$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2716/CVLhG6pAgf3LbzCivy37M1CeRJY.roa File: CVLhG6pAgf3LbzCivy37M1CeRJY.roa (raw, json) Hash identifier: W2kahDuSAqnAUbzjTsMXkmBjBYH0f/YBH9kH/OmstcY= Subject key identifier: 09:52:E1:1B:AA:40:81:FD:CB:6F:30:A2:BF:2D:FB:33:50:9E:44:96 Certificate issuer: /CN=39EE852FE138CDEDC5B42D11A34295D109AD4925 Certificate serial: 0203 Authority key identifier: 39:EE:85:2F:E1:38:CD:ED:C5:B4:2D:11:A3:42:95:D1:09:AD:49:25 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Oe6FL-E4ze3FtC0Ro0KV0QmtSSU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2716/CVLhG6pAgf3LbzCivy37M1CeRJY.roa Signing time: Fri 04 Jul 2025 15:10:09 +0000 ROA not before: Fri 04 Jul 2025 15:10:09 +0000 ROA not after: Wed 15 Apr 2026 09:08:30 +0000 asID: 134823 IP address blocks: 103.118.220.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2716/Oe6FL-E4ze3FtC0Ro0KV0QmtSSU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2716/Oe6FL-E4ze3FtC0Ro0KV0QmtSSU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Oe6FL-E4ze3FtC0Ro0KV0QmtSSU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 20 Jul 2025 13:39:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 515 (0x203) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=39EE852FE138CDEDC5B42D11A34295D109AD4925 Validity Not Before: Jul 4 15:10:09 2025 GMT Not After : Apr 15 09:08:30 2026 GMT Subject: CN=0952E11BAA4081FDCB6F30A2BF2DFB33509E4496 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9f:ed:df:7d:35:0f:34:f2:8a:f5:05:e9:6b:90: 19:a8:6b:4d:12:6b:26:df:65:5a:16:03:b9:5c:0a: 45:d6:c7:8d:26:11:34:96:ed:2c:ea:eb:af:47:d2: 17:27:ef:26:47:02:70:d6:ed:9d:44:6a:4c:c5:17: b3:76:24:fa:eb:8b:ca:ef:6a:27:47:26:a8:3e:03: 2f:4e:76:5d:77:bd:f7:e6:7a:69:39:ab:2b:d1:9f: c2:20:4c:f8:a6:d4:68:bc:49:1f:85:34:b9:9a:79: 8a:ad:96:e2:44:22:ce:16:2d:72:53:b2:87:1d:97: b0:ef:14:c0:5b:d6:71:b7:aa:75:03:82:c7:da:9e: 31:5f:6b:c3:23:5e:b3:71:f7:7d:b2:00:31:39:20: 61:06:e7:a5:b2:e9:37:0b:0c:05:02:fd:ee:6c:52: 19:9a:32:da:c8:93:f5:58:73:2e:fd:8f:55:93:8f: 76:af:b4:ec:69:1b:2c:8a:f1:4e:0a:4a:2d:fb:dd: 0b:af:78:15:32:60:e3:c3:7d:ab:f5:a0:04:b4:3f: 94:2a:40:95:ce:7a:07:52:75:ad:81:82:1a:94:f0: 43:92:da:aa:51:72:82:e2:1d:e9:6a:00:af:c3:8b: be:57:78:20:69:ac:62:2a:ca:75:e4:c4:f6:74:64: 99:c9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 09:52:E1:1B:AA:40:81:FD:CB:6F:30:A2:BF:2D:FB:33:50:9E:44:96 X509v3 Authority Key Identifier: keyid:39:EE:85:2F:E1:38:CD:ED:C5:B4:2D:11:A3:42:95:D1:09:AD:49:25 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2716/Oe6FL-E4ze3FtC0Ro0KV0QmtSSU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Oe6FL-E4ze3FtC0Ro0KV0QmtSSU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2716/CVLhG6pAgf3LbzCivy37M1CeRJY.