$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/4t3ru3gDCBNPFdwulIXfdCDyI5k.roa File: 4t3ru3gDCBNPFdwulIXfdCDyI5k.roa (raw, json) Hash identifier: BrdQTsWGTam3AnuZW5HfQtQD+ZhE3eKX0EKzsekqKf8= Subject key identifier: E2:DD:EB:BB:78:03:08:13:4F:15:DC:2E:94:85:DF:74:20:F2:23:99 Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 1E91 Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/4t3ru3gDCBNPFdwulIXfdCDyI5k.roa Signing time: Sat 13 Sep 2025 03:05:16 +0000 ROA not before: Sat 13 Sep 2025 03:05:16 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 17621 IP address blocks: 202.89.96.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 09:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7825 (0x1e91) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Sep 13 03:05:16 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=E2DDEBBB780308134F15DC2E9485DF7420F22399 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:72:d7:65:69:a5:b4:c9:c3:81:d1:a1:79:e6: b9:35:09:32:b7:a9:93:a9:14:10:96:ce:b7:8c:af: 34:50:75:58:75:43:95:f0:e4:cd:6b:08:ba:5a:5e: 43:52:bc:fc:57:44:be:d9:a9:3f:d2:b6:49:5e:3b: 21:d9:6c:d5:ab:ae:25:32:11:52:aa:de:c4:23:d6: cc:76:da:47:ad:70:c9:6c:5f:27:c9:93:78:39:75: bd:d5:57:fb:3f:c1:68:d8:40:a1:ad:80:6e:be:f2: 1c:2b:8b:43:9c:5c:75:87:9f:7b:df:5b:db:20:e9: 85:10:d0:d6:aa:0c:6e:aa:a2:09:7b:19:18:4e:41: d4:b3:13:66:38:ef:29:7f:bd:13:b2:93:8c:59:d0: 9e:4f:a3:9e:6f:ab:ea:6a:cb:e6:63:95:d6:ab:26: 66:cb:3e:c2:68:34:07:bf:51:72:16:fc:31:47:e6: 0a:34:d6:fd:c9:0b:27:dd:19:05:1e:d7:58:21:b0: 06:b5:3f:3c:90:48:11:b6:9d:5d:66:40:fe:2a:c7: b8:14:7b:7b:a8:cb:cb:3a:85:6a:98:c5:4f:7a:13: 45:3d:36:a3:1f:df:83:15:ec:d4:42:cf:1c:cd:14: 5a:00:10:ab:65:8f:75:e0:97:0b:0e:36:14:9d:46: b6:51 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E2:DD:EB:BB:78:03:08:13:4F:15:DC:2E:94:85:DF:74:20:F2:23:99 X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/4t3ru3gDCBNPFdwulIXfdCDyI5k.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 202.89.96.0/24 Signature Algorithm: sha256WithRSAEncryption d0:fb:94:6d:9f:8e:8a:48:60:67:a3:67:83:16:e7:38:5d:61: ed:4b:9a:ca:ec:9c:53:e5:32:24:c7:ed:d2:ed:da:f8:b8:eb: bb:ba:03:da:9e:4d:25:f7:72:37:8d:ac:c4:50:b2:62:d1:3a: 51:cc:24:57:23:35:71:86:20:c0:c6:4e:7a:16:37:98:42:aa: 65:90:48:11:29:74:11:ba:d9:80:60:46:3b:17:f4:19:5f:9f: 6e:a2:bd:9c:91:71:0f:96:eb:1c:ae:4b:78:28:00:7c:d4:96: 0c:9b:45:53:4e:c2:04:f7:bd:67:8c:3f:72:a1:7f:96:e9:5b: 89:32:12:15:7b:70:c0:1f:e9:14:f7:19:83:28:64:f1:e5:9d: 05:c7:ed:b1:f3:13:61:69:93:3e:e9:46:74:d2:58:dd:69:6b: 89:47:f4:1c:60:36:93:39:e9:f3:a3:32:a6:9e:52:0f:2e:4f: f9:f8:f4:59:15:a4:29:a7:49:77:82:07:61:fd:ee:da:45:6e: 15:9c:b6:86:50:db:dd:95:7f:1a:87:ec:04:84:40:25:bc:fe: 59:b8:db:7e:8a:82:08:67:5e:2a:16:b0:ab:5d:2d:e5:98:5a: b4:4b:73:6b:cc:41:8d:91:79:89:05:be:f5:6b:0e:7c:ad:a0: 7f:55:f2:18 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICHpEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTA5MTMw MzA1MTZaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKEUyRERFQkJCNzgwMzA4 MTM0RjE1REMyRTk0ODVERjc0MjBGMjIzOTkwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCyctdlaaW0ycOB0aF55rk1CTK3qZOpFBCWzreMrzRQdVh1Q5Xw 5M1rCLpaXkNSvPxXRL7ZqT/StkleOyHZbNWrriUyEVKq3sQj1sx22ketcMlsXyfJ k3g5db3VV/s/wWjYQKGtgG6+8hwri0OcXHWHn3vfW9sg6YUQ0NaqDG6qogl7GRhO QdSzE2Y47yl/vROyk4xZ0J5Po55vq+pqy+ZjldarJmbLPsJoNAe/UXIW/DFH5go0 1v3JCyfdGQUe11ghsAa1PzyQSBG2nV1mQP4qx7gUe3uoy8s6hWqYxU96E0U9NqMf 34MV7NRCzxzNFFoAEKtlj3XglwsONhSdRrZRAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQU4t3ru3gDCBNPFdwulIXfdCDyI5kwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3LzR0M3J1M2dEQ0JOUEZk d3VsSVhmZENEeUk1ay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BADKWWAwDQYJKoZIhvcNAQELBQADggEBAND7lG2fjopIYGejZ4MW5zhdYe1Lmsrs nFPlMiTH7dLt2vi467u6A9qeTSX3cjeNrMRQsmLROlHMJFcjNXGGIMDGTnoWN5hC qmWQSBEpdBG62YBgRjsX9Blfn26ivZyRcQ+W6xyuS3goAHzUlgybRVNOwgT3vWeM P3Khf5bpW4kyEhV7cMAf6RT3GYMoZPHlnQXH7bHzE2Fpkz7pRnTSWN1pa4lH9Bxg NpM56fOjMqaeUg8uT/n49FkVpCmnSXeCB2H97tpFbhWctoZQ292VfxqH7ASEQCW8 /lm4236KgghnXioWsKtdLeWYWrRLc2vMQY2ReYkFvvVrDnytoH9V8hg= -----END CERTIFICATE-----Generated at Mon Oct 20 08:30:46 2025 by rpki-client