$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/1WpyG7MFUu1DyAMwsH60OwjN0jk.roa File: 1WpyG7MFUu1DyAMwsH60OwjN0jk.roa (raw, json) Hash identifier: wFTiE704Of+lPzuI/U4DLQH9VIYghlRcqTXaj6whIOQ= Subject key identifier: D5:6A:72:1B:B3:05:52:ED:43:C8:03:30:B0:7E:B4:3B:08:CD:D2:39 Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 1DEF Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/1WpyG7MFUu1DyAMwsH60OwjN0jk.roa Signing time: Sat 13 Sep 2025 03:04:42 +0000 ROA not before: Sat 13 Sep 2025 03:04:42 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 138527 IP address blocks: 45.252.36.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 13:37:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7663 (0x1def) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Sep 13 03:04:42 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=D56A721BB30552ED43C80330B07EB43B08CDD239 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:82:ae:88:c1:c8:70:d9:f8:48:d7:c2:4f:e8: d3:2b:39:e5:3a:22:70:20:99:b5:b9:e6:55:56:d3: e4:e9:2c:84:19:78:17:b6:c4:57:cd:21:20:52:54: 60:c2:93:26:fa:7a:dc:56:55:42:af:e7:fc:ce:12: a1:82:33:da:1e:d3:1a:69:7b:8c:86:34:3e:81:7d: 55:f2:d6:9d:d0:76:56:44:da:73:f0:9b:2d:02:51: 96:c0:fd:19:cd:4e:f0:a1:98:6e:19:e9:a0:1d:99: 3a:bd:c8:b0:92:69:1f:aa:32:03:ec:57:d7:17:2c: 20:51:e0:42:88:7f:5b:f1:43:b9:7d:62:12:46:3c: 07:e2:7e:7a:27:46:52:e9:45:79:61:36:2f:2b:fd: 53:67:a3:ac:35:a3:5b:63:2b:cf:2f:2b:ee:71:e0: e3:01:09:f8:bb:be:1a:7b:a1:ff:e7:06:30:d2:f1: 8e:fc:53:89:0d:34:9e:d3:67:96:17:05:77:84:61: 32:a6:df:bf:ff:26:d7:0a:30:b4:b6:6e:38:01:b1: b2:54:ff:bc:12:12:01:bb:6d:04:e8:2e:40:d0:e7: 0b:8e:69:f1:0d:66:fc:64:dd:01:fa:a1:de:0d:c2: 3f:8a:12:12:60:f4:55:14:20:1e:18:61:16:50:02: 63:ad Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D5:6A:72:1B:B3:05:52:ED:43:C8:03:30:B0:7E:B4:3B:08:CD:D2:39 X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/1WpyG7MFUu1DyAMwsH60OwjN0jk.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 45.252.36.0/22 Signature Algorithm: sha256WithRSAEncryption 4e:90:53:69:98:ca:6d:62:fc:87:7c:49:c0:49:2d:bb:2a:7f: 4a:6e:c5:23:5d:c8:5c:88:5f:24:33:9f:1a:d4:c4:88:43:c7: a0:2c:fb:1f:26:41:c1:35:c1:c0:7b:66:7a:c9:4b:d0:1b:9a: 43:80:48:dd:ec:46:fd:bb:de:9f:89:db:c0:78:78:4a:97:32: 35:f2:c5:2a:ee:43:1d:02:3a:33:93:29:ac:68:c0:cc:65:e7: 63:50:63:df:2a:bf:7f:e4:91:b5:94:c2:ed:7d:2c:fa:dc:af: 06:10:2a:ac:4b:da:a6:c8:2f:ab:0b:c9:3d:fc:63:c7:b1:5b: a9:64:e3:90:05:84:3d:c9:af:af:c3:60:90:ee:50:19:11:0b: d3:ae:7a:5a:89:4e:ba:25:c2:81:05:6c:4c:e4:b4:4d:1e:67: 13:ca:02:7e:96:58:b8:61:22:80:df:6f:30:b0:07:88:a5:ae: d8:48:68:8f:77:fd:bb:08:a5:86:38:73:05:72:15:71:a5:c4: aa:d7:c9:35:7f:fa:92:fa:9b:25:ec:aa:e3:d7:4c:d1:b9:27: 0d:16:16:7a:1a:af:03:a1:65:e0:97:9f:dc:46:3d:61:b3:00: 60:99:34:b5:45:3f:7b:1c:6d:a8:ca:75:64:5d:95:bc:b7:fc: 13:30:16:d9 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICHe8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTA5MTMw MzA0NDJaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKEQ1NkE3MjFCQjMwNTUy RUQ0M0M4MDMzMEIwN0VCNDNCMDhDREQyMzkwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCwgq6Iwchw2fhI18JP6NMrOeU6InAgmbW55lVW0+TpLIQZeBe2 xFfNISBSVGDCkyb6etxWVUKv5/zOEqGCM9oe0xppe4yGND6BfVXy1p3QdlZE2nPw my0CUZbA/RnNTvChmG4Z6aAdmTq9yLCSaR+qMgPsV9cXLCBR4EKIf1vxQ7l9YhJG PAfifnonRlLpRXlhNi8r/VNno6w1o1tjK88vK+5x4OMBCfi7vhp7of/nBjDS8Y78 U4kNNJ7TZ5YXBXeEYTKm37//JtcKMLS2bjgBsbJU/7wSEgG7bQToLkDQ5wuOafEN Zvxk3QH6od4Nwj+KEhJg9FUUIB4YYRZQAmOtAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQU1WpyG7MFUu1DyAMwsH60OwjN0jkwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3LzFXcHlHN01GVXUxRHlB TXdzSDYwT3dqTjBqay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAIt/CQwDQYJKoZIhvcNAQELBQADggEBAE6QU2mYym1i/Id8ScBJLbsqf0puxSNd yFyIXyQznxrUxIhDx6As+x8mQcE1wcB7ZnrJS9AbmkOASN3sRv273p+J28B4eEqX MjXyxSruQx0COjOTKaxowMxl52NQY98qv3/kkbWUwu19LPrcrwYQKqxL2qbIL6sL yT38Y8exW6lk45AFhD3Jr6/DYJDuUBkRC9OuelqJTrolwoEFbEzktE0eZxPKAn6W WLhhIoDfbzCwB4ilrthIaI93/bsIpYY4cwVyFXGlxKrXyTV/+pL6myXsquPXTNG5 Jw0WFnoarwOhZeCXn9xGPWGzAGCZNLVFP3scbajKdWRdlby3/BMwFtk= -----END CERTIFICATE-----Generated at Mon Oct 20 13:17:59 2025 by rpki-client