$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2716/_ZK1WCFcEHqtMirq8GyhF7SCRHY.roa File: _ZK1WCFcEHqtMirq8GyhF7SCRHY.roa (raw, json) Hash identifier: ZWq45d3Vm9MAu9GsXjWGCjDrRb406S6wYaYQ9OWtsgI= Subject key identifier: FD:92:B5:58:21:5C:10:7A:AD:32:2A:EA:F0:6C:A1:17:B4:82:44:76 Certificate issuer: /CN=39EE852FE138CDEDC5B42D11A34295D109AD4925 Certificate serial: 0253 Authority key identifier: 39:EE:85:2F:E1:38:CD:ED:C5:B4:2D:11:A3:42:95:D1:09:AD:49:25 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Oe6FL-E4ze3FtC0Ro0KV0QmtSSU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2716/_ZK1WCFcEHqtMirq8GyhF7SCRHY.roa Signing time: Wed 16 Jul 2025 10:01:55 +0000 ROA not before: Wed 16 Jul 2025 10:01:55 +0000 ROA not after: Wed 15 Apr 2026 09:08:30 +0000 asID: 134121 IP address blocks: 103.118.212.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2716/Oe6FL-E4ze3FtC0Ro0KV0QmtSSU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2716/Oe6FL-E4ze3FtC0Ro0KV0QmtSSU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Oe6FL-E4ze3FtC0Ro0KV0QmtSSU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 20 Jul 2025 13:39:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 595 (0x253) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=39EE852FE138CDEDC5B42D11A34295D109AD4925 Validity Not Before: Jul 16 10:01:55 2025 GMT Not After : Apr 15 09:08:30 2026 GMT Subject: CN=FD92B558215C107AAD322AEAF06CA117B4824476 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:d6:81:06:5f:0e:34:71:36:24:f1:0f:64:85: 61:5c:d7:df:ca:f5:21:cf:1e:8d:22:9d:e4:9b:8c: d8:d0:c6:50:2c:58:65:0e:5b:dd:bb:40:18:35:8d: dc:b3:7e:34:a8:ea:e1:45:ec:36:7f:b3:f4:a5:a2: ae:25:50:91:2f:bd:92:59:ab:88:37:6e:51:da:73: 0e:a6:3f:34:02:b9:f9:1c:6a:26:15:bf:00:9d:83: eb:41:5a:52:88:c0:61:13:6a:27:2c:79:75:4c:42: c8:52:b1:d2:91:6c:87:bb:f9:a6:f7:43:93:fe:fb: 26:57:59:20:74:99:ff:2d:25:3b:99:54:04:0f:c0: dc:13:56:86:05:40:a4:bb:a2:fe:5d:3a:68:5b:95: e8:9a:ef:5c:83:2f:0e:f6:97:11:9c:56:23:04:38: a4:0f:23:ce:61:95:82:34:45:15:59:a7:ee:92:3d: 33:1d:32:3e:5d:a2:b8:1c:5c:af:12:58:9c:f0:9f: f7:a6:07:5f:ad:e8:43:f8:8a:48:0d:04:d6:a2:78: 7d:6e:f2:64:eb:66:48:83:36:fb:cd:99:77:97:4f: 1a:7e:28:75:ae:35:36:4b:11:6f:36:ac:0b:d5:b6: 61:7c:a8:d0:9b:6e:25:65:39:98:13:f9:9e:29:98: be:05 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FD:92:B5:58:21:5C:10:7A:AD:32:2A:EA:F0:6C:A1:17:B4:82:44:76 X509v3 Authority Key Identifier: keyid:39:EE:85:2F:E1:38:CD:ED:C5:B4:2D:11:A3:42:95:D1:09:AD:49:25 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2716/Oe6FL-E4ze3FtC0Ro0KV0QmtSSU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Oe6FL-E4ze3FtC0Ro0KV0QmtSSU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2716/_ZK1WCFcEHqtMirq8GyhF7SCRHY.