$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2716/XwO51fi-clJ9-9AjC7iuGSg5cvY.roa File: XwO51fi-clJ9-9AjC7iuGSg5cvY.roa (raw, json) Hash identifier: 7OnJT0fSwIxuAScAhSi4qXw6xgRs46hKZz5Bf1mutNc= Subject key identifier: 5F:03:B9:D5:F8:BE:72:52:7D:FB:D0:23:0B:B8:AE:19:28:39:72:F6 Certificate issuer: /CN=39EE852FE138CDEDC5B42D11A34295D109AD4925 Certificate serial: 0206 Authority key identifier: 39:EE:85:2F:E1:38:CD:ED:C5:B4:2D:11:A3:42:95:D1:09:AD:49:25 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Oe6FL-E4ze3FtC0Ro0KV0QmtSSU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2716/XwO51fi-clJ9-9AjC7iuGSg5cvY.roa Signing time: Fri 04 Jul 2025 15:10:10 +0000 ROA not before: Fri 04 Jul 2025 15:10:10 +0000 ROA not after: Wed 15 Apr 2026 09:08:30 +0000 asID: 134823 IP address blocks: 103.118.216.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2716/Oe6FL-E4ze3FtC0Ro0KV0QmtSSU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2716/Oe6FL-E4ze3FtC0Ro0KV0QmtSSU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Oe6FL-E4ze3FtC0Ro0KV0QmtSSU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 20 Jul 2025 13:39:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 518 (0x206) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=39EE852FE138CDEDC5B42D11A34295D109AD4925 Validity Not Before: Jul 4 15:10:10 2025 GMT Not After : Apr 15 09:08:30 2026 GMT Subject: CN=5F03B9D5F8BE72527DFBD0230BB8AE19283972F6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:c2:82:c9:66:65:80:d8:c7:cf:32:d2:24:4b: 5e:a8:5c:83:96:1f:ce:37:22:89:96:ad:78:5f:8e: 02:4e:0c:37:1b:50:7b:ba:58:87:0d:18:cc:f0:c6: 05:3a:71:71:ba:25:78:49:72:d9:0d:ea:40:1d:17: ef:45:ac:eb:8f:10:c0:59:09:8c:c3:05:94:b2:20: 40:31:df:94:89:7f:2d:ae:34:4a:34:18:76:d4:aa: a7:55:b9:d3:7a:02:f9:2c:2b:3f:1c:7f:66:5c:74: 1f:0f:86:a5:c7:88:41:82:6b:8d:43:c7:e7:be:ab: 70:fe:bf:70:92:5e:6f:44:ff:00:2d:5c:fa:8b:12: 1a:47:c0:b5:01:8b:a1:9e:bd:8e:f1:84:e3:12:e8: a2:9b:63:73:ea:44:da:48:4d:34:6f:95:44:06:f4: 9f:6c:78:47:19:9b:7b:4d:74:f9:a0:fc:27:68:b5: c6:15:8a:47:19:df:89:03:64:39:6e:e9:25:5c:55: b0:1e:7f:41:e9:3e:0c:06:7b:d8:69:a0:d2:d4:21: 89:01:a3:ae:e9:dd:00:ec:bb:50:c2:d8:4c:6c:32: cb:b1:fb:a3:34:73:94:69:16:05:2d:7f:e1:18:3e: 16:73:3c:87:95:3d:7e:25:3f:7f:ac:6e:93:bf:3d: 5b:05 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5F:03:B9:D5:F8:BE:72:52:7D:FB:D0:23:0B:B8:AE:19:28:39:72:F6 X509v3 Authority Key Identifier: keyid:39:EE:85:2F:E1:38:CD:ED:C5:B4:2D:11:A3:42:95:D1:09:AD:49:25 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2716/Oe6FL-E4ze3FtC0Ro0KV0QmtSSU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Oe6FL-E4ze3FtC0Ro0KV0QmtSSU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2716/XwO51fi-clJ9-9AjC7iuGSg5cvY.