$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2716/l1YXzeXPcx0ZPjxhP2ovRdPoCBM.roa File: l1YXzeXPcx0ZPjxhP2ovRdPoCBM.roa (raw, json) Hash identifier: 02BzdmBXFcrGPdWXb211zbTM9NzR17yr8rCez6kPVmg= Subject key identifier: 97:56:17:CD:E5:CF:73:1D:19:3E:3C:61:3F:6A:2F:45:D3:E8:08:13 Certificate issuer: /CN=39EE852FE138CDEDC5B42D11A34295D109AD4925 Certificate serial: 024B Authority key identifier: 39:EE:85:2F:E1:38:CD:ED:C5:B4:2D:11:A3:42:95:D1:09:AD:49:25 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Oe6FL-E4ze3FtC0Ro0KV0QmtSSU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2716/l1YXzeXPcx0ZPjxhP2ovRdPoCBM.roa Signing time: Wed 16 Jul 2025 10:01:52 +0000 ROA not before: Wed 16 Jul 2025 10:01:52 +0000 ROA not after: Wed 15 Apr 2026 09:08:30 +0000 asID: 137508 IP address blocks: 103.118.208.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2716/Oe6FL-E4ze3FtC0Ro0KV0QmtSSU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2716/Oe6FL-E4ze3FtC0Ro0KV0QmtSSU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Oe6FL-E4ze3FtC0Ro0KV0QmtSSU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 20 Jul 2025 23:09:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 587 (0x24b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=39EE852FE138CDEDC5B42D11A34295D109AD4925 Validity Not Before: Jul 16 10:01:52 2025 GMT Not After : Apr 15 09:08:30 2026 GMT Subject: CN=975617CDE5CF731D193E3C613F6A2F45D3E80813 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:de:67:2a:22:66:9b:87:a0:36:b3:e4:e8:ff:61: f3:23:ec:ae:53:1f:03:fc:00:30:18:f9:81:3e:15: 08:05:0f:51:7f:99:ea:a0:a8:fc:98:c1:bd:93:f4: a1:b7:b2:ab:a2:ea:0b:e4:fb:de:8f:1f:49:3b:e7: b7:63:a2:e2:3f:16:f0:cf:f8:a6:55:55:36:ef:a8: 6f:88:0f:e4:86:cb:45:48:3c:d0:1f:3c:26:f6:1a: f8:1b:65:02:16:d3:a2:8c:03:4f:96:06:7b:bd:ca: d7:a0:bf:52:d7:02:1b:42:82:ac:13:6d:ba:b6:e4: d6:0a:1d:f8:2b:cf:3c:7e:67:33:73:7d:d4:a6:27: 5b:70:59:60:5c:6a:2d:72:ea:58:43:bc:d2:b6:b7: 7b:7a:4d:66:21:9d:56:30:87:f2:ea:6d:d9:f5:61: 49:4f:64:19:19:b1:ba:d0:5b:11:6a:ea:7a:a3:8a: 6d:e5:9f:a2:be:7d:64:78:bc:e6:b9:21:12:1f:aa: a9:62:8f:73:9a:7e:a6:78:24:a2:ee:fb:cf:62:42: 86:da:15:85:3a:f1:a3:46:ec:2d:b0:47:18:b2:9c: f2:42:c6:90:d3:a3:82:4b:06:4e:fe:bb:e1:27:c5: b7:d0:cb:3a:3a:3b:bb:a7:3f:1a:33:4c:18:91:bf: 24:b5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 97:56:17:CD:E5:CF:73:1D:19:3E:3C:61:3F:6A:2F:45:D3:E8:08:13 X509v3 Authority Key Identifier: keyid:39:EE:85:2F:E1:38:CD:ED:C5:B4:2D:11:A3:42:95:D1:09:AD:49:25 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2716/Oe6FL-E4ze3FtC0Ro0KV0QmtSSU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Oe6FL-E4ze3FtC0Ro0KV0QmtSSU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2716/l1YXzeXPcx0ZPjxhP2ovRdPoCBM.