$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2716/hokZRsZzvxfiNe83zTz81SFSEaE.roa File: hokZRsZzvxfiNe83zTz81SFSEaE.roa (raw, json) Hash identifier: GVhyg++O3dxokJbzqkmgOmw/QGtTyFZ9s0nm+afg1CI= Subject key identifier: 86:89:19:46:C6:73:BF:17:E2:35:EF:37:CD:3C:FC:D5:21:52:11:A1 Certificate issuer: /CN=39EE852FE138CDEDC5B42D11A34295D109AD4925 Certificate serial: 0254 Authority key identifier: 39:EE:85:2F:E1:38:CD:ED:C5:B4:2D:11:A3:42:95:D1:09:AD:49:25 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Oe6FL-E4ze3FtC0Ro0KV0QmtSSU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2716/hokZRsZzvxfiNe83zTz81SFSEaE.roa Signing time: Wed 16 Jul 2025 10:01:55 +0000 ROA not before: Wed 16 Jul 2025 10:01:55 +0000 ROA not after: Wed 15 Apr 2026 09:08:30 +0000 asID: 137508 IP address blocks: 103.118.216.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2716/Oe6FL-E4ze3FtC0Ro0KV0QmtSSU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2716/Oe6FL-E4ze3FtC0Ro0KV0QmtSSU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Oe6FL-E4ze3FtC0Ro0KV0QmtSSU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 20 Jul 2025 13:39:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 596 (0x254) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=39EE852FE138CDEDC5B42D11A34295D109AD4925 Validity Not Before: Jul 16 10:01:55 2025 GMT Not After : Apr 15 09:08:30 2026 GMT Subject: CN=86891946C673BF17E235EF37CD3CFCD5215211A1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:c4:ab:74:e8:37:b9:80:05:54:73:48:05:5e: bf:12:8d:d4:d8:aa:bb:bc:22:3b:aa:55:4c:2d:c2: ef:0e:ab:1d:91:91:07:6f:60:55:d1:48:d6:62:94: fb:54:b0:83:22:e8:bf:27:37:fa:4f:8a:fb:cf:94: 52:a7:5a:5d:4f:0e:55:6c:2c:40:c3:5d:07:7c:1d: 28:a2:e7:6e:8b:a5:3a:16:69:21:1e:ab:cb:5d:9c: cc:40:b5:e9:35:90:36:6e:3d:fc:10:bc:65:c6:04: 24:9c:59:b7:3b:31:15:1e:33:67:69:3b:2f:95:e8: 7e:14:47:bc:c0:e7:ef:21:cb:65:63:15:99:52:72: 0f:03:11:09:42:25:b9:4e:3d:73:a4:1d:70:f1:86: 3c:b1:29:6a:15:d2:05:2c:d2:35:17:19:5a:b9:29: c1:f8:6c:5a:cb:0c:5c:a2:62:b0:41:89:58:49:ec: 5c:88:91:96:f4:3f:ac:9d:3c:ac:25:10:4d:bb:bb: 60:9d:ff:72:be:c2:0c:15:f0:a0:91:d5:29:dd:c4: 69:e6:bd:45:4f:1e:b3:43:5c:3b:59:a4:86:aa:c4: 2a:a8:02:1f:21:18:cd:34:b9:42:a5:93:7e:86:05: 29:3c:34:be:10:dc:11:fd:c5:d5:db:f3:b5:fc:ee: fe:89 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 86:89:19:46:C6:73:BF:17:E2:35:EF:37:CD:3C:FC:D5:21:52:11:A1 X509v3 Authority Key Identifier: keyid:39:EE:85:2F:E1:38:CD:ED:C5:B4:2D:11:A3:42:95:D1:09:AD:49:25 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2716/Oe6FL-E4ze3FtC0Ro0KV0QmtSSU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Oe6FL-E4ze3FtC0Ro0KV0QmtSSU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2716/hokZRsZzvxfiNe83zTz81SFSEaE.