$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2716/6jLrTqRDHPkW-hc62ZmhXXCESIc.roa File: 6jLrTqRDHPkW-hc62ZmhXXCESIc.roa (raw, json) Hash identifier: 6e6fhWJY6hs//ILj9+tjmiEQpTLjoiwAnbmPvLhMXTE= Subject key identifier: EA:32:EB:4E:A4:43:1C:F9:16:FA:17:3A:D9:99:A1:5D:70:84:48:87 Certificate issuer: /CN=39EE852FE138CDEDC5B42D11A34295D109AD4925 Certificate serial: 021E Authority key identifier: 39:EE:85:2F:E1:38:CD:ED:C5:B4:2D:11:A3:42:95:D1:09:AD:49:25 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Oe6FL-E4ze3FtC0Ro0KV0QmtSSU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2716/6jLrTqRDHPkW-hc62ZmhXXCESIc.roa Signing time: Mon 07 Jul 2025 14:45:23 +0000 ROA not before: Mon 07 Jul 2025 14:45:23 +0000 ROA not after: Wed 15 Apr 2026 09:08:30 +0000 asID: 18186 IP address blocks: 103.118.223.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2716/Oe6FL-E4ze3FtC0Ro0KV0QmtSSU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2716/Oe6FL-E4ze3FtC0Ro0KV0QmtSSU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Oe6FL-E4ze3FtC0Ro0KV0QmtSSU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 20 Jul 2025 13:39:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 542 (0x21e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=39EE852FE138CDEDC5B42D11A34295D109AD4925 Validity Not Before: Jul 7 14:45:23 2025 GMT Not After : Apr 15 09:08:30 2026 GMT Subject: CN=EA32EB4EA4431CF916FA173AD999A15D70844887 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:fb:5b:4f:af:72:37:e7:86:11:c0:32:d2:9f: 10:57:71:c9:3f:2f:e0:40:ea:8f:5a:b7:73:84:bb: b6:71:d8:93:8b:32:3e:4f:ff:99:6f:35:33:9d:41: 14:78:20:c8:36:f6:84:8a:70:a4:7c:94:8b:3d:18: c8:2d:13:54:cd:5c:80:fb:db:8a:b7:c8:8f:52:ca: 35:25:7a:f8:2b:75:f6:dc:32:40:af:d0:f9:c7:1b: 74:43:da:1e:53:d7:8d:58:e1:3c:ec:3d:98:4f:43: 80:a4:60:7b:c6:23:88:88:b7:47:eb:48:2a:a8:56: 09:84:39:d0:8a:f7:bd:2d:2c:27:43:09:f8:6a:3f: 6e:6c:53:62:cb:72:8e:70:96:cc:12:7c:3b:5d:83: 80:e6:ae:39:58:86:fe:5d:04:46:0f:6e:45:61:02: 5f:e5:9c:06:6c:9a:eb:33:57:25:01:68:de:9d:b4: 2b:6f:0b:8c:91:2b:2e:0e:b9:63:85:3a:61:fc:9a: 5c:d5:b5:82:83:1f:a9:a6:a3:ac:38:b4:cc:f2:85: 7f:4d:5c:e4:99:af:cc:94:44:ad:0d:82:f5:a1:bd: 17:3a:13:58:3e:af:84:da:1a:01:2a:0a:54:1b:48: ac:50:c3:0e:3c:ea:89:65:21:96:91:35:35:fe:71: 9e:3b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EA:32:EB:4E:A4:43:1C:F9:16:FA:17:3A:D9:99:A1:5D:70:84:48:87 X509v3 Authority Key Identifier: keyid:39:EE:85:2F:E1:38:CD:ED:C5:B4:2D:11:A3:42:95:D1:09:AD:49:25 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2716/Oe6FL-E4ze3FtC0Ro0KV0QmtSSU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Oe6FL-E4ze3FtC0Ro0KV0QmtSSU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2716/6jLrTqRDHPkW-hc62ZmhXXCESIc.