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.118.208.0/22 Signature Algorithm: sha256WithRSAEncryption 49:2d:c3:39:fe:69:e8:18:f4:92:fa:d2:b2:a9:ac:fc:95:78: 43:67:62:f9:7f:ed:24:0d:c7:c2:bd:fe:64:85:09:1f:a4:9c: 30:97:ab:ae:1f:60:d3:fe:2c:ed:32:70:96:0b:ad:aa:e8:5f: 32:ab:93:25:3e:c0:65:57:f6:61:96:f5:dd:63:35:a3:34:9f: ee:f0:df:24:d1:81:2a:ae:a3:60:3c:d4:1e:12:99:28:5c:98: 20:a9:29:ed:2d:11:64:d3:cb:cb:ab:6a:bc:e6:1a:4e:b9:b0: 2c:e2:65:89:71:47:43:3d:29:d0:24:8b:97:42:47:e3:06:9c: ac:ba:0b:ef:fe:3b:22:28:d4:02:4c:72:61:a0:af:a1:b4:20: ea:68:c5:9f:ef:54:80:ae:e5:d3:53:a8:6f:2d:4f:f8:f5:8d: ae:55:b3:37:c2:dd:10:9a:7d:37:57:4b:c4:54:36:20:d8:ad: fb:78:21:cf:5e:b9:a9:0c:79:62:69:3b:d8:cb:fe:9f:ab:bc: 11:2b:97:ec:61:bc:93:1d:85:0c:11:42:68:5c:67:6b:47:7c: 75:ec:b7:08:c3:f0:cc:82:5b:0b:25:28:9b:cb:0a:18:8f:48: 37:ee:db:3f:c7:d2:3c:d8:ef:d3:6b:fd:96:35:43:ad:54:87: 0d:79:e8:e0 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICAkswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzlF RTg1MkZFMTM4Q0RFREM1QjQyRDExQTM0Mjk1RDEwOUFENDkyNTAeFw0yNTA3MTYx MDAxNTJaFw0yNjA0MTUwOTA4MzBaMDMxMTAvBgNVBAMTKDk3NTYxN0NERTVDRjcz MUQxOTNFM0M2MTNGNkEyRjQ1RDNFODA4MTMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDeZyoiZpuHoDaz5Oj/YfMj7K5THwP8ADAY+YE+FQgFD1F/meqg qPyYwb2T9KG3squi6gvk+96PH0k757djouI/FvDP+KZVVTbvqG+ID+SGy0VIPNAf PCb2GvgbZQIW06KMA0+WBnu9ytegv1LXAhtCgqwTbbq25NYKHfgrzzx+ZzNzfdSm J1twWWBcai1y6lhDvNK2t3t6TWYhnVYwh/Lqbdn1YUlPZBkZsbrQWxFq6nqjim3l n6K+fWR4vOa5IRIfqqlij3OafqZ4JKLu+89iQobaFYU68aNG7C2wRxiynPJCxpDT o4JLBk7+u+EnxbfQyzo6O7unPxozTBiRvyS1AgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUl1YXzeXPcx0ZPjxhP2ovRdPoCBMwHwYDVR0jBBgwFoAUOe6FL+E4ze3FtC0R o0KV0QmtSSUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjcx Ni9PZTZGTC1FNHplM0Z0QzBSbzBLVjBRbXRTU1UuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL09lNkZMLUU0emUzRnRDMFJvMEtWMFFtdFNTVS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI3MTYvbDFZWHplWFBjeDBa UGp4aFAyb3ZSZFBvQ0JNLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAmd20DANBgkqhkiG9w0BAQsFAAOCAQEASS3DOf5p6Bj0kvrSsqms/JV4Q2di +X/tJA3Hwr3+ZIUJH6ScMJerrh9g0/4s7TJwlgutquhfMquTJT7AZVf2YZb13WM1 ozSf7vDfJNGBKq6jYDzUHhKZKFyYIKkp7S0RZNPLy6tqvOYaTrmwLOJliXFHQz0p 0CSLl0JH4wacrLoL7/47IijUAkxyYaCvobQg6mjFn+9UgK7l01Ooby1P+PWNrlWz N8LdEJp9N1dLxFQ2INit+3ghz165qQx5Ymk72Mv+n6u8ESuX7GG8kx2FDBFCaFxn a0d8dey3CMPwzIJbCyUom8sKGI9IN+7bP8fSPNjv02v9ljVDrVSHDXno4A== -----END CERTIFICATE-----Generated at Sun Jul 20 20:47:02 2025 by rpki-client