$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/HRzeI487e29ppGhFbiOCR5GTDF8.roa File: HRzeI487e29ppGhFbiOCR5GTDF8.roa (raw, json) Hash identifier: YTMkdiU1OqC8HbkEhHdqny0M0XQNUCSI8CvOL+9i1f8= Subject key identifier: 1D:1C:DE:23:8F:3B:7B:6F:69:A4:68:45:6E:23:82:47:91:93:0C:5F Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 1EA2 Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/HRzeI487e29ppGhFbiOCR5GTDF8.roa Signing time: Sat 13 Sep 2025 03:05:19 +0000 ROA not before: Sat 13 Sep 2025 03:05:19 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 13444 IP address blocks: 103.221.46.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 13:37:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7842 (0x1ea2) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Sep 13 03:05:19 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=1D1CDE238F3B7B6F69A468456E23824791930C5F Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9e:14:db:86:6f:2e:10:c0:39:e0:10:e4:07:d4: 1e:ec:c2:7d:5b:06:f6:67:c4:e5:01:48:85:91:1a: fe:57:a5:48:57:cb:d5:2d:e8:91:98:3b:17:14:4f: 4c:e0:bc:2a:9a:9c:07:bd:b3:ab:6b:74:1d:78:e5: f6:94:fb:a7:a3:47:b2:d3:cc:9c:24:18:74:22:47: 16:76:82:c7:d9:13:4b:62:4f:81:56:8e:6d:06:30: 4a:a1:e1:ec:b0:32:73:2a:23:75:20:4d:d0:8a:83: e2:5d:57:cb:f8:9f:84:96:c2:46:e4:f3:3d:1b:6e: bf:4e:40:9c:30:58:97:08:20:77:ca:79:7b:a2:eb: e5:93:31:3c:a8:da:d2:3f:60:88:6f:ae:8b:83:df: bc:24:69:9c:0b:4b:f7:5b:d9:a6:ec:1a:5b:ae:87: fb:bf:71:39:3b:42:4f:7f:03:be:2b:e9:71:04:b6: 6a:d5:6b:68:cd:d0:d4:6a:94:3f:3a:1e:4b:de:57: 77:ce:e6:c1:46:8f:cd:42:a6:5f:18:33:c6:1f:b6: cd:81:51:f6:50:6f:af:b6:ee:5c:8b:5d:ff:43:d6: a3:4f:2b:e0:c6:3d:00:bb:4a:72:9f:81:19:8c:82: 3f:57:7d:92:9b:0b:79:0a:4b:a7:64:89:14:14:d8: bf:c7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1D:1C:DE:23:8F:3B:7B:6F:69:A4:68:45:6E:23:82:47:91:93:0C:5F X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/HRzeI487e29ppGhFbiOCR5GTDF8.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.221.46.0/24 Signature Algorithm: sha256WithRSAEncryption d1:a8:90:7b:b0:20:38:d4:a4:da:bb:34:12:48:14:8a:1b:89: 85:33:0b:bb:81:81:fc:c7:30:19:87:34:21:e6:91:61:98:fe: 8f:77:5e:b9:0f:fb:ce:bc:e7:7b:c6:ba:11:5f:97:6c:eb:32: ae:89:f4:ee:3f:1a:32:b0:85:e6:73:a9:6f:7d:46:af:97:e1: 9b:bf:08:4a:c4:37:b9:cb:85:6d:47:cc:20:c7:3b:5c:32:e2: 2f:00:45:62:83:f3:df:44:82:5c:ac:22:a0:17:da:e5:24:ad: e9:7c:34:68:0d:be:b0:fc:59:1f:15:35:ec:d9:54:8b:ea:e8: ff:a2:ae:4c:42:4b:4b:bc:b8:d1:ec:d2:2e:1e:5e:26:47:0c: 76:a9:78:b5:8d:34:c9:67:d1:3d:00:a1:1a:6f:fb:f8:54:8b: 22:30:dd:b2:f6:5b:26:7c:a2:15:8d:9b:1a:56:cc:52:69:f7: 04:68:ce:08:42:c9:7f:45:39:a1:48:62:3b:d8:cd:7c:f2:1e: 5a:2a:ef:0c:90:62:70:11:2a:66:f2:4a:4e:6c:9f:81:86:42: 62:da:b0:52:2b:ab:18:f0:d7:96:eb:6c:4e:b2:a1:71:cb:ab: 56:56:06:09:21:50:59:8c:b1:2a:d6:d9:c3:45:a3:b3:5f:2a: 38:52:59:f8 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICHqIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTA5MTMw MzA1MTlaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDFEMUNERTIzOEYzQjdC NkY2OUE0Njg0NTZFMjM4MjQ3OTE5MzBDNUYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCeFNuGby4QwDngEOQH1B7swn1bBvZnxOUBSIWRGv5XpUhXy9Ut 6JGYOxcUT0zgvCqanAe9s6trdB145faU+6ejR7LTzJwkGHQiRxZ2gsfZE0tiT4FW jm0GMEqh4eywMnMqI3UgTdCKg+JdV8v4n4SWwkbk8z0bbr9OQJwwWJcIIHfKeXui 6+WTMTyo2tI/YIhvrouD37wkaZwLS/db2absGluuh/u/cTk7Qk9/A74r6XEEtmrV a2jN0NRqlD86HkveV3fO5sFGj81Cpl8YM8Yfts2BUfZQb6+27lyLXf9D1qNPK+DG PQC7SnKfgRmMgj9XfZKbC3kKS6dkiRQU2L/HAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUHRzeI487e29ppGhFbiOCR5GTDF8wHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L0hSemVJNDg3ZTI5cHBH aEZiaU9DUjVHVERGOC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BABn3S4wDQYJKoZIhvcNAQELBQADggEBANGokHuwIDjUpNq7NBJIFIobiYUzC7uB gfzHMBmHNCHmkWGY/o93XrkP+86853vGuhFfl2zrMq6J9O4/GjKwheZzqW99Rq+X 4Zu/CErEN7nLhW1HzCDHO1wy4i8ARWKD899EglysIqAX2uUkrel8NGgNvrD8WR8V NezZVIvq6P+irkxCS0u8uNHs0i4eXiZHDHapeLWNNMln0T0AoRpv+/hUiyIw3bL2 WyZ8ohWNmxpWzFJp9wRozghCyX9FOaFIYjvYzXzyHloq7wyQYnARKmbySk5sn4GG QmLasFIrqxjw15brbE6yoXHLq1ZWBgkhUFmMsSrW2cNFo7NfKjhSWfg= -----END CERTIFICATE-----Generated at Mon Oct 20 13:13:46 2025 by rpki-client