$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2716/Hmiil0PDOLFH4L-SqjdeNNsuivY.roa File: Hmiil0PDOLFH4L-SqjdeNNsuivY.roa (raw, json) Hash identifier: eqPvR+cwHioCQwO8V+kBGHfUZQiHxzA+IaszJGuU4OA= Subject key identifier: 1E:68:A2:97:43:C3:38:B1:47:E0:BF:92:AA:37:5E:34:DB:2E:8A:F6 Certificate issuer: /CN=39EE852FE138CDEDC5B42D11A34295D109AD4925 Certificate serial: 0252 Authority key identifier: 39:EE:85:2F:E1:38:CD:ED:C5:B4:2D:11:A3:42:95:D1:09:AD:49:25 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Oe6FL-E4ze3FtC0Ro0KV0QmtSSU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2716/Hmiil0PDOLFH4L-SqjdeNNsuivY.roa Signing time: Wed 16 Jul 2025 10:01:55 +0000 ROA not before: Wed 16 Jul 2025 10:01:55 +0000 ROA not after: Wed 15 Apr 2026 09:08:30 +0000 asID: 134121 IP address blocks: 103.118.220.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2716/Oe6FL-E4ze3FtC0Ro0KV0QmtSSU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2716/Oe6FL-E4ze3FtC0Ro0KV0QmtSSU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Oe6FL-E4ze3FtC0Ro0KV0QmtSSU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 20 Jul 2025 13:39:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 594 (0x252) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=39EE852FE138CDEDC5B42D11A34295D109AD4925 Validity Not Before: Jul 16 10:01:55 2025 GMT Not After : Apr 15 09:08:30 2026 GMT Subject: CN=1E68A29743C338B147E0BF92AA375E34DB2E8AF6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:a0:1d:dd:f0:53:79:e4:f5:53:7f:56:7f:67: b7:23:42:db:4c:21:16:21:64:1d:77:3b:54:0b:de: fd:2a:5c:fa:73:75:a6:08:3b:6e:4b:3b:1d:b1:d0: a6:7c:c4:ba:e0:27:1a:ed:96:9e:80:11:07:06:5a: b7:05:a3:28:8b:a0:2f:18:78:e1:32:ce:66:67:bd: 30:b2:91:1e:92:74:a0:51:8b:84:54:db:a4:c5:f9: c0:3b:40:53:c8:36:c6:a8:5b:79:a9:91:11:d0:a2: 7a:20:27:21:fd:ee:d4:1f:5e:37:1a:b8:9e:0f:81: 7c:a8:67:61:c4:6b:d7:fd:99:4d:3c:ea:d2:bd:ca: dc:b5:b7:f6:19:e1:4d:8c:45:d1:c4:12:79:01:b8: dd:b6:77:76:76:14:6f:54:10:ea:4f:8d:65:59:35: 7f:15:9b:59:d0:44:66:4d:5d:29:96:e7:ff:62:5f: 82:5a:6e:04:01:c3:87:37:7c:d5:60:7d:00:23:ab: d4:31:d7:9f:7f:14:7d:af:a4:fc:f4:f3:c8:a6:21: 94:67:29:0a:bd:0b:8f:4f:eb:db:d4:ca:2f:c0:4f: 67:f3:e3:39:70:a4:ce:90:85:bc:5c:71:53:fe:d5: be:9c:7b:88:84:bd:98:d5:e0:ca:84:5d:24:cd:74: ff:7b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1E:68:A2:97:43:C3:38:B1:47:E0:BF:92:AA:37:5E:34:DB:2E:8A:F6 X509v3 Authority Key Identifier: keyid:39:EE:85:2F:E1:38:CD:ED:C5:B4:2D:11:A3:42:95:D1:09:AD:49:25 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2716/Oe6FL-E4ze3FtC0Ro0KV0QmtSSU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Oe6FL-E4ze3FtC0Ro0KV0QmtSSU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2716/Hmiil0PDOLFH4L-SqjdeNNsuivY.