$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2741/LiLhG4umWIFvssfr-YRo7VPi9PQ.roa File: LiLhG4umWIFvssfr-YRo7VPi9PQ.roa (raw, json) Hash identifier: 8VzvX+6L2up29XAoS07TOWxozlHhFYSU/9tMLFarKws= Subject key identifier: 2E:22:E1:1B:8B:A6:58:81:6F:B2:C7:EB:F9:84:68:ED:53:E2:F4:F4 Certificate issuer: /CN=FAD6B43C09D0490A0DF7F891DF9F63B520CF210F Certificate serial: 1066 Authority key identifier: FA:D6:B4:3C:09:D0:49:0A:0D:F7:F8:91:DF:9F:63:B5:20:CF:21:0F Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/-ta0PAnQSQoN9_iR359jtSDPIQ8.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2741/LiLhG4umWIFvssfr-YRo7VPi9PQ.roa Signing time: Tue 05 Aug 2025 13:48:30 +0000 ROA not before: Tue 05 Aug 2025 13:48:30 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 140224 IP address blocks: 103.116.149.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2741/-ta0PAnQSQoN9_iR359jtSDPIQ8.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2741/-ta0PAnQSQoN9_iR359jtSDPIQ8.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/-ta0PAnQSQoN9_iR359jtSDPIQ8.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 11 Aug 2025 14:02:44 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4198 (0x1066) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=FAD6B43C09D0490A0DF7F891DF9F63B520CF210F Validity Not Before: Aug 5 13:48:30 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=2E22E11B8BA658816FB2C7EBF98468ED53E2F4F4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:44:d2:e5:88:50:51:61:9b:21:d9:e9:8f:bc: 2a:31:de:84:40:5b:81:0a:b9:1f:4d:2d:b3:ac:cd: c1:ea:83:e6:0c:ec:2b:78:df:b6:c3:0c:08:f0:c4: cb:6c:90:52:ca:73:4e:59:52:e6:78:92:75:2f:51: 37:e8:07:62:cd:52:6d:ab:8f:a3:34:dd:4b:b8:61: 45:3a:7a:76:1a:6a:3c:fd:58:7a:ed:0e:35:ec:d4: 8a:c1:ca:a9:cf:e5:7f:5f:41:04:e4:ae:5f:30:28: 85:dd:11:40:8b:15:21:e8:d2:60:b5:d3:08:e3:50: 28:50:ef:56:94:fb:93:ea:06:f5:0b:3d:91:f0:a2: 3d:fb:cf:6a:6d:2e:cb:7f:df:75:3c:1d:56:a9:77: d7:28:d3:f5:6b:9d:97:e1:b0:55:01:f9:fe:ef:7b: 7b:b2:48:6b:f4:16:3b:af:57:a8:4e:58:d7:2f:a7: 85:93:91:c8:cc:cb:47:6d:1c:58:76:e9:cb:fd:13: d2:a2:28:5a:1e:56:8e:04:00:2f:66:65:c5:d7:8d: b5:b7:c8:cd:46:59:c4:93:42:10:18:43:e2:5f:6b: 92:ae:ca:eb:bb:cf:83:d8:c9:68:3c:0e:75:9b:56: ad:a4:56:90:1c:b3:15:8d:14:9d:8f:0b:f3:84:a6: 20:b9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2E:22:E1:1B:8B:A6:58:81:6F:B2:C7:EB:F9:84:68:ED:53:E2:F4:F4 X509v3 Authority Key Identifier: keyid:FA:D6:B4:3C:09:D0:49:0A:0D:F7:F8:91:DF:9F:63:B5:20:CF:21:0F X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2741/-ta0PAnQSQoN9_iR359jtSDPIQ8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/-ta0PAnQSQoN9_iR359jtSDPIQ8.