$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/LoKDKUxpe56exuqglJ1fgo3GgWo.roa File: LoKDKUxpe56exuqglJ1fgo3GgWo.roa (raw, json) Hash identifier: JqLisiEFNNFCBT4CQkNZBp4Lwl9i5wstEe/o4/4B8hE= Subject key identifier: 2E:82:83:29:4C:69:7B:9E:9E:C6:EA:A0:94:9D:5F:82:8D:C6:81:6A Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 1EEB Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/LoKDKUxpe56exuqglJ1fgo3GgWo.roa Signing time: Sat 13 Sep 2025 03:05:36 +0000 ROA not before: Sat 13 Sep 2025 03:05:36 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 139076 IP address blocks: 103.221.48.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 21 Oct 2025 00:35:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7915 (0x1eeb) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Sep 13 03:05:36 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=2E8283294C697B9E9EC6EAA0949D5F828DC6816A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d4:c1:b9:87:71:72:32:cc:36:d4:f5:ab:01:18: 9f:88:32:30:a6:c6:4d:87:5b:da:0b:a6:31:0f:d3: 3c:cd:c3:f8:41:8a:df:77:f8:d5:92:47:5c:90:54: 5f:c9:8e:05:fd:1d:43:c0:ba:f9:c6:0e:48:f8:4c: e9:ec:0b:9d:0c:24:e9:d7:2c:dd:0d:7b:5a:84:0d: c5:b9:db:fd:a4:36:e9:68:83:09:87:4c:a3:36:f8: d5:67:63:85:8e:9b:1f:76:fa:65:7b:cb:c3:8b:f3: f6:e9:3f:ca:f5:3d:c2:2a:83:37:05:80:a7:b3:89: ef:0a:cf:61:f0:67:28:2b:57:ef:49:65:25:79:ef: 66:bf:a2:1d:e8:c4:d2:9f:b3:31:28:6a:67:e0:d5: 2a:50:1c:b7:2f:79:6d:f8:44:b0:c1:66:68:02:e1: 14:15:c6:c8:56:f7:b1:ba:ea:68:00:d6:89:6e:3e: 97:0c:19:0b:4c:99:c0:cc:df:83:24:e2:da:96:c7: 05:06:38:0e:90:83:8d:8c:46:0e:0d:b4:67:8a:59: eb:87:9e:c9:f9:8f:4a:8b:6c:77:4a:81:5a:ea:f9: fa:92:e4:26:30:ce:7d:4d:6f:b3:2f:f5:96:46:85: 3e:2e:74:10:39:9d:22:0a:95:d1:48:92:bb:dd:a7: 3d:ab Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2E:82:83:29:4C:69:7B:9E:9E:C6:EA:A0:94:9D:5F:82:8D:C6:81:6A X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/LoKDKUxpe56exuqglJ1fgo3GgWo.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.221.48.0/24 Signature Algorithm: sha256WithRSAEncryption 0e:1b:fc:c9:4d:ba:cf:91:31:1c:d3:38:d1:d7:04:a2:36:aa: 59:c6:8a:2f:54:9d:4f:c9:9d:99:fe:e5:91:23:f1:18:b3:5d: fe:2e:5b:be:30:4b:be:d1:3a:d9:c9:80:54:90:72:a4:a6:40: ae:84:1c:fb:0e:37:2b:f5:4c:40:d2:79:06:99:4e:71:13:c7: 60:bd:8c:08:9d:0f:d8:09:78:f4:49:f6:fd:4c:27:49:af:ad: 5a:fd:45:a6:a8:d5:7f:78:a4:14:e0:66:0d:a0:d1:f3:2e:05: b1:04:9f:76:00:1b:fd:9e:60:f3:82:b3:6c:24:55:97:93:ef: 5c:b2:69:65:5f:ad:a2:62:e5:ea:ca:d1:e6:45:a7:e3:6a:00: 38:42:60:ee:9e:22:34:48:e3:f2:da:65:a7:19:96:8c:04:4b: f4:eb:92:fe:bd:22:86:16:2d:8d:63:54:b8:8a:ca:67:b2:b5: 60:5c:3e:9a:b7:f2:77:72:62:52:a5:ab:8c:cb:a9:c6:7f:2f: a0:49:2f:92:ad:69:73:24:11:9e:01:ee:0d:bc:22:6a:af:b3: 2e:09:4b:f4:76:ef:86:09:03:00:39:d7:c3:28:15:87:a4:89: 1d:93:37:9e:e7:09:ae:66:4b:b0:62:91:e7:7b:cd:a4:34:ba: f0:0a:c0:cb -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICHuswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTA5MTMw MzA1MzZaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDJFODI4MzI5NEM2OTdC OUU5RUM2RUFBMDk0OUQ1RjgyOERDNjgxNkEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDUwbmHcXIyzDbU9asBGJ+IMjCmxk2HW9oLpjEP0zzNw/hBit93 +NWSR1yQVF/JjgX9HUPAuvnGDkj4TOnsC50MJOnXLN0Ne1qEDcW52/2kNulogwmH TKM2+NVnY4WOmx92+mV7y8OL8/bpP8r1PcIqgzcFgKezie8Kz2HwZygrV+9JZSV5 72a/oh3oxNKfszEoamfg1SpQHLcveW34RLDBZmgC4RQVxshW97G66mgA1oluPpcM GQtMmcDM34Mk4tqWxwUGOA6Qg42MRg4NtGeKWeuHnsn5j0qLbHdKgVrq+fqS5CYw zn1Nb7Mv9ZZGhT4udBA5nSIKldFIkrvdpz2rAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQULoKDKUxpe56exuqglJ1fgo3GgWowHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L0xvS0RLVXhwZTU2ZXh1 cWdsSjFmZ28zR2dXby5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BABn3TAwDQYJKoZIhvcNAQELBQADggEBAA4b/MlNus+RMRzTONHXBKI2qlnGii9U nU/JnZn+5ZEj8RizXf4uW74wS77ROtnJgFSQcqSmQK6EHPsONyv1TEDSeQaZTnET x2C9jAidD9gJePRJ9v1MJ0mvrVr9Raao1X94pBTgZg2g0fMuBbEEn3YAG/2eYPOC s2wkVZeT71yyaWVfraJi5erK0eZFp+NqADhCYO6eIjRI4/LaZacZlowES/Trkv69 IoYWLY1jVLiKymeytWBcPpq38ndyYlKlq4zLqcZ/L6BJL5KtaXMkEZ4B7g28Imqv sy4JS/R274YJAwA518MoFYekiR2TN57nCa5mS7Biked7zaQ0uvAKwMs= -----END CERTIFICATE-----Generated at Mon Oct 20 23:27:42 2025 by rpki-client