$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/E-ZgNh8ttZHOhk16PLEAM5e8-2c.roa File: E-ZgNh8ttZHOhk16PLEAM5e8-2c.roa (raw, json) Hash identifier: Jezsnqj811b51IV0ylzG3o38Na2FLKWYwTDwDO+8jzs= Subject key identifier: 13:E6:60:36:1F:2D:B5:91:CE:86:4D:7A:3C:B1:00:33:97:BC:FB:67 Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 1E67 Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/E-ZgNh8ttZHOhk16PLEAM5e8-2c.roa Signing time: Sat 13 Sep 2025 03:05:07 +0000 ROA not before: Sat 13 Sep 2025 03:05:07 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 13444 IP address blocks: 103.221.95.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 13:37:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7783 (0x1e67) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Sep 13 03:05:07 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=13E660361F2DB591CE864D7A3CB1003397BCFB67 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:60:fd:29:45:72:57:33:35:06:b6:72:c5:73: 08:0e:25:82:19:2d:5e:0c:1f:e9:2c:2f:e1:a0:1b: 98:f4:b5:e1:2c:ac:f1:a0:ba:24:0b:ce:5d:99:03: 9f:5e:f4:4a:64:f1:40:0d:d4:a3:6c:20:69:e1:9e: ac:3e:53:8a:d7:9c:f3:50:d8:db:a0:30:82:9f:e7: 78:6f:d7:d5:3a:dc:6f:b1:ed:8b:a9:b0:f9:6e:43: ea:1a:9e:df:54:45:23:f3:19:9c:6d:22:03:5b:b5: 13:76:77:12:d9:8d:96:2b:e6:b3:ca:d4:71:92:98: da:47:8a:c8:8b:20:ee:bc:a0:6a:4d:9b:c5:c8:a1: ee:cc:58:99:75:b2:ed:6c:e8:24:9a:45:e9:fd:87: b4:e9:24:08:2c:5c:53:f6:65:84:d9:f7:7d:72:b9: 01:e4:82:6a:f5:54:e8:f4:c9:19:7c:cc:ae:9e:cc: 6e:2b:8a:82:eb:3e:5b:1e:98:0a:93:53:00:38:18: 6e:75:a9:02:24:6b:ef:16:5f:c0:54:74:67:0e:0b: 78:da:7b:0c:02:24:8c:1e:26:fa:a3:3d:58:fb:f1: 17:17:af:d5:c9:3f:e2:84:4d:ea:80:4d:9e:b2:66: 6e:db:11:ca:a5:14:de:f8:be:f9:55:e5:12:e5:47: 0e:c9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 13:E6:60:36:1F:2D:B5:91:CE:86:4D:7A:3C:B1:00:33:97:BC:FB:67 X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/E-ZgNh8ttZHOhk16PLEAM5e8-2c.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.221.95.0/24 Signature Algorithm: sha256WithRSAEncryption 86:d9:11:bc:3a:23:4e:5e:58:0d:af:ac:e7:24:1d:b9:1b:62: fa:e3:ca:82:2d:77:9d:55:79:51:85:11:5d:df:11:54:91:10: 48:39:74:f9:a2:c5:61:a4:fe:0e:e2:06:7b:a4:af:12:6c:47: 99:64:e5:40:4e:3d:70:b9:02:fa:06:ef:10:bc:91:77:39:2f: df:46:43:4d:df:65:fe:1a:28:8a:bb:c4:17:94:89:fd:3f:9f: 01:25:bb:b1:2a:e9:72:a3:33:5e:18:ee:fb:54:46:d8:d8:da: 61:c9:8e:67:3d:d8:39:da:1a:e9:f7:23:f7:fb:48:f1:ea:ff: 1d:7d:fa:09:6e:0e:1d:7a:57:23:32:7c:d9:75:16:6e:33:62: 17:52:f2:2f:6f:bf:3b:ae:6d:34:d7:89:23:44:2b:aa:2b:18: f5:29:6c:62:89:6e:4c:51:b0:89:d5:f7:62:28:e2:98:d8:25: a4:7e:59:2a:9d:07:f4:21:17:67:4d:d8:5b:8e:3b:0b:51:1a: 4f:e4:7f:fd:8d:d2:05:e3:f5:94:2b:1c:c7:52:6c:e7:09:6e: c4:f6:6a:10:68:2f:fd:9e:c1:ce:15:09:c1:67:17:ec:37:5d: 7e:30:0e:9d:5f:18:c4:90:fa:0d:91:72:e5:49:d4:4f:eb:b5: 29:63:4b:b6 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICHmcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTA5MTMw MzA1MDdaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDEzRTY2MDM2MUYyREI1 OTFDRTg2NEQ3QTNDQjEwMDMzOTdCQ0ZCNjcwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC7YP0pRXJXMzUGtnLFcwgOJYIZLV4MH+ksL+GgG5j0teEsrPGg uiQLzl2ZA59e9Epk8UAN1KNsIGnhnqw+U4rXnPNQ2NugMIKf53hv19U63G+x7Yup sPluQ+oant9URSPzGZxtIgNbtRN2dxLZjZYr5rPK1HGSmNpHisiLIO68oGpNm8XI oe7MWJl1su1s6CSaRen9h7TpJAgsXFP2ZYTZ931yuQHkgmr1VOj0yRl8zK6ezG4r ioLrPlsemAqTUwA4GG51qQIka+8WX8BUdGcOC3jaewwCJIweJvqjPVj78RcXr9XJ P+KETeqATZ6yZm7bEcqlFN74vvlV5RLlRw7JAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUE+ZgNh8ttZHOhk16PLEAM5e8+2cwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L0UtWmdOaDh0dFpIT2hr MTZQTEVBTTVlOC0yYy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BABn3V8wDQYJKoZIhvcNAQELBQADggEBAIbZEbw6I05eWA2vrOckHbkbYvrjyoIt d51VeVGFEV3fEVSREEg5dPmixWGk/g7iBnukrxJsR5lk5UBOPXC5AvoG7xC8kXc5 L99GQ03fZf4aKIq7xBeUif0/nwElu7Eq6XKjM14Y7vtURtjY2mHJjmc92DnaGun3 I/f7SPHq/x19+gluDh16VyMyfNl1Fm4zYhdS8i9vvzuubTTXiSNEK6orGPUpbGKJ bkxRsInV92Io4pjYJaR+WSqdB/QhF2dN2FuOOwtRGk/kf/2N0gXj9ZQrHMdSbOcJ bsT2ahBoL/2ewc4VCcFnF+w3XX4wDp1fGMSQ+g2RcuVJ1E/rtSljS7Y= -----END CERTIFICATE-----Generated at Mon Oct 20 13:13:49 2025 by rpki-client