$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/5brHR2rkZdEdiv7t5s0GVdgEwZg.roa File: 5brHR2rkZdEdiv7t5s0GVdgEwZg.roa (raw, json) Hash identifier: GpYqKd88Fsg1bGfYXwYJizzTWGam+UiZ6bKEIsli6J0= Subject key identifier: E5:BA:C7:47:6A:E4:65:D1:1D:8A:FE:ED:E6:CD:06:55:D8:04:C1:98 Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 1E49 Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/5brHR2rkZdEdiv7t5s0GVdgEwZg.roa Signing time: Sat 13 Sep 2025 03:04:59 +0000 ROA not before: Sat 13 Sep 2025 03:04:59 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 13444 IP address blocks: 103.221.31.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 21 Oct 2025 00:35:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7753 (0x1e49) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Sep 13 03:04:59 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=E5BAC7476AE465D11D8AFEEDE6CD0655D804C198 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9a:fb:dd:90:29:17:a9:fb:fe:f9:d1:4c:14:9d: 88:31:a8:3f:7c:5a:2d:26:27:d4:5b:cf:ce:08:9b: af:72:89:21:d6:73:8a:69:b5:2e:4f:7b:a5:82:13: 6b:e4:0a:64:cc:2e:14:e9:72:1b:23:18:1a:af:8a: 17:9e:65:d3:6e:f1:64:bf:06:76:34:89:8f:cc:a3: 2f:3f:6b:29:15:c7:19:db:30:3e:df:1e:56:80:e1: a4:96:b0:fc:76:a8:ae:e4:28:47:f8:2f:d2:71:97: 99:e1:1f:af:f0:2c:cb:05:dc:96:0b:a3:7a:7a:2c: 4e:0e:e6:aa:0a:fb:15:a5:0e:ae:28:8e:58:dc:df: f6:8d:9b:4c:cc:46:b2:45:36:b6:a7:c6:f0:47:f6: 95:a3:38:48:4e:d3:b9:ab:82:9b:ab:b8:85:11:59: 97:1a:d9:25:f5:57:ab:e9:1d:41:88:84:fe:38:f7: 8e:fb:2a:c0:ed:26:95:db:ef:c2:14:75:fe:f5:9a: 7d:f3:5c:bb:14:d1:80:59:c9:b3:0c:64:2f:50:37: 3c:f2:65:77:82:dd:da:d0:24:e6:0a:00:81:c6:83: b7:53:62:64:c1:82:a2:83:d8:c1:13:44:24:bb:75: 7e:9d:04:75:fe:ef:63:a0:9f:75:b4:29:16:6c:f8: 9c:75 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E5:BA:C7:47:6A:E4:65:D1:1D:8A:FE:ED:E6:CD:06:55:D8:04:C1:98 X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/5brHR2rkZdEdiv7t5s0GVdgEwZg.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.221.31.0/24 Signature Algorithm: sha256WithRSAEncryption 82:bc:7b:9c:aa:7a:34:3d:58:99:cf:b3:6c:42:4e:ab:48:1a: 8e:4d:15:80:c7:c8:3d:47:f7:8b:ae:e3:d0:13:05:17:ff:51: da:ad:6a:ba:bc:a6:7b:06:2c:fe:55:36:db:07:0a:41:81:92: c6:e0:7c:34:64:d6:60:74:08:f9:e0:82:9a:d2:0d:c2:fa:8a: d1:b0:48:63:91:9f:34:b9:f1:15:87:54:65:80:c2:f5:10:87: 9d:e8:a9:03:7b:5b:b9:cb:8a:02:54:15:d2:81:94:7f:55:e9: 5a:50:ac:1d:5c:51:43:5a:94:34:9e:90:e6:66:19:e7:5c:7a: c2:24:1e:7a:fb:c2:e7:c7:f8:2d:be:d3:56:2b:56:29:3a:a3: 52:b2:99:7f:df:67:53:b4:15:81:16:e8:e0:71:bf:18:f7:0f: f0:d2:9e:98:9c:7c:e2:11:1a:c1:42:9e:34:29:1b:e6:19:20: 49:8e:87:45:07:ba:a3:6b:98:23:5a:09:05:10:d9:15:a0:0e: 18:fe:93:86:fe:db:0f:8e:3a:90:58:57:90:98:9a:27:43:cf: 88:fb:71:a4:51:a0:8f:ce:12:54:84:ce:4f:2f:7f:90:b2:98: 6e:72:aa:00:77:df:30:0a:7e:e9:dc:ea:b1:30:ff:ed:d4:f3: ef:e7:45:dd -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICHkkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTA5MTMw MzA0NTlaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKEU1QkFDNzQ3NkFFNDY1 RDExRDhBRkVFREU2Q0QwNjU1RDgwNEMxOTgwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCa+92QKRep+/750UwUnYgxqD98Wi0mJ9Rbz84Im69yiSHWc4pp tS5Pe6WCE2vkCmTMLhTpchsjGBqviheeZdNu8WS/BnY0iY/Moy8/aykVxxnbMD7f HlaA4aSWsPx2qK7kKEf4L9Jxl5nhH6/wLMsF3JYLo3p6LE4O5qoK+xWlDq4ojljc 3/aNm0zMRrJFNranxvBH9pWjOEhO07mrgpuruIURWZca2SX1V6vpHUGIhP449477 KsDtJpXb78IUdf71mn3zXLsU0YBZybMMZC9QNzzyZXeC3drQJOYKAIHGg7dTYmTB gqKD2METRCS7dX6dBHX+72Ogn3W0KRZs+Jx1AgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQU5brHR2rkZdEdiv7t5s0GVdgEwZgwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3LzVickhSMnJrWmRFZGl2 N3Q1czBHVmRnRXdaZy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BABn3R8wDQYJKoZIhvcNAQELBQADggEBAIK8e5yqejQ9WJnPs2xCTqtIGo5NFYDH yD1H94uu49ATBRf/Udqtarq8pnsGLP5VNtsHCkGBksbgfDRk1mB0CPnggprSDcL6 itGwSGORnzS58RWHVGWAwvUQh53oqQN7W7nLigJUFdKBlH9V6VpQrB1cUUNalDSe kOZmGedcesIkHnr7wufH+C2+01YrVik6o1KymX/fZ1O0FYEW6OBxvxj3D/DSnpic fOIRGsFCnjQpG+YZIEmOh0UHuqNrmCNaCQUQ2RWgDhj+k4b+2w+OOpBYV5CYmidD z4j7caRRoI/OElSEzk8vf5CymG5yqgB33zAKfunc6rEw/+3U8+/nRd0= -----END CERTIFICATE-----Generated at Mon Oct 20 23:27:25 2025 by rpki-client