$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/KhV0TtWUPqDExbfHX4IAwDj0ttk.roa File: KhV0TtWUPqDExbfHX4IAwDj0ttk.roa (raw, json) Hash identifier: tIgWh5LJNF5zSg93A2frQDd2/YRcWfK7WD84bjamlt8= Subject key identifier: 2A:15:74:4E:D5:94:3E:A0:C4:C5:B7:C7:5F:82:00:C0:38:F4:B6:D9 Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 1F2C Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/KhV0TtWUPqDExbfHX4IAwDj0ttk.roa Signing time: Tue 16 Sep 2025 05:50:57 +0000 ROA not before: Tue 16 Sep 2025 05:50:57 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 25743 IP address blocks: 103.221.24.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 13:37:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7980 (0x1f2c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Sep 16 05:50:57 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=2A15744ED5943EA0C4C5B7C75F8200C038F4B6D9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dd:ac:c3:60:60:37:cf:6c:40:f1:04:2b:fe:15: bc:71:cf:80:36:7b:47:83:4a:20:33:0b:3e:84:43: 33:94:67:24:a6:1f:40:2e:c5:85:04:ff:31:3d:aa: a7:1b:fd:a6:c6:49:5b:1d:e7:a7:ba:9a:70:32:9d: 94:1a:5d:f0:3c:7b:b3:0a:18:40:1b:23:83:8b:c5: 97:c8:2f:54:b1:76:e2:f9:fd:d2:ee:12:ff:64:25: 23:12:ce:3a:2b:11:17:c3:b9:ee:32:9d:67:f4:cd: ee:05:7f:3d:7e:40:63:0a:27:01:04:d7:ae:3a:88: 26:1a:52:d3:9a:c4:b4:fa:4a:11:d3:29:83:29:07: 41:ad:ec:48:f5:c3:e1:32:2a:f1:cb:2c:2f:f0:eb: 7b:f4:d1:c8:a9:d6:fa:ac:93:60:9b:4c:1a:31:c8: bf:ff:a7:da:42:18:84:ff:14:51:ea:6f:16:8c:a0: 6e:cc:85:e9:fd:c3:0e:ff:e6:6f:08:5d:07:d2:d2: b0:13:ac:e9:36:56:7d:98:5e:e3:24:77:17:70:3c: 6a:16:5b:2b:e1:34:63:8d:1e:16:8d:cf:67:28:74: 87:75:2c:0c:0e:9b:8c:d3:23:48:cd:9d:24:7e:2b: fb:86:fb:3c:82:d5:01:2e:9a:ee:19:fc:20:67:94: 07:41 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2A:15:74:4E:D5:94:3E:A0:C4:C5:B7:C7:5F:82:00:C0:38:F4:B6:D9 X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/KhV0TtWUPqDExbfHX4IAwDj0ttk.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.221.24.0/22 Signature Algorithm: sha256WithRSAEncryption c6:9e:87:fd:5d:b1:a9:6d:5e:83:cf:06:4f:7b:8c:94:89:6c: d8:96:69:00:3d:3f:f6:21:31:2a:76:4e:43:a3:18:0a:78:23: 26:1e:53:64:1c:66:6a:bf:92:a4:a9:3f:8c:16:12:a6:09:10: 9f:37:18:a2:9a:63:e2:bd:3b:86:de:7e:0c:46:4f:fd:54:be: 07:00:e3:34:3f:88:81:9f:a6:64:50:73:7d:af:22:25:48:cb: a6:d0:b2:29:d5:b8:7e:b3:ac:87:f8:67:29:3a:6c:4e:14:81: 8f:dc:44:ca:b4:0c:67:8c:1e:55:08:22:07:ce:75:32:40:a3: 0b:7a:d8:60:fe:26:9c:4c:69:f0:9a:6d:70:b3:b6:70:39:59: 1b:b8:d7:82:c3:55:3e:95:b2:2a:8d:50:aa:11:37:bc:24:d9: c9:29:ac:42:c4:ce:2b:ca:4f:12:b6:86:db:b0:71:75:9a:66: 95:a5:2b:6f:91:6c:16:f8:6c:8d:c2:1d:42:8b:b4:38:41:e7: 9c:06:e0:97:76:42:39:f7:73:5f:20:f4:7a:ec:a1:be:d5:de: 00:b1:3c:ae:78:1c:3b:eb:c6:46:a3:13:b1:9e:c0:f4:cb:8a: a0:e5:ed:cc:23:2d:e3:e3:c8:85:be:ab:17:12:74:9a:2b:e8: 4e:f5:5e:39 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICHywwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTA5MTYw NTUwNTdaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDJBMTU3NDRFRDU5NDNF QTBDNEM1QjdDNzVGODIwMEMwMzhGNEI2RDkwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDdrMNgYDfPbEDxBCv+Fbxxz4A2e0eDSiAzCz6EQzOUZySmH0Au xYUE/zE9qqcb/abGSVsd56e6mnAynZQaXfA8e7MKGEAbI4OLxZfIL1SxduL5/dLu Ev9kJSMSzjorERfDue4ynWf0ze4Ffz1+QGMKJwEE1646iCYaUtOaxLT6ShHTKYMp B0Gt7Ej1w+EyKvHLLC/w63v00cip1vqsk2CbTBoxyL//p9pCGIT/FFHqbxaMoG7M hen9ww7/5m8IXQfS0rATrOk2Vn2YXuMkdxdwPGoWWyvhNGONHhaNz2codId1LAwO m4zTI0jNnSR+K/uG+zyC1QEumu4Z/CBnlAdBAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUKhV0TtWUPqDExbfHX4IAwDj0ttkwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L0toVjBUdFdVUHFERXhi ZkhYNElBd0RqMHR0ay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAJn3RgwDQYJKoZIhvcNAQELBQADggEBAMaeh/1dsaltXoPPBk97jJSJbNiWaQA9 P/YhMSp2TkOjGAp4IyYeU2QcZmq/kqSpP4wWEqYJEJ83GKKaY+K9O4befgxGT/1U vgcA4zQ/iIGfpmRQc32vIiVIy6bQsinVuH6zrIf4Zyk6bE4UgY/cRMq0DGeMHlUI IgfOdTJAowt62GD+JpxMafCabXCztnA5WRu414LDVT6VsiqNUKoRN7wk2ckprELE zivKTxK2htuwcXWaZpWlK2+RbBb4bI3CHUKLtDhB55wG4Jd2Qjn3c18g9Hrsob7V 3gCxPK54HDvrxkajE7GewPTLiqDl7cwjLePjyIW+qxcSdJor6E71Xjk= -----END CERTIFICATE-----Generated at Mon Oct 20 13:18:01 2025 by rpki-client