$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/GcbwoFcsJTha9SHHa-ZitMm0DlU.roa File: GcbwoFcsJTha9SHHa-ZitMm0DlU.roa (raw, json) Hash identifier: QIoyfPWT7Oj5S+4uhHvgSY8Nlye0WykwksXc0ad7Ngw= Subject key identifier: 19:C6:F0:A0:57:2C:25:38:5A:F5:21:C7:6B:E6:62:B4:C9:B4:0E:55 Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 1E8D Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/GcbwoFcsJTha9SHHa-ZitMm0DlU.roa Signing time: Sat 13 Sep 2025 03:05:15 +0000 ROA not before: Sat 13 Sep 2025 03:05:15 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 13444 IP address blocks: 103.221.5.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 13:37:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7821 (0x1e8d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Sep 13 03:05:15 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=19C6F0A0572C25385AF521C76BE662B4C9B40E55 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:45:43:84:6a:3e:c6:83:c1:44:71:5c:26:ce: 94:12:ae:23:15:4a:74:e8:b6:48:58:23:46:f0:f4: c5:3d:a8:c1:24:80:96:b0:f2:e2:a9:35:c5:ce:9c: cd:c0:a9:24:25:da:cd:d7:08:21:ae:73:a8:73:21: 79:c5:a4:d4:be:de:dd:b9:cb:d9:6d:df:42:0a:76: 3f:32:77:b3:06:3c:c1:6c:cf:a4:2a:b7:86:2e:e7: 5f:45:75:37:a3:96:29:5c:a4:71:7a:e0:c7:1a:ee: 50:97:81:62:d4:53:7f:3d:57:1e:79:1d:ef:44:2f: 94:9c:c6:74:91:05:d2:23:8d:da:ce:7e:ea:17:fb: 51:79:db:80:51:8a:1d:60:95:74:00:65:40:00:5c: db:5f:b2:5f:1d:20:3a:5f:f3:8d:13:e3:e2:21:aa: 25:e2:bb:8e:59:17:c3:61:7a:f9:0e:db:9b:d2:16: c9:97:dd:e8:4f:04:1f:f6:59:27:83:00:c7:0d:9f: ba:9c:14:b3:96:ae:dd:f0:bc:b3:12:2a:cf:4e:5f: b0:29:0d:91:dc:0a:a1:d5:6f:a3:e8:60:26:df:01: 87:a9:50:1b:9e:6c:9b:a6:7c:af:e8:49:61:bc:c9: ea:c3:7a:9b:59:2f:bb:ca:f4:73:42:5a:40:05:f0: ab:fb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 19:C6:F0:A0:57:2C:25:38:5A:F5:21:C7:6B:E6:62:B4:C9:B4:0E:55 X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/GcbwoFcsJTha9SHHa-ZitMm0DlU.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.221.5.0/24 Signature Algorithm: sha256WithRSAEncryption 0f:f5:58:0f:b4:6e:8f:8b:f5:e5:f2:d6:f8:01:88:bf:a5:46: 5a:5f:17:af:b2:e8:93:8c:f8:4c:ee:71:99:21:20:eb:f1:41: 2d:e8:5d:9c:01:e3:cc:e1:8d:f6:e9:ae:46:2b:19:ff:92:4e: 85:b4:a1:c3:03:ae:76:2a:8f:b5:e7:b8:5d:8b:95:29:dc:a2: bd:bd:fb:5b:5a:e8:11:12:6e:24:47:fc:60:63:56:9e:80:b9: 80:0a:bc:57:d2:15:77:99:d0:59:68:ca:fd:bb:20:45:ab:61: 18:b2:3b:3d:65:08:88:46:1c:53:c4:1e:f1:70:eb:a3:c4:40: e8:7b:94:f7:cc:fc:c2:4f:cb:2e:b8:4d:29:0f:2a:1d:6d:82: 37:79:2e:5c:dc:37:48:d6:62:05:85:00:22:14:b7:6e:e7:8d: 47:8a:1c:b3:d2:2b:fb:af:fe:6d:b8:c4:b0:5e:0c:0d:74:7e: 14:86:ff:c1:db:14:bd:dc:70:ed:1f:ab:ac:82:e9:29:b4:75: 3b:73:3c:b5:ea:2d:6c:7a:8f:68:74:dd:f9:ca:48:c8:4f:eb: 2e:0e:19:49:4a:93:65:12:72:e9:ff:a9:4b:b7:88:53:bd:3d: 7f:ca:ca:83:79:2b:58:26:fb:bf:12:50:d8:4e:ea:41:05:e2: 48:e4:f3:a9 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICHo0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTA5MTMw MzA1MTVaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDE5QzZGMEEwNTcyQzI1 Mzg1QUY1MjFDNzZCRTY2MkI0QzlCNDBFNTUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDBRUOEaj7Gg8FEcVwmzpQSriMVSnTotkhYI0bw9MU9qMEkgJaw 8uKpNcXOnM3AqSQl2s3XCCGuc6hzIXnFpNS+3t25y9lt30IKdj8yd7MGPMFsz6Qq t4Yu519FdTejlilcpHF64Mca7lCXgWLUU389Vx55He9EL5ScxnSRBdIjjdrOfuoX +1F524BRih1glXQAZUAAXNtfsl8dIDpf840T4+IhqiXiu45ZF8NhevkO25vSFsmX 3ehPBB/2WSeDAMcNn7qcFLOWrt3wvLMSKs9OX7ApDZHcCqHVb6PoYCbfAYepUBue bJumfK/oSWG8yerDeptZL7vK9HNCWkAF8Kv7AgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUGcbwoFcsJTha9SHHa+ZitMm0DlUwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L0djYndvRmNzSlRoYTlT SEhhLVppdE1tMERsVS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BABn3QUwDQYJKoZIhvcNAQELBQADggEBAA/1WA+0bo+L9eXy1vgBiL+lRlpfF6+y 6JOM+EzucZkhIOvxQS3oXZwB48zhjfbprkYrGf+SToW0ocMDrnYqj7XnuF2LlSnc or29+1ta6BESbiRH/GBjVp6AuYAKvFfSFXeZ0Floyv27IEWrYRiyOz1lCIhGHFPE HvFw66PEQOh7lPfM/MJPyy64TSkPKh1tgjd5LlzcN0jWYgWFACIUt27njUeKHLPS K/uv/m24xLBeDA10fhSG/8HbFL3ccO0fq6yC6Sm0dTtzPLXqLWx6j2h03fnKSMhP 6y4OGUlKk2UScun/qUu3iFO9PX/KyoN5K1gm+78SUNhO6kEF4kjk86k= -----END CERTIFICATE-----Generated at Mon Oct 20 13:13:50 2025 by rpki-client