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.118.223.0/24 Signature Algorithm: sha256WithRSAEncryption 9b:82:61:b2:84:d9:81:5a:f9:ea:60:fe:6d:44:a1:11:0d:f0: 8a:a8:cf:43:35:5b:c0:6b:c1:e8:2e:25:52:f1:0e:c1:d7:73: 79:b7:9c:d4:81:f2:3d:96:a9:b7:9a:82:87:18:25:e0:5c:cf: 08:f9:75:d1:78:73:e1:cc:0e:97:6e:43:81:ba:fe:02:67:ab: d2:02:9b:5d:8b:e3:53:c8:85:85:c9:2a:1f:93:ad:3d:11:c1: bc:58:50:31:a9:16:9d:32:f5:40:e4:02:7c:17:94:f6:21:10: e8:32:dc:47:82:81:39:06:80:08:de:68:b4:fb:77:a4:90:00: 46:81:d4:0f:30:36:65:bf:36:15:ea:35:19:a4:c5:5e:4c:55: 7f:e7:6e:a0:fc:02:56:dc:69:3d:8b:03:14:f0:b4:13:a9:f4: 05:ae:1f:51:71:d4:30:21:00:82:63:4d:e3:5d:38:31:cf:c5: 43:7e:f2:35:c6:bd:6d:87:29:0e:d8:0e:f1:de:8b:13:4f:e0: f5:83:da:94:5b:fc:fa:db:c1:9f:98:fa:b1:72:ef:68:36:a7: ba:9f:5c:0b:e4:9b:3c:c8:54:4a:30:c2:27:d0:9f:b4:74:23: ed:d7:19:10:31:99:f6:4f:b8:cc:2c:c7:6a:f8:1f:ef:f9:00: f3:5d:37:41 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICAh4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzlF RTg1MkZFMTM4Q0RFREM1QjQyRDExQTM0Mjk1RDEwOUFENDkyNTAeFw0yNTA3MDcx NDQ1MjNaFw0yNjA0MTUwOTA4MzBaMDMxMTAvBgNVBAMTKEVBMzJFQjRFQTQ0MzFD RjkxNkZBMTczQUQ5OTlBMTVENzA4NDQ4ODcwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCr+1tPr3I354YRwDLSnxBXcck/L+BA6o9at3OEu7Zx2JOLMj5P /5lvNTOdQRR4IMg29oSKcKR8lIs9GMgtE1TNXID724q3yI9SyjUlevgrdfbcMkCv 0PnHG3RD2h5T141Y4TzsPZhPQ4CkYHvGI4iIt0frSCqoVgmEOdCK970tLCdDCfhq P25sU2LLco5wlswSfDtdg4DmrjlYhv5dBEYPbkVhAl/lnAZsmuszVyUBaN6dtCtv C4yRKy4OuWOFOmH8mlzVtYKDH6mmo6w4tMzyhX9NXOSZr8yURK0NgvWhvRc6E1g+ r4TaGgEqClQbSKxQww486ollIZaRNTX+cZ47AgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQU6jLrTqRDHPkW+hc62ZmhXXCESIcwHwYDVR0jBBgwFoAUOe6FL+E4ze3FtC0R o0KV0QmtSSUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjcx Ni9PZTZGTC1FNHplM0Z0QzBSbzBLVjBRbXRTU1UuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL09lNkZMLUU0emUzRnRDMFJvMEtWMFFtdFNTVS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI3MTYvNmpMclRxUkRIUGtX LWhjNjJabWhYWENFU0ljLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAGd23zANBgkqhkiG9w0BAQsFAAOCAQEAm4JhsoTZgVr56mD+bUShEQ3wiqjP QzVbwGvB6C4lUvEOwddzebec1IHyPZapt5qChxgl4FzPCPl10Xhz4cwOl25Dgbr+ Amer0gKbXYvjU8iFhckqH5OtPRHBvFhQMakWnTL1QOQCfBeU9iEQ6DLcR4KBOQaA CN5otPt3pJAARoHUDzA2Zb82Feo1GaTFXkxVf+duoPwCVtxpPYsDFPC0E6n0Ba4f UXHUMCEAgmNN4104Mc/FQ37yNca9bYcpDtgO8d6LE0/g9YPalFv8+tvBn5j6sXLv aDanup9cC+SbPMhUSjDCJ9CftHQj7dcZEDGZ9k+4zCzHavgf7/kA8103QQ== -----END CERTIFICATE-----Generated at Sun Jul 20 12:50:45 2025 by rpki-client