$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2716/716WxBNn5PXAhIVJlPhKII-AJkA.roa File: 716WxBNn5PXAhIVJlPhKII-AJkA.roa (raw, json) Hash identifier: q1JM90I8ao4ahmCV6VJppzeaqlUPO8lKk03D2u3KZ3Q= Subject key identifier: EF:5E:96:C4:13:67:E4:F5:C0:84:85:49:94:F8:4A:20:8F:80:26:40 Certificate issuer: /CN=39EE852FE138CDEDC5B42D11A34295D109AD4925 Certificate serial: 0133 Authority key identifier: 39:EE:85:2F:E1:38:CD:ED:C5:B4:2D:11:A3:42:95:D1:09:AD:49:25 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Oe6FL-E4ze3FtC0Ro0KV0QmtSSU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2716/716WxBNn5PXAhIVJlPhKII-AJkA.roa Signing time: Tue 27 May 2025 13:14:32 +0000 ROA not before: Tue 27 May 2025 13:14:32 +0000 ROA not after: Wed 15 Apr 2026 09:08:30 +0000 asID: 134823 IP address blocks: 103.118.248.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2716/Oe6FL-E4ze3FtC0Ro0KV0QmtSSU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2716/Oe6FL-E4ze3FtC0Ro0KV0QmtSSU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Oe6FL-E4ze3FtC0Ro0KV0QmtSSU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 04 Jun 2025 03:09:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 307 (0x133) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=39EE852FE138CDEDC5B42D11A34295D109AD4925 Validity Not Before: May 27 13:14:32 2025 GMT Not After : Apr 15 09:08:30 2026 GMT Subject: CN=EF5E96C41367E4F5C084854994F84A208F802640 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:98:b0:5b:08:7d:a1:a9:f1:17:1e:e5:50:68:9c: f2:93:1b:2d:cc:ef:ef:0d:7d:94:f8:34:f8:06:7b: 9d:7b:af:7a:e9:d9:ef:9e:d1:b2:b0:4c:7a:75:6d: fd:59:46:f1:df:d2:59:92:1b:05:f3:88:6b:c1:e4: 8b:3b:4a:70:09:7b:61:8c:56:e3:ba:bc:39:d8:c7: 27:ba:0d:cc:4a:b2:82:95:74:83:28:17:fe:9e:fc: 4a:4c:89:b6:78:0b:0f:ff:30:f4:3e:c7:a5:b3:d6: c1:9a:36:72:f1:3c:1e:16:f1:5c:04:0d:bf:96:2d: 15:68:ff:c8:5c:31:84:f5:fe:07:e7:7d:ca:64:f0: 5d:91:1a:c6:32:06:b8:10:6a:27:68:cc:17:11:0d: cf:68:1f:26:1b:23:7d:00:b0:6c:36:25:ae:52:a8: 05:c0:08:55:b4:bd:13:77:9f:65:15:a0:a3:cc:d4: 56:44:13:39:05:12:2a:6f:67:42:d8:2c:7b:27:d1: e2:63:9b:b0:af:59:c1:a3:e9:6e:15:0f:b1:d5:78: 68:b4:55:e7:e8:d4:e3:f3:15:01:20:38:5c:11:b5: 9e:31:53:ce:34:e6:82:42:5a:b7:25:6b:97:86:90: a4:98:68:94:f1:6e:5f:80:3c:75:ea:60:dd:91:bd: b0:5b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EF:5E:96:C4:13:67:E4:F5:C0:84:85:49:94:F8:4A:20:8F:80:26:40 X509v3 Authority Key Identifier: keyid:39:EE:85:2F:E1:38:CD:ED:C5:B4:2D:11:A3:42:95:D1:09:AD:49:25 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2716/Oe6FL-E4ze3FtC0Ro0KV0QmtSSU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Oe6FL-E4ze3FtC0Ro0KV0QmtSSU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2716/716WxBNn5PXAhIVJlPhKII-AJkA.