$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2716/h6Of_dBflj1U6593yuByrQNpOiw.roa File: h6Of_dBflj1U6593yuByrQNpOiw.roa (raw, json) Hash identifier: KLMU6BhRSivVdgQw9zl+cA1nOrzIQfaVEI9zR0n6xbM= Subject key identifier: 87:A3:9F:FD:D0:5F:96:3D:54:EB:9F:77:CA:E0:72:AD:03:69:3A:2C Certificate issuer: /CN=39EE852FE138CDEDC5B42D11A34295D109AD4925 Certificate serial: 01F0 Authority key identifier: 39:EE:85:2F:E1:38:CD:ED:C5:B4:2D:11:A3:42:95:D1:09:AD:49:25 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Oe6FL-E4ze3FtC0Ro0KV0QmtSSU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2716/h6Of_dBflj1U6593yuByrQNpOiw.roa Signing time: Tue 01 Jul 2025 15:33:15 +0000 ROA not before: Tue 01 Jul 2025 15:33:15 +0000 ROA not after: Wed 15 Apr 2026 09:08:30 +0000 asID: 51847 IP address blocks: 103.114.72.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2716/Oe6FL-E4ze3FtC0Ro0KV0QmtSSU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2716/Oe6FL-E4ze3FtC0Ro0KV0QmtSSU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Oe6FL-E4ze3FtC0Ro0KV0QmtSSU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 23:00:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 496 (0x1f0) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=39EE852FE138CDEDC5B42D11A34295D109AD4925 Validity Not Before: Jul 1 15:33:15 2025 GMT Not After : Apr 15 09:08:30 2026 GMT Subject: CN=87A39FFDD05F963D54EB9F77CAE072AD03693A2C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f8:ef:ed:e1:34:ee:2b:1e:24:4a:fd:bf:11:29: 3c:05:6e:ae:7b:d4:e2:ad:58:9a:e9:18:22:bc:e5: b8:de:93:51:13:12:3e:e8:d4:c3:54:d4:ee:c0:35: f6:c2:3e:e9:77:c6:4f:09:76:ec:ab:e6:e7:ba:63: 3c:6c:9f:9b:ea:17:f0:37:d6:ef:49:5a:4a:ac:af: 26:bc:9b:3b:2d:4a:49:05:95:f2:43:3d:5b:26:76: 43:19:41:ef:b1:ea:a5:ac:ef:ee:83:f0:75:ab:86: 26:e5:d8:b3:cc:3d:60:cd:cb:30:ef:14:b5:fc:3b: 0d:30:10:0c:52:e1:5c:68:8e:bd:fb:5a:94:23:9d: 9c:d6:b1:aa:3e:68:04:25:78:13:e2:0c:e6:54:92: e8:f7:9a:4e:f8:f4:df:c0:31:ef:e4:e7:28:e5:ce: 39:5b:55:28:53:f0:42:02:3d:d4:8a:29:45:13:ae: f8:6f:6a:5d:3b:65:38:2a:a7:96:0e:a5:30:8a:d9: 44:ec:34:d5:3a:f5:3a:06:e4:bf:07:da:f2:62:4c: c8:2a:d1:45:13:b4:62:16:eb:eb:32:a9:f3:7f:8a: c0:84:4d:1d:a1:75:eb:58:0e:b8:e7:3f:a1:f5:a6: 4b:1e:a8:57:f3:71:3d:b4:15:fb:79:47:76:b6:35: ef:ed Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 87:A3:9F:FD:D0:5F:96:3D:54:EB:9F:77:CA:E0:72:AD:03:69:3A:2C X509v3 Authority Key Identifier: keyid:39:EE:85:2F:E1:38:CD:ED:C5:B4:2D:11:A3:42:95:D1:09:AD:49:25 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2716/Oe6FL-E4ze3FtC0Ro0KV0QmtSSU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Oe6FL-E4ze3FtC0Ro0KV0QmtSSU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2716/h6Of_dBflj1U6593yuByrQNpOiw.