$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/M5oDY325ZSJd4j9iM-U07F7-g0o.roa File: M5oDY325ZSJd4j9iM-U07F7-g0o.roa (raw, json) Hash identifier: kBX+7HxKkRZ9phoU/U8Ixj7NXXLxknoPikfdGBMKuGA= Subject key identifier: 33:9A:03:63:7D:B9:65:22:5D:E2:3F:62:33:E5:34:EC:5E:FE:83:4A Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 1E96 Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/M5oDY325ZSJd4j9iM-U07F7-g0o.roa Signing time: Sat 13 Sep 2025 03:05:17 +0000 ROA not before: Sat 13 Sep 2025 03:05:17 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 139259 IP address blocks: 103.221.8.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 18:07:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7830 (0x1e96) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Sep 13 03:05:17 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=339A03637DB965225DE23F6233E534EC5EFE834A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e1:3b:2d:12:4c:af:72:d0:f2:c3:98:e4:e9:e0: ea:1e:c9:76:b5:4c:fa:6b:67:f4:ca:54:b1:5a:82: 17:81:98:f4:9c:eb:38:e1:0e:4a:3e:b8:b6:46:78: 58:61:9a:e9:1d:6a:07:1c:91:12:0d:06:8e:70:13: ae:95:7b:a1:aa:49:51:66:75:a7:36:e8:f8:9e:6a: 12:08:e4:f3:d2:12:55:81:ba:68:39:49:bb:29:bf: 9f:1e:20:cf:b6:ac:70:b2:6d:ea:f7:4e:b0:c9:7f: 94:4c:a2:b4:6a:db:60:59:30:9e:69:8b:42:09:31: 12:b4:37:8b:61:13:cd:e4:d0:c2:35:1a:78:68:0d: 6e:9b:c8:93:c6:d9:ab:af:3a:ea:c7:9a:de:59:f1: 15:9c:0b:79:b7:96:29:5e:d2:e8:02:7f:1a:b2:1d: cf:48:c5:b1:10:17:7f:3e:fb:61:37:2c:1e:79:6a: 21:46:7f:f2:09:4a:95:f1:06:10:84:da:09:57:07: 0f:1c:1f:f5:fa:94:d9:5c:83:10:a7:96:89:d2:77: 0d:6f:dc:95:49:89:1e:8a:73:3c:9b:c8:15:d9:65: e1:69:24:55:de:c1:5b:1d:47:2a:c9:ab:0a:45:26: f7:d9:4d:bc:a1:d8:bb:56:9b:22:72:4f:5c:02:85: 5f:09 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 33:9A:03:63:7D:B9:65:22:5D:E2:3F:62:33:E5:34:EC:5E:FE:83:4A X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/M5oDY325ZSJd4j9iM-U07F7-g0o.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.221.8.0/22 Signature Algorithm: sha256WithRSAEncryption aa:33:17:97:30:d3:c9:ee:bb:56:4b:5b:81:05:f7:b1:6d:51: 49:3f:fd:37:93:d0:4a:ff:b4:ab:f4:8a:7a:01:d1:8f:2f:97: 97:ac:85:6e:85:c1:de:50:51:d9:69:1b:c5:6d:f7:3a:3a:f0: 48:42:1b:4a:8a:7d:95:f1:ef:52:6f:85:c0:64:d1:98:e8:2a: e9:d7:29:dd:02:ca:b9:30:b1:df:8c:4f:21:fb:a1:21:ef:e1: b9:c9:f5:c9:6f:02:b2:74:f9:87:1e:83:ad:e4:23:ee:ce:7d: 6d:ca:e3:72:49:b7:bb:64:54:96:f6:c5:48:12:0e:52:89:12: ad:ac:5a:8b:d9:fa:6b:fa:76:f8:76:7f:47:3a:25:51:a5:8a: 70:51:c4:5a:a3:12:33:cc:b8:c1:a2:86:91:85:6d:65:5d:ff: 85:65:4a:f8:8a:01:27:dc:54:64:a5:07:5e:51:48:8b:57:b2: a9:53:e4:ac:d3:7a:9b:26:a7:d3:eb:2c:2f:b0:db:11:a6:7d: 69:bb:85:ba:d4:46:50:51:2d:be:40:70:c7:93:93:12:72:3f: 2e:e7:ea:68:f2:e9:f6:72:03:76:c5:48:32:32:10:7b:a3:3c: 45:8f:2e:84:9f:ed:2b:b2:81:9b:89:c5:5a:63:b0:cf:ad:3e: 10:f6:04:55 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICHpYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTA5MTMw MzA1MTdaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDMzOUEwMzYzN0RCOTY1 MjI1REUyM0Y2MjMzRTUzNEVDNUVGRTgzNEEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDhOy0STK9y0PLDmOTp4OoeyXa1TPprZ/TKVLFagheBmPSc6zjh Dko+uLZGeFhhmukdagcckRINBo5wE66Ve6GqSVFmdac26PieahII5PPSElWBumg5 Sbspv58eIM+2rHCyber3TrDJf5RMorRq22BZMJ5pi0IJMRK0N4thE83k0MI1Gnho DW6byJPG2auvOurHmt5Z8RWcC3m3lile0ugCfxqyHc9IxbEQF38++2E3LB55aiFG f/IJSpXxBhCE2glXBw8cH/X6lNlcgxCnlonSdw1v3JVJiR6KczybyBXZZeFpJFXe wVsdRyrJqwpFJvfZTbyh2LtWmyJyT1wChV8JAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUM5oDY325ZSJd4j9iM+U07F7+g0owHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L001b0RZMzI1WlNKZDRq OWlNLVUwN0Y3LWcwby5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAJn3QgwDQYJKoZIhvcNAQELBQADggEBAKozF5cw08nuu1ZLW4EF97FtUUk//TeT 0Er/tKv0inoB0Y8vl5eshW6Fwd5QUdlpG8Vt9zo68EhCG0qKfZXx71JvhcBk0Zjo KunXKd0Cyrkwsd+MTyH7oSHv4bnJ9clvArJ0+Yceg63kI+7OfW3K43JJt7tkVJb2 xUgSDlKJEq2sWovZ+mv6dvh2f0c6JVGlinBRxFqjEjPMuMGihpGFbWVd/4VlSviK ASfcVGSlB15RSItXsqlT5KzTepsmp9PrLC+w2xGmfWm7hbrURlBRLb5AcMeTkxJy Py7n6mjy6fZyA3bFSDIyEHujPEWPLoSf7SuygZuJxVpjsM+tPhD2BFU= -----END CERTIFICATE-----Generated at Mon Oct 20 17:58:51 2025 by rpki-client