$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/O4L4FBR_kcZLouqjAmmxpZZA-1I.roa File: O4L4FBR_kcZLouqjAmmxpZZA-1I.roa (raw, json) Hash identifier: GNAYlI5NMKqwwodxe1uTobsLt2NdhCfFWyyNBhGSVaU= Subject key identifier: 3B:82:F8:14:14:7F:91:C6:4B:A2:EA:A3:02:69:B1:A5:96:40:FB:52 Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 1E8F Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/O4L4FBR_kcZLouqjAmmxpZZA-1I.roa Signing time: Sat 13 Sep 2025 03:05:15 +0000 ROA not before: Sat 13 Sep 2025 03:05:15 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 139259 IP address blocks: 45.252.144.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 21 Oct 2025 00:35:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7823 (0x1e8f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Sep 13 03:05:15 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=3B82F814147F91C64BA2EAA30269B1A59640FB52 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:cc:ec:61:2d:26:1d:00:e0:d2:35:80:8e:07: a4:07:64:9c:2c:7c:56:cb:72:04:69:d5:68:73:f2: 07:fd:09:4e:32:fb:f1:8d:60:fb:e3:9e:6e:60:41: 98:f4:95:11:b6:2c:af:ca:e4:c7:6a:d8:34:62:fa: 2c:b9:ec:84:73:7d:ba:44:f7:d1:75:ea:ca:06:54: 5c:f5:48:84:93:03:6e:d5:a6:a6:21:37:59:77:3b: 68:cd:21:d3:05:f8:88:9e:f7:85:17:d5:0b:70:89: 08:82:00:90:f4:a9:28:db:cf:ea:27:1f:50:e2:c9: 6a:d8:c0:f5:18:83:dd:fc:56:22:5f:22:f0:07:ae: 5a:e1:6e:86:bd:eb:41:0e:70:c3:1f:d5:7e:58:95: 34:5e:8a:6b:13:22:d2:31:22:6a:db:dd:4e:be:4b: 7b:47:81:1c:fe:39:53:e9:23:00:39:66:84:6d:4a: e5:0a:d3:70:64:24:0d:4d:22:93:fb:93:ea:5c:2c: d6:10:3d:43:e1:28:a1:1a:27:60:88:76:de:1b:05: a1:3d:4a:64:ed:9e:77:29:62:65:de:7b:89:9f:c6: 24:ce:3b:94:cc:53:6d:70:34:c8:c5:7a:63:3d:e0: e5:c0:27:e9:3d:11:e8:a2:4a:6f:12:64:ab:31:82: 22:37 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3B:82:F8:14:14:7F:91:C6:4B:A2:EA:A3:02:69:B1:A5:96:40:FB:52 X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/O4L4FBR_kcZLouqjAmmxpZZA-1I.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 45.252.144.0/22 Signature Algorithm: sha256WithRSAEncryption 0e:53:45:50:0c:06:c9:2c:34:a2:54:9e:3c:d8:c9:91:e9:bf: cb:c8:29:1a:60:04:80:88:bf:58:28:50:1a:12:2b:2b:3b:a9: b7:01:cf:b0:2a:a8:9e:11:b4:05:7e:55:15:7d:e8:4d:dd:e3: da:7e:50:17:f6:6c:49:86:77:84:e7:d5:f4:93:b0:96:43:cf: 14:ce:a2:58:53:29:a2:e5:26:db:8e:45:c1:f0:86:17:a5:a0: 87:6a:0b:9b:f3:8d:dd:81:a4:d2:3c:26:dc:d1:47:4e:d4:c0: f0:27:1a:dd:1b:94:35:8f:89:f1:72:15:8d:cf:f4:73:a1:13: 65:74:0d:ab:bc:34:3e:39:bd:24:ff:4e:b1:dc:00:14:22:84: a3:c8:90:00:86:98:b1:cd:fe:48:21:64:78:cf:72:f5:6d:c5: 81:b9:16:71:73:f2:2e:f1:d8:52:3e:71:48:6c:44:9a:b0:08: 2f:c5:be:2b:19:dc:fd:60:22:c7:46:df:9a:1d:7e:bd:37:e5: 13:2b:2a:4a:73:6a:ca:f6:66:a1:6a:aa:cf:74:d4:a2:75:04: 3e:19:b8:f1:c8:1b:5c:53:aa:51:ac:3b:03:96:20:f1:57:4e: 19:9d:32:6a:39:a0:f1:46:47:3e:49:0f:81:75:52:0f:81:ed: 00:ea:fd:f8 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICHo8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTA5MTMw MzA1MTVaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDNCODJGODE0MTQ3Rjkx QzY0QkEyRUFBMzAyNjlCMUE1OTY0MEZCNTIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCyzOxhLSYdAODSNYCOB6QHZJwsfFbLcgRp1Whz8gf9CU4y+/GN YPvjnm5gQZj0lRG2LK/K5Mdq2DRi+iy57IRzfbpE99F16soGVFz1SISTA27VpqYh N1l3O2jNIdMF+Iie94UX1QtwiQiCAJD0qSjbz+onH1DiyWrYwPUYg938ViJfIvAH rlrhboa960EOcMMf1X5YlTReimsTItIxImrb3U6+S3tHgRz+OVPpIwA5ZoRtSuUK 03BkJA1NIpP7k+pcLNYQPUPhKKEaJ2CIdt4bBaE9SmTtnncpYmXee4mfxiTOO5TM U21wNMjFemM94OXAJ+k9EeiiSm8SZKsxgiI3AgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUO4L4FBR/kcZLouqjAmmxpZZA+1IwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L080TDRGQlJfa2NaTG91 cWpBbW14cFpaQS0xSS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAIt/JAwDQYJKoZIhvcNAQELBQADggEBAA5TRVAMBsksNKJUnjzYyZHpv8vIKRpg BICIv1goUBoSKys7qbcBz7AqqJ4RtAV+VRV96E3d49p+UBf2bEmGd4Tn1fSTsJZD zxTOolