$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/1H1VdjDerVQnO-ydwknKaKKAuw0.roa File: 1H1VdjDerVQnO-ydwknKaKKAuw0.roa (raw, json) Hash identifier: mcKyiKbhyn+iqFcIWb3dQO18Nt2HtK+ZDqO5AjwYmVg= Subject key identifier: D4:7D:55:76:30:DE:AD:54:27:3B:EC:9D:C2:49:CA:68:A2:80:BB:0D Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 1ED3 Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/1H1VdjDerVQnO-ydwknKaKKAuw0.roa Signing time: Sat 13 Sep 2025 03:05:31 +0000 ROA not before: Sat 13 Sep 2025 03:05:31 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 139259 IP address blocks: 103.221.5.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 21 Oct 2025 00:35:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7891 (0x1ed3) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Sep 13 03:05:31 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=D47D557630DEAD54273BEC9DC249CA68A280BB0D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:95:e3:8c:f2:dd:92:8a:7d:ce:95:91:66:67:d9: 49:f3:6c:26:56:70:b9:7f:43:25:90:39:39:85:61: 7e:7d:1a:29:32:48:db:0b:e4:81:87:02:e1:75:8d: d4:fd:a9:f1:ad:4a:27:2b:01:b0:36:43:18:42:15: 35:56:58:8e:73:2b:ea:fc:b3:9c:bf:18:fe:25:19: eb:51:63:e4:d4:22:27:14:18:00:f2:f8:b8:d0:51: 37:59:07:dd:c0:f8:46:e2:2d:3c:36:6c:43:09:35: 99:a3:43:71:ed:cc:cd:03:ed:ec:6f:9c:95:8d:fc: 54:c8:17:c1:03:36:05:cf:f1:66:12:31:ac:0a:0c: 7c:de:21:00:b5:bc:74:87:70:82:4d:2a:90:81:cf: a2:ac:e2:69:57:45:4d:f1:31:1b:d9:6a:a2:72:79: d5:79:5e:9f:20:3d:f2:38:df:03:c8:92:10:b0:d1: 59:e9:f5:e2:ad:54:46:58:a6:ff:da:82:e7:86:6e: 15:96:d9:48:cd:50:ed:e0:56:29:1f:26:8e:93:f4: d0:92:38:d0:80:6d:f2:2e:bf:8d:1a:f0:08:92:ee: ac:5b:ab:70:e1:0f:6a:fa:4c:ef:4e:4c:b3:d1:59: c3:71:d7:f5:a5:32:a4:46:79:4f:01:a4:0b:e3:5f: 16:f1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D4:7D:55:76:30:DE:AD:54:27:3B:EC:9D:C2:49:CA:68:A2:80:BB:0D X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/1H1VdjDerVQnO-ydwknKaKKAuw0.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.221.5.0/24 Signature Algorithm: sha256WithRSAEncryption cc:33:a6:83:0e:9d:50:76:35:28:99:0e:71:ec:95:f3:a1:0e: 9c:31:25:ae:71:92:b3:47:55:22:82:bb:94:b5:56:53:06:64: e8:1b:98:87:19:ce:33:e3:77:2d:3e:d9:00:2f:7b:c1:d3:2e: 92:7e:75:8a:24:ad:b8:41:13:38:41:3c:26:12:bb:bf:ec:ba: 07:6c:8d:3c:44:9f:9d:a3:f8:98:cc:73:24:dd:4a:15:34:e9: 69:9c:c8:33:a2:21:c5:a7:0a:d9:fc:af:4d:99:a5:4f:8d:8e: a7:9f:38:e4:34:98:ac:b0:ac:f8:49:0c:a5:e1:26:4f:bf:38: f5:dc:ce:4c:6b:6b:92:8d:23:f0:9e:a0:57:ae:bd:91:78:ad: 55:62:c6:15:ed:0e:9c:f2:f5:49:5d:5e:a0:a4:32:72:24:99: 2e:cf:de:62:d4:69:98:90:9d:48:fe:2d:69:43:3a:41:7d:bd: ff:34:a8:66:9c:9c:36:bf:51:ce:24:a4:10:34:35:85:84:21: 1e:b9:e7:46:98:f8:c7:8a:b1:ad:12:db:1d:bd:2d:68:a7:89: 7a:ef:17:02:24:9d:1b:e2:f3:4b:e9:de:63:d9:a7:f5:b9:7e: 4a:d7:57:33:0e:cf:4f:d4:fb:c7:40:c3:13:e2:24:42:15:06: 8f:9c:19:5b -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICHtMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTA5MTMw MzA1MzFaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKEQ0N0Q1NTc2MzBERUFE NTQyNzNCRUM5REMyNDlDQTY4QTI4MEJCMEQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCV44zy3ZKKfc6VkWZn2UnzbCZWcLl/QyWQOTmFYX59GikySNsL 5IGHAuF1jdT9qfGtSicrAbA2QxhCFTVWWI5zK+r8s5y/GP4lGetRY+TUIicUGADy +LjQUTdZB93A+EbiLTw2bEMJNZmjQ3HtzM0D7exvnJWN/FTIF8EDNgXP8WYSMawK DHzeIQC1vHSHcIJNKpCBz6Ks4mlXRU3xMRvZaqJyedV5Xp8gPfI43wPIkhCw0Vnp 9eKtVEZYpv/agueGbhWW2UjNUO3gVikfJo6T9NCSONCAbfIuv40a8AiS7qxbq3Dh D2r6TO9OTLPRWcNx1/WlMqRGeU8BpAvjXxbxAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQU1H1VdjDerVQnO+ydwknKaKKAuw0wHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3LzFIMVZkakRlclZRbk8t eWR3a25LYUtLQXV3MC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BABn3QUwDQYJKoZIhvcNAQELBQADggEBAMwzpoMOnVB2NSiZDnHslfOhDpwxJa5x krNHVSKCu5S1VlMGZOgbmIcZzjPjdy0+2QAve8HTLpJ+dYokrbhBEzhBPCYSu7/s ugdsjTxEn52j+JjMcyTdShU06WmcyDOiIcWnCtn8r02ZpU+NjqefOOQ0mKywrPhJ DKXhJk+/OPXczkxra5KNI/CeoFeuvZF4rVVixhXtDpzy9UldXqCkMnIkmS7P3mLU aZiQnUj+LWlDOkF9vf80qGacnDa/Uc4kpBA0NYWEIR6550aY+MeKsa0S2x29LWin iXrvFwIknRvi80vp3mPZp/W5fkrXVzMOz0/U+8dAwxPiJEIVBo+cGVs= -----END CERTIFICATE-----Generated at Mon Oct 20 23:27:25 2025 by rpki-client