$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/1d-kew1-Jso1QrkYx7qvpejd-xE.roa File: 1d-kew1-Jso1QrkYx7qvpejd-xE.roa (raw, json) Hash identifier: B4w1LG0HWM+9ON4s7KYNgWHAF4DBcRoh61ztUVuqChc= Subject key identifier: D5:DF:A4:7B:0D:7E:26:CA:35:42:B9:18:C7:BA:AF:A5:E8:DD:FB:11 Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 1DEE Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/1d-kew1-Jso1QrkYx7qvpejd-xE.roa Signing time: Sat 13 Sep 2025 03:04:42 +0000 ROA not before: Sat 13 Sep 2025 03:04:42 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 139259 IP address blocks: 103.221.10.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 13:37:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7662 (0x1dee) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Sep 13 03:04:42 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=D5DFA47B0D7E26CA3542B918C7BAAFA5E8DDFB11 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:a8:5e:d8:41:d2:7f:64:b0:50:cf:ce:07:a4: 9d:15:de:3d:f4:32:99:9b:df:1c:07:dc:5d:7b:9a: 2b:22:0a:6d:49:9d:81:3a:37:e1:71:77:24:79:11: 31:eb:41:38:e7:9d:2e:22:18:39:04:d1:7c:d3:be: ba:af:05:5a:bb:72:5f:35:90:15:b7:00:11:b0:f2: 53:fd:25:6a:ce:af:a5:97:8b:25:ee:47:5b:7c:ee: a6:8b:19:48:7d:4b:67:51:83:06:c3:8a:59:89:fd: e7:2f:16:a3:78:6b:65:96:e8:bc:ec:49:e0:e3:60: 44:15:11:f4:a6:6b:52:a2:e2:8c:63:86:6c:56:0a: 9e:e7:91:55:03:5d:fe:1e:04:0c:58:30:90:d8:75: 65:bc:4b:9b:f0:61:d0:ac:1c:50:89:1a:b1:71:ca: db:6e:8f:d1:98:87:f9:76:d0:1d:91:eb:fc:4f:f0: 52:40:c8:97:bc:3d:ce:1e:80:15:e8:ba:f0:cd:e9: 00:f5:95:23:bf:80:1f:88:68:a0:5d:12:11:f7:06: 38:4c:0f:e2:6c:d2:2e:2d:84:86:43:37:01:f7:4a: 3c:a1:75:ee:54:56:27:9d:60:56:ec:68:1d:7c:02: 1a:47:73:d3:6b:ec:37:04:dd:37:d4:7f:5a:31:c3: 20:83 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D5:DF:A4:7B:0D:7E:26:CA:35:42:B9:18:C7:BA:AF:A5:E8:DD:FB:11 X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/1d-kew1-Jso1QrkYx7qvpejd-xE.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.221.10.0/24 Signature Algorithm: sha256WithRSAEncryption 90:05:5b:f9:0a:0e:ce:76:4d:3a:04:ae:89:7c:d1:eb:ff:05: c3:4b:ea:2c:b4:4b:21:0d:e9:b3:e2:6a:a0:7a:fb:b6:f7:6b: 5c:06:1e:35:9e:ad:05:15:4f:d9:aa:de:1f:08:e3:82:a2:b5: 24:bc:3a:44:bf:67:b8:99:48:89:9b:7d:26:89:a2:d5:9d:73: 5b:c2:d7:75:97:bd:f2:2c:6b:e3:5b:ea:2c:ea:b1:c9:60:11: 22:07:82:02:10:1b:d3:a4:cc:2b:ae:e0:07:c6:cf:96:05:60: 82:f6:21:03:9f:66:64:f5:3e:c6:95:d3:f3:55:01:f2:ad:94: 22:7b:81:0f:3e:40:75:df:d9:70:52:37:3a:e0:96:c0:84:a4: 0d:f2:7f:9f:18:7d:af:7a:a7:f2:d0:c5:73:16:c7:be:a7:d9: 95:e9:d3:40:9c:ca:9b:81:df:3d:6a:75:ee:40:b6:f5:92:64: d1:b0:36:83:64:70:69:32:be:6a:c5:43:f6:8e:02:60:58:c1: 28:fa:78:ae:55:f9:97:59:f8:2b:4d:0e:21:2e:27:10:cd:f0: a8:1f:be:31:85:a4:09:62:f0:5b:40:44:6e:a0:78:ab:28:4e: e6:b6:5f:2c:08:e6:20:4b:44:6f:a1:c4:21:32:74:4e:29:47: d2:53:08:73 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICHe4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTA5MTMw MzA0NDJaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKEQ1REZBNDdCMEQ3RTI2 Q0EzNTQyQjkxOEM3QkFBRkE1RThEREZCMTEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC+qF7YQdJ/ZLBQz84HpJ0V3j30Mpmb3xwH3F17misiCm1JnYE6 N+FxdyR5ETHrQTjnnS4iGDkE0XzTvrqvBVq7cl81kBW3ABGw8lP9JWrOr6WXiyXu R1t87qaLGUh9S2dRgwbDilmJ/ecvFqN4a2WW6LzsSeDjYEQVEfSma1Ki4oxjhmxW Cp7nkVUDXf4eBAxYMJDYdWW8S5vwYdCsHFCJGrFxyttuj9GYh/l20B2R6/xP8FJA yJe8Pc4egBXouvDN6QD1lSO/gB+IaKBdEhH3BjhMD+Js0i4thIZDNwH3Sjyhde5U ViedYFbsaB18AhpHc9Nr7DcE3TfUf1oxwyCDAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQU1d+kew1+Jso1QrkYx7qvpejd+xEwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3LzFkLWtldzEtSnNvMVFy a1l4N3F2cGVqZC14RS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BABn3QowDQYJKoZIhvcNAQELBQADggEBAJAFW/kKDs52TToErol80ev/BcNL6iy0 SyEN6bPiaqB6+7b3a1wGHjWerQUVT9mq3h8I44KitSS8OkS/Z7iZSImbfSaJotWd c1vC13WXvfIsa+Nb6izqsclgESIHggIQG9OkzCuu4AfGz5YFYIL2IQOfZmT1PsaV 0/NVAfKtlCJ7gQ8+QHXf2XBSNzrglsCEpA3yf58Yfa96p/LQxXMWx76n2ZXp00Cc ypuB3z1qde5AtvWSZNGwNoNkcGkyvmrFQ/aOAmBYwSj6eK5V+ZdZ+CtNDiEuJxDN 8KgfvjGFpAli8FtARG6geKsoTua2XywI5iBLRG+hxCEydE4pR9JTCHM= -----END CERTIFICATE-----Generated at Mon Oct 20 13:18:01 2025 by rpki-client