$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/38ZP_62vuIsXeHmrIzhgntJO9Cs.roa File: 38ZP_62vuIsXeHmrIzhgntJO9Cs.roa (raw, json) Hash identifier: 0FwS5KcRRsug6Ek7tPcNwHh7NHFIWvpAigRfJ8VyM2Q= Subject key identifier: DF:C6:4F:FF:AD:AF:B8:8B:17:78:79:AB:23:38:60:9E:D2:4E:F4:2B Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 1DF5 Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/38ZP_62vuIsXeHmrIzhgntJO9Cs.roa Signing time: Sat 13 Sep 2025 03:04:44 +0000 ROA not before: Sat 13 Sep 2025 03:04:44 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 139259 IP address blocks: 103.221.44.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 13:37:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7669 (0x1df5) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Sep 13 03:04:44 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=DFC64FFFADAFB88B177879AB2338609ED24EF42B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:08:12:65:b1:e1:41:40:ea:76:66:2e:03:68: 87:77:4c:c2:85:30:d1:53:b2:de:6d:91:fc:ab:6c: 92:a1:8a:2f:65:ca:90:37:55:1f:dd:63:71:b8:ce: 09:13:55:ec:e9:e5:06:dd:70:40:ac:e4:0b:ed:83: d8:e0:94:f2:a6:e4:79:54:1e:8d:54:77:51:3a:dd: 96:98:26:03:e1:0d:8b:91:00:61:37:0d:c9:52:26: d9:69:af:01:3b:f7:a9:ba:84:60:41:64:fb:6e:36: e5:20:58:ad:2b:e1:df:fd:7b:bd:f6:ff:70:dc:58: 8e:e5:cd:a9:17:6f:b5:58:6d:6b:98:db:90:fb:27: ce:4d:03:c6:99:7f:8c:0f:fb:5d:07:05:72:f7:05: de:b6:73:20:bf:01:1a:cc:bc:8a:a6:97:e9:97:4f: a1:a1:2b:31:bc:9f:84:4b:8e:2b:e0:8b:d6:55:39: a7:db:ff:f1:9f:60:59:e7:37:0b:16:c4:51:1f:44: b6:0c:f9:73:bf:c2:25:e1:47:ad:82:1b:dd:92:57: 93:a1:00:d2:e7:c4:46:ba:56:45:24:7d:c1:a6:13: 9e:ee:b7:d4:5f:47:f7:23:49:1e:cd:a1:5b:ad:1f: 28:02:2a:0b:25:1e:78:74:a8:60:e4:c6:dc:67:a3: c7:fd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DF:C6:4F:FF:AD:AF:B8:8B:17:78:79:AB:23:38:60:9E:D2:4E:F4:2B X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/38ZP_62vuIsXeHmrIzhgntJO9Cs.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.221.44.0/22 Signature Algorithm: sha256WithRSAEncryption ac:f9:80:05:f4:16:4d:f5:6b:d2:2c:f9:a2:f4:09:4f:e4:89: 5c:ef:40:ae:f0:f5:e6:d8:f9:2f:23:4b:0a:f7:71:65:55:60: 05:f9:cb:96:e1:a8:71:eb:92:b0:1d:03:46:89:d5:4d:87:8e: 6a:b7:d4:11:6c:a6:8a:16:db:bb:cf:6c:4f:39:9a:15:c4:51: ae:db:16:97:e0:37:7f:c0:3e:58:bb:19:25:4e:cb:0d:6d:f9: 60:78:a2:1b:0a:15:87:9b:84:44:35:0d:23:b6:46:ca:67:65: ad:4a:50:b2:88:f2:8a:b7:e4:83:9b:41:e4:3e:8b:fd:a6:8f: a4:5c:eb:a5:7e:e7:4a:80:ea:ee:d5:ff:cc:62:51:1f:e7:97: 0b:48:e3:e6:5d:35:4f:91:b6:b6:c6:10:c6:bf:65:3d:02:2f: 37:c3:24:32:dc:21:a7:b9:20:c6:eb:f8:cf:9e:1f:9a:10:6e: 31:f2:02:1b:27:21:bc:de:63:12:34:dc:93:fd:ce:05:da:b2: 0e:c3:9d:92:c2:dd:9a:2d:b6:33:ff:76:4e:6f:25:81:5d:82: 31:63:b6:09:f3:a2:8d:88:7f:e8:2c:39:02:45:90:16:38:0c: 3e:d2:f3:79:25:ce:be:0f:13:88:27:8d:d3:86:88:fd:99:d4: 71:79:b1:3b -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICHfUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTA5MTMw MzA0NDRaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKERGQzY0RkZGQURBRkI4 OEIxNzc4NzlBQjIzMzg2MDlFRDI0RUY0MkIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDACBJlseFBQOp2Zi4DaId3TMKFMNFTst5tkfyrbJKhii9lypA3 VR/dY3G4zgkTVezp5QbdcECs5Avtg9jglPKm5HlUHo1Ud1E63ZaYJgPhDYuRAGE3 DclSJtlprwE796m6hGBBZPtuNuUgWK0r4d/9e732/3DcWI7lzakXb7VYbWuY25D7 J85NA8aZf4wP+10HBXL3Bd62cyC/ARrMvIqml+mXT6GhKzG8n4RLjivgi9ZVOafb //GfYFnnNwsWxFEfRLYM+XO/wiXhR62CG92SV5OhANLnxEa6VkUkfcGmE57ut9Rf R/cjSR7NoVutHygCKgslHnh0qGDkxtxno8f9AgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQU38ZP/62vuIsXeHmrIzhgntJO9CswHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3LzM4WlBfNjJ2dUlzWGVI bXJJemhnbnRKTzlDcy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAJn3SwwDQYJKoZIhvcNAQELBQADggEBAKz5gAX0Fk31a9Is+aL0CU/kiVzvQK7w 9ebY+S8jSwr3cWVVYAX5y5bhqHHrkrAdA0aJ1U2Hjmq31BFspooW27vPbE85mhXE Ua7bFpfgN3/APli7GSVOyw1t+WB4ohsKFYebhEQ1DSO2RspnZa1KULKI8oq35IOb QeQ+i/2mj6Rc66V+50qA6u7V/8xiUR/nlwtI4+ZdNU+RtrbGEMa/ZT0CLzfDJDLc Iae5IMbr+M+eH5oQbjHyAhsnIbzeYxI03JP9zgXasg7DnZLC3ZottjP/dk5vJYFd gjFjtgnzoo2If+gsOQJFkBY4DD7S83klzr4PE4gnjdOGiP2Z1HF5sTs= -----END CERTIFICATE-----Generated at Mon Oct 20 13:30:57 2025 by rpki-client