$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2716/0igwhtT5BRRrSKi8i0jf7so2tSc.roa File: 0igwhtT5BRRrSKi8i0jf7so2tSc.roa (raw, json) Hash identifier: vNZBxhJwqzyY7s9IaXO0tuXmbS58S7uv9fHRDHRdlBs= Subject key identifier: D2:28:30:86:D4:F9:05:14:6B:48:A8:BC:8B:48:DF:EE:CA:36:B5:27 Certificate issuer: /CN=39EE852FE138CDEDC5B42D11A34295D109AD4925 Certificate serial: 024C Authority key identifier: 39:EE:85:2F:E1:38:CD:ED:C5:B4:2D:11:A3:42:95:D1:09:AD:49:25 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Oe6FL-E4ze3FtC0Ro0KV0QmtSSU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2716/0igwhtT5BRRrSKi8i0jf7so2tSc.roa Signing time: Wed 16 Jul 2025 10:01:53 +0000 ROA not before: Wed 16 Jul 2025 10:01:53 +0000 ROA not after: Wed 15 Apr 2026 09:08:30 +0000 asID: 134121 IP address blocks: 103.118.208.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2716/Oe6FL-E4ze3FtC0Ro0KV0QmtSSU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2716/Oe6FL-E4ze3FtC0Ro0KV0QmtSSU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Oe6FL-E4ze3FtC0Ro0KV0QmtSSU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 20 Jul 2025 13:39:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 588 (0x24c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=39EE852FE138CDEDC5B42D11A34295D109AD4925 Validity Not Before: Jul 16 10:01:53 2025 GMT Not After : Apr 15 09:08:30 2026 GMT Subject: CN=D2283086D4F905146B48A8BC8B48DFEECA36B527 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:09:dd:32:17:72:4e:40:79:d5:2b:a9:23:03: ed:3d:ff:19:5f:7e:06:de:8f:ac:20:26:9e:78:7d: 9b:d4:a0:02:34:b9:dc:14:55:ba:1d:f1:80:ce:f7: db:f3:27:ad:27:71:f1:00:ee:46:1e:09:1a:d4:c4: f4:db:47:12:0e:82:a0:52:ca:20:df:08:a2:20:2a: 6a:03:be:03:60:a8:5c:e2:ff:da:d5:0e:18:91:4c: d6:bf:02:84:9a:a0:2d:55:34:2b:b1:5a:13:fe:a5: 12:04:5b:f0:ce:34:1e:99:e6:2d:05:90:db:62:c9: 8a:79:d1:8e:16:4d:dc:d0:73:a0:e0:b1:19:99:13: 5e:a2:75:b3:14:d7:06:05:6d:6b:15:3e:c3:bd:4d: 50:eb:22:bf:60:6d:56:5b:2a:c1:31:ab:d4:72:0f: 54:1a:8e:3f:ab:2d:62:a9:39:69:4a:86:63:7e:e6: ca:c9:2f:a6:01:ff:95:3f:67:81:09:de:e7:59:7b: d4:03:f6:7d:21:2c:98:18:6f:b5:6b:38:46:d8:0b: 46:a9:65:39:45:69:86:59:b1:d5:03:b2:22:14:40: bd:0e:12:7e:2f:e1:d4:42:33:9e:4a:68:da:ae:40: 28:d8:cc:18:a2:02:cc:df:37:37:68:28:cf:5b:c8: 2e:c7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D2:28:30:86:D4:F9:05:14:6B:48:A8:BC:8B:48:DF:EE:CA:36:B5:27 X509v3 Authority Key Identifier: keyid:39:EE:85:2F:E1:38:CD:ED:C5:B4:2D:11:A3:42:95:D1:09:AD:49:25 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2716/Oe6FL-E4ze3FtC0Ro0KV0QmtSSU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Oe6FL-E4ze3FtC0Ro0KV0QmtSSU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2716/0igwhtT5BRRrSKi8i0jf7so2tSc.