$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/2JC8JD2YfPCVsNgqSHa-IcOFNFI.roa File: 2JC8JD2YfPCVsNgqSHa-IcOFNFI.roa (raw, json) Hash identifier: QjhzW1DgVAVxpxl02ozTq1NpYGTaBZ98RPPT+TposXU= Subject key identifier: D8:90:BC:24:3D:98:7C:F0:95:B0:D8:2A:48:76:BE:21:C3:85:34:52 Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 1EC5 Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/2JC8JD2YfPCVsNgqSHa-IcOFNFI.roa Signing time: Sat 13 Sep 2025 03:05:28 +0000 ROA not before: Sat 13 Sep 2025 03:05:28 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 139259 IP address blocks: 103.221.32.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 13:37:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7877 (0x1ec5) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Sep 13 03:05:28 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=D890BC243D987CF095B0D82A4876BE21C3853452 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9b:21:87:d5:93:b1:e2:47:18:69:95:72:86:2d: 53:d8:c1:61:b4:08:5f:9f:f1:98:94:d9:61:57:85: 14:08:b7:55:a3:9b:26:63:de:cc:20:f5:b7:df:7e: 22:13:ca:7c:36:5e:03:ec:f4:f5:32:ef:0f:0a:eb: 09:85:c4:b5:63:8e:5e:0c:54:67:4e:ff:f6:18:c0: ee:72:5c:47:3d:6d:af:7f:78:8e:18:0d:d1:e2:d9: 08:68:88:37:57:cf:d0:a0:95:ba:9d:cd:76:c5:64: 66:f9:c6:d6:b1:91:8a:a5:1d:eb:2b:e7:ca:48:49: 76:e1:ca:7f:c7:3f:17:64:c4:65:99:75:e9:84:3a: 63:05:58:88:12:73:25:c3:3e:26:f3:5c:5b:3f:6c: f5:16:d6:9f:7a:31:78:71:97:12:e8:be:5e:78:4e: 7e:7e:ff:93:19:78:4b:fd:68:3c:b8:b9:b3:e7:26: 7d:d9:7d:0f:38:c9:35:ee:c3:fc:29:fb:1b:44:2b: da:29:32:c1:4d:62:dd:93:04:70:aa:75:0d:c7:b5: 96:8c:71:fe:6c:60:b2:3d:8c:9d:40:3d:a2:70:67: 49:96:70:fb:fc:c0:f5:03:48:df:53:44:83:b4:92: 87:57:c6:50:ba:bb:84:ac:13:16:ab:b6:d7:51:05: e4:21 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D8:90:BC:24:3D:98:7C:F0:95:B0:D8:2A:48:76:BE:21:C3:85:34:52 X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/2JC8JD2YfPCVsNgqSHa-IcOFNFI.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.221.32.0/22 Signature Algorithm: sha256WithRSAEncryption 9f:90:c2:e1:7d:7a:b1:48:2e:cc:6d:b7:5e:ba:a2:ac:8f:0b: fe:bf:b8:02:a7:6e:c6:3f:8c:f9:3c:98:80:d6:34:b9:e2:97: cc:40:18:ba:28:21:11:f0:90:00:e5:2b:44:47:67:78:90:43: bc:5b:ed:fb:9f:d2:7b:b9:d0:3c:90:43:93:d6:36:61:24:46: 4c:9c:6f:67:61:15:a5:2b:a8:65:34:95:46:86:f1:dd:bd:e5: b6:e0:16:0b:46:5b:62:68:ab:46:ce:ce:89:cb:95:59:e6:fd: 4d:b3:59:d8:31:13:46:32:83:50:32:13:3f:2c:f8:2f:00:18: 74:c8:27:44:8c:65:cb:ff:ce:08:51:55:e5:10:d3:91:d8:0f: 59:bc:2c:de:b8:44:22:f9:6c:ad:1a:02:da:60:77:12:a3:2f: ea:eb:9a:c3:33:9a:ca:c7:49:fd:df:1b:ef:d2:5a:d5:da:61: 4e:d2:f1:4e:2a:3c:56:89:87:e6:9e:04:ed:d6:54:34:98:03: 58:4e:ee:b6:f8:70:b7:eb:a4:b9:fe:30:92:be:75:1a:3a:59: 93:9f:23:10:91:69:93:4e:53:c1:b9:9b:d5:9a:a1:82:b4:16: d9:e7:06:10:8f:d5:96:b7:f5:48:4f:56:a3:64:17:2d:60:b7: be:d2:76:d1 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICHsUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTA5MTMw MzA1MjhaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKEQ4OTBCQzI0M0Q5ODdD RjA5NUIwRDgyQTQ4NzZCRTIxQzM4NTM0NTIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCbIYfVk7HiRxhplXKGLVPYwWG0CF+f8ZiU2WFXhRQIt1WjmyZj 3swg9bfffiITynw2XgPs9PUy7w8K6wmFxLVjjl4MVGdO//YYwO5yXEc9ba9/eI4Y DdHi2QhoiDdXz9CglbqdzXbFZGb5xtaxkYqlHesr58pISXbhyn/HPxdkxGWZdemE OmMFWIgScyXDPibzXFs/bPUW1p96MXhxlxLovl54Tn5+/5MZeEv9aDy4ubPnJn3Z fQ84yTXuw/wp+xtEK9opMsFNYt2TBHCqdQ3HtZaMcf5sYLI9jJ1APaJwZ0mWcPv8 wPUDSN9TRIO0kodXxlC6u4SsExarttdRBeQhAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQU2JC8JD2YfPCVsNgqSHa+IcOFNFIwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3LzJKQzhKRDJZZlBDVnNO Z3FTSGEtSWNPRk5GSS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAJn3SAwDQYJKoZIhvcNAQELBQADggEBAJ+QwuF9erFILsxtt166oqyPC/6/uAKn bsY/jPk8mIDWNLnil8xAGLooIRHwkADlK0RHZ3iQQ7xb7fuf0nu50DyQQ5PWNmEk Rkycb2dhFaUrqGU0lUaG8d295bbgFgtGW2Joq0bOzonLlVnm/U2zWdgxE0Yyg1Ay Ez8s+C8AGHTIJ0SMZcv/zghRVeUQ05HYD1m8LN64RCL5bK0aAtpgdxKjL+rrmsMz msrHSf3fG+/SWtXaYU7S8U4qPFaJh+aeBO3WVDSYA1hO7rb4cLfrpLn+MJK+dRo6 WZOfIxCRaZNOU8G5m9WaoYK0FtnnBhCP1Za39UhPVqNkFy1gt77SdtE= -----END CERTIFICATE-----Generated at Mon Oct 20 13:13:57 2025 by rpki-client