$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/8KPFJyVLmtiHjj3mIh35x5lePwo.roa File: 8KPFJyVLmtiHjj3mIh35x5lePwo.roa (raw, json) Hash identifier: lXX8xtRzStk+P66F2LTOA8hF9AMLkg578qC11OFFL+o= Subject key identifier: F0:A3:C5:27:25:4B:9A:D8:87:8E:3D:E6:22:1D:F9:C7:99:5E:3F:0A Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 1E2B Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/8KPFJyVLmtiHjj3mIh35x5lePwo.roa Signing time: Sat 13 Sep 2025 03:04:54 +0000 ROA not before: Sat 13 Sep 2025 03:04:54 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 139259 IP address blocks: 45.252.48.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 21 Oct 2025 00:35:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7723 (0x1e2b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Sep 13 03:04:54 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=F0A3C527254B9AD8878E3DE6221DF9C7995E3F0A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:0b:5b:3c:d9:78:01:d6:bf:cd:ba:8c:e0:fd: db:65:30:49:8e:61:ea:5c:31:bd:3d:e0:b4:41:a3: 84:da:f7:2e:7d:d6:fd:df:55:38:5c:30:dc:5a:4a: 3e:a6:ad:6b:79:14:6f:8a:22:76:a0:67:2e:50:fe: f2:58:41:55:e1:58:f2:53:b2:41:53:49:7d:ad:cd: 0d:de:b0:47:75:c8:5b:be:45:3a:2b:7c:5b:1a:24: 35:d3:aa:dd:44:43:dd:b9:94:35:bc:26:62:f5:66: 44:0f:0f:54:d2:bc:a2:eb:6a:42:4e:8b:b1:02:f3: 98:65:18:db:9c:74:4a:77:41:37:a5:18:eb:95:d4: 54:2f:69:a3:a9:fd:cf:bd:20:da:9b:2f:6d:66:4e: 8d:1b:35:29:31:bd:b2:e6:1c:ec:72:83:cc:3d:1f: b5:36:58:e6:ff:3e:5e:a9:39:d8:a1:95:c8:84:4e: 6b:39:7e:da:4d:fb:87:63:80:03:7c:57:ab:a9:63: c8:3c:9d:81:df:b1:81:50:76:5a:3a:ca:71:52:86: 84:03:d4:27:60:08:d9:db:b1:d0:22:a6:3e:a5:14: 27:08:66:f1:ec:47:84:80:92:47:6d:59:38:56:7b: ba:7b:ba:41:e8:32:3c:25:a6:a0:00:ef:68:5c:d7: 6e:33 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F0:A3:C5:27:25:4B:9A:D8:87:8E:3D:E6:22:1D:F9:C7:99:5E:3F:0A X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/8KPFJyVLmtiHjj3mIh35x5lePwo.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 45.252.48.0/22 Signature Algorithm: sha256WithRSAEncryption 68:f1:2e:32:14:6d:70:19:30:9b:0d:c2:91:f6:87:7b:7d:62: 33:f4:2a:ee:23:5c:b3:15:80:c2:e0:ad:80:70:7a:c9:20:cc: 54:1b:a8:a9:0c:61:fe:71:c5:20:83:74:22:67:6a:69:50:50: dc:8b:3d:9a:97:c4:0b:45:57:54:03:97:df:0a:12:be:be:7f: c1:3a:22:62:1a:6a:df:22:e2:a9:e1:82:71:6f:71:15:5f:0f: 1d:51:d3:ef:cb:c1:1d:5e:fc:bf:ae:1c:38:41:35:b0:68:0d: 8b:89:54:01:33:b5:9f:44:5b:2b:ec:e3:62:f6:9c:33:de:f4: dc:10:66:65:93:3f:5f:4e:0f:43:89:a7:c7:d0:dc:90:ba:8d: e1:14:21:04:8e:32:2d:b3:87:79:69:89:8a:f9:d9:63:1b:9e: 55:dc:85:25:b2:11:d0:ec:00:a5:68:23:47:3f:c5:53:d9:86: 77:ff:f5:96:d8:05:eb:f2:99:ee:33:02:ea:56:c2:ea:a0:7a: 1f:18:ba:54:a2:f4:7d:dd:2c:d5:ff:34:a4:5a:ab:99:fc:12: 41:58:c7:22:a0:90:b3:76:86:dc:f1:4a:a7:43:08:46:9b:46: 4f:59:b7:b2:cc:5e:3e:a0:2a:cc:17:9f:d6:f9:ee:1d:67:ee: 0e:7c:71:34 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICHiswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTA5MTMw MzA0NTRaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKEYwQTNDNTI3MjU0QjlB RDg4NzhFM0RFNjIyMURGOUM3OTk1RTNGMEEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC/C1s82XgB1r/Nuozg/dtlMEmOYepcMb094LRBo4Ta9y591v3f VThcMNxaSj6mrWt5FG+KInagZy5Q/vJYQVXhWPJTskFTSX2tzQ3esEd1yFu+RTor fFsaJDXTqt1EQ925lDW8JmL1ZkQPD1TSvKLrakJOi7EC85hlGNucdEp3QTelGOuV 1FQvaaOp/c+9INqbL21mTo0bNSkxvbLmHOxyg8w9H7U2WOb/Pl6pOdihlciETms5 ftpN+4djgAN8V6upY8g8nYHfsYFQdlo6ynFShoQD1CdgCNnbsdAipj6lFCcIZvHs R4SAkkdtWThWe7p7ukHoMjwlpqAA72hc124zAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQU8KPFJyVLmtiHjj3mIh35x5lePwowHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3LzhLUEZKeVZMbXRpSGpq M21JaDM1eDVsZVB3by5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAIt/DAwDQYJKoZIhvcNAQELBQADggEBAGjxLjIUbXAZMJsNwpH2h3t9YjP0Ku4j XLMVgMLgrYBweskgzFQbqKkMYf5xxSCDdCJnamlQUNyLPZqXxAtFV1QDl98KEr6+ f8E6ImIaat8i4qnhgnFvcRVfDx1R0+/LwR1e/L+uHDhBNbBoDYuJVAEztZ9EWyvs 42L2nDPe9NwQZmWTP19OD0OJp8fQ3JC6jeEUIQSOMi2zh3lpiYr52WMbnlXchSWy EdDsAKVoI0c/xVPZhnf/9ZbYBevyme4zAupWwuqgeh8YulSi9H3dLNX/NKRaq5n8 EkFYxyKgkLN2htzxSqdDCEabRk9Zt7LMXj6gKswXn9b57h1n7g58cTQ= -----END CERTIFICATE-----Generated at Mon Oct 20 23:27:33 2025 by rpki-client