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.118.216.0/22 Signature Algorithm: sha256WithRSAEncryption 75:0a:50:a4:7e:78:03:ca:cd:65:90:f5:fc:c8:84:26:ec:c7: 8f:1c:c7:ae:97:85:22:21:33:dd:64:17:9e:78:22:8e:f0:7f: 6f:77:32:51:d0:f9:89:8f:09:90:dd:3a:5d:58:c2:fa:17:2e: 6d:19:1f:4c:de:d2:52:c7:9f:aa:4e:bc:14:74:a4:be:f9:f9: 43:46:16:3a:38:87:1e:39:c2:9c:3e:b7:64:6a:a9:ea:26:c8: 89:f2:90:41:6c:18:c2:5d:35:e1:60:dd:28:62:0b:f9:44:59: 36:8c:06:52:cc:96:2d:d6:15:84:a2:ae:c5:b0:28:6d:9f:11: 65:5a:7e:67:6f:52:c2:17:14:26:a2:c5:35:4b:c6:62:1d:7e: 19:00:4c:ca:35:ab:39:da:1f:4c:35:08:81:70:98:e5:8b:0b: 37:40:6c:04:8b:9e:c3:a3:c9:3b:6e:6c:81:1e:8f:f7:ad:e6: 54:a4:5d:03:53:c5:1e:24:33:17:e4:7f:2b:82:79:17:d1:54: 63:92:df:4a:dd:e0:37:3c:ba:07:fa:d1:49:93:0d:bb:1e:04: 76:ab:e7:ed:8c:2d:16:ec:c3:ea:40:69:fb:56:58:86:ee:db: 25:a2:b9:45:72:84:24:a3:bb:24:0c:d3:7e:b6:b1:ea:27:34: 9a:f1:c3:99 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICAgYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzlF RTg1MkZFMTM4Q0RFREM1QjQyRDExQTM0Mjk1RDEwOUFENDkyNTAeFw0yNTA3MDQx NTEwMTBaFw0yNjA0MTUwOTA4MzBaMDMxMTAvBgNVBAMTKDVGMDNCOUQ1RjhCRTcy NTI3REZCRDAyMzBCQjhBRTE5MjgzOTcyRjYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDNwoLJZmWA2MfPMtIkS16oXIOWH843IomWrXhfjgJODDcbUHu6 WIcNGMzwxgU6cXG6JXhJctkN6kAdF+9FrOuPEMBZCYzDBZSyIEAx35SJfy2uNEo0 GHbUqqdVudN6AvksKz8cf2ZcdB8PhqXHiEGCa41Dx+e+q3D+v3CSXm9E/wAtXPqL EhpHwLUBi6GevY7xhOMS6KKbY3PqRNpITTRvlUQG9J9seEcZm3tNdPmg/CdotcYV ikcZ34kDZDlu6SVcVbAef0HpPgwGe9hpoNLUIYkBo67p3QDsu1DC2ExsMsux+6M0 c5RpFgUtf+EYPhZzPIeVPX4lP3+sbpO/PVsFAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUXwO51fi+clJ9+9AjC7iuGSg5cvYwHwYDVR0jBBgwFoAUOe6FL+E4ze3FtC0R o0KV0QmtSSUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjcx Ni9PZTZGTC1FNHplM0Z0QzBSbzBLVjBRbXRTU1UuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL09lNkZMLUU0emUzRnRDMFJvMEtWMFFtdFNTVS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI3MTYvWHdPNTFmaS1jbEo5 LTlBakM3aXVHU2c1Y3ZZLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAmd22DANBgkqhkiG9w0BAQsFAAOCAQEAdQpQpH54A8rNZZD1/MiEJuzHjxzH rpeFIiEz3WQXnngijvB/b3cyUdD5iY8JkN06XVjC+hcubRkfTN7SUsefqk68FHSk vvn5Q0YWOjiHHjnCnD63ZGqp6ibIifKQQWwYwl014WDdKGIL+URZNowGUsyWLdYV hKKuxbAobZ8RZVp+Z29SwhcUJqLFNUvGYh1+GQBMyjWrOdofTDUIgXCY5YsLN0Bs BIuew6PJO25sgR6P963mVKRdA1PFHiQzF+R/K4J5F9FUY5LfSt3gNzy6B/rRSZMN ux4Edqvn7YwtFuzD6kBp+1ZYhu7bJaK5RXKEJKO7JAzTfrax6ic0mvHDmQ== -----END CERTIFICATE-----Generated at Sun Jul 20 12:35:52 2025 by rpki-client