$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/-hbfMJVuwc0im-rqMdBxb4Js8T0.roa File: -hbfMJVuwc0im-rqMdBxb4Js8T0.roa (raw, json) Hash identifier: hgrwtJesoUQ5B9XjAh75QOrlxgaGjRXkN4LxNmCGvNY= Subject key identifier: FA:16:DF:30:95:6E:C1:CD:22:9B:EA:EA:31:D0:71:6F:82:6C:F1:3D Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 1EC9 Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/-hbfMJVuwc0im-rqMdBxb4Js8T0.roa Signing time: Sat 13 Sep 2025 03:05:28 +0000 ROA not before: Sat 13 Sep 2025 03:05:28 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 59083 IP address blocks: 43.254.154.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 13:37:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7881 (0x1ec9) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Sep 13 03:05:28 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=FA16DF30956EC1CD229BEAEA31D0716F826CF13D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:6e:0c:fd:4c:1d:30:f7:58:b5:45:be:0e:a2: 6b:71:f6:74:63:e8:ae:45:f1:6c:d1:52:bd:a8:d5: 93:27:32:49:f6:66:3f:b6:b6:b8:1d:13:3e:86:40: 8d:60:dc:d2:27:87:d9:9b:40:45:dc:4a:7f:d6:96: a2:db:e7:95:5d:23:75:21:54:73:d4:46:0b:0d:9d: 79:9b:7c:91:41:f3:1b:b7:3a:40:27:b1:bb:ea:4d: dc:8e:65:d3:b5:2d:3e:04:42:2b:67:ae:af:cf:7b: 94:f1:4c:6a:e9:14:be:72:f2:44:1d:dc:f7:e5:cd: ca:ca:69:50:c7:48:67:7e:2d:c2:5a:f0:6a:3d:75: d6:fa:0e:68:37:9a:0a:11:cb:c6:0e:74:2b:92:c1: a2:51:f8:d3:63:18:9e:1e:cf:2b:91:8d:48:bf:52: f7:f8:82:fb:41:9b:f3:02:57:48:54:31:43:a5:b0: 43:df:ae:cc:ec:de:d8:a5:e0:00:5d:35:c1:81:f6: b9:02:4d:c2:7e:34:88:94:28:c4:59:5f:1c:fe:b0: c3:40:e2:67:ae:35:5b:8f:26:24:99:3d:d5:53:80: fe:b1:be:e0:2d:db:7a:b0:a6:9e:cd:28:ac:54:31: 74:aa:a3:19:5d:90:24:ab:b0:3a:e2:50:d4:25:73: 10:25 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FA:16:DF:30:95:6E:C1:CD:22:9B:EA:EA:31:D0:71:6F:82:6C:F1:3D X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/-hbfMJVuwc0im-rqMdBxb4Js8T0.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 43.254.154.0/23 Signature Algorithm: sha256WithRSAEncryption 27:8d:54:e3:c8:b0:61:75:0a:6f:d0:45:cf:8d:ae:49:b9:27: 4c:37:0e:69:c5:77:98:75:05:e3:1b:4d:0a:21:be:8d:28:68: 1a:d5:c2:cb:9b:70:69:8c:c4:5e:be:8a:91:43:f6:81:5f:c9: 2f:13:23:cf:2b:ee:b4:b9:c7:93:52:a3:56:bb:a5:b0:96:80: 99:25:c4:bc:a1:3e:67:26:5c:99:c7:98:ff:3f:b1:e2:7b:62: 66:98:f0:b6:98:be:f4:b2:d3:2d:ed:e6:b3:c1:dc:dc:c9:74: 2b:a0:87:f4:2d:24:b9:9d:61:c4:1f:35:34:4e:fb:6a:14:10: f1:3f:96:f7:07:d8:82:32:3c:8c:c8:72:44:dd:72:b8:56:e6: c5:a5:eb:8a:78:84:95:d4:71:22:4f:19:dd:53:b3:4f:e7:f9: 36:73:2d:27:f9:67:e9:6e:b9:b5:cd:d3:e4:1d:be:b0:07:f8: 49:4a:29:6b:86:5f:ba:31:f7:8e:41:4d:57:27:01:4e:64:99: bd:d3:a5:d5:7b:ce:96:7e:f9:57:28:87:dc:d4:1c:85:da:b5: ea:46:70:2a:d1:1a:c7:92:ec:7d:07:6e:75:7b:66:09:5f:80: e5:4c:da:4b:cb:30:95:35:f4:68:08:cf:38:57:91:eb:6e:a9: 8f:c4:e7:8e -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICHskwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTA5MTMw MzA1MjhaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKEZBMTZERjMwOTU2RUMx Q0QyMjlCRUFFQTMxRDA3MTZGODI2Q0YxM0QwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC9bgz9TB0w91i1Rb4Oomtx9nRj6K5F8WzRUr2o1ZMnMkn2Zj+2 trgdEz6GQI1g3NInh9mbQEXcSn/WlqLb55VdI3UhVHPURgsNnXmbfJFB8xu3OkAn sbvqTdyOZdO1LT4EQitnrq/Pe5TxTGrpFL5y8kQd3PflzcrKaVDHSGd+LcJa8Go9 ddb6Dmg3mgoRy8YOdCuSwaJR+NNjGJ4ezyuRjUi/Uvf4gvtBm/MCV0hUMUOlsEPf rszs3til4ABdNcGB9rkCTcJ+NIiUKMRZXxz+sMNA4meuNVuPJiSZPdVTgP6xvuAt 23qwpp7NKKxUMXSqoxldkCSrsDriUNQlcxAlAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQU+hbfMJVuwc0im+rqMdBxb4Js8T0wHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3Ly1oYmZNSlZ1d2MwaW0t cnFNZEJ4YjRKczhUMC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAEr/powDQYJKoZIhvcNAQELBQADggEBACeNVOPIsGF1Cm/QRc+Nrkm5J0w3DmnF d5h1BeMbTQohvo0oaBrVwsubcGmMxF6+ipFD9oFfyS8TI88r7rS5x5NSo1a7pbCW gJklxLyhPmcmXJnHmP8/seJ7YmaY8LaYvvSy0y3t5rPB3NzJdCugh/QtJLmdYcQf NTRO+2oUEPE/lvcH2IIyPIzIckTdcrhW5sWl64p4hJXUcSJPGd1Ts0/n+TZzLSf5 Z+luubXN0+QdvrAH+ElKKWuGX7ox945BTVcnAU5kmb3TpdV7zpZ++Vcoh9zUHIXa tepGcCrRGseS7H0HbnV7ZglfgOVM2kvLMJU19GgIzzhXketuqY/E544= -----END CERTIFICATE-----Generated at Mon Oct 20 13:13:42 2025 by rpki-client