$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2716/DvsVhMMJUGq3l1wywP9LtjBbYPk.roa File: DvsVhMMJUGq3l1wywP9LtjBbYPk.roa (raw, json) Hash identifier: VaXYZOQyLqGASp0aCpkpndiWBUiCNxxjaUnjNW43nOc= Subject key identifier: 0E:FB:15:84:C3:09:50:6A:B7:97:5C:32:C0:FF:4B:B6:30:5B:60:F9 Certificate issuer: /CN=39EE852FE138CDEDC5B42D11A34295D109AD4925 Certificate serial: 0250 Authority key identifier: 39:EE:85:2F:E1:38:CD:ED:C5:B4:2D:11:A3:42:95:D1:09:AD:49:25 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Oe6FL-E4ze3FtC0Ro0KV0QmtSSU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2716/DvsVhMMJUGq3l1wywP9LtjBbYPk.roa Signing time: Wed 16 Jul 2025 10:01:54 +0000 ROA not before: Wed 16 Jul 2025 10:01:54 +0000 ROA not after: Wed 15 Apr 2026 09:08:30 +0000 asID: 134121 IP address blocks: 103.118.216.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2716/Oe6FL-E4ze3FtC0Ro0KV0QmtSSU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2716/Oe6FL-E4ze3FtC0Ro0KV0QmtSSU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Oe6FL-E4ze3FtC0Ro0KV0QmtSSU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 28 Oct 2025 11:53:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 592 (0x250) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=39EE852FE138CDEDC5B42D11A34295D109AD4925 Validity Not Before: Jul 16 10:01:54 2025 GMT Not After : Apr 15 09:08:30 2026 GMT Subject: CN=0EFB1584C309506AB7975C32C0FF4BB6305B60F9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f2:df:d6:73:14:18:53:65:27:52:c6:a3:c7:58: a5:f0:bd:9c:76:0d:79:56:b6:56:5d:10:59:14:bd: 93:29:f9:4c:f4:6c:33:78:38:18:1f:7b:a2:f1:f9: 19:84:92:22:3e:3f:77:0d:c6:9c:a9:e1:e2:35:10: 2d:36:8c:cb:14:6f:1d:c8:21:72:68:80:46:7c:33: eb:37:b2:89:66:0f:f9:70:91:10:b2:a1:0f:b6:98: 5f:92:ee:85:c1:ed:0c:00:bf:66:44:0c:5f:2d:ff: a0:cb:a8:5c:72:4a:c3:49:10:61:a9:d6:4c:30:b2: b8:4a:7a:be:9b:a3:d3:c2:df:d2:b2:9f:e8:b5:03: d5:5b:55:81:a0:57:2e:0b:27:be:0b:16:68:f0:59: 45:47:ed:20:a2:01:b6:dd:b9:34:a7:1a:a1:a8:ec: cd:28:76:2a:0b:35:57:74:ff:14:9e:30:65:a7:a8: d3:9a:f2:13:ce:af:20:a9:c3:ad:c3:af:d9:61:82: 04:39:ab:cc:09:fe:2f:22:d8:5d:77:d8:b5:f5:e3: ad:b1:0e:e4:29:14:d4:82:4b:46:18:8c:6d:ed:c5: 82:30:ac:9e:a6:0c:e9:66:67:0b:2b:95:b8:a4:8e: 93:87:33:f8:5f:63:3a:2b:c8:a9:66:ac:22:b8:be: e8:47 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0E:FB:15:84:C3:09:50:6A:B7:97:5C:32:C0:FF:4B:B6:30:5B:60:F9 X509v3 Authority Key Identifier: keyid:39:EE:85:2F:E1:38:CD:ED:C5:B4:2D:11:A3:42:95:D1:09:AD:49:25 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2716/Oe6FL-E4ze3FtC0Ro0KV0QmtSSU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Oe6FL-E4ze3FtC0Ro0KV0QmtSSU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2716/DvsVhMMJUGq3l1wywP9LtjBbYPk.