$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/8qLXC28MD8l5liT09H1BpwYKxbc.roa File: 8qLXC28MD8l5liT09H1BpwYKxbc.roa (raw, json) Hash identifier: baZTHMyEMpMXifevO6W9tUwltoU7Y5HhqeeJzvIUayQ= Subject key identifier: F2:A2:D7:0B:6F:0C:0F:C9:79:96:24:F4:F4:7D:41:A7:06:0A:C5:B7 Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 1F0A Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/8qLXC28MD8l5liT09H1BpwYKxbc.roa Signing time: Tue 16 Sep 2025 03:40:30 +0000 ROA not before: Tue 16 Sep 2025 03:40:30 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 25743 IP address blocks: 45.252.100.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 13:37:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7946 (0x1f0a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Sep 16 03:40:30 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=F2A2D70B6F0C0FC9799624F4F47D41A7060AC5B7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:6e:58:30:1c:dd:e4:fa:80:9c:0d:f9:a3:d5: 37:91:c9:c8:ca:e9:57:af:fc:4a:9a:38:44:36:b5: 11:12:87:10:57:30:20:7a:b5:44:79:af:fb:63:8a: f0:d2:9c:9a:c5:bd:be:dc:88:c7:ed:96:5e:6e:7e: 3a:e0:19:b7:be:19:28:e3:f9:df:95:df:e6:27:36: 5a:cb:25:15:71:39:d2:cf:5b:ef:f2:12:26:2e:66: b5:17:22:12:5e:6f:36:f0:80:2c:bb:0d:1a:84:ad: a3:3e:27:9c:58:df:d6:47:b9:01:52:57:4b:7e:55: 3a:49:4d:80:80:c4:00:d3:84:6f:ab:cb:b6:57:ac: 0e:be:91:a7:17:f9:4d:e8:75:ca:b7:8c:73:54:5a: 26:b9:eb:41:65:94:5f:02:06:c7:40:0f:49:d6:53: 6e:11:50:3b:a4:23:65:d8:c6:32:2f:07:d2:d1:76: 7e:98:da:f0:07:6e:b5:8f:10:14:f0:a1:e2:c5:3b: 03:d5:3d:b3:ee:20:8e:1e:9d:cf:ef:09:b6:2b:a6: a3:ec:94:2a:b4:1f:09:b6:e2:26:43:5d:e8:56:82: 38:00:43:68:de:56:07:c8:07:42:68:74:26:a7:99: 7d:23:19:17:c6:d9:f3:25:20:e9:71:f8:c2:8b:8f: 16:ed Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F2:A2:D7:0B:6F:0C:0F:C9:79:96:24:F4:F4:7D:41:A7:06:0A:C5:B7 X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/8qLXC28MD8l5liT09H1BpwYKxbc.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 45.252.100.0/22 Signature Algorithm: sha256WithRSAEncryption b8:f4:a1:62:48:55:57:74:63:43:fc:50:e4:43:10:01:55:4b: e4:b3:d1:a8:e9:01:48:8a:7b:41:4a:13:e1:72:39:2b:27:77: ca:7b:5f:c3:b1:03:ae:6e:36:73:54:9b:c3:39:ab:88:fa:2a: ec:b4:17:ef:7b:e9:50:96:88:52:b8:8e:6c:6c:10:a6:f5:63: a7:4e:68:26:c5:02:11:4e:f8:e6:89:9e:4f:75:6f:cd:4a:98: 43:8f:3a:dd:17:b4:f8:31:54:ca:14:10:4b:55:29:5c:fc:9b: 14:57:ca:5a:50:dc:d0:72:01:50:66:31:57:dd:d0:23:89:c8: df:91:69:4d:b3:e1:df:6a:ce:11:71:70:4e:6c:0e:a1:c2:3f: 0c:e3:af:68:d0:09:93:66:53:2a:e5:d2:5b:02:8d:40:d2:82: 1b:3b:38:78:bd:3c:b8:25:2b:da:91:38:c9:65:1f:94:e9:83: 69:27:91:cd:52:f3:36:c4:1b:d5:11:46:f3:12:80:5b:ed:f0: 9d:d6:9d:62:16:54:e3:22:83:b0:da:81:b1:24:ca:b7:ea:1a: 95:6f:bf:2c:11:c3:60:c2:10:f0:bb:58:8c:af:af:f8:f8:e2: 39:da:30:59:bb:c9:5a:1b:a5:af:b0:77:7f:f7:c0:d7:d5:14: 49:2b:f3:12 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICHwowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTA5MTYw MzQwMzBaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKEYyQTJENzBCNkYwQzBG Qzk3OTk2MjRGNEY0N0Q0MUE3MDYwQUM1QjcwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC4blgwHN3k+oCcDfmj1TeRycjK6Vev/EqaOEQ2tREShxBXMCB6 tUR5r/tjivDSnJrFvb7ciMftll5ufjrgGbe+GSjj+d+V3+YnNlrLJRVxOdLPW+/y EiYuZrUXIhJebzbwgCy7DRqEraM+J5xY39ZHuQFSV0t+VTpJTYCAxADThG+ry7ZX rA6+kacX+U3odcq3jHNUWia560FllF8CBsdAD0nWU24RUDukI2XYxjIvB9LRdn6Y 2vAHbrWPEBTwoeLFOwPVPbPuII4enc/vCbYrpqPslCq0Hwm24iZDXehWgjgAQ2je VgfIB0JodCanmX0jGRfG2fMlIOlx+MKLjxbtAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQU8qLXC28MD8l5liT09H1BpwYKxbcwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3LzhxTFhDMjhNRDhsNWxp VDA5SDFCcHdZS3hiYy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAIt/GQwDQYJKoZIhvcNAQELBQADggEBALj0oWJIVVd0Y0P8UORDEAFVS+Sz0ajp AUiKe0FKE+FyOSsnd8p7X8OxA65uNnNUm8M5q4j6Kuy0F+976VCWiFK4jmxsEKb1 Y6dOaCbFAhFO+OaJnk91b81KmEOPOt0XtPgxVMoUEEtVKVz8mxRXylpQ3NByAVBm MVfd0COJyN+RaU2z4d9qzhFxcE5sDqHCPwzjr2jQCZNmUyrl0lsCjUDSghs7OHi9 PLglK9qROMllH5Tpg2knkc1S8zbEG9URRvMSgFvt8J3WnWIWVOMig7DagbEkyrfq GpVvvywRw2DCEPC7WIyvr/j44jnaMFm7yVobpa+wd3/3wNfVFEkr8xI= -----END CERTIFICATE-----Generated at Mon Oct 20 13:13:37 2025 by rpki-client