$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/9KDtDhIph4ovm7gP_XwAArpNT6w.roa File: 9KDtDhIph4ovm7gP_XwAArpNT6w.roa (raw, json) Hash identifier: DDDpt44ZP8n9P+wNw9yEmEB4vutQNV5MLRDS6BpujQ8= Subject key identifier: F4:A0:ED:0E:12:29:87:8A:2F:9B:B8:0F:FD:7C:00:02:BA:4D:4F:AC Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 1EAE Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/9KDtDhIph4ovm7gP_XwAArpNT6w.roa Signing time: Sat 13 Sep 2025 03:05:22 +0000 ROA not before: Sat 13 Sep 2025 03:05:22 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 13444 IP address blocks: 45.252.144.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 21 Oct 2025 00:35:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7854 (0x1eae) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Sep 13 03:05:22 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=F4A0ED0E1229878A2F9BB80FFD7C0002BA4D4FAC Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ea:b2:65:95:f6:b0:ed:ff:bf:fa:d1:3f:a6:73: 65:bf:54:8d:15:69:0d:aa:e4:87:c4:29:ed:75:98: 5e:81:f2:d3:69:96:25:07:2d:1b:4b:ae:9d:dc:79: 8a:1d:a3:41:a4:d6:28:4e:3a:a0:41:e2:ad:c7:f4: 6f:6d:31:e4:05:6b:28:28:ad:f8:3e:21:f2:e8:4e: 72:19:23:a8:53:56:ba:15:31:01:87:87:c7:09:ca: 56:a8:75:ab:f1:b5:90:8e:7d:d8:46:81:af:30:41: fc:d4:b4:c3:67:a2:5b:d0:c3:5c:e5:28:f8:56:8d: c5:84:13:7a:6a:3e:12:23:99:f0:99:0b:83:f6:f7: 9b:4c:24:7c:31:e4:18:95:04:20:a7:d5:a9:42:2f: b3:58:28:26:b9:a7:c0:20:26:2f:be:fa:c9:3e:5d: 66:6e:35:3b:e8:8b:bc:bf:2a:32:de:88:e4:78:1c: 43:db:8e:b3:c1:97:75:fe:8c:0e:43:58:c0:3a:5d: c8:6a:2c:f6:25:6a:4e:73:6b:a2:11:4d:08:26:ab: fa:13:65:c1:8f:84:80:49:37:5a:e2:c2:04:09:fe: cd:d0:20:c1:38:7f:8a:20:65:8c:59:f8:a2:70:b0: ca:38:46:8c:b3:69:22:bb:46:77:42:1a:69:cd:30: 49:b7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F4:A0:ED:0E:12:29:87:8A:2F:9B:B8:0F:FD:7C:00:02:BA:4D:4F:AC X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/9KDtDhIph4ovm7gP_XwAArpNT6w.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 45.252.144.0/24 Signature Algorithm: sha256WithRSAEncryption 74:96:d8:a6:e5:4b:a9:75:1e:62:5b:ce:4c:87:6a:61:28:99: ba:67:e6:20:95:4f:e6:0a:29:64:d3:6f:cb:b7:4d:9a:20:90: 39:51:10:50:18:90:13:e0:0d:c8:d1:29:85:3e:b2:16:ce:91: 6d:ce:f5:97:44:cd:74:76:7e:b9:00:dc:a7:88:49:7b:bd:25: 56:29:23:ec:bd:24:07:1e:0d:58:a7:1e:90:3b:f2:7c:46:b6: 62:9f:88:7e:c9:74:00:f6:5e:1f:80:8d:61:a5:a0:0a:cc:99: d6:11:6f:7c:6b:31:51:c9:8b:bb:a7:12:ef:70:76:bd:73:b0: 2a:1a:26:6a:00:8f:d7:86:d2:57:40:13:3c:53:9f:41:8c:f2: cb:39:f5:52:ee:77:76:32:bd:d8:51:83:93:81:b2:64:1b:24: 08:5b:1f:4c:d4:30:2a:db:c8:ae:b9:47:a9:d1:23:bf:18:0a: 4f:28:c4:e9:a9:c5:7a:cc:ad:a0:4a:c3:1b:06:cc:dc:40:1f: e2:62:d1:d9:8b:b9:f9:15:5c:a7:c5:15:0c:03:9b:2c:87:7a: 77:c8:4a:ba:53:e8:35:74:79:5f:9b:eb:20:0b:d7:3e:d6:74: a9:22:93:71:9b:75:d3:9b:4e:c0:88:2e:d2:f3:3c:fe:5c:19: 04:47:87:e4 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICHq4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTA5MTMw MzA1MjJaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKEY0QTBFRDBFMTIyOTg3 OEEyRjlCQjgwRkZEN0MwMDAyQkE0RDRGQUMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDqsmWV9rDt/7/60T+mc2W/VI0VaQ2q5IfEKe11mF6B8tNpliUH LRtLrp3ceYodo0Gk1ihOOqBB4q3H9G9tMeQFaygorfg+IfLoTnIZI6hTVroVMQGH h8cJylaodavxtZCOfdhGga8wQfzUtMNnolvQw1zlKPhWjcWEE3pqPhIjmfCZC4P2 95tMJHwx5BiVBCCn1alCL7NYKCa5p8AgJi+++sk+XWZuNTvoi7y/KjLeiOR4HEPb jrPBl3X+jA5DWMA6XchqLPYlak5za6IRTQgmq/oTZcGPhIBJN1riwgQJ/s3QIME4 f4ogZYxZ+KJwsMo4RoyzaSK7RndCGmnNMEm3AgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQU9KDtDhIph4ovm7gP/XwAArpNT6wwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3LzlLRHREaElwaDRvdm03 Z1BfWHdBQXJwTlQ2dy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAAt/JAwDQYJKoZIhvcNAQELBQADggEBAHSW2KblS6l1HmJbzkyHamEombpn5iCV T+YKKWTTb8u3TZogkDlREFAYkBPgDcjRKYU+shbOkW3O9ZdEzXR2frkA3KeISXu9 JVYpI+y9JAceDVinHpA78nxGtmKfiH7JdAD2Xh+AjWGloArMmdYRb3xrMVHJi7un Eu9wdr1zsCoaJmoAj9eG0ldAEzxTn0GM8ss59VLud3YyvdhRg5OBsmQbJAhbH0zU MCrbyK65R6nRI78YCk8oxOmpxXrMraBKwxsGzNxAH+Ji0dmLufkVXKfFFQwDmyyH enfISrpT6DV0eV+b6yAL1z7WdKkik3GbddObTsCILtLzPP5cGQRHh+Q= -----END CERTIFICATE-----Generated at Mon Oct 20 23:27:27 2025 by rpki-client