$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/CZXyq1ojU3nKZ64HvLy21-sU3Ec.roa File: CZXyq1ojU3nKZ64HvLy21-sU3Ec.roa (raw, json) Hash identifier: dHlFPo283tyZX90HOvf20cBa59NtBOZtJCkxGTPrr4M= Subject key identifier: 09:95:F2:AB:5A:23:53:79:CA:67:AE:07:BC:BC:B6:D7:EB:14:DC:47 Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 1E66 Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/CZXyq1ojU3nKZ64HvLy21-sU3Ec.roa Signing time: Sat 13 Sep 2025 03:05:06 +0000 ROA not before: Sat 13 Sep 2025 03:05:06 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 139259 IP address blocks: 103.221.29.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 13:37:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7782 (0x1e66) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Sep 13 03:05:06 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=0995F2AB5A235379CA67AE07BCBCB6D7EB14DC47 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:69:59:51:73:cf:f8:83:52:bf:6f:09:28:36: 8f:12:e2:c7:1f:a3:04:08:6f:e5:7d:dc:ac:93:60: 7c:88:96:ff:6b:7c:9d:10:cd:81:02:d5:a3:58:40: 41:1f:27:fa:0d:56:63:d2:92:d0:c1:37:b4:ea:b3: 76:5f:de:4d:9f:16:78:6d:05:54:5c:e7:93:c6:4f: a3:eb:55:b8:bd:28:5d:e2:d0:5d:41:12:a8:7a:ce: c9:4c:2d:21:ac:6e:0b:11:de:f7:b8:a6:d0:ff:3d: 2a:3e:50:24:16:33:35:73:fe:56:fa:83:1e:5b:b9: fc:82:01:63:4c:dd:6c:3f:64:43:c2:a7:1e:a2:3d: b6:7c:32:35:3c:d1:9d:2c:34:ba:38:af:5f:c6:49: 89:f7:41:6a:99:7b:5b:ec:6a:be:e8:ef:67:90:89: c5:3c:a5:e6:b5:62:8e:a1:f3:4b:ed:45:be:d5:f4: 7d:94:fa:4f:4f:23:a9:e1:60:a3:d7:35:21:c1:7a: 81:8c:0d:d5:2e:ca:04:9f:42:cd:c3:53:82:d1:71: 41:e9:73:0c:7c:93:7d:23:f4:f5:0e:bc:30:5d:6e: c4:0c:e2:96:2e:17:d4:e9:20:53:16:fa:f6:2b:96: a2:f0:db:3b:a3:6a:f9:73:b3:a8:68:5c:a1:58:a5: e8:83 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 09:95:F2:AB:5A:23:53:79:CA:67:AE:07:BC:BC:B6:D7:EB:14:DC:47 X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/CZXyq1ojU3nKZ64HvLy21-sU3Ec.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.221.29.0/24 Signature Algorithm: sha256WithRSAEncryption 25:97:b9:80:0c:f9:2a:a7:00:81:a4:7c:75:e4:21:9a:8e:5a: cf:20:07:46:de:d5:e1:c0:04:1f:8c:ff:d9:60:cc:c0:81:e0: f9:cd:70:15:df:72:00:55:c6:ea:1e:7a:ac:2f:5b:15:c8:cc: 26:71:67:4a:3c:d2:8e:a7:77:ab:b2:10:27:42:92:52:17:8d: fe:3b:c8:aa:17:33:b9:ee:84:d3:da:cc:7c:5e:f6:1c:bd:f4: 05:d8:b0:dc:6d:6b:cc:bd:c1:6c:39:76:41:9a:e0:7b:8b:5f: 11:5f:c9:71:61:93:97:cf:b2:06:57:d6:82:b7:2c:d3:fd:6e: 41:06:64:0f:aa:8e:3c:ec:b8:7a:9d:e0:fb:0a:4f:d9:ba:ca: 07:ce:26:58:0d:d0:37:ef:5d:60:7e:2d:01:3a:b9:3b:44:2b: e4:ae:08:17:b4:fe:4d:32:1c:b7:4c:a6:f2:33:c2:71:dd:a9: 82:9e:df:c4:cb:f6:7c:07:4e:1a:80:e9:db:6d:e4:87:d6:3e: a2:38:47:69:7e:98:a5:96:72:10:07:6d:28:1b:1d:5c:08:4b: e8:ff:b5:6d:21:15:78:b9:80:1e:1a:cd:a9:1a:c7:93:cf:98: 71:81:98:fb:1a:33:ae:86:f1:91:f2:ec:86:a2:ab:7c:2b:21: 75:be:3a:85 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICHmYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTA5MTMw MzA1MDZaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDA5OTVGMkFCNUEyMzUz NzlDQTY3QUUwN0JDQkNCNkQ3RUIxNERDNDcwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC5aVlRc8/4g1K/bwkoNo8S4scfowQIb+V93KyTYHyIlv9rfJ0Q zYEC1aNYQEEfJ/oNVmPSktDBN7Tqs3Zf3k2fFnhtBVRc55PGT6PrVbi9KF3i0F1B Eqh6zslMLSGsbgsR3ve4ptD/PSo+UCQWMzVz/lb6gx5bufyCAWNM3Ww/ZEPCpx6i PbZ8MjU80Z0sNLo4r1/GSYn3QWqZe1vsar7o72eQicU8pea1Yo6h80vtRb7V9H2U +k9PI6nhYKPXNSHBeoGMDdUuygSfQs3DU4LRcUHpcwx8k30j9PUOvDBdbsQM4pYu F9TpIFMW+vYrlqLw2zujavlzs6hoXKFYpeiDAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUCZXyq1ojU3nKZ64HvLy21+sU3EcwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L0NaWHlxMW9qVTNuS1o2 NEh2THkyMS1zVTNFYy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BABn3R0wDQYJKoZIhvcNAQELBQADggEBACWXuYAM+SqnAIGkfHXkIZqOWs8gB0be 1eHABB+M/9lgzMCB4PnNcBXfcgBVxuoeeqwvWxXIzCZxZ0o80o6nd6uyECdCklIX jf47yKoXM7nuhNPazHxe9hy99AXYsNxta8y9wWw5dkGa4HuLXxFfyXFhk5fPsgZX 1oK3LNP9bkEGZA+qjjzsuHqd4PsKT9m6ygfOJlgN0DfvXWB+LQE6uTtEK+SuCBe0 /k0yHLdMpvIzwnHdqYKe38TL9nwHThqA6dtt5IfWPqI4R2l+mKWWchAHbSgbHVwI S+j/tW0hFXi5gB4azakax5PPmHGBmPsaM66G8ZHy7Iaiq3wrIXW+OoU= -----END CERTIFICATE-----Generated at Mon Oct 20 13:31:03 2025 by rpki-client