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.118.220.0/22 Signature Algorithm: sha256WithRSAEncryption 78:4a:12:fe:7d:c0:16:a2:2b:66:d1:8d:f4:c1:7a:22:52:8d: 39:eb:d8:a2:6a:21:1e:cf:7e:e3:39:8e:5d:ab:e4:aa:08:40: 27:e3:bd:19:60:6d:98:55:bc:d4:5b:02:75:d3:a2:dc:5a:b6: 0e:08:db:a4:69:6c:4c:29:ba:36:d8:5e:1a:55:e7:f6:e9:26: 4e:16:dc:78:25:7e:8e:92:07:ff:9a:2c:7f:c0:40:c1:cf:38: c1:0c:0f:67:de:24:53:ac:48:b4:8a:b8:bd:ae:6d:5b:7e:ed: fa:f0:5e:0c:41:c2:92:b2:87:85:65:47:70:75:42:3a:7a:64: 28:6c:0d:de:3f:8c:a0:69:59:60:28:d1:5f:28:6f:05:c2:7b: cb:35:c8:5f:20:36:f4:25:03:37:ea:eb:34:99:70:c1:f0:02: 84:4d:a8:80:7e:23:77:5b:06:2a:6b:3d:47:a9:4c:8e:03:66: ba:bf:63:f5:23:7f:08:d1:0d:75:fc:22:54:ee:44:2e:82:a4: 25:91:c2:6e:63:b1:3e:be:fc:67:37:10:1d:ad:f2:2f:da:4e: 7f:70:50:20:b3:b4:dc:34:d2:7d:6b:67:5d:26:68:c4:64:d2: 9d:5b:f0:c1:55:bc:4d:a6:7e:d7:a0:d9:bd:00:d1:c6:ee:06: 3d:a0:b4:9e -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICAlIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzlF RTg1MkZFMTM4Q0RFREM1QjQyRDExQTM0Mjk1RDEwOUFENDkyNTAeFw0yNTA3MTYx MDAxNTVaFw0yNjA0MTUwOTA4MzBaMDMxMTAvBgNVBAMTKDFFNjhBMjk3NDNDMzM4 QjE0N0UwQkY5MkFBMzc1RTM0REIyRThBRjYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCmoB3d8FN55PVTf1Z/Z7cjQttMIRYhZB13O1QL3v0qXPpzdaYI O25LOx2x0KZ8xLrgJxrtlp6AEQcGWrcFoyiLoC8YeOEyzmZnvTCykR6SdKBRi4RU 26TF+cA7QFPINsaoW3mpkRHQonogJyH97tQfXjcauJ4PgXyoZ2HEa9f9mU086tK9 yty1t/YZ4U2MRdHEEnkBuN22d3Z2FG9UEOpPjWVZNX8Vm1nQRGZNXSmW5/9iX4Ja bgQBw4c3fNVgfQAjq9Qx159/FH2vpPz088imIZRnKQq9C49P69vUyi/AT2fz4zlw pM6QhbxccVP+1b6ce4iEvZjV4MqEXSTNdP97AgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUHmiil0PDOLFH4L+SqjdeNNsuivYwHwYDVR0jBBgwFoAUOe6FL+E4ze3FtC0R o0KV0QmtSSUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjcx Ni9PZTZGTC1FNHplM0Z0QzBSbzBLVjBRbXRTU1UuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL09lNkZMLUU0emUzRnRDMFJvMEtWMFFtdFNTVS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI3MTYvSG1paWwwUERPTEZI NEwtU3FqZGVOTnN1aXZZLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAmd23DANBgkqhkiG9w0BAQsFAAOCAQEAeEoS/n3AFqIrZtGN9MF6IlKNOevY omohHs9+4zmOXavkqghAJ+O9GWBtmFW81FsCddOi3Fq2DgjbpGlsTCm6NtheGlXn 9ukmThbceCV+jpIH/5osf8BAwc84wQwPZ94kU6xItIq4va5tW37t+vBeDEHCkrKH hWVHcHVCOnpkKGwN3j+MoGlZYCjRXyhvBcJ7yzXIXyA29CUDN+rrNJlwwfAChE2o gH4jd1sGKms9R6lMjgNmur9j9SN/CNENdfwiVO5ELoKkJZHCbmOxPr78ZzcQHa3y L9pOf3BQILO03DTSfWtnXSZoxGTSnVvwwVW8TaZ+16DZvQDRxu4GPaC0ng== -----END CERTIFICATE-----Generated at Sun Jul 20 12:56:01 2025 by rpki-client