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.118.248.0/22 Signature Algorithm: sha256WithRSAEncryption a8:b1:91:37:68:3d:0d:26:60:16:49:6c:50:c9:81:85:fa:8d: bc:b1:67:a2:fc:c1:ba:8b:47:02:70:94:54:9b:a5:54:d0:79: 80:b2:fd:36:5d:8d:97:13:2f:a2:6c:5d:5c:1e:78:03:75:47: d3:8f:90:3f:6b:27:63:ab:b7:3e:75:01:6e:ad:6e:ed:b6:88: f8:51:c1:53:07:b5:64:bf:a0:1a:ac:41:c4:68:82:85:60:61: 66:3a:80:9f:90:79:c7:76:ed:91:f2:5a:69:84:14:7d:a9:83: cb:83:68:cb:00:05:5a:58:25:ab:a4:f4:7f:07:e3:c2:d8:1d: 94:b8:97:c5:fe:6c:ff:6c:10:0c:10:fe:cc:b3:0e:41:c3:40: 86:fd:0a:1f:aa:90:53:64:29:98:ce:cc:94:6b:c1:36:78:10: 62:4c:af:fa:84:5c:58:aa:88:c6:04:76:5b:8a:f7:b4:49:7a: cf:0c:59:eb:e5:37:b7:81:63:e9:96:11:83:7e:25:5d:b3:ea: d9:9e:e3:ef:57:db:0e:8f:97:54:e7:98:b8:91:36:34:02:a8: e5:51:c6:9f:df:f2:40:0e:c6:1e:d2:19:50:86:0b:c4:35:d7: d9:97:63:79:13:e6:c6:db:08:17:79:95:88:95:9f:69:7f:1c: 66:a0:7e:71 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICATMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzlF RTg1MkZFMTM4Q0RFREM1QjQyRDExQTM0Mjk1RDEwOUFENDkyNTAeFw0yNTA1Mjcx MzE0MzJaFw0yNjA0MTUwOTA4MzBaMDMxMTAvBgNVBAMTKEVGNUU5NkM0MTM2N0U0 RjVDMDg0ODU0OTk0Rjg0QTIwOEY4MDI2NDAwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCYsFsIfaGp8Rce5VBonPKTGy3M7+8NfZT4NPgGe517r3rp2e+e 0bKwTHp1bf1ZRvHf0lmSGwXziGvB5Is7SnAJe2GMVuO6vDnYxye6DcxKsoKVdIMo F/6e/EpMibZ4Cw//MPQ+x6Wz1sGaNnLxPB4W8VwEDb+WLRVo/8hcMYT1/gfnfcpk 8F2RGsYyBrgQaidozBcRDc9oHyYbI30AsGw2Ja5SqAXACFW0vRN3n2UVoKPM1FZE EzkFEipvZ0LYLHsn0eJjm7CvWcGj6W4VD7HVeGi0Vefo1OPzFQEgOFwRtZ4xU840 5oJCWrcla5eGkKSYaJTxbl+APHXqYN2RvbBbAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQU716WxBNn5PXAhIVJlPhKII+AJkAwHwYDVR0jBBgwFoAUOe6FL+E4ze3FtC0R o0KV0QmtSSUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjcx Ni9PZTZGTC1FNHplM0Z0QzBSbzBLVjBRbXRTU1UuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL09lNkZMLUU0emUzRnRDMFJvMEtWMFFtdFNTVS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI3MTYvNzE2V3hCTm41UFhB aElWSmxQaEtJSS1BSmtBLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAmd2+DANBgkqhkiG9w0BAQsFAAOCAQEAqLGRN2g9DSZgFklsUMmBhfqNvLFn ovzBuotHAnCUVJulVNB5gLL9Nl2NlxMvomxdXB54A3VH04+QP2snY6u3PnUBbq1u 7baI+FHBUwe1ZL+gGqxBxGiChWBhZjqAn5B5x3btkfJaaYQUfamDy4NoywAFWlgl q6T0fwfjwtgdlLiXxf5s/2wQDBD+zLMOQcNAhv0KH6qQU2QpmM7MlGvBNngQYkyv +oRcWKqIxgR2W4r3tEl6zwxZ6+U3t4Fj6ZYRg34lXbPq2Z7j71fbDo+XVOeYuJE2 NAKo5VHGn9/yQA7GHtIZUIYLxDXX2ZdjeRPmxtsIF3mViJWfaX8cZqB+cQ== -----END CERTIFICATE-----Generated at Wed Jun 4 01:02:09 2025 by rpki-client