$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/20C0YyCv47vFh_MUBBiH9_15VoQ.roa File: 20C0YyCv47vFh_MUBBiH9_15VoQ.roa (raw, json) Hash identifier: nfnLytW22gKJHZIw5xZxvW7JcWJ5823UuaLpZGry9js= Subject key identifier: DB:40:B4:63:20:AF:E3:BB:C5:87:F3:14:04:18:87:F7:FD:79:56:84 Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 1E99 Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/20C0YyCv47vFh_MUBBiH9_15VoQ.roa Signing time: Sat 13 Sep 2025 03:05:17 +0000 ROA not before: Sat 13 Sep 2025 03:05:17 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 139259 IP address blocks: 103.221.7.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 13:37:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7833 (0x1e99) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Sep 13 03:05:17 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=DB40B46320AFE3BBC587F314041887F7FD795684 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:74:a5:e1:23:28:2c:fb:c3:58:da:84:df:2c: bb:99:da:6f:8c:50:c7:a2:3c:74:5d:ad:e8:90:22: 97:39:a7:ac:82:a9:95:4a:07:28:77:bb:4d:e3:1f: 3f:7e:09:7f:bd:02:03:97:48:3c:fa:73:40:6f:96: 15:cb:77:1c:13:f6:f3:8b:79:db:5f:da:f6:2f:a8: 71:13:20:bd:ae:38:a0:a9:5f:a1:dc:67:5d:e8:a3: 62:16:82:ee:fa:1a:7d:94:f9:88:e7:0d:43:3a:22: 16:6d:48:91:b6:df:26:9f:17:1c:a7:ac:49:68:c0: 91:b3:de:b3:17:3f:b0:d6:71:dd:5c:e0:16:17:e5: 8b:9f:cd:21:59:11:3f:f1:c3:d2:bb:43:7f:c4:a6: 75:1e:df:07:16:4b:54:e0:d8:da:21:d0:bf:ab:69: 8b:4e:96:3c:1b:67:d4:5f:c1:71:e5:67:2e:d3:bd: 22:ad:4f:1d:9e:9a:b6:3a:47:10:69:0c:44:b4:ea: 19:b0:d2:2f:c5:fb:18:a3:58:e9:e7:65:a8:80:c4: a6:ad:08:88:8a:60:06:2e:d4:67:fd:8e:5f:49:00: 06:b2:eb:1d:74:14:f4:db:ec:ba:b9:1d:d6:1f:3f: 40:54:0c:4a:09:7e:ae:84:31:64:c9:d2:63:c5:56: b3:29 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DB:40:B4:63:20:AF:E3:BB:C5:87:F3:14:04:18:87:F7:FD:79:56:84 X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/20C0YyCv47vFh_MUBBiH9_15VoQ.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.221.7.0/24 Signature Algorithm: sha256WithRSAEncryption 11:d6:c2:80:70:2b:72:e7:b9:e1:51:3f:ea:8b:d5:e0:82:aa: 76:3e:23:a0:e0:88:d3:b1:4e:bc:3b:37:9b:dc:4a:87:77:78: 61:2a:f3:00:6a:54:ea:d6:7b:d1:ce:a0:1a:83:23:8e:f7:59: 52:d5:c0:fd:4d:6d:61:f5:4c:1a:63:b5:ac:c0:40:62:04:ea: 91:b6:4a:80:85:9d:b8:01:bb:10:a8:d0:49:7e:10:06:c3:6e: a6:85:72:e0:06:b1:bd:22:bd:b0:e1:50:7d:44:a0:ba:9c:fa: b9:13:b6:39:6c:19:70:16:dc:1d:e8:e2:1e:13:41:31:c4:87: ae:81:df:90:e9:4e:98:16:38:bf:b0:22:a9:e0:d3:5d:af:fc: 25:03:a6:e2:b6:0a:8c:06:11:76:8c:01:20:03:56:f6:5b:5e: 02:32:63:1f:6d:63:46:64:65:cf:1c:5d:72:e0:27:71:33:9f: bf:5a:9b:20:ed:06:92:7a:12:c0:40:18:12:8f:f9:d9:f3:12: a9:6b:c4:81:a0:10:ad:85:37:ec:fd:4e:7b:de:7d:66:4a:b8: cf:3e:5d:4d:8e:27:24:86:c6:79:4a:4f:0a:ad:c1:10:c3:03: d8:6f:91:9f:ec:c0:0e:37:fe:c3:51:97:d0:4f:23:67:70:a8: 38:f5:af:12 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICHpkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTA5MTMw MzA1MTdaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKERCNDBCNDYzMjBBRkUz QkJDNTg3RjMxNDA0MTg4N0Y3RkQ3OTU2ODQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCqdKXhIygs+8NY2oTfLLuZ2m+MUMeiPHRdreiQIpc5p6yCqZVK Byh3u03jHz9+CX+9AgOXSDz6c0BvlhXLdxwT9vOLedtf2vYvqHETIL2uOKCpX6Hc Z13oo2IWgu76Gn2U+YjnDUM6IhZtSJG23yafFxynrElowJGz3rMXP7DWcd1c4BYX 5YufzSFZET/xw9K7Q3/EpnUe3wcWS1Tg2Noh0L+raYtOljwbZ9RfwXHlZy7TvSKt Tx2emrY6RxBpDES06hmw0i/F+xijWOnnZaiAxKatCIiKYAYu1Gf9jl9JAAay6x10 FPTb7Lq5HdYfP0BUDEoJfq6EMWTJ0mPFVrMpAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQU20C0YyCv47vFh/MUBBiH9/15VoQwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3LzIwQzBZeUN2NDd2Rmhf TVVCQmlIOV8xNVZvUS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BABn3QcwDQYJKoZIhvcNAQELBQADggEBABHWwoBwK3LnueFRP+qL1eCCqnY+I6Dg iNOxTrw7N5vcSod3eGEq8wBqVOrWe9HOoBqDI473WVLVwP1NbWH1TBpjtazAQGIE 6pG2SoCFnbgBuxCo0El+EAbDbqaFcuAGsb0ivbDhUH1EoLqc+rkTtjlsGXAW3B3o 4h4TQTHEh66B35DpTpgWOL+wIqng012v/CUDpuK2CowGEXaMASADVvZbXgIyYx9t Y0ZkZc8cXXLgJ3Ezn79amyDtBpJ6EsBAGBKP+dnzEqlrxIGgEK2FN+z9TnvefWZK uM8+XU2OJySGxnlKTwqtwRDDA9hvkZ/swA43/sNRl9BPI2dwqDj1rxI= -----END CERTIFICATE-----Generated at Mon Oct 20 13:30:54 2025 by rpki-client