$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2716/U_LyMydmKDzyaMAOONsgyewEjYA.roa File: U_LyMydmKDzyaMAOONsgyewEjYA.roa (raw, json) Hash identifier: WGeTdPgOpsXJ51q63FiXMnx8MFFVyRPaZsOvzEsyb9g= Subject key identifier: 53:F2:F2:33:27:66:28:3C:F2:68:C0:0E:38:DB:20:C9:EC:04:8D:80 Certificate issuer: /CN=39EE852FE138CDEDC5B42D11A34295D109AD4925 Certificate serial: 0251 Authority key identifier: 39:EE:85:2F:E1:38:CD:ED:C5:B4:2D:11:A3:42:95:D1:09:AD:49:25 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Oe6FL-E4ze3FtC0Ro0KV0QmtSSU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2716/U_LyMydmKDzyaMAOONsgyewEjYA.roa Signing time: Wed 16 Jul 2025 10:01:54 +0000 ROA not before: Wed 16 Jul 2025 10:01:54 +0000 ROA not after: Wed 15 Apr 2026 09:08:30 +0000 asID: 137508 IP address blocks: 103.118.220.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2716/Oe6FL-E4ze3FtC0Ro0KV0QmtSSU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2716/Oe6FL-E4ze3FtC0Ro0KV0QmtSSU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Oe6FL-E4ze3FtC0Ro0KV0QmtSSU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 20 Jul 2025 13:39:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 593 (0x251) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=39EE852FE138CDEDC5B42D11A34295D109AD4925 Validity Not Before: Jul 16 10:01:54 2025 GMT Not After : Apr 15 09:08:30 2026 GMT Subject: CN=53F2F2332766283CF268C00E38DB20C9EC048D80 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9a:e4:a9:6f:77:ea:64:8d:45:b4:1e:90:08:a5: c5:be:e6:1e:17:6e:24:f2:95:1a:71:de:82:6b:ac: db:7c:d5:c5:9e:3d:dd:9f:ca:ea:fc:c9:44:f8:b4: fe:91:53:5c:06:8c:4a:60:16:ed:a6:cd:3b:d3:3f: f4:fc:9c:da:a6:8e:d8:f3:3f:90:d6:08:46:5d:d3: 38:d3:5f:14:3e:01:cc:8d:eb:94:cb:11:20:6b:fe: 5e:1c:9e:64:fb:65:8b:17:28:28:ad:93:d6:c1:79: b1:8f:f5:4c:3e:a6:9b:d6:35:75:ee:84:24:34:9e: f4:1b:4f:73:f6:00:70:73:d4:34:38:52:dd:8e:d1: 4a:4b:19:1b:05:8f:90:47:bf:18:97:f8:5b:8a:7f: 8a:6a:54:0e:9f:bc:85:ca:eb:f2:a4:c4:fe:3d:12: d5:64:86:92:bd:e3:76:c1:d9:e1:a0:fe:60:f7:d3: 43:f7:fa:f2:d7:89:15:e5:de:e4:18:d5:e6:d8:b4: 94:a4:f3:26:b0:e3:12:85:bf:8b:1c:91:e3:82:5e: 3f:dc:c9:12:34:7f:4a:be:9e:ca:dc:3a:71:13:2f: d1:82:c6:af:1e:5a:ac:d5:93:d0:6e:af:38:e9:00: db:3b:8c:fc:fe:4e:85:09:4d:2d:ad:e2:fe:39:be: 6b:5f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 53:F2:F2:33:27:66:28:3C:F2:68:C0:0E:38:DB:20:C9:EC:04:8D:80 X509v3 Authority Key Identifier: keyid:39:EE:85:2F:E1:38:CD:ED:C5:B4:2D:11:A3:42:95:D1:09:AD:49:25 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2716/Oe6FL-E4ze3FtC0Ro0KV0QmtSSU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Oe6FL-E4ze3FtC0Ro0KV0QmtSSU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2716/U_LyMydmKDzyaMAOONsgyewEjYA.