$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/LxFN1nuGi3WTg47MfYyt4hze_bU.roa File: LxFN1nuGi3WTg47MfYyt4hze_bU.roa (raw, json) Hash identifier: jqc5PtQ0Zot99osdgcdeFbvykfF7ZyKFiAzTVl5Xzr0= Subject key identifier: 2F:11:4D:D6:7B:86:8B:75:93:83:8E:CC:7D:8C:AD:E2:1C:DE:FD:B5 Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 1E7F Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/LxFN1nuGi3WTg47MfYyt4hze_bU.roa Signing time: Sat 13 Sep 2025 03:05:12 +0000 ROA not before: Sat 13 Sep 2025 03:05:12 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 138527 IP address blocks: 103.221.16.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 21 Oct 2025 00:35:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7807 (0x1e7f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Sep 13 03:05:12 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=2F114DD67B868B7593838ECC7D8CADE21CDEFDB5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:e5:c2:e9:76:13:8f:e1:1e:e2:c3:c7:23:9b: 84:70:09:f8:cc:90:63:c9:a7:f5:c0:55:ac:93:43: 6a:d1:6d:25:7e:4b:23:56:01:29:20:24:23:0b:f1: 85:e1:7e:4b:85:ab:84:ad:71:ac:b9:37:0f:43:ef: 93:a6:27:e9:9d:fe:b2:08:e1:a7:95:4e:ff:59:6b: f6:bb:64:ed:32:87:7c:59:f9:e4:e8:53:1c:93:f2: 49:86:ba:39:5e:c1:47:b4:e1:66:72:9f:71:c2:3c: cc:85:1b:ba:78:a9:0d:1f:05:50:66:f8:44:cc:cc: 4b:b5:52:a3:30:0d:82:27:30:90:88:fe:87:3f:9f: 07:1e:28:ca:fb:36:4d:22:99:34:be:63:85:dd:ef: 96:79:97:85:69:2d:33:78:ae:82:04:1f:51:a3:39: 58:11:a7:db:84:29:97:f9:c9:c3:fd:b5:29:b1:55: 35:eb:3e:3a:2d:6f:86:52:53:b1:81:a2:95:77:6c: c8:ef:2e:a7:99:93:50:2a:e3:40:92:2a:8c:87:98: 46:c6:54:f8:64:07:f7:4b:3c:9c:40:e6:2c:8e:e2: bb:17:50:d4:26:cc:2a:a9:b3:f5:ef:f6:61:84:82: 2e:71:37:1b:d3:ad:44:bc:5d:77:d2:45:87:b9:c9: d2:b3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2F:11:4D:D6:7B:86:8B:75:93:83:8E:CC:7D:8C:AD:E2:1C:DE:FD:B5 X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/LxFN1nuGi3WTg47MfYyt4hze_bU.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.221.16.0/22 Signature Algorithm: sha256WithRSAEncryption 12:42:14:46:34:a4:65:66:38:35:86:71:39:e7:ed:e1:fe:fa: 37:52:36:73:32:ff:8f:59:d7:fa:b0:97:8a:5c:3e:32:ac:1a: 15:8e:14:c7:27:59:5c:f8:3f:3c:23:11:39:3d:a3:82:70:08: 18:bc:5e:09:50:63:88:47:b7:f3:fc:9e:c3:82:30:9a:e2:17: b5:79:89:71:56:9d:d9:d2:fe:7a:19:a1:6e:31:8d:48:3a:ad: 79:3b:9c:a5:2d:e1:ff:51:52:6f:d9:75:37:9a:77:c4:6f:44: 7c:67:db:a0:f6:bc:7f:9f:02:fc:27:e8:78:13:78:7c:57:87: ee:6f:24:dd:91:87:d8:10:9a:0a:ff:2e:b4:a4:54:86:56:1c: 05:71:cd:d5:33:b2:09:f9:72:26:f6:f3:c6:c4:ca:10:83:70: f1:a2:d4:39:ce:8a:88:30:4b:23:cb:41:14:ab:37:79:b3:df: 15:f3:e8:98:04:a5:c3:3e:c8:80:be:00:d9:bf:3b:81:8b:9f: b5:c7:96:03:b7:91:5e:d4:6e:ab:dc:43:2a:47:01:29:cc:3f: e2:48:d0:33:0a:6d:c5:61:87:18:cd:2b:2f:aa:41:29:84:5d: a7:e2:8b:a3:f8:5e:9c:3a:b4:70:26:67:a9:b6:77:a5:1f:95: 33:be:8a:94 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICHn8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTA5MTMw MzA1MTJaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDJGMTE0REQ2N0I4NjhC NzU5MzgzOEVDQzdEOENBREUyMUNERUZEQjUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDB5cLpdhOP4R7iw8cjm4RwCfjMkGPJp/XAVayTQ2rRbSV+SyNW ASkgJCML8YXhfkuFq4Stcay5Nw9D75OmJ+md/rII4aeVTv9Za/a7ZO0yh3xZ+eTo UxyT8kmGujlewUe04WZyn3HCPMyFG7p4qQ0fBVBm+ETMzEu1UqMwDYInMJCI/oc/ nwceKMr7Nk0imTS+Y4Xd75Z5l4VpLTN4roIEH1GjOVgRp9uEKZf5ycP9tSmxVTXr Pjotb4ZSU7GBopV3bMjvLqeZk1Aq40CSKoyHmEbGVPhkB/dLPJxA5iyO4rsXUNQm zCqps/Xv9mGEgi5xNxvTrUS8XXfSRYe5ydKzAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQULxFN1nuGi3WTg47MfYyt4hze/bUwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L0x4Rk4xbnVHaTNXVGc0 N01mWXl0NGh6ZV9iVS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAJn3RAwDQYJKoZIhvcNAQELBQADggEBABJCFEY0pGVmODWGcTnn7eH++jdSNnMy /49Z1/qwl4pcPjKsGhWOFMcnWVz4PzwjETk9o4JwCBi8XglQY4hHt/P8nsOCMJri F7V5iXFWndnS/noZoW4xjUg6rXk7nKUt4f9RUm/ZdTead8RvRHxn26D2vH+fAvwn 6HgTeHxXh+5vJN2Rh9gQmgr/LrSkVIZWHAVxzdUzsgn5cib288bEyhCDcPGi1DnO iogwSyPLQRSrN3mz3xXz6JgEpcM+yIC+ANm/O4GLn7XHlgO3kV7UbqvcQypHASnM P+JI0DMKbcVhhxjNKy+qQSmEXafii6P4Xpw6tHAmZ6m2d6UflTO+ipQ= -----END CERTIFICATE-----Generated at Mon Oct 20 23:27:32 2025 by rpki-client