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.118.208.0/22 Signature Algorithm: sha256WithRSAEncryption c0:04:48:10:a9:9a:96:f9:fe:a2:35:16:a6:9e:0e:2d:58:78: 44:3c:df:ee:dc:3d:fc:bd:71:dd:ac:09:1e:c7:2a:44:fc:94: a0:f3:71:89:67:92:1e:04:c4:29:c0:84:0b:ae:be:ca:bf:45: 7b:c1:4f:d7:f3:b8:05:17:81:f9:59:a0:b8:b6:4c:b8:34:a5: 8e:00:60:37:ee:0f:c7:ce:d0:f3:db:25:4d:ea:e2:12:ef:da: fb:a2:34:84:33:e0:28:7e:3f:d1:48:0c:e3:b7:22:66:89:35: 33:13:2d:31:d6:1c:d8:63:e3:a1:31:f6:3d:0c:e4:34:b3:d9: 47:85:04:d1:a2:fe:b7:99:ab:ac:05:e4:35:3c:e2:d0:54:0a: e9:9a:02:ab:3a:29:50:d4:81:ef:d7:ef:bd:99:89:41:22:73: dc:e3:c8:80:53:21:a2:20:d5:dd:c8:8e:2a:e1:fd:a9:9b:62: 2d:1e:d3:5b:13:9d:e0:3a:a0:f5:87:82:ad:16:d6:05:22:46: 1c:e6:fb:04:13:9d:34:9f:62:ee:97:16:4e:77:db:20:5b:b4: 13:7e:de:0e:d7:0e:d0:49:e8:50:61:01:bd:16:e1:be:36:f4: 4d:9c:a3:67:be:8c:7e:8f:2f:42:56:23:14:8c:ed:41:af:7f: 63:83:59:53 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICAkwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzlF RTg1MkZFMTM4Q0RFREM1QjQyRDExQTM0Mjk1RDEwOUFENDkyNTAeFw0yNTA3MTYx MDAxNTNaFw0yNjA0MTUwOTA4MzBaMDMxMTAvBgNVBAMTKEQyMjgzMDg2RDRGOTA1 MTQ2QjQ4QThCQzhCNDhERkVFQ0EzNkI1MjcwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCvCd0yF3JOQHnVK6kjA+09/xlffgbej6wgJp54fZvUoAI0udwU Vbod8YDO99vzJ60ncfEA7kYeCRrUxPTbRxIOgqBSyiDfCKIgKmoDvgNgqFzi/9rV DhiRTNa/AoSaoC1VNCuxWhP+pRIEW/DONB6Z5i0FkNtiyYp50Y4WTdzQc6DgsRmZ E16idbMU1wYFbWsVPsO9TVDrIr9gbVZbKsExq9RyD1Qajj+rLWKpOWlKhmN+5srJ L6YB/5U/Z4EJ3udZe9QD9n0hLJgYb7VrOEbYC0apZTlFaYZZsdUDsiIUQL0OEn4v 4dRCM55KaNquQCjYzBiiAszfNzdoKM9byC7HAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQU0igwhtT5BRRrSKi8i0jf7so2tScwHwYDVR0jBBgwFoAUOe6FL+E4ze3FtC0R o0KV0QmtSSUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjcx Ni9PZTZGTC1FNHplM0Z0QzBSbzBLVjBRbXRTU1UuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL09lNkZMLUU0emUzRnRDMFJvMEtWMFFtdFNTVS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI3MTYvMGlnd2h0VDVCUlJy U0tpOGkwamY3c28ydFNjLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAmd20DANBgkqhkiG9w0BAQsFAAOCAQEAwARIEKmalvn+ojUWpp4OLVh4RDzf 7tw9/L1x3awJHscqRPyUoPNxiWeSHgTEKcCEC66+yr9Fe8FP1/O4BReB+VmguLZM uDSljgBgN+4Px87Q89slTeriEu/a+6I0hDPgKH4/0UgM47ciZok1MxMtMdYc2GPj oTH2PQzkNLPZR4UE0aL+t5mrrAXkNTzi0FQK6ZoCqzopUNSB79fvvZmJQSJz3OPI gFMhoiDV3ciOKuH9qZtiLR7TWxOd4Dqg9YeCrRbWBSJGHOb7BBOdNJ9i7pcWTnfb IFu0E37eDtcO0EnoUGEBvRbhvjb0TZyjZ76Mfo8vQlYjFIztQa9/Y4NZUw== -----END CERTIFICATE-----Generated at Sun Jul 20 12:54:34 2025 by rpki-client