$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/MxEx7IjyrFVMgkJv13Wk6ZecTEc.roa File: MxEx7IjyrFVMgkJv13Wk6ZecTEc.roa (raw, json) Hash identifier: IOw145mh2j4q1Sa7B1BTu3bX0vrSEFaVgj4rDXo29nE= Subject key identifier: 33:11:31:EC:88:F2:AC:55:4C:82:42:6F:D7:75:A4:E9:97:9C:4C:47 Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 1E0E Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/MxEx7IjyrFVMgkJv13Wk6ZecTEc.roa Signing time: Sat 13 Sep 2025 03:04:49 +0000 ROA not before: Sat 13 Sep 2025 03:04:49 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 59083 IP address blocks: 43.254.154.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 13:37:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7694 (0x1e0e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Sep 13 03:04:49 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=331131EC88F2AC554C82426FD775A4E9979C4C47 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:9a:77:a7:b1:30:de:6b:be:34:eb:c3:6c:d7: 4c:ae:e6:49:10:d8:70:e6:22:39:f8:c9:a5:0f:3d: 11:16:b5:eb:2d:98:0c:8e:1e:ba:29:07:3d:f1:6f: d1:6a:fa:e2:80:d5:d7:13:38:c7:9f:fe:bb:16:62: 93:b7:39:6e:8a:f2:69:26:4b:96:9e:d9:96:c2:30: af:62:d6:e4:7a:24:37:04:8c:d4:a1:48:43:df:fb: 83:bd:6a:73:6e:8c:77:30:17:b9:c1:6d:06:d0:c1: da:25:78:b5:06:e3:1b:17:e9:63:79:fc:86:89:cb: 7d:ad:0d:c7:b6:05:f2:59:32:ea:62:f2:90:99:1c: 31:87:e8:d0:d7:1e:8a:c5:4a:6d:e2:ae:4f:2d:34: c8:ea:48:b5:7d:6d:61:9b:c8:49:52:e3:ef:e1:57: 95:3b:44:2b:a9:8b:d0:ea:6a:57:6a:fd:ad:21:c7: 6e:c5:31:53:18:10:99:b8:91:83:f9:59:48:fd:6f: 79:23:c7:f1:c2:bf:a5:23:ee:d0:bc:a5:a6:0e:8c: 62:04:05:9c:47:75:3f:f5:d9:e7:f4:a0:da:8d:27: b2:3d:32:98:8e:62:1a:a3:62:16:e7:ea:8b:6a:ab: 9e:18:c9:93:22:e3:99:4a:64:38:c3:77:8c:18:3c: bd:eb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 33:11:31:EC:88:F2:AC:55:4C:82:42:6F:D7:75:A4:E9:97:9C:4C:47 X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/MxEx7IjyrFVMgkJv13Wk6ZecTEc.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 43.254.154.0/24 Signature Algorithm: sha256WithRSAEncryption 1c:e5:15:76:7a:b9:9b:4b:f4:52:59:d1:3f:c1:9e:ac:28:f6: 6b:f6:7d:75:6f:9f:93:2a:08:6a:fb:93:8f:32:53:0d:55:0d: 9b:b7:a1:fd:5e:68:90:7e:d4:a5:ee:ca:94:a0:06:bd:77:6a: 12:a1:9a:0f:d1:5a:56:6b:2e:a1:8c:a1:5f:c5:4c:f9:de:46: da:db:2d:f1:81:5e:ac:bc:b7:cd:37:a2:ff:b8:fa:35:17:a0: 76:4f:22:40:d2:c9:7c:5d:c7:30:48:6d:06:ac:a2:94:89:37: ad:49:ce:05:d4:d4:f9:4a:45:85:be:fa:c3:f2:dc:fa:3a:61: 36:59:dd:60:67:b5:27:4d:c5:86:77:45:09:da:d8:1f:55:1d: 86:45:22:1e:4e:93:12:6a:d4:73:3e:53:f8:33:7f:59:e4:b4: a5:37:d2:f0:d6:b9:89:ff:ab:a6:eb:0d:d2:a7:42:12:9e:b9: 4f:40:cc:e3:9a:0b:63:01:e4:ad:2c:3a:d9:c9:05:af:05:5f: 14:3a:71:2d:80:c3:e3:64:38:32:0a:a7:7d:ea:ed:55:81:15: 5e:37:d0:b9:dc:c0:a1:ed:61:7f:c3:fa:74:60:29:80:4f:a9: 7a:40:ec:66:97:f6:93:1e:62:7b:90:f2:03:bd:62:f8:2a:15: ea:c9:85:57 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICHg4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTA5MTMw MzA0NDlaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDMzMTEzMUVDODhGMkFD NTU0QzgyNDI2RkQ3NzVBNEU5OTc5QzRDNDcwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC0mnensTDea74068Ns10yu5kkQ2HDmIjn4yaUPPREWtestmAyO HropBz3xb9Fq+uKA1dcTOMef/rsWYpO3OW6K8mkmS5ae2ZbCMK9i1uR6JDcEjNSh SEPf+4O9anNujHcwF7nBbQbQwdoleLUG4xsX6WN5/IaJy32tDce2BfJZMupi8pCZ HDGH6NDXHorFSm3irk8tNMjqSLV9bWGbyElS4+/hV5U7RCupi9Dqaldq/a0hx27F MVMYEJm4kYP5WUj9b3kjx/HCv6Uj7tC8paYOjGIEBZxHdT/12ef0oNqNJ7I9MpiO YhqjYhbn6otqq54YyZMi45lKZDjDd4wYPL3rAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUMxEx7IjyrFVMgkJv13Wk6ZecTEcwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L014RXg3SWp5ckZWTWdr SnYxM1drNlplY1RFYy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAAr/powDQYJKoZIhvcNAQELBQADggEBABzlFXZ6uZtL9FJZ0T/Bnqwo9mv2fXVv n5MqCGr7k48yUw1VDZu3of1eaJB+1KXuypSgBr13ahKhmg/RWlZrLqGMoV/FTPne RtrbLfGBXqy8t803ov+4+jUXoHZPIkDSyXxdxzBIbQasopSJN61JzgXU1PlKRYW+ +sPy3Po6YTZZ3WBntSdNxYZ3RQna2B9VHYZFIh5OkxJq1HM+U/gzf1nktKU30vDW uYn/q6brDdKnQhKeuU9AzOOaC2MB5K0sOtnJBa8FXxQ6cS2Aw+NkODIKp33q7VWB FV430LncwKHtYX/D+nRgKYBPqXpA7GaX9pMeYnuQ8gO9YvgqFerJhVc= -----END CERTIFICATE-----Generated at Mon Oct 20 13:30:49 2025 by rpki-client