$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2716/M8iPNSkTFbBtPKryBgZvxHBs9y4.roa File: M8iPNSkTFbBtPKryBgZvxHBs9y4.roa (raw, json) Hash identifier: iJRrN4C2hrWuTVfOppw5o2pSMzPuKUgFNFm/igeBXkw= Subject key identifier: 33:C8:8F:35:29:13:15:B0:6D:3C:AA:F2:06:06:6F:C4:70:6C:F7:2E Certificate issuer: /CN=39EE852FE138CDEDC5B42D11A34295D109AD4925 Certificate serial: 0217 Authority key identifier: 39:EE:85:2F:E1:38:CD:ED:C5:B4:2D:11:A3:42:95:D1:09:AD:49:25 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Oe6FL-E4ze3FtC0Ro0KV0QmtSSU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2716/M8iPNSkTFbBtPKryBgZvxHBs9y4.roa Signing time: Sun 06 Jul 2025 12:19:20 +0000 ROA not before: Sun 06 Jul 2025 12:19:20 +0000 ROA not after: Wed 15 Apr 2026 09:08:30 +0000 asID: 216047 IP address blocks: 103.216.228.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2716/Oe6FL-E4ze3FtC0Ro0KV0QmtSSU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2716/Oe6FL-E4ze3FtC0Ro0KV0QmtSSU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Oe6FL-E4ze3FtC0Ro0KV0QmtSSU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 20 Jul 2025 13:39:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 535 (0x217) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=39EE852FE138CDEDC5B42D11A34295D109AD4925 Validity Not Before: Jul 6 12:19:20 2025 GMT Not After : Apr 15 09:08:30 2026 GMT Subject: CN=33C88F35291315B06D3CAAF206066FC4706CF72E Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:75:36:e4:b7:54:1f:83:8e:e8:bf:bd:30:e8: b9:48:97:e3:9f:be:72:98:87:ea:25:8b:f1:d0:b0: c4:fd:92:92:ee:af:70:77:00:f9:14:a7:ac:b5:1d: 69:33:e5:08:a1:a9:c4:1d:70:ce:6e:90:30:d9:b0: d6:e0:51:63:86:0e:65:6e:db:7e:36:2d:d1:14:65: a3:53:99:6e:ac:01:3f:45:2f:09:c4:5a:91:86:be: 3c:2c:06:9a:4d:4e:6c:24:4a:1d:7f:eb:22:85:43: 8c:c3:3c:2c:2f:6c:47:99:67:0c:39:a0:ae:29:96: 12:71:0b:97:4a:f0:90:09:ec:5f:c8:a2:7f:5a:0e: ff:6c:bf:d5:23:5e:c3:50:06:e6:cd:28:a9:1a:77: 96:df:1e:84:db:0c:07:32:88:b6:b6:56:38:ca:63: cf:83:9c:dc:fc:c1:2d:9e:b2:57:da:08:3c:4b:01: 6b:b9:28:9a:d3:f1:55:8e:dd:6e:ae:07:0b:55:bb: ee:47:c2:ba:9e:f3:ae:f7:f0:a5:d2:db:87:fb:84: 9f:30:fc:81:0f:1f:57:41:fb:b3:bd:39:7c:3b:39: c1:1f:70:81:1a:3c:3c:12:9f:63:eb:10:dc:6d:f5: 35:3e:65:86:e7:09:09:c3:1f:0c:c8:22:31:48:49: 3b:09 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 33:C8:8F:35:29:13:15:B0:6D:3C:AA:F2:06:06:6F:C4:70:6C:F7:2E X509v3 Authority Key Identifier: keyid:39:EE:85:2F:E1:38:CD:ED:C5:B4:2D:11:A3:42:95:D1:09:AD:49:25 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2716/Oe6FL-E4ze3FtC0Ro0KV0QmtSSU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Oe6FL-E4ze3FtC0Ro0KV0QmtSSU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2716/M8iPNSkTFbBtPKryBgZvxHBs9y4.