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.118.220.0/22 Signature Algorithm: sha256WithRSAEncryption 29:b1:bd:1a:72:cf:c4:73:8a:3b:31:89:aa:84:60:82:91:be: 55:62:98:2a:08:5e:e0:a9:ba:32:29:a8:21:3e:b5:7a:81:80: 46:9e:c1:51:ac:73:a2:24:a2:34:b1:37:35:ec:93:dd:e5:ec: a7:70:a0:43:a6:ec:c5:2b:94:ea:8e:06:2f:d0:b9:ef:a7:53: a8:80:c8:9c:ac:1a:09:89:86:b7:72:41:b1:79:a2:67:57:18: 4b:5f:b9:47:25:6d:b0:6a:a1:5b:f3:db:00:26:a5:5a:85:7f: 45:d3:19:a5:b7:7e:6b:6b:5f:df:54:d5:6a:13:e1:f0:71:3f: f9:97:c0:12:6b:76:61:9a:5e:35:ec:06:be:4e:37:da:b1:d8: 07:20:9f:87:31:33:6b:a7:f3:88:e5:88:82:69:0a:2b:fb:55: ca:ba:ec:70:b8:38:71:df:8f:b0:69:b2:60:08:a3:09:a3:de: c3:ae:8e:9b:d6:ec:b6:b8:df:fe:b4:63:ce:83:1f:99:3a:76: 28:67:2a:f3:20:63:b9:e3:4f:a0:e2:78:6a:fb:91:35:21:34: b2:64:d6:12:b4:cc:32:35:59:08:e4:a3:82:20:8e:27:9c:78: 23:52:6c:42:98:a6:9a:4d:6b:12:c2:ff:cb:b2:3e:c1:f5:a3: 19:d3:00:11 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICAgMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzlF RTg1MkZFMTM4Q0RFREM1QjQyRDExQTM0Mjk1RDEwOUFENDkyNTAeFw0yNTA3MDQx NTEwMDlaFw0yNjA0MTUwOTA4MzBaMDMxMTAvBgNVBAMTKDA5NTJFMTFCQUE0MDgx RkRDQjZGMzBBMkJGMkRGQjMzNTA5RTQ0OTYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCf7d99NQ808or1BelrkBmoa00SaybfZVoWA7lcCkXWx40mETSW 7Szq669H0hcn7yZHAnDW7Z1EakzFF7N2JPrri8rvaidHJqg+Ay9Odl13vffmemk5 qyvRn8IgTPim1Gi8SR+FNLmaeYqtluJEIs4WLXJTsocdl7DvFMBb1nG3qnUDgsfa njFfa8MjXrNx932yADE5IGEG56Wy6TcLDAUC/e5sUhmaMtrIk/VYcy79j1WTj3av tOxpGyyK8U4KSi373QuveBUyYOPDfav1oAS0P5QqQJXOegdSda2BghqU8EOS2qpR coLiHelqAK/Di75XeCBprGIqynXkxPZ0ZJnJAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUCVLhG6pAgf3LbzCivy37M1CeRJYwHwYDVR0jBBgwFoAUOe6FL+E4ze3FtC0R o0KV0QmtSSUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjcx Ni9PZTZGTC1FNHplM0Z0QzBSbzBLVjBRbXRTU1UuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL09lNkZMLUU0emUzRnRDMFJvMEtWMFFtdFNTVS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI3MTYvQ1ZMaEc2cEFnZjNM YnpDaXZ5MzdNMUNlUkpZLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAmd23DANBgkqhkiG9w0BAQsFAAOCAQEAKbG9GnLPxHOKOzGJqoRggpG+VWKY Kghe4Km6MimoIT61eoGARp7BUaxzoiSiNLE3NeyT3eXsp3CgQ6bsxSuU6o4GL9C5 76dTqIDInKwaCYmGt3JBsXmiZ1cYS1+5RyVtsGqhW/PbACalWoV/RdMZpbd+a2tf 31TVahPh8HE/+ZfAEmt2YZpeNewGvk432rHYByCfhzEza6fziOWIgmkKK/tVyrrs cLg4cd+PsGmyYAijCaPew66Om9bstrjf/rRjzoMfmTp2KGcq8yBjueNPoOJ4avuR NSE0smTWErTMMjVZCOSjgiCOJ5x4I1JsQpimmk1rEsL/y7I+wfWjGdMAEQ== -----END CERTIFICATE-----Generated at Sun Jul 20 12:55:40 2025 by rpki-client