$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/EPnA7ecT9E_Y-rgPyux4e7CDUlo.roa File: EPnA7ecT9E_Y-rgPyux4e7CDUlo.roa (raw, json) Hash identifier: TCDpiFmjAEcRoIA0X8grKrihZvTyE57588yeZZe7nWs= Subject key identifier: 10:F9:C0:ED:E7:13:F4:4F:D8:FA:B8:0F:CA:EC:78:7B:B0:83:52:5A Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 1E52 Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/EPnA7ecT9E_Y-rgPyux4e7CDUlo.roa Signing time: Sat 13 Sep 2025 03:05:02 +0000 ROA not before: Sat 13 Sep 2025 03:05:02 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 139259 IP address blocks: 103.221.33.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 13:37:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7762 (0x1e52) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Sep 13 03:05:02 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=10F9C0EDE713F44FD8FAB80FCAEC787BB083525A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:66:a6:50:fe:19:7e:aa:e1:74:80:50:65:00: f9:8d:7b:e0:78:9b:c3:e7:32:9e:a3:71:71:e6:e5: 64:fe:6e:41:fb:c6:98:70:b1:ba:df:15:37:8e:45: fe:36:5d:42:f4:c5:f4:c7:d1:58:6c:98:f8:f4:3d: 5b:f1:0b:85:cb:7a:02:f2:ff:50:8a:90:fb:75:b8: bc:d5:a2:c9:87:c9:aa:42:9f:5a:04:b9:ed:a8:89: ee:2a:ef:5e:31:99:d2:02:ae:ce:b1:e4:b9:45:f5: 9c:aa:64:ea:95:1e:fa:6b:cd:d8:78:02:67:f0:42: 5c:9a:d6:1b:f5:6c:a1:be:77:ad:cb:8f:b5:20:cf: 21:1f:48:4d:2e:52:d0:26:b1:29:ca:3e:bf:b8:98: 7f:ae:ab:81:29:52:89:83:df:c5:4d:ff:7b:42:ce: e2:64:ca:80:7d:fb:5c:ea:12:60:eb:d7:96:38:dc: 52:76:04:7a:37:e6:d1:00:d6:7e:c2:e8:0e:e2:ff: f0:3e:46:08:2a:f1:36:90:84:c3:b1:27:47:0c:b7: 21:ec:a4:5d:c8:6a:4c:58:6c:80:8b:96:d6:f9:cc: 7d:19:37:51:87:ce:eb:70:35:ea:8b:dc:c8:ee:00: 02:99:6a:ce:5a:01:6d:09:79:fb:fa:96:ab:af:d1: 0d:ad Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 10:F9:C0:ED:E7:13:F4:4F:D8:FA:B8:0F:CA:EC:78:7B:B0:83:52:5A X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/EPnA7ecT9E_Y-rgPyux4e7CDUlo.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.221.33.0/24 Signature Algorithm: sha256WithRSAEncryption 8c:cc:34:1c:c0:94:16:b0:2a:78:23:75:c0:10:87:25:9f:be: de:8f:e0:64:6e:d7:5a:37:c6:eb:1a:e3:26:4d:ef:88:29:43: 00:67:3f:db:91:3c:a6:db:bb:ec:0c:68:45:c4:12:06:9a:7f: a4:d4:e1:d5:92:2e:cc:6e:d3:07:70:ce:aa:b6:b1:b2:91:8a: a5:f5:f6:61:55:e9:83:e5:f0:dc:d3:1e:c5:8c:e3:cf:20:a7: 69:9b:c9:28:7f:00:bd:08:56:a8:15:8c:c5:33:a9:ed:05:bd: 7f:05:cf:08:51:80:80:5a:47:e4:6c:21:a3:89:b4:bd:7e:f9: a7:fa:aa:77:01:14:8e:63:3b:69:b4:39:90:25:5c:2f:60:05: e3:53:61:26:d3:72:00:96:dc:d0:be:f8:25:d7:58:f6:f4:58: 43:68:92:a7:c1:4a:f4:c1:03:2b:bd:1a:02:2b:d3:b5:20:29: aa:28:73:58:c4:08:9a:8d:83:19:8e:a3:b0:41:57:8d:59:e1: a8:37:ce:37:19:c3:8a:11:36:dd:dd:90:95:d9:67:55:ed:94: c8:8c:08:d6:21:4b:71:6a:e6:69:c2:d5:03:70:b6:ad:79:e7: 76:16:2b:f5:83:a6:5f:d0:62:64:65:32:51:58:21:18:43:6f: 95:91:e0:1e -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICHlIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTA5MTMw MzA1MDJaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDEwRjlDMEVERTcxM0Y0 NEZEOEZBQjgwRkNBRUM3ODdCQjA4MzUyNUEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC7ZqZQ/hl+quF0gFBlAPmNe+B4m8PnMp6jcXHm5WT+bkH7xphw sbrfFTeORf42XUL0xfTH0VhsmPj0PVvxC4XLegLy/1CKkPt1uLzVosmHyapCn1oE ue2oie4q714xmdICrs6x5LlF9ZyqZOqVHvprzdh4AmfwQlya1hv1bKG+d63Lj7Ug zyEfSE0uUtAmsSnKPr+4mH+uq4EpUomD38VN/3tCzuJkyoB9+1zqEmDr15Y43FJ2 BHo35tEA1n7C6A7i//A+Rggq8TaQhMOxJ0cMtyHspF3IakxYbICLltb5zH0ZN1GH zutwNeqL3MjuAAKZas5aAW0Jefv6lquv0Q2tAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUEPnA7ecT9E/Y+rgPyux4e7CDUlowHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L0VQbkE3ZWNUOUVfWS1y Z1B5dXg0ZTdDRFVsby5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BABn3SEwDQYJKoZIhvcNAQELBQADggEBAIzMNBzAlBawKngjdcAQhyWfvt6P4GRu 11o3xusa4yZN74gpQwBnP9uRPKbbu+wMaEXEEgaaf6TU4dWSLsxu0wdwzqq2sbKR iqX19mFV6YPl8NzTHsWM488gp2mbySh/AL0IVqgVjMUzqe0FvX8FzwhRgIBaR+Rs IaOJtL1++af6qncBFI5jO2m0OZAlXC9gBeNTYSbTcgCW3NC++CXXWPb0WENokqfB SvTBAyu9GgIr07UgKaooc1jECJqNgxmOo7BBV41Z4ag3zjcZw4oRNt3dkJXZZ1Xt lMiMCNYhS3Fq5mnC1QNwtq1553YWK/WDpl/QYmRlMlFYIRhDb5WR4B4= -----END CERTIFICATE-----Generated at Mon Oct 20 13:13:56 2025 by rpki-client