before: Apr 21 18:15:56 2025 GMT Not After : Apr 15 09:08:30 2026 GMT Subject: CN=C8C9B84CE24DCD073C25F30FE5355202754BC74F Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:de:26:d4:27:2e:12:4f:af:79:22:68:e1:59:7e: 71:95:b7:2a:93:cc:c0:6f:43:c1:b2:d9:ee:57:3f: 65:cd:fa:e2:aa:47:42:5c:cc:b2:6d:e5:5e:30:dc: b5:38:c1:10:d7:b3:d2:bf:4b:87:88:f3:4a:e4:a8: b1:1c:44:b4:67:62:a3:e5:0c:8d:a7:52:cc:4f:82: ac:92:62:f5:36:c8:fb:26:f3:d7:1c:de:d0:47:5f: 42:3e:e6:47:db:ac:ec:16:25:f0:45:06:ba:72:c9: df:e1:bc:65:55:cd:bb:a1:fb:f4:08:93:12:5d:26: e8:d1:47:87:60:06:c4:c4:3a:ad:6c:a9:68:83:26: 39:e0:9b:87:d7:81:d7:21:28:05:c6:91:24:e4:db: c2:3c:98:64:a5:0e:e4:84:ef:5b:11:22:2a:80:98: 0c:d1:81:bd:d0:77:d0:f4:4d:f6:74:41:0d:e1:1d: 94:c4:7f:80:2d:d0:32:22:fa:a6:ca:b2:1f:11:fb: f7:c5:a8:84:8b:25:4d:ce:e4:fa:c7:4b:1e:be:45: 9e:f4:db:fb:21:d8:b5:dc:11:0b:ca:ba:1d:ee:63: 7d:62:00:fc:6d:bd:48:ac:87:9f:86:d8:3f:12:fe: be:55:b7:ac:89:f5:75:2e:f3:c6:3d:27:0b:02:43: 79:5b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C8:C9:B8:4C:E2:4D:CD:07:3C:25:F3:0F:E5:35:52:02:75:4B:C7:4F X509v3 Authority Key Identifier: keyid:39:EE:85:2F:E1:38:CD:ED:C5:B4:2D:11:A3:42:95:D1:09:AD:49:25 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2716/Oe6FL-E4ze3FtC0Ro0KV0QmtSSU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Oe6FL-E4ze3FtC0Ro0KV0QmtSSU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2716/yMm4TOJNzQc8JfMP5TVSAnVLx08.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.118.252.0/22 Signature Algorithm: sha256WithRSAEncryption 73:f3:3a:29:d8:ed:51:42:2b:ac:d5:c9:69:db:65:d3:0b:b3: e3:91:7a:2b:d9:fd:2a:07:aa:fe:ef:8f:60:5e:c9:97:d7:5c: b0:49:ef:1e:03:35:e0:6a:05:f5:8b:af:c6:67:b1:99:0e:9f: af:47:36:34:a6:14:b6:22:ba:18:c0:d9:1b:53:fe:79:60:39: 7a:c8:3c:b0:bd:7e:1e:de:76:47:b8:46:09:f2:ce:b8:6f:48: 64:d4:5f:42:3f:69:92:de:37:83:d6:a9:93:19:a6:8b:c4:1b: bc:e6:54:2c:6b:d4:8d:63:ad:81:c6:cb:23:1b:90:05:a4:37: 77:7b:4f:a9:68:98:20:02:5f:48:53:69:5f:9f:86:4d:b9:64: 31:75:5d:60:ea:d1:6b:dc:22:b2:16:d6:7b:b2:d8:cb:99:04: 37:81:b2:2b:b1:9b:46:05:4d:9b:e2:f5:1a:d1:da:4d:58:11: 72:62:7d:f1:2a:ba:1c:49:22:66:58:5e:06:1c:a3:b5:06:5d: f7:9a:a4:2e:a1:d1:54:78:d6:dc:08:f6:73:a7:9e:5c:ab:a0: 7d:03:ad:9d:7d:ab:3f:24:94:ae:6a:87:58:8b:f4:b6:96:be: ae:e8:ed:a1:f9:2b:43:a4:24:92:a4:3c:59:c9:17:1c:5e:1f: ca:da:a1:eb -----BEGIN CERTIFICATE----- MIIE1jCCA76gAwIBAgIBbjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygzOUVF ODUyRkUxMzhDREVEQzVCNDJEMTFBMzQyOTVEMTA5QUQ0OTI1MB4XDTI1MDQyMTE4 MTU1NloXDTI2MDQxNTA5MDgzMFowMzExMC8GA1UEAxMoQzhDOUI4NENFMjREQ0Qw NzNDMjVGMzBGRTUzNTUyMDI3NTRCQzc0RjCCASIwDQYJKoZIhvcNAQEBBQADggEP ADCCAQoCggEBAN4m1CcuEk+veSJo4Vl+cZW3KpPMwG9DwbLZ7lc/Zc364qpHQlzM sm3lXjDctTjBENez0r9Lh4jzSuSosRxEtGdio+UMjadSzE+CrJJi9TbI+ybz1xze 0EdfQj7mR9us7BYl8EUGunLJ3+G8ZVXNu6H79AiTEl0m6NFHh2AGxMQ6rWypaIMm OeCbh9eB1yEoBcaRJOTbwjyYZKUO5ITvWxEiKoCYDNGBvdB30PRN9nRBDeEdlMR/ gC3QMiL6psqyHxH798WohIslTc7k+sdLHr5FnvTb+yHYtdwRC8q6He5jfWIA/G29 SKyHn4bYPxL+vlW3rIn1dS7zxj0nCwJDeVsCAwEAAaOCAfMwggHvMB0GA1UdDgQW BBTIybhM4k3NBzwl8w/lNVICdUvHTzAfBgNVHSMEGDAWgBQ57oUv4TjN7cW0LRGj QpXRCa1JJTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMF0GA1UdHwRWMFQwUqBQ oE6GTHJzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC8yNzE2 L09lNkZMLUU0emUzRnRDMFJvMEtWMFFtdFNTVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvT2U2RkwtRTR6ZTNGdEMwUm8wS1YwUW10U1NVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZ0GCCsGAQUFBwELBIGQMIGNMFgGCCsGAQUFBzALhkxyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjcxNi95TW00VE9KTnpRYzhK Zk1QNVRWU0FuVkx4MDgucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25u aWMuY24vcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQCZ3b8MA0GCSqGSIb3DQEBCwUAA4IBAQBz8zop2O1RQius1clp22XTC7PjkXor 2f0qB6r+749gXsmX11ywSe8eAzXgagX1i6/GZ7GZDp+vRzY0phS2IroYwNkbU/55 YDl6yDywvX4e3nZHuEYJ8s64b0hk1F9CP2mS3jeD1qmTGaaLxBu85lQsa9SNY62B xssjG5AFpDd3e0+paJggAl9IU2lfn4ZNuWQxdV1g6tFr3CKyFtZ7stjLmQQ3gbIr sZtGBU2b4vUa0dpNWBFyYn3xKrocSSJmWF4GHKO1Bl33mqQuodFUeNbcCPZzp55c q6B9A62dfas/JJSuaodYi/S2lr6u6O2h+StDpCSSpDxZyRccXh/K2qHr -----END CERTIFICATE-----Generated at Sat Apr 26 15:23:06 2025 by rpki-client