$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/CqE_j2_nb56dpwT5PzOLX6ATUFI.roa File: CqE_j2_nb56dpwT5PzOLX6ATUFI.roa (raw, json) Hash identifier: 9rgBvWjj4TwE2N+zZwish4QtJEUnEn1a2AaAoVMeo10= Subject key identifier: 0A:A1:3F:8F:6F:E7:6F:9E:9D:A7:04:F9:3F:33:8B:5F:A0:13:50:52 Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 1E6E Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/CqE_j2_nb56dpwT5PzOLX6ATUFI.roa Signing time: Sat 13 Sep 2025 03:05:09 +0000 ROA not before: Sat 13 Sep 2025 03:05:09 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 13444 IP address blocks: 103.221.39.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 13:37:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7790 (0x1e6e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Sep 13 03:05:09 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=0AA13F8F6FE76F9E9DA704F93F338B5FA0135052 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:0f:8f:63:23:95:e9:5a:36:97:01:a3:8c:76: a5:4d:7d:0b:5e:f3:87:8d:bd:a2:e9:a0:b7:58:22: 21:77:2f:1e:32:4c:2f:da:8e:a7:41:eb:bc:e8:bf: d1:db:4c:8c:91:82:17:38:ba:3a:7c:ec:bf:d9:df: 5d:de:9c:1f:52:af:64:8a:9d:a0:ef:00:41:ac:ca: 63:aa:23:55:f9:62:02:60:56:36:51:72:e2:ec:5b: 7c:a7:12:d1:f2:ff:13:88:10:6c:2e:45:d2:03:79: f7:26:d1:aa:6e:92:0c:ed:a8:f0:56:ba:71:8b:03: 53:c0:b8:a3:c1:41:82:32:53:9b:db:f5:b1:ba:e9: c4:b1:7d:2f:68:64:5f:ae:b8:60:18:9e:47:b6:c0: b0:71:d5:3a:92:d6:bb:bf:f4:92:2f:09:2b:7e:1b: 7c:c1:b6:40:dc:c7:17:6e:6b:69:2a:8d:e4:02:74: 34:3c:8c:e4:20:57:56:6a:1f:84:87:fe:e0:8f:f4: 5a:bb:32:f1:5c:37:84:62:92:34:b8:7d:a7:97:cb: d6:cc:f3:ac:f0:ea:df:23:28:70:c7:7c:88:69:37: 9a:19:aa:f6:36:2c:64:57:53:d7:0d:2a:5c:8a:8c: ef:b5:71:56:6b:d7:fc:db:fb:3f:d9:64:e1:c1:d2: fb:3d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0A:A1:3F:8F:6F:E7:6F:9E:9D:A7:04:F9:3F:33:8B:5F:A0:13:50:52 X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/CqE_j2_nb56dpwT5PzOLX6ATUFI.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.221.39.0/24 Signature Algorithm: sha256WithRSAEncryption a2:6b:5a:2f:eb:94:ee:17:26:6c:a4:42:f0:6a:a6:f4:f2:b7: 76:3f:e2:65:81:b5:2f:0b:fb:b0:15:1d:2e:25:94:29:a9:8d: 21:99:71:49:b2:80:b5:18:8c:16:56:ad:1c:d9:57:2b:21:48: dc:cb:96:ac:55:2e:ed:81:b6:a0:5d:8c:e3:42:36:f2:2d:cb: 86:22:72:79:c4:db:d7:18:7e:93:ad:5a:90:28:e8:d0:79:c5: bb:e9:74:20:49:87:df:18:1b:d2:e0:f1:9a:f8:5e:9a:81:54: 29:fd:6a:17:af:80:e1:37:a7:30:3e:d3:4a:c2:9a:6e:79:ac: 7e:0a:79:06:1f:c7:d1:e0:f8:3f:47:b3:b6:96:59:51:e5:a1: a6:03:24:d7:6a:d5:5a:cf:01:18:92:57:49:28:47:25:31:31: a1:76:1f:07:5a:b3:73:34:c7:8b:07:45:03:dd:e4:8d:e9:ce: 70:25:74:82:a5:79:62:8c:62:40:ec:52:14:f3:b8:89:d8:83: 19:ad:e3:5e:59:dc:3b:18:94:0b:ba:40:26:3d:70:f0:ce:de: d5:a3:99:c1:28:58:a5:2e:1e:77:32:0c:43:d3:75:d9:64:20: 17:3d:da:de:17:60:69:0e:a9:4d:46:f8:09:f4:be:2d:c7:78: 28:e9:75:87 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICHm4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTA5MTMw MzA1MDlaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDBBQTEzRjhGNkZFNzZG OUU5REE3MDRGOTNGMzM4QjVGQTAxMzUwNTIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC4D49jI5XpWjaXAaOMdqVNfQte84eNvaLpoLdYIiF3Lx4yTC/a jqdB67zov9HbTIyRghc4ujp87L/Z313enB9Sr2SKnaDvAEGsymOqI1X5YgJgVjZR cuLsW3ynEtHy/xOIEGwuRdIDefcm0apukgztqPBWunGLA1PAuKPBQYIyU5vb9bG6 6cSxfS9oZF+uuGAYnke2wLBx1TqS1ru/9JIvCSt+G3zBtkDcxxdua2kqjeQCdDQ8 jOQgV1ZqH4SH/uCP9Fq7MvFcN4RikjS4faeXy9bM86zw6t8jKHDHfIhpN5oZqvY2 LGRXU9cNKlyKjO+1cVZr1/zb+z/ZZOHB0vs9AgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUCqE/j2/nb56dpwT5PzOLX6ATUFIwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L0NxRV9qMl9uYjU2ZHB3 VDVQek9MWDZBVFVGSS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BABn3ScwDQYJKoZIhvcNAQELBQADggEBAKJrWi/rlO4XJmykQvBqpvTyt3Y/4mWB tS8L+7AVHS4llCmpjSGZcUmygLUYjBZWrRzZVyshSNzLlqxVLu2BtqBdjONCNvIt y4YicnnE29cYfpOtWpAo6NB5xbvpdCBJh98YG9Lg8Zr4XpqBVCn9ahevgOE3pzA+ 00rCmm55rH4KeQYfx9Hg+D9Hs7aWWVHloaYDJNdq1VrPARiSV0koRyUxMaF2Hwda s3M0x4sHRQPd5I3pznAldIKleWKMYkDsUhTzuInYgxmt415Z3DsYlAu6QCY9cPDO 3tWjmcEoWKUuHncyDEPTddlkIBc92t4XYGkOqU1G+An0vi3HeCjpdYc= -----END CERTIFICATE-----Generated at Mon Oct 20 12:50:42 2025 by rpki-client