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.118.216.0/22 Signature Algorithm: sha256WithRSAEncryption ce:96:19:fb:83:6b:54:ff:9d:54:bd:e0:60:d5:33:70:05:26: bf:c8:00:20:00:51:c5:7a:5d:62:92:4c:3a:10:2a:df:86:37: 62:af:3e:7a:ef:db:b5:e7:98:46:73:b0:8c:59:0a:26:cf:7f: 97:a4:5c:ec:04:9b:1b:60:9e:da:9f:47:3c:2f:e9:86:4c:ef: 5b:4e:56:a0:82:e1:6e:5b:cb:44:13:e6:a8:a6:88:1c:82:b2: f3:c9:e8:92:18:90:79:33:d7:7b:48:79:90:c3:f2:3d:f1:02: 59:83:29:c0:48:4e:91:bc:0c:10:0b:30:51:80:bc:e9:10:0d: 31:85:42:4a:25:3d:16:c9:c1:8d:82:03:8b:f1:8b:3f:24:47: 38:12:e7:29:e9:55:78:3a:dc:06:43:80:95:5a:f8:f2:ba:f9: 34:b1:ed:20:29:6f:02:9a:2a:0c:33:29:b2:96:80:c9:d7:12: 77:8f:b0:c6:d5:4d:ec:80:c9:d9:eb:ca:d6:4c:da:c8:f7:58: 27:ed:a6:a9:51:fc:71:e0:ea:1a:63:6f:da:ff:60:10:bf:29: 67:44:df:84:b1:33:b0:96:90:23:33:dd:40:ca:1f:ff:f0:7d: cb:00:59:16:a8:a5:3f:bc:9d:43:4b:f9:49:5c:df:cc:3b:a1: 49:fa:5c:8f -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICAlQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzlF RTg1MkZFMTM4Q0RFREM1QjQyRDExQTM0Mjk1RDEwOUFENDkyNTAeFw0yNTA3MTYx MDAxNTVaFw0yNjA0MTUwOTA4MzBaMDMxMTAvBgNVBAMTKDg2ODkxOTQ2QzY3M0JG MTdFMjM1RUYzN0NEM0NGQ0Q1MjE1MjExQTEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC9xKt06De5gAVUc0gFXr8SjdTYqru8IjuqVUwtwu8Oqx2RkQdv YFXRSNZilPtUsIMi6L8nN/pPivvPlFKnWl1PDlVsLEDDXQd8HSii526LpToWaSEe q8tdnMxAtek1kDZuPfwQvGXGBCScWbc7MRUeM2dpOy+V6H4UR7zA5+8hy2VjFZlS cg8DEQlCJblOPXOkHXDxhjyxKWoV0gUs0jUXGVq5KcH4bFrLDFyiYrBBiVhJ7FyI kZb0P6ydPKwlEE27u2Cd/3K+wgwV8KCR1SndxGnmvUVPHrNDXDtZpIaqxCqoAh8h GM00uUKlk36GBSk8NL4Q3BH9xdXb87X87v6JAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUhokZRsZzvxfiNe83zTz81SFSEaEwHwYDVR0jBBgwFoAUOe6FL+E4ze3FtC0R o0KV0QmtSSUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjcx Ni9PZTZGTC1FNHplM0Z0QzBSbzBLVjBRbXRTU1UuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL09lNkZMLUU0emUzRnRDMFJvMEtWMFFtdFNTVS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI3MTYvaG9rWlJzWnp2eGZp TmU4M3pUejgxU0ZTRWFFLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAmd22DANBgkqhkiG9w0BAQsFAAOCAQEAzpYZ+4NrVP+dVL3gYNUzcAUmv8gA IABRxXpdYpJMOhAq34Y3Yq8+eu/bteeYRnOwjFkKJs9/l6Rc7ASbG2Ce2p9HPC/p hkzvW05WoILhblvLRBPmqKaIHIKy88nokhiQeTPXe0h5kMPyPfECWYMpwEhOkbwM EAswUYC86RANMYVCSiU9FsnBjYIDi/GLPyRHOBLnKelVeDrcBkOAlVr48rr5NLHt IClvApoqDDMpspaAydcSd4+wxtVN7IDJ2evK1kzayPdYJ+2mqVH8ceDqGmNv2v9g EL8pZ0TfhLEzsJaQIzPdQMof//B9ywBZFqilP7ydQ0v5SVzfzDuhSfpcjw== -----END CERTIFICATE-----Generated at Sun Jul 20 12:54:55 2025 by rpki-client