$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/1Iqx1GKS-SsnWHb3Y4UaWHmziDY.roa File: 1Iqx1GKS-SsnWHb3Y4UaWHmziDY.roa (raw, json) Hash identifier: SVSVKd5KbDKeCcbbKCAIuUj+b+7rSNZjXXo4+d6PE4Q= Subject key identifier: D4:8A:B1:D4:62:92:F9:2B:27:58:76:F7:63:85:1A:58:79:B3:88:36 Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 1DDE Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/1Iqx1GKS-SsnWHb3Y4UaWHmziDY.roa Signing time: Sat 13 Sep 2025 03:04:39 +0000 ROA not before: Sat 13 Sep 2025 03:04:39 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 139259 IP address blocks: 103.221.50.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 21 Oct 2025 00:35:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7646 (0x1dde) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Sep 13 03:04:39 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=D48AB1D46292F92B275876F763851A5879B38836 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9e:18:e3:98:f7:6f:8b:13:31:db:f1:bd:f1:42: 24:e8:9b:90:a5:4a:e1:5a:8e:5d:41:a3:b0:4f:47: 6f:2a:b6:e5:84:ef:e8:8e:ce:2d:d5:12:b4:41:41: e2:87:65:c6:84:b9:a7:ad:58:74:ff:cf:34:34:e9: 0c:be:c6:5f:18:a1:e0:8c:eb:44:a0:cf:55:1a:57: 79:71:17:77:ec:3a:f1:d8:66:1f:d4:6d:99:d9:23: 90:7d:7b:f6:a3:55:a5:1e:6a:05:71:48:69:61:97: 47:ff:d1:fa:7e:31:e3:a5:34:59:f3:b2:bb:0a:b7: 0a:cb:af:e4:a5:9e:66:22:23:e6:20:9b:ff:cc:c8: c2:06:33:09:51:66:86:a1:bc:5e:0d:60:d3:9a:29: 2a:94:37:e0:fc:2d:83:48:45:d8:2e:cf:69:9e:30: 2f:99:a6:ea:9f:6e:a0:eb:e8:57:f9:8b:24:3a:77: 63:1a:43:51:06:d0:a8:b0:69:2a:69:15:b1:46:23: 17:85:98:9d:bc:38:88:d4:a4:50:da:21:94:3f:e9: 20:d7:0e:26:1b:87:bf:fe:f1:bb:00:db:44:1a:6d: 65:01:55:aa:ef:da:d0:8f:aa:7c:36:94:bd:e8:fd: 42:d9:4e:42:24:4b:38:a4:1d:58:7f:cd:95:77:90: fd:99 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D4:8A:B1:D4:62:92:F9:2B:27:58:76:F7:63:85:1A:58:79:B3:88:36 X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/1Iqx1GKS-SsnWHb3Y4UaWHmziDY.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.221.50.0/24 Signature Algorithm: sha256WithRSAEncryption 94:4c:c1:7f:f8:63:c7:e9:52:ad:8c:d6:05:09:de:f0:52:51: bf:cc:35:58:31:ec:e4:d9:e7:2e:89:0c:b3:07:5e:b3:4a:81: 53:2e:6a:3e:98:9a:83:fb:a7:e3:d6:04:cd:67:c6:af:ef:2a: 2f:00:94:d4:7a:af:cd:b9:98:92:32:10:d2:ea:33:dd:ee:71: 36:d4:e4:85:dd:73:b4:68:79:c7:a7:c8:0b:2b:36:e4:bd:cd: f2:03:b7:b5:2f:af:c5:d3:4e:42:56:36:7f:a4:5f:c9:05:e7: 13:7a:4b:da:7f:2f:9d:12:f0:2e:99:1e:f4:38:19:09:d5:47: c9:1e:f7:21:ca:b2:0f:2e:f8:cb:06:3f:39:e4:a3:ed:12:29: 91:e7:f8:ef:36:46:7e:b0:e5:ce:f2:c2:bd:6d:11:db:b1:ec: 7a:d8:6b:e4:e9:e5:fd:8b:65:0d:6e:18:4e:b5:09:d5:5e:e8: 85:dd:68:85:27:22:d4:38:62:a5:9c:3c:8d:a3:9c:9e:b1:3d: 89:00:4e:4d:0c:e9:6a:f3:5d:e4:5f:3d:26:1e:d7:17:4c:a0: 84:79:b0:15:c6:05:92:bf:a1:05:f3:aa:48:11:fd:5a:d2:05: 61:66:11:19:80:31:e3:43:05:00:b0:c7:4d:e2:c0:87:9a:f5: 2e:5c:ad:9b -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICHd4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTA5MTMw MzA0MzlaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKEQ0OEFCMUQ0NjI5MkY5 MkIyNzU4NzZGNzYzODUxQTU4NzlCMzg4MzYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCeGOOY92+LEzHb8b3xQiTom5ClSuFajl1Bo7BPR28qtuWE7+iO zi3VErRBQeKHZcaEuaetWHT/zzQ06Qy+xl8YoeCM60Sgz1UaV3lxF3fsOvHYZh/U bZnZI5B9e/ajVaUeagVxSGlhl0f/0fp+MeOlNFnzsrsKtwrLr+SlnmYiI+Ygm//M yMIGMwlRZoahvF4NYNOaKSqUN+D8LYNIRdguz2meMC+ZpuqfbqDr6Ff5iyQ6d2Ma Q1EG0KiwaSppFbFGIxeFmJ28OIjUpFDaIZQ/6SDXDiYbh7/+8bsA20QabWUBVarv 2tCPqnw2lL3o/ULZTkIkSzikHVh/zZV3kP2ZAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQU1Iqx1GKS+SsnWHb3Y4UaWHmziDYwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3LzFJcXgxR0tTLVNzbldI YjNZNFVhV0htemlEWS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BABn3TIwDQYJKoZIhvcNAQELBQADggEBAJRMwX/4Y8fpUq2M1gUJ3vBSUb/MNVgx 7OTZ5y6JDLMHXrNKgVMuaj6YmoP7p+PWBM1nxq/vKi8AlNR6r825mJIyENLqM93u cTbU5IXdc7RoecenyAsrNuS9zfIDt7Uvr8XTTkJWNn+kX8kF5xN6S9p/L50S8C6Z HvQ4GQnVR8ke9yHKsg8u+MsGPznko+0SKZHn+O82Rn6w5c7ywr1tEdux7HrYa+Tp 5f2LZQ1uGE61CdVe6IXdaIUnItQ4YqWcPI2jnJ6xPYkATk0M6WrzXeRfPSYe1xdM oIR5sBXGBZK/oQXzqkgR/VrSBWFmERmAMeNDBQCwx03iwIea9S5crZs= -----END CERTIFICATE-----Generated at Mon Oct 20 23:27:22 2025 by rpki-client