$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2716/Y8AwDTSOazOUu_IAjmV-cKFXhOw.roa File: Y8AwDTSOazOUu_IAjmV-cKFXhOw.roa (raw, json) Hash identifier: Ik/VB9Qw5ubTU/JUDgHk263xQgvcLKzX2eDAIXZoFXA= Subject key identifier: 63:C0:30:0D:34:8E:6B:33:94:BB:F2:00:8E:65:7E:70:A1:57:84:EC Certificate issuer: /CN=39EE852FE138CDEDC5B42D11A34295D109AD4925 Certificate serial: 024F Authority key identifier: 39:EE:85:2F:E1:38:CD:ED:C5:B4:2D:11:A3:42:95:D1:09:AD:49:25 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Oe6FL-E4ze3FtC0Ro0KV0QmtSSU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2716/Y8AwDTSOazOUu_IAjmV-cKFXhOw.roa Signing time: Wed 16 Jul 2025 10:01:54 +0000 ROA not before: Wed 16 Jul 2025 10:01:54 +0000 ROA not after: Wed 15 Apr 2026 09:08:30 +0000 asID: 137508 IP address blocks: 103.118.204.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2716/Oe6FL-E4ze3FtC0Ro0KV0QmtSSU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2716/Oe6FL-E4ze3FtC0Ro0KV0QmtSSU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Oe6FL-E4ze3FtC0Ro0KV0QmtSSU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 20 Jul 2025 18:39:47 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 591 (0x24f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=39EE852FE138CDEDC5B42D11A34295D109AD4925 Validity Not Before: Jul 16 10:01:54 2025 GMT Not After : Apr 15 09:08:30 2026 GMT Subject: CN=63C0300D348E6B3394BBF2008E657E70A15784EC Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:71:56:4e:21:d3:7a:01:a8:b1:a0:f2:98:fc: e5:15:70:f5:52:36:f3:a8:72:da:aa:e0:52:c3:06: 85:f5:38:0f:d8:55:f2:c8:46:14:44:8b:69:0b:d3: 70:ee:90:c1:a2:29:58:da:c5:e2:1e:22:ec:80:b5: b9:76:15:72:82:c5:fb:48:39:c6:3a:93:20:7d:5d: cb:41:67:86:a7:6a:dd:51:09:4e:58:d3:53:6d:42: 44:eb:3b:f2:07:5f:fb:7b:86:98:29:fb:3b:3f:fd: 09:82:9b:80:de:71:ba:4c:70:98:7e:55:01:35:01: fe:43:da:70:ea:04:86:6e:88:8e:47:4f:c6:e6:6b: ef:ef:6a:6d:9b:f4:92:52:c5:c9:9d:4d:0e:d1:6c: a3:c4:ca:68:35:92:4c:a7:40:69:cf:7a:20:7b:7c: b1:eb:33:df:d2:8f:99:07:7c:46:d0:f0:56:5e:98: 22:2a:06:24:08:40:e7:85:94:14:ad:8b:00:1a:6b: af:bf:37:0b:35:19:e4:3f:c6:05:68:f1:52:09:31: ce:df:39:57:88:6c:c8:3e:63:58:0a:5f:0f:6b:16: e0:9a:15:98:30:13:fc:b2:5e:8d:68:13:9e:af:8d: 99:4a:73:29:8b:db:25:4a:41:f8:a9:10:d6:5c:13: 5c:73 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 63:C0:30:0D:34:8E:6B:33:94:BB:F2:00:8E:65:7E:70:A1:57:84:EC X509v3 Authority Key Identifier: keyid:39:EE:85:2F:E1:38:CD:ED:C5:B4:2D:11:A3:42:95:D1:09:AD:49:25 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2716/Oe6FL-E4ze3FtC0Ro0KV0QmtSSU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Oe6FL-E4ze3FtC0Ro0KV0QmtSSU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2716/Y8AwDTSOazOUu_IAjmV-cKFXhOw.