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.216.228.0/24 Signature Algorithm: sha256WithRSAEncryption c3:48:f7:50:95:b7:4a:ce:7a:11:64:06:35:8e:b6:47:bf:4b: bf:bc:71:6e:43:31:54:77:c6:37:19:f1:81:9f:98:f0:7a:54: e3:be:9a:ba:e5:13:ee:cd:49:31:28:8d:ec:4d:10:64:4c:b8: d0:46:82:15:9c:4d:2c:42:3e:a9:6d:1a:8b:af:c2:c2:f5:2a: d9:07:b0:20:3a:03:29:78:9d:29:93:26:59:24:9f:3e:36:3f: 98:c7:cd:aa:63:de:86:e6:3c:fb:95:30:b8:9e:1f:c0:d8:1a: 81:e5:7a:09:c3:a4:a9:da:9c:90:85:8a:72:ce:e1:18:67:18: 3a:7b:3f:7c:06:b6:4c:13:02:0d:2e:08:2f:ee:32:84:70:72: bd:8c:0d:de:d9:b1:9e:78:80:35:4a:82:21:e3:7a:17:6f:f3: 6d:ce:41:7e:34:31:6d:cd:3d:04:15:bd:61:de:be:f9:dd:0c: 21:60:be:61:dc:61:ee:c3:0a:3a:54:8b:c5:98:4f:da:71:6b: 30:f5:db:28:46:f7:10:3d:98:4e:fe:62:32:12:ef:54:f3:e1: cc:99:02:14:68:77:94:14:25:b7:8b:ea:3b:c4:57:ea:9c:25: d8:38:6b:43:45:84:09:76:0a:5f:97:3c:10:04:fa:6a:5a:44: 4b:ff:9c:28 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICAhcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzlF RTg1MkZFMTM4Q0RFREM1QjQyRDExQTM0Mjk1RDEwOUFENDkyNTAeFw0yNTA3MDYx MjE5MjBaFw0yNjA0MTUwOTA4MzBaMDMxMTAvBgNVBAMTKDMzQzg4RjM1MjkxMzE1 QjA2RDNDQUFGMjA2MDY2RkM0NzA2Q0Y3MkUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC5dTbkt1Qfg47ov70w6LlIl+OfvnKYh+oli/HQsMT9kpLur3B3 APkUp6y1HWkz5QihqcQdcM5ukDDZsNbgUWOGDmVu2342LdEUZaNTmW6sAT9FLwnE WpGGvjwsBppNTmwkSh1/6yKFQ4zDPCwvbEeZZww5oK4plhJxC5dK8JAJ7F/Ion9a Dv9sv9UjXsNQBubNKKkad5bfHoTbDAcyiLa2VjjKY8+DnNz8wS2eslfaCDxLAWu5 KJrT8VWO3W6uBwtVu+5Hwrqe86738KXS24f7hJ8w/IEPH1dB+7O9OXw7OcEfcIEa PDwSn2PrENxt9TU+ZYbnCQnDHwzIIjFISTsJAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUM8iPNSkTFbBtPKryBgZvxHBs9y4wHwYDVR0jBBgwFoAUOe6FL+E4ze3FtC0R o0KV0QmtSSUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjcx Ni9PZTZGTC1FNHplM0Z0QzBSbzBLVjBRbXRTU1UuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL09lNkZMLUU0emUzRnRDMFJvMEtWMFFtdFNTVS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI3MTYvTThpUE5Ta1RGYkJ0 UEtyeUJnWnZ4SEJzOXk0LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAGfY5DANBgkqhkiG9w0BAQsFAAOCAQEAw0j3UJW3Ss56EWQGNY62R79Lv7xx bkMxVHfGNxnxgZ+Y8HpU476auuUT7s1JMSiN7E0QZEy40EaCFZxNLEI+qW0ai6/C wvUq2QewIDoDKXidKZMmWSSfPjY/mMfNqmPehuY8+5UwuJ4fwNgageV6CcOkqdqc kIWKcs7hGGcYOns/fAa2TBMCDS4IL+4yhHByvYwN3tmxnniANUqCIeN6F2/zbc5B fjQxbc09BBW9Yd6++d0MIWC+Ydxh7sMKOlSLxZhP2nFrMPXbKEb3ED2YTv5iMhLv VPPhzJkCFGh3lBQlt4vqO8RX6pwl2DhrQ0WECXYKX5c8EAT6alpES/+cKA== -----END CERTIFICATE-----Generated at Sun Jul 20 12:51:36 2025 by rpki-client