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.118.216.0/22 Signature Algorithm: sha256WithRSAEncryption 55:a1:24:0d:b2:8c:77:36:dc:e3:bd:1c:d6:7e:43:20:4d:de: f2:f6:11:97:21:85:3d:46:32:a8:35:26:18:28:ec:b4:1f:ec: 7b:20:4b:b4:c4:ce:6a:89:d2:b9:de:df:64:72:6d:03:62:11: e8:1b:3b:67:47:ba:51:7d:10:93:e1:97:6c:3a:79:99:c7:aa: 93:a4:ca:0d:da:18:66:bf:f4:60:ea:7f:9b:80:ee:04:ab:63: 11:52:56:56:b6:80:ad:74:c9:04:a5:31:a0:04:54:16:44:80: 32:7d:aa:e6:b0:26:ae:92:76:73:b4:3f:69:6b:eb:32:c4:e7: 26:c7:83:4a:ac:cc:82:43:63:69:8d:7d:88:61:73:35:8b:77: 5f:29:56:8e:48:f5:b0:ba:24:5a:7a:32:bf:20:48:ef:09:4b: 07:1b:ce:3c:5a:47:35:84:ff:6e:f2:a4:12:5e:6e:6e:71:bc: 19:33:fe:23:ba:96:2f:a2:29:f9:27:50:28:ea:1d:f4:4c:4c: 02:96:b2:5f:38:9d:72:ff:3b:d5:49:ce:a2:19:8f:9d:d7:17: f5:a5:57:b8:f7:3f:af:ac:eb:f1:f2:7a:0a:06:31:b6:35:11: d8:25:72:7c:95:1f:89:9c:e9:1a:0e:2e:32:19:75:d1:c7:f3: eb:7d:da:f4 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICAlAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzlF RTg1MkZFMTM4Q0RFREM1QjQyRDExQTM0Mjk1RDEwOUFENDkyNTAeFw0yNTA3MTYx MDAxNTRaFw0yNjA0MTUwOTA4MzBaMDMxMTAvBgNVBAMTKDBFRkIxNTg0QzMwOTUw NkFCNzk3NUMzMkMwRkY0QkI2MzA1QjYwRjkwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDy39ZzFBhTZSdSxqPHWKXwvZx2DXlWtlZdEFkUvZMp+Uz0bDN4 OBgfe6Lx+RmEkiI+P3cNxpyp4eI1EC02jMsUbx3IIXJogEZ8M+s3solmD/lwkRCy oQ+2mF+S7oXB7QwAv2ZEDF8t/6DLqFxySsNJEGGp1kwwsrhKer6bo9PC39Kyn+i1 A9VbVYGgVy4LJ74LFmjwWUVH7SCiAbbduTSnGqGo7M0odioLNVd0/xSeMGWnqNOa 8hPOryCpw63Dr9lhggQ5q8wJ/i8i2F132LX1462xDuQpFNSCS0YYjG3txYIwrJ6m DOlmZwsrlbikjpOHM/hfYzoryKlmrCK4vuhHAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUDvsVhMMJUGq3l1wywP9LtjBbYPkwHwYDVR0jBBgwFoAUOe6FL+E4ze3FtC0R o0KV0QmtSSUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjcx Ni9PZTZGTC1FNHplM0Z0QzBSbzBLVjBRbXRTU1UuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL09lNkZMLUU0emUzRnRDMFJvMEtWMFFtdFNTVS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI3MTYvRHZzVmhNTUpVR3Ez bDF3eXdQOUx0akJiWVBrLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAmd22DANBgkqhkiG9w0BAQsFAAOCAQEAVaEkDbKMdzbc470c1n5DIE3e8vYR lyGFPUYyqDUmGCjstB/seyBLtMTOaonSud7fZHJtA2IR6Bs7Z0e6UX0Qk+GXbDp5 mceqk6TKDdoYZr/0YOp/m4DuBKtjEVJWVraArXTJBKUxoARUFkSAMn2q5rAmrpJ2 c7Q/aWvrMsTnJseDSqzMgkNjaY19iGFzNYt3XylWjkj1sLokWnoyvyBI7wlLBxvO PFpHNYT/bvKkEl5ubnG8GTP+I7qWL6Ip+SdQKOod9ExMApayXzidcv871UnOohmP ndcX9aVXuPc/r6zr8fJ6CgYxtjUR2CVyfJUfiZzpGg4uMhl10cfz633a9A== -----END CERTIFICATE-----Generated at Tue Oct 28 10:54:18 2025 by rpki-client