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2741/LiLhG4umWIFvssfr-YRo7VPi9PQ.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.116.149.0/24 Signature Algorithm: sha256WithRSAEncryption 8e:1d:a7:d8:f6:26:51:eb:ca:85:a4:b3:0a:da:5e:45:96:91: bc:ac:53:b7:66:15:2c:49:72:28:e5:cd:80:41:81:c4:ca:cd: 4d:a3:c4:ac:5f:cf:08:f5:68:f2:6c:14:5b:6e:79:d9:5a:96: 5d:e1:ed:cf:97:fc:6f:7e:60:fb:8d:80:7c:99:54:c4:cb:37: 8f:79:7f:c6:c5:60:5f:85:db:91:1c:d5:30:b5:03:6a:7f:4a: 95:7a:b1:e7:d8:66:16:68:c2:8d:5f:e6:52:50:cf:ed:70:78: 00:0c:79:25:ac:08:34:cb:c8:af:df:b6:ce:61:12:d3:d7:d5: 25:16:e0:87:3b:b3:1d:2f:db:b1:ce:b2:b5:91:82:47:cc:5e: 02:30:4a:fa:d9:56:9a:27:23:ad:ba:4b:d9:b2:67:7e:68:dd: 5e:21:5f:cc:2e:57:31:d6:ec:b4:34:8b:c8:0d:12:17:db:75: 95:ce:d2:c3:6e:8e:78:28:33:ec:26:1a:6e:9f:8b:23:0f:f0: 2c:62:28:e3:10:8e:84:6e:ba:c8:da:f9:f8:57:62:41:85:06: c9:43:f3:bc:20:46:5b:78:e3:02:cd:bc:da:1c:e4:d3:a4:73: 48:21:8d:8e:eb:aa:6d:8b:34:fe:1c:9b:ea:34:8e:46:f0:f0: 65:c5:9f:82 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICEGYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkFE NkI0M0MwOUQwNDkwQTBERjdGODkxREY5RjYzQjUyMENGMjEwRjAeFw0yNTA4MDUx MzQ4MzBaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDJFMjJFMTFCOEJBNjU4 ODE2RkIyQzdFQkY5ODQ2OEVENTNFMkY0RjQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC5RNLliFBRYZsh2emPvCox3oRAW4EKuR9NLbOszcHqg+YM7Ct4 37bDDAjwxMtskFLKc05ZUuZ4knUvUTfoB2LNUm2rj6M03Uu4YUU6enYaajz9WHrt DjXs1IrByqnP5X9fQQTkrl8wKIXdEUCLFSHo0mC10wjjUChQ71aU+5PqBvULPZHw oj37z2ptLst/33U8HVapd9co0/VrnZfhsFUB+f7ve3uySGv0FjuvV6hOWNcvp4WT kcjMy0dtHFh26cv9E9KiKFoeVo4EAC9mZcXXjbW3yM1GWcSTQhAYQ+Jfa5Kuyuu7 z4PYyWg8DnWbVq2kVpAcsxWNFJ2PC/OEpiC5AgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQULiLhG4umWIFvssfr+YRo7VPi9PQwHwYDVR0jBBgwFoAU+ta0PAnQSQoN9/iR 359jtSDPIQ8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjc0 MS8tdGEwUEFuUVNRb045X2lSMzU5anRTRFBJUTguY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwLy10YTBQQW5RU1FvTjlfaVIzNTlqdFNEUElROC5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI3NDEvTGlMaEc0dW1XSUZ2 c3Nmci1ZUm83VlBpOVBRLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAGd0lTANBgkqhkiG9w0BAQsFAAOCAQEAjh2n2PYmUevKhaSzCtpeRZaRvKxT t2YVLElyKOXNgEGBxMrNTaPErF/PCPVo8mwUW2552VqWXeHtz5f8b35g+42AfJlU xMs3j3l/xsVgX4XbkRzVMLUDan9KlXqx59hmFmjCjV/mUlDP7XB4AAx5JawINMvI r9+2zmES09fVJRbghzuzHS/bsc6ytZGCR8xeAjBK+tlWmicjrbpL2bJnfmjdXiFf zC5XMdbstDSLyA0SF9t1lc7Sw26OeCgz7CYabp+LIw/wLGIo4xCOhG66yNr5+Fdi QYUGyUPzvCBGW3jjAs282hzk06RzSCGNjuuqbYs0/hyb6jSORvDwZcWfgg== -----END CERTIFICATE-----Generated at Mon Aug 11 10:56:19 2025 by rpki-client