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.118.212.0/22 Signature Algorithm: sha256WithRSAEncryption c6:5a:2c:a3:25:f5:b7:37:03:91:94:98:6a:74:ab:dd:79:66: 7e:c0:ca:f2:f9:a1:7c:64:29:ba:6c:4f:5c:2c:34:f9:26:97: 83:d2:6b:4d:37:fb:76:4d:6c:cc:d4:5a:88:60:32:dd:5f:87: 1a:c1:c2:76:a6:f1:f3:d9:27:c2:77:b5:e9:ba:b9:45:a7:59: 78:5c:3d:9c:09:52:95:94:4e:bc:0a:91:fc:68:4f:e7:bd:54: ca:fa:e9:b4:2a:6d:38:a3:8f:3c:c7:b3:33:2b:aa:d8:d1:5e: 5c:d1:ea:f5:3b:07:e0:39:2a:22:a0:44:6b:2f:2b:59:e6:6b: f4:18:c8:03:4d:46:ae:f6:e0:58:c3:c8:97:b0:c7:dc:e0:d5: 73:cf:56:cd:e3:d3:22:a8:2c:da:6c:d5:e3:f6:b8:e4:0c:e7: 87:19:93:52:4e:b2:7a:4f:04:ee:8d:b7:18:ef:77:81:20:51: bd:8f:1f:e6:4f:61:19:c7:3a:30:aa:12:95:46:20:b2:53:f4: ed:50:c5:19:76:4e:5b:62:84:1a:34:3b:96:a9:7b:22:c5:97: 5c:cd:c0:d5:2f:2c:9d:75:41:65:47:d7:5e:cb:94:27:64:b7: 31:da:0f:ed:f7:f7:6e:9c:88:c6:7e:b1:27:8b:f1:1f:2c:77: 77:d7:07:a8 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICAlMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzlF RTg1MkZFMTM4Q0RFREM1QjQyRDExQTM0Mjk1RDEwOUFENDkyNTAeFw0yNTA3MTYx MDAxNTVaFw0yNjA0MTUwOTA4MzBaMDMxMTAvBgNVBAMTKEZEOTJCNTU4MjE1QzEw N0FBRDMyMkFFQUYwNkNBMTE3QjQ4MjQ0NzYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCs1oEGXw40cTYk8Q9khWFc19/K9SHPHo0ineSbjNjQxlAsWGUO W927QBg1jdyzfjSo6uFF7DZ/s/Sloq4lUJEvvZJZq4g3blHacw6mPzQCufkcaiYV vwCdg+tBWlKIwGETaicseXVMQshSsdKRbIe7+ab3Q5P++yZXWSB0mf8tJTuZVAQP wNwTVoYFQKS7ov5dOmhbleia71yDLw72lxGcViMEOKQPI85hlYI0RRVZp+6SPTMd Mj5dorgcXK8SWJzwn/emB1+t6EP4ikgNBNaieH1u8mTrZkiDNvvNmXeXTxp+KHWu NTZLEW82rAvVtmF8qNCbbiVlOZgT+Z4pmL4FAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQU/ZK1WCFcEHqtMirq8GyhF7SCRHYwHwYDVR0jBBgwFoAUOe6FL+E4ze3FtC0R o0KV0QmtSSUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjcx Ni9PZTZGTC1FNHplM0Z0QzBSbzBLVjBRbXRTU1UuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL09lNkZMLUU0emUzRnRDMFJvMEtWMFFtdFNTVS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI3MTYvX1pLMVdDRmNFSHF0 TWlycThHeWhGN1NDUkhZLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAmd21DANBgkqhkiG9w0BAQsFAAOCAQEAxlosoyX1tzcDkZSYanSr3XlmfsDK 8vmhfGQpumxPXCw0+SaXg9JrTTf7dk1szNRaiGAy3V+HGsHCdqbx89knwne16bq5 RadZeFw9nAlSlZROvAqR/GhP571UyvrptCptOKOPPMezMyuq2NFeXNHq9TsH4Dkq IqBEay8rWeZr9BjIA01GrvbgWMPIl7DH3ODVc89WzePTIqgs2mzV4/a45AznhxmT Uk6yek8E7o23GO93gSBRvY8f5k9hGcc6MKoSlUYgslP07VDFGXZOW2KEGjQ7lql7 IsWXXM3A1S8snXVBZUfXXsuUJ2S3MdoP7ff3bpyIxn6xJ4vxHyx3d9cHqA== -----END CERTIFICATE-----Generated at Sun Jul 20 12:43:11 2025 by rpki-client