$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/CL-QwB4X75WGmPgQ5Nu5fAhyIIA.roa File: CL-QwB4X75WGmPgQ5Nu5fAhyIIA.roa (raw, json) Hash identifier: /tE9//jLVrH08IhrBvqTUk+jbxzkqe0t/B872DHFbVw= Subject key identifier: 08:BF:90:C0:1E:17:EF:95:86:98:F8:10:E4:DB:B9:7C:08:72:20:80 Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 1E8A Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/CL-QwB4X75WGmPgQ5Nu5fAhyIIA.roa Signing time: Sat 13 Sep 2025 03:05:14 +0000 ROA not before: Sat 13 Sep 2025 03:05:14 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 24373 IP address blocks: 103.221.12.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 15:05:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7818 (0x1e8a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Sep 13 03:05:14 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=08BF90C01E17EF958698F810E4DBB97C08722080 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a1:81:ba:23:57:25:f9:92:9e:17:2e:4c:aa:27: 60:70:1b:81:57:85:e3:07:7d:f2:d1:b6:63:20:87: fe:6d:6f:47:8c:7f:3d:6b:a3:06:c9:d2:73:33:8c: d3:de:ef:09:ae:ee:12:de:5d:10:9d:43:8f:b2:3a: c6:e4:d5:01:6f:99:79:13:4b:e0:1d:44:91:9a:3b: 30:2d:7e:47:e5:34:f5:db:84:49:c6:34:1f:07:f6: 20:72:6e:fc:73:9b:68:3c:c8:8f:6d:e5:af:18:15: 26:34:59:f8:41:4b:28:0b:97:3e:9e:b0:e7:ee:08: 84:62:e3:d3:ea:a5:30:b9:28:b2:38:7f:ef:36:83: aa:31:df:64:64:52:50:a2:83:51:98:fa:2b:7b:25: 79:cb:60:81:b8:2b:67:77:96:fd:34:8d:da:57:df: 54:f4:dc:c1:2b:69:80:1d:e5:50:f6:06:9d:b2:8e: 1f:a3:be:36:81:a3:9a:d3:93:a4:d5:ec:06:85:8b: 0e:9e:01:6d:1c:49:11:ea:3f:8e:17:8d:1b:d7:1f: 7b:6a:f0:7c:3b:19:8f:9b:af:ce:dc:55:35:8e:17: ec:90:03:de:22:19:cf:c2:e4:21:a6:e7:f9:17:fc: 13:d3:cc:aa:57:55:7f:b1:df:28:8a:5d:5f:00:5e: ca:cf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 08:BF:90:C0:1E:17:EF:95:86:98:F8:10:E4:DB:B9:7C:08:72:20:80 X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/CL-QwB4X75WGmPgQ5Nu5fAhyIIA.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.221.12.0/22 Signature Algorithm: sha256WithRSAEncryption 26:88:d5:99:c1:88:5e:ca:96:11:93:ef:63:83:e2:31:1b:ad: 02:4d:f0:e6:c6:38:ee:be:e6:c4:c3:db:3f:4b:5e:e6:aa:57: e3:50:8f:1c:ad:7d:50:fb:3d:ff:3d:59:da:ac:39:f8:ad:ea: d4:1c:e0:89:84:92:6c:93:18:68:f8:18:6c:d3:b6:5e:a9:a6: 0b:3a:42:88:05:45:10:56:4f:a1:c9:4f:0d:6d:49:23:32:20: fe:18:5e:6a:b3:ca:cb:78:22:eb:c5:88:fa:6d:16:6d:96:94: 4a:56:8d:a8:42:fd:ec:98:39:ad:39:c8:1e:a8:e7:8d:8d:7d: e5:a1:82:d9:eb:60:f1:94:38:61:2b:44:7a:ff:11:e6:c2:41: 55:45:0f:8f:dc:a2:d8:76:00:89:5a:6d:2d:26:59:81:d7:b6: 64:f7:18:4e:d7:08:d1:6d:e1:ab:80:1f:43:bf:83:d7:3f:a9: cf:5b:70:58:d5:a5:b8:e7:e4:c1:ce:e5:b6:bb:4c:53:ca:57: dd:12:7d:00:02:52:af:3b:91:32:d4:95:3b:96:06:8c:59:05: 3c:a2:69:0b:cd:9e:f8:07:7a:44:fc:51:db:f8:77:f8:d2:78: 88:93:e1:67:ca:34:f0:50:ff:f3:22:8b:02:4a:7a:a6:9a:2c: 34:2d:87:0e -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICHoowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTA5MTMw MzA1MTRaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDA4QkY5MEMwMUUxN0VG OTU4Njk4RjgxMEU0REJCOTdDMDg3MjIwODAwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQChgbojVyX5kp4XLkyqJ2BwG4FXheMHffLRtmMgh/5tb0eMfz1r owbJ0nMzjNPe7wmu7hLeXRCdQ4+yOsbk1QFvmXkTS+AdRJGaOzAtfkflNPXbhEnG NB8H9iBybvxzm2g8yI9t5a8YFSY0WfhBSygLlz6esOfuCIRi49PqpTC5KLI4f+82 g6ox32RkUlCig1GY+it7JXnLYIG4K2d3lv00jdpX31T03MEraYAd5VD2Bp2yjh+j vjaBo5rTk6TV7AaFiw6eAW0cSRHqP44XjRvXH3tq8Hw7GY+br87cVTWOF+yQA94i Gc/C5CGm5/kX/BPTzKpXVX+x3yiKXV8AXsrPAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUCL+QwB4X75WGmPgQ5Nu5fAhyIIAwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L0NMLVF3QjRYNzVXR21Q Z1E1TnU1ZkFoeUlJQS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAJn3QwwDQYJKoZIhvcNAQELBQADggEBACaI1ZnBiF7KlhGT72OD4jEbrQJN8ObG OO6+5sTD2z9LXuaqV+NQjxytfVD7Pf89WdqsOfit6tQc4ImEkmyTGGj4GGzTtl6p pgs6QogFRRBWT6HJTw1tSSMyIP4YXmqzyst4IuvFiPptFm2WlEpWjahC/eyYOa05 yB6o542NfeWhgtnrYPGUOGErRHr/EebCQVVFD4/coth2AIlabS0mWYHXtmT3GE7X CNFt4auAH0O/g9c/qc9bcFjVpbjn5MHO5ba7TFPKV90SfQACUq87kTLUlTuWBoxZ BTyiaQvNnvgHekT8Udv4d/jSeIiT4WfKNPBQ//MiiwJKeqaaLDQthw4= -----END CERTIFICATE-----Generated at Mon Oct 20 14:31:47 2025 by rpki-client