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.114.72.0/22 Signature Algorithm: sha256WithRSAEncryption 73:03:d0:ca:9a:59:d1:bb:26:dd:76:99:07:f9:c4:59:bc:1e: 39:07:63:8b:03:a8:7c:32:1a:73:9a:7e:72:8c:ca:ba:38:79: 03:40:be:df:63:df:a0:ed:2b:c9:80:74:02:88:ae:06:ed:f5: 7b:50:57:ba:dd:27:64:0b:3a:14:78:f5:69:d3:ae:04:36:8f: 61:e5:f2:a3:89:c3:bd:71:bb:9d:da:e9:d2:d7:b6:99:01:30: 51:28:b5:5f:da:42:5a:3c:51:60:b2:42:e5:8d:8c:85:12:1f: 6a:e9:29:29:b9:af:6c:5d:fe:e9:16:5d:27:7b:d0:b1:fd:78: 40:30:c9:dd:21:c7:4a:f7:d3:a7:2c:ba:fb:f5:84:98:0b:73: cb:92:f2:5e:90:39:ac:99:14:b5:f4:54:a8:a2:8b:f0:8d:2b: 82:30:86:92:07:aa:c7:5a:41:db:9e:00:03:69:ee:cd:d3:98: 15:b9:a5:8d:34:52:b1:6f:af:55:a7:4b:cb:7c:3f:3c:e7:a6: f5:0b:7b:11:ef:9b:04:2f:2a:ed:f7:f3:09:87:67:02:ba:3e: f3:fe:e2:8e:88:d4:64:02:d8:8e:96:b9:20:4b:94:1b:d6:93: 5c:42:d4:9f:c9:3a:73:ca:08:1d:86:24:e3:06:c7:cf:6e:9d: 7b:90:6c:44 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICAfAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzlF RTg1MkZFMTM4Q0RFREM1QjQyRDExQTM0Mjk1RDEwOUFENDkyNTAeFw0yNTA3MDEx NTMzMTVaFw0yNjA0MTUwOTA4MzBaMDMxMTAvBgNVBAMTKDg3QTM5RkZERDA1Rjk2 M0Q1NEVCOUY3N0NBRTA3MkFEMDM2OTNBMkMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQD47+3hNO4rHiRK/b8RKTwFbq571OKtWJrpGCK85bjek1ETEj7o 1MNU1O7ANfbCPul3xk8Jduyr5ue6Yzxsn5vqF/A31u9JWkqsrya8mzstSkkFlfJD PVsmdkMZQe+x6qWs7+6D8HWrhibl2LPMPWDNyzDvFLX8Ow0wEAxS4Vxojr37WpQj nZzWsao+aAQleBPiDOZUkuj3mk749N/AMe/k5yjlzjlbVShT8EICPdSKKUUTrvhv al07ZTgqp5YOpTCK2UTsNNU69ToG5L8H2vJiTMgq0UUTtGIW6+syqfN/isCETR2h detYDrjnP6H1pkseqFfzcT20Fft5R3a2Ne/tAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUh6Of/dBflj1U6593yuByrQNpOiwwHwYDVR0jBBgwFoAUOe6FL+E4ze3FtC0R o0KV0QmtSSUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjcx Ni9PZTZGTC1FNHplM0Z0QzBSbzBLVjBRbXRTU1UuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL09lNkZMLUU0emUzRnRDMFJvMEtWMFFtdFNTVS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI3MTYvaDZPZl9kQmZsajFV NjU5M3l1QnlyUU5wT2l3LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAmdySDANBgkqhkiG9w0BAQsFAAOCAQEAcwPQyppZ0bsm3XaZB/nEWbweOQdj iwOofDIac5p+cozKujh5A0C+32PfoO0ryYB0AoiuBu31e1BXut0nZAs6FHj1adOu BDaPYeXyo4nDvXG7ndrp0te2mQEwUSi1X9pCWjxRYLJC5Y2MhRIfaukpKbmvbF3+ 6RZdJ3vQsf14QDDJ3SHHSvfTpyy6+/WEmAtzy5LyXpA5rJkUtfRUqKKL8I0rgjCG kgeqx1pB254AA2nuzdOYFbmljTRSsW+vVadLy3w/POem9Qt7Ee+bBC8q7ffzCYdn Aro+8/7ijojUZALYjpa5IEuUG9aTXELUn8k6c8oIHYYk4wbHz26de5BsRA== -----END CERTIFICATE-----Generated at Mon Oct 20 19:59:38 2025 by rpki-client