$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/GKnNcT1RT_4L8Xr94_M0nkP3hXs.roa File: GKnNcT1RT_4L8Xr94_M0nkP3hXs.roa (raw, json) Hash identifier: Wg2bkAEMFf4IaNFftsDlfl4IagYi2nptz06OscfNNqM= Subject key identifier: 18:A9:CD:71:3D:51:4F:FE:0B:F1:7A:FD:E3:F3:34:9E:43:F7:85:7B Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 1EB9 Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/GKnNcT1RT_4L8Xr94_M0nkP3hXs.roa Signing time: Sat 13 Sep 2025 03:05:25 +0000 ROA not before: Sat 13 Sep 2025 03:05:25 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 13444 IP address blocks: 103.221.2.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 13:37:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7865 (0x1eb9) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Sep 13 03:05:25 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=18A9CD713D514FFE0BF17AFDE3F3349E43F7857B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:cf:bd:93:05:2d:25:1b:51:ef:59:01:80:a0: 8c:2b:7f:da:da:b0:b2:bc:ce:1e:2d:36:f3:ad:0c: b5:73:b5:ac:e7:a0:0a:26:05:f9:f5:22:0b:7c:05: 0a:cf:a0:dd:33:35:ab:12:3f:8e:0e:36:2b:93:7c: 1e:9a:28:e6:87:ed:cc:e8:27:a9:a9:ef:ca:9a:6d: 9c:fa:5c:e7:20:6e:d0:a4:6d:75:4f:78:9e:fb:27: 91:09:81:22:56:90:46:48:24:03:67:ec:ef:52:45: 3e:46:9d:3d:79:95:79:e6:b6:ae:a5:fd:50:54:c0: ad:24:b5:44:cd:73:af:d8:a0:c8:27:99:fa:07:08: 71:dd:2d:ea:dc:88:63:9a:08:eb:5f:3b:3a:20:72: 5c:b8:ea:b5:87:24:bf:63:54:cf:30:cf:08:52:2b: 41:27:32:b1:d9:e1:46:f1:09:00:3f:a5:a1:6d:b9: 6f:c6:2d:1a:a8:10:2a:6b:38:95:1e:1d:d2:99:76: b1:7a:dc:b3:59:1b:7e:8f:eb:d5:3b:23:e5:25:06: b8:92:52:09:4e:ce:8f:3a:da:4d:8b:15:bd:5b:0b: 1b:62:5b:82:c3:d8:e0:3d:4c:51:05:2d:c1:dc:ec: a0:5f:87:e6:cc:33:6e:e2:14:c3:88:01:3e:57:46: 58:51 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 18:A9:CD:71:3D:51:4F:FE:0B:F1:7A:FD:E3:F3:34:9E:43:F7:85:7B X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/GKnNcT1RT_4L8Xr94_M0nkP3hXs.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.221.2.0/24 Signature Algorithm: sha256WithRSAEncryption 7e:61:91:f6:34:11:30:8a:27:45:5c:1f:27:39:a9:22:f8:a4: fb:43:f9:2b:5c:e4:92:3f:47:e9:31:ac:0f:51:d3:bb:35:62: f0:6a:db:1c:40:cd:ff:a4:4a:e9:7c:a6:14:31:58:cb:6d:89: 32:6a:dd:d5:a8:6c:30:29:ce:2f:8e:77:83:37:31:db:86:08: 71:5a:26:92:32:2d:a6:7a:8a:c4:c0:e4:ed:bd:b7:74:1c:f0: 92:7b:ad:9d:41:d5:58:93:7b:50:97:3c:37:11:00:0c:7b:05: 88:00:ce:65:9e:a5:95:6c:ee:2e:ef:ed:cd:7a:f4:eb:65:c2: f9:aa:46:56:2c:51:91:02:17:ba:24:72:80:21:e1:92:2c:96: 38:bd:c8:db:8e:33:9d:b3:b2:3b:05:3d:bb:b4:6a:8c:8b:4a: 2a:63:13:c2:94:ed:12:3e:1a:97:39:2b:83:e2:9c:e8:4e:aa: 1d:e9:4c:f6:05:6e:d4:d8:84:97:2d:f6:e3:99:55:08:83:9f: 20:2c:da:ec:b2:d3:3a:97:7b:a9:dc:de:f1:9e:0a:80:b9:f2: 7a:22:6f:cc:8b:f6:c0:6c:06:98:34:d4:6d:7c:fd:85:59:8a: 71:88:d9:69:92:0a:18:08:a6:68:ed:73:0a:4b:2e:c5:1c:04: 49:17:0a:e8 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICHrkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTA5MTMw MzA1MjVaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDE4QTlDRDcxM0Q1MTRG RkUwQkYxN0FGREUzRjMzNDlFNDNGNzg1N0IwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC9z72TBS0lG1HvWQGAoIwrf9rasLK8zh4tNvOtDLVztaznoAom Bfn1Igt8BQrPoN0zNasSP44ONiuTfB6aKOaH7czoJ6mp78qabZz6XOcgbtCkbXVP eJ77J5EJgSJWkEZIJANn7O9SRT5GnT15lXnmtq6l/VBUwK0ktUTNc6/YoMgnmfoH CHHdLerciGOaCOtfOzogcly46rWHJL9jVM8wzwhSK0EnMrHZ4UbxCQA/paFtuW/G LRqoECprOJUeHdKZdrF63LNZG36P69U7I+UlBriSUglOzo862k2LFb1bCxtiW4LD 2OA9TFEFLcHc7KBfh+bMM27iFMOIAT5XRlhRAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUGKnNcT1RT/4L8Xr94/M0nkP3hXswHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L0dLbk5jVDFSVF80TDhY cjk0X00wbmtQM2hYcy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BABn3QIwDQYJKoZIhvcNAQELBQADggEBAH5hkfY0ETCKJ0VcHyc5qSL4pPtD+Stc 5JI/R+kxrA9R07s1YvBq2xxAzf+kSul8phQxWMttiTJq3dWobDApzi+Od4M3MduG CHFaJpIyLaZ6isTA5O29t3Qc8JJ7rZ1B1ViTe1CXPDcRAAx7BYgAzmWepZVs7i7v 7c169OtlwvmqRlYsUZECF7okcoAh4ZIslji9yNuOM52zsjsFPbu0aoyLSipjE8KU 7RI+Gpc5K4PinOhOqh3pTPYFbtTYhJct9uOZVQiDnyAs2uyy0zqXe6nc3vGeCoC5 8noib8yL9sBsBpg01G18/YVZinGI2WmSChgIpmjtcwpLLsUcBEkXCug= -----END CERTIFICATE-----Generated at Mon Oct 20 13:30:46 2025 by rpki-client