$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/97FbOwP2hq2EzQIUrGllXUpWVjo.roa File: 97FbOwP2hq2EzQIUrGllXUpWVjo.roa (raw, json) Hash identifier: DeKuyVk7w1fzMUQsie/kvbbO6gNY3Dbnvkw2TfbpvHA= Subject key identifier: F7:B1:5B:3B:03:F6:86:AD:84:CD:02:14:AC:69:65:5D:4A:56:56:3A Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 1E32 Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/97FbOwP2hq2EzQIUrGllXUpWVjo.roa Signing time: Sat 13 Sep 2025 03:04:55 +0000 ROA not before: Sat 13 Sep 2025 03:04:55 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 13444 IP address blocks: 103.221.7.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 13:37:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7730 (0x1e32) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Sep 13 03:04:55 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=F7B15B3B03F686AD84CD0214AC69655D4A56563A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:c2:19:c4:bf:8d:19:37:b5:2a:37:b0:19:e2: 33:f7:68:fb:22:ec:70:05:2a:ac:fb:26:f4:c5:57: 15:47:b8:c9:15:8a:61:a1:53:a5:39:92:8a:85:41: b2:05:21:7f:03:b0:e0:05:45:1d:d3:fa:96:a0:77: a8:99:e8:12:76:b9:e0:0d:ed:89:54:df:7a:0f:62: ff:c0:41:1f:c8:3c:1c:ab:ee:a2:f1:bb:71:2d:6c: d0:59:98:cc:43:fd:63:c8:5d:3a:e8:42:2f:c1:22: c0:0e:4a:cf:15:53:5c:b5:2e:b6:7b:c0:f4:33:8f: c7:ac:96:7c:07:06:5a:c8:41:f9:45:87:d8:9f:83: 38:59:09:b4:87:e2:f5:85:0c:0c:0d:5c:ea:ca:d6: d7:e3:1c:a7:f3:9d:a5:36:dc:75:5d:5b:18:c9:09: 7b:30:c5:f6:c5:b2:2b:a5:55:bd:60:3e:ed:7d:9b: d9:50:3b:de:3a:33:3a:8c:48:c0:00:07:79:87:0b: d6:07:48:0b:02:29:8b:4b:6e:76:5d:dc:a9:96:95: da:7a:f4:4d:a7:c7:a1:58:6c:65:a7:22:f5:54:e6: 6a:b0:95:4c:8a:77:7c:5f:f2:5b:69:4f:cb:89:69: ab:cc:26:57:b3:a9:ae:5a:19:15:d0:2d:eb:f0:34: ab:03 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F7:B1:5B:3B:03:F6:86:AD:84:CD:02:14:AC:69:65:5D:4A:56:56:3A X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/97FbOwP2hq2EzQIUrGllXUpWVjo.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.221.7.0/24 Signature Algorithm: sha256WithRSAEncryption 0e:cf:70:bb:ff:bd:52:33:33:13:26:9c:ee:fc:1a:70:6d:ab: 3b:50:28:bd:02:32:cb:ac:07:a7:3d:2e:c4:1e:03:59:4c:3e: 06:42:89:9a:03:a7:d8:07:f9:aa:0a:48:a7:b7:e1:fe:00:a3: 34:15:77:16:63:88:4d:36:47:3f:2f:00:37:1a:f9:f2:9b:bb: f2:29:34:0c:03:f9:87:2a:1b:80:29:0d:09:bd:f4:1d:43:3c: 80:d6:5e:7f:9d:4d:67:c2:a3:27:33:66:6d:14:81:74:ab:07: f0:37:fa:c6:a3:1f:30:d0:53:8c:f0:89:2f:e6:1d:a8:a3:11: 71:ff:53:58:36:e2:82:10:29:93:33:f9:25:fd:32:fc:0c:af: f3:64:49:3c:bf:16:1c:31:89:1a:4f:66:93:b7:48:a3:b9:07: 0f:3d:6d:15:e5:7d:24:8b:40:0b:3c:6c:be:91:6f:56:3f:7c: e1:33:3d:8d:8d:8f:44:b8:59:56:b0:49:ac:8a:44:ec:eb:bf: db:2d:41:42:4c:b0:c1:3b:f3:42:8c:c8:60:fe:87:8d:d3:55: f0:df:5d:ae:b5:08:1c:a1:7a:8a:9d:c9:38:d4:95:c3:a4:be: 1b:55:9a:ae:ba:a2:1b:23:b5:68:0c:92:10:13:ab:68:e8:51: c1:75:7b:36 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICHjIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTA5MTMw MzA0NTVaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKEY3QjE1QjNCMDNGNjg2 QUQ4NENEMDIxNEFDNjk2NTVENEE1NjU2M0EwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC4whnEv40ZN7UqN7AZ4jP3aPsi7HAFKqz7JvTFVxVHuMkVimGh U6U5koqFQbIFIX8DsOAFRR3T+pagd6iZ6BJ2ueAN7YlU33oPYv/AQR/IPByr7qLx u3EtbNBZmMxD/WPIXTroQi/BIsAOSs8VU1y1LrZ7wPQzj8eslnwHBlrIQflFh9if gzhZCbSH4vWFDAwNXOrK1tfjHKfznaU23HVdWxjJCXswxfbFsiulVb1gPu19m9lQ O946MzqMSMAAB3mHC9YHSAsCKYtLbnZd3KmWldp69E2nx6FYbGWnIvVU5mqwlUyK d3xf8ltpT8uJaavMJlezqa5aGRXQLevwNKsDAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQU97FbOwP2hq2EzQIUrGllXUpWVjowHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3Lzk3RmJPd1AyaHEyRXpR SVVyR2xsWFVwV1Zqby5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BABn3QcwDQYJKoZIhvcNAQELBQADggEBAA7PcLv/vVIzMxMmnO78GnBtqztQKL0C MsusB6c9LsQeA1lMPgZCiZoDp9gH+aoKSKe34f4AozQVdxZjiE02Rz8vADca+fKb u/IpNAwD+YcqG4ApDQm99B1DPIDWXn+dTWfCoyczZm0UgXSrB/A3+sajHzDQU4zw iS/mHaijEXH/U1g24oIQKZMz+SX9MvwMr/NkSTy/FhwxiRpPZpO3SKO5Bw89bRXl fSSLQAs8bL6Rb1Y/fOEzPY2Nj0S4WVawSayKROzrv9stQUJMsME780KMyGD+h43T VfDfXa61CByheoqdyTjUlcOkvhtVmq66ohsjtWgMkhATq2joUcF1ezY= -----END CERTIFICATE-----Generated at Mon Oct 20 13:13:38 2025 by rpki-client