$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/5zS3Q4-dPSf2Nk2QusJ67eKQ5N8.roa File: 5zS3Q4-dPSf2Nk2QusJ67eKQ5N8.roa (raw, json) Hash identifier: Zz1QtO+4gSDCnTeUORqFBFT5W8GDzHkBm9SOwocU9tA= Subject key identifier: E7:34:B7:43:8F:9D:3D:27:F6:36:4D:90:BA:C2:7A:ED:E2:90:E4:DF Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 1E6C Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/5zS3Q4-dPSf2Nk2QusJ67eKQ5N8.roa Signing time: Sat 13 Sep 2025 03:05:08 +0000 ROA not before: Sat 13 Sep 2025 03:05:08 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 139259 IP address blocks: 103.221.14.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 13:37:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7788 (0x1e6c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Sep 13 03:05:08 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=E734B7438F9D3D27F6364D90BAC27AEDE290E4DF Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9a:b4:cc:fe:63:5e:a1:30:97:3b:fd:c1:68:e5: fc:4b:80:45:6a:86:77:65:26:36:ea:95:98:bf:6c: f3:5c:d3:81:75:a6:e9:55:5a:6d:3d:ec:50:3e:f7: 28:e4:5e:3f:8f:c4:be:a5:49:d9:0a:50:c2:29:95: 96:47:7d:08:73:c7:99:3c:43:d2:ad:bb:29:de:1a: a3:db:4b:7f:7f:81:cc:eb:cf:bd:ec:6e:3d:9c:f6: e5:ef:cd:fe:be:eb:74:58:89:dd:d7:ca:69:da:a9: e0:0f:b6:2d:29:2a:21:4c:29:11:26:10:b2:aa:8c: 33:66:58:a9:e9:e7:f9:f1:ca:8f:29:fe:a3:1e:fd: aa:36:fe:bb:64:b4:82:6a:3f:46:df:8d:be:99:05: 53:e3:dd:3b:86:64:cc:15:8e:96:d8:57:f0:1b:17: aa:22:93:98:ad:dd:2f:51:c6:ce:9c:51:13:eb:dd: 54:98:74:cd:84:11:46:aa:2e:8f:d7:cb:3b:4a:03: b9:bc:49:6f:4f:ed:a7:14:cc:d0:c2:c3:30:68:c2: f9:6a:f2:8d:94:1b:d2:ee:29:9c:ad:1e:bf:09:16: bf:92:42:f2:eb:5d:7e:01:4c:d0:79:28:29:64:af: ec:4e:98:89:73:6d:c0:3a:9f:3b:34:4a:fb:11:ee: ac:49 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E7:34:B7:43:8F:9D:3D:27:F6:36:4D:90:BA:C2:7A:ED:E2:90:E4:DF X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/5zS3Q4-dPSf2Nk2QusJ67eKQ5N8.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.221.14.0/24 Signature Algorithm: sha256WithRSAEncryption 21:bb:bf:e2:b8:63:28:c5:78:91:e5:6f:33:3c:dd:68:2c:81: e1:c2:17:bb:aa:3a:26:98:5a:ed:eb:29:08:3c:e1:12:00:9c: bc:42:78:d5:95:60:c5:fd:4f:7d:1a:fc:95:42:ab:cc:63:d3: 60:3f:b5:9a:15:a3:d2:de:b9:c3:84:db:c4:9e:27:7a:47:d2: 70:27:db:1f:2f:21:93:26:24:fd:8e:fa:ce:a8:a4:f8:85:0a: 32:ea:f3:14:38:dc:23:0e:9a:14:e5:4c:e2:56:a0:ac:22:6f: a1:e4:ea:32:66:e4:c1:cf:0a:7c:4d:75:19:59:74:98:f5:4a: ad:d8:4d:94:13:02:9b:6b:fb:fe:42:25:d9:ff:78:76:59:aa: ca:a7:81:0c:ab:a8:bf:65:d9:44:3e:ff:04:b7:fe:4c:75:a5: 7d:30:f6:d1:53:84:89:68:29:22:b0:fd:83:83:9a:d0:58:8f: e7:8b:f5:3e:65:15:1c:3a:50:03:06:38:df:49:ca:87:44:14: 61:4e:9d:9b:78:b6:bf:01:e7:47:07:6f:3f:8a:8e:7a:67:0b: a0:23:83:a6:d1:ef:8f:ae:01:84:f0:61:52:b7:52:50:6f:9b: f2:c8:0f:27:0d:77:31:53:d2:fe:1e:f7:38:35:1b:ad:a3:75: 69:68:8f:86 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICHmwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTA5MTMw MzA1MDhaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKEU3MzRCNzQzOEY5RDNE MjdGNjM2NEQ5MEJBQzI3QUVERTI5MEU0REYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCatMz+Y16hMJc7/cFo5fxLgEVqhndlJjbqlZi/bPNc04F1pulV Wm097FA+9yjkXj+PxL6lSdkKUMIplZZHfQhzx5k8Q9KtuyneGqPbS39/gczrz73s bj2c9uXvzf6+63RYid3XymnaqeAPti0pKiFMKREmELKqjDNmWKnp5/nxyo8p/qMe /ao2/rtktIJqP0bfjb6ZBVPj3TuGZMwVjpbYV/AbF6oik5it3S9Rxs6cURPr3VSY dM2EEUaqLo/XyztKA7m8SW9P7acUzNDCwzBowvlq8o2UG9LuKZytHr8JFr+SQvLr XX4BTNB5KClkr+xOmIlzbcA6nzs0SvsR7qxJAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQU5zS3Q4+dPSf2Nk2QusJ67eKQ5N8wHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3LzV6UzNRNC1kUFNmMk5r MlF1c0o2N2VLUTVOOC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BABn3Q4wDQYJKoZIhvcNAQELBQADggEBACG7v+K4YyjFeJHlbzM83WgsgeHCF7uq OiaYWu3rKQg84RIAnLxCeNWVYMX9T30a/JVCq8xj02A/tZoVo9LeucOE28SeJ3pH 0nAn2x8vIZMmJP2O+s6opPiFCjLq8xQ43CMOmhTlTOJWoKwib6Hk6jJm5MHPCnxN dRlZdJj1Sq3YTZQTAptr+/5CJdn/eHZZqsqngQyrqL9l2UQ+/wS3/kx1pX0w9tFT hIloKSKw/YODmtBYj+eL9T5lFRw6UAMGON9JyodEFGFOnZt4tr8B50cHbz+Kjnpn C6Ajg6bR74+uAYTwYVK3UlBvm/LIDycNdzFT0v4e9zg1G62jdWloj4Y= -----END CERTIFICATE-----Generated at Mon Oct 20 13:13:41 2025 by rpki-client