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.118.220.0/22 Signature Algorithm: sha256WithRSAEncryption ce:b2:8c:01:d3:1d:20:7a:1d:5e:f7:fd:19:7f:8d:f7:78:02: f8:26:bd:62:ba:3b:72:b5:a1:e0:39:ce:05:80:8e:cc:f5:1e: a8:17:0b:3c:b1:39:28:19:ab:65:7b:85:4a:48:91:f6:2c:ea: 7b:a0:95:69:e6:99:3c:0e:be:cc:78:82:8c:0c:3e:e2:79:e0: e2:11:16:66:f4:01:d4:89:c8:3b:d1:e5:37:56:13:d3:10:18: 60:c7:13:40:98:9d:03:aa:13:54:59:d5:ff:a7:7f:0c:ef:5f: e9:4e:60:1e:40:43:63:db:62:e4:cb:7c:e7:e3:53:d5:3c:0e: 78:79:a0:db:e3:38:aa:46:b1:39:93:4c:e5:9a:b2:27:f9:03: 2b:b5:af:b0:5f:be:3c:51:7c:af:6c:e4:6e:cc:58:59:45:1d: bc:ca:04:f9:9a:4f:25:d4:f2:81:8e:05:28:d8:b0:a1:18:7a: 14:13:e6:40:7e:b5:ae:eb:be:21:6c:77:cd:6f:b7:1f:b6:b6: 83:04:4b:58:db:dd:ec:66:ef:1c:1c:88:d0:12:d4:34:dd:b2: 92:3e:77:56:03:84:08:e3:72:2f:40:6e:84:ea:f4:5b:e7:93: 19:3c:49:70:8c:44:50:df:57:bb:5c:13:ab:5c:9e:71:45:80: f2:18:08:4c -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICAlEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzlF RTg1MkZFMTM4Q0RFREM1QjQyRDExQTM0Mjk1RDEwOUFENDkyNTAeFw0yNTA3MTYx MDAxNTRaFw0yNjA0MTUwOTA4MzBaMDMxMTAvBgNVBAMTKDUzRjJGMjMzMjc2NjI4 M0NGMjY4QzAwRTM4REIyMEM5RUMwNDhEODAwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCa5Klvd+pkjUW0HpAIpcW+5h4XbiTylRpx3oJrrNt81cWePd2f yur8yUT4tP6RU1wGjEpgFu2mzTvTP/T8nNqmjtjzP5DWCEZd0zjTXxQ+AcyN65TL ESBr/l4cnmT7ZYsXKCitk9bBebGP9Uw+ppvWNXXuhCQ0nvQbT3P2AHBz1DQ4Ut2O 0UpLGRsFj5BHvxiX+FuKf4pqVA6fvIXK6/KkxP49EtVkhpK943bB2eGg/mD300P3 +vLXiRXl3uQY1ebYtJSk8yaw4xKFv4sckeOCXj/cyRI0f0q+nsrcOnETL9GCxq8e WqzVk9BurzjpANs7jPz+ToUJTS2t4v45vmtfAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUU/LyMydmKDzyaMAOONsgyewEjYAwHwYDVR0jBBgwFoAUOe6FL+E4ze3FtC0R o0KV0QmtSSUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjcx Ni9PZTZGTC1FNHplM0Z0QzBSbzBLVjBRbXRTU1UuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL09lNkZMLUU0emUzRnRDMFJvMEtWMFFtdFNTVS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI3MTYvVV9MeU15ZG1LRHp5 YU1BT09Oc2d5ZXdFallBLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAmd23DANBgkqhkiG9w0BAQsFAAOCAQEAzrKMAdMdIHodXvf9GX+N93gC+Ca9 Yro7crWh4DnOBYCOzPUeqBcLPLE5KBmrZXuFSkiR9izqe6CVaeaZPA6+zHiCjAw+ 4nng4hEWZvQB1InIO9HlN1YT0xAYYMcTQJidA6oTVFnV/6d/DO9f6U5gHkBDY9ti 5Mt85+NT1TwOeHmg2+M4qkaxOZNM5ZqyJ/kDK7WvsF++PFF8r2zkbsxYWUUdvMoE +ZpPJdTygY4FKNiwoRh6FBPmQH61ruu+IWx3zW+3H7a2gwRLWNvd7GbvHByI0BLU NN2ykj53VgOECONyL0BuhOr0W+eTGTxJcIxEUN9Xu1wTq1yecUWA8hgITA== -----END CERTIFICATE-----Generated at Sun Jul 20 12:36:09 2025 by rpki-client