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.118.204.0/22 Signature Algorithm: sha256WithRSAEncryption 74:4a:b5:4f:ae:01:30:b7:76:5a:35:98:5d:d7:49:5e:d5:a2: 22:5b:58:14:8e:9d:01:b1:ef:44:52:12:a7:68:87:c8:33:86: 53:ba:0f:92:81:e6:8a:81:42:2e:2e:52:97:73:ef:55:82:fd: fe:da:ae:9d:94:57:19:04:31:d4:9b:82:16:19:a7:a6:98:53: 40:89:86:cb:89:c0:57:f6:d6:2b:eb:4d:40:0e:94:f2:05:4c: 13:3f:cf:0a:a7:93:80:4d:1f:28:94:6b:bd:4c:56:26:8e:f2: bb:c3:7d:d5:24:61:5a:15:2b:8f:ef:b4:30:f6:ce:fc:e0:e9: c2:e4:38:f8:54:ed:40:e8:94:24:30:8a:38:bb:4e:d2:ea:82: 87:34:12:e3:a1:4f:53:7d:25:85:2d:70:91:bf:f8:3e:53:86: cd:b7:4b:80:7b:d1:d7:42:c3:85:65:f7:d0:05:56:d3:2c:bd: 47:ac:bc:af:7e:2e:79:6b:40:d3:f4:2e:4c:4f:c5:ae:f2:8f: a7:81:00:0b:7f:3f:13:46:48:bc:be:b2:cf:be:3f:35:14:c9: 19:19:55:64:6e:35:4d:34:a0:25:54:01:32:8a:78:5b:03:d0: 2e:14:dc:f2:a8:27:fa:64:6f:54:c4:9e:28:24:f1:80:09:6c: 86:bc:ce:86 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICAk8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzlF RTg1MkZFMTM4Q0RFREM1QjQyRDExQTM0Mjk1RDEwOUFENDkyNTAeFw0yNTA3MTYx MDAxNTRaFw0yNjA0MTUwOTA4MzBaMDMxMTAvBgNVBAMTKDYzQzAzMDBEMzQ4RTZC MzM5NEJCRjIwMDhFNjU3RTcwQTE1Nzg0RUMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC8cVZOIdN6AaixoPKY/OUVcPVSNvOoctqq4FLDBoX1OA/YVfLI RhREi2kL03DukMGiKVjaxeIeIuyAtbl2FXKCxftIOcY6kyB9XctBZ4anat1RCU5Y 01NtQkTrO/IHX/t7hpgp+zs//QmCm4DecbpMcJh+VQE1Af5D2nDqBIZuiI5HT8bm a+/vam2b9JJSxcmdTQ7RbKPEymg1kkynQGnPeiB7fLHrM9/Sj5kHfEbQ8FZemCIq BiQIQOeFlBStiwAaa6+/Nws1GeQ/xgVo8VIJMc7fOVeIbMg+Y1gKXw9rFuCaFZgw E/yyXo1oE56vjZlKcymL2yVKQfipENZcE1xzAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUY8AwDTSOazOUu/IAjmV+cKFXhOwwHwYDVR0jBBgwFoAUOe6FL+E4ze3FtC0R o0KV0QmtSSUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjcx Ni9PZTZGTC1FNHplM0Z0QzBSbzBLVjBRbXRTU1UuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL09lNkZMLUU0emUzRnRDMFJvMEtWMFFtdFNTVS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI3MTYvWThBd0RUU09hek9V dV9JQWptVi1jS0ZYaE93LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAmd2zDANBgkqhkiG9w0BAQsFAAOCAQEAdEq1T64BMLd2WjWYXddJXtWiIltY FI6dAbHvRFISp2iHyDOGU7oPkoHmioFCLi5Sl3PvVYL9/tqunZRXGQQx1JuCFhmn pphTQImGy4nAV/bWK+tNQA6U8gVMEz/PCqeTgE0fKJRrvUxWJo7yu8N91SRhWhUr j++0MPbO/ODpwuQ4+FTtQOiUJDCKOLtO0uqChzQS46FPU30lhS1wkb/4PlOGzbdL gHvR10LDhWX30AVW0yy9R6y8r34ueWtA0/QuTE/FrvKPp4EAC38/E0ZIvL6yz74/ NRTJGRlVZG41TTSgJVQBMop4WwPQLhTc8qgn+mRvVMSeKCTxgAlshrzOhg== -----END CERTIFICATE-----Generated at Sun Jul 20 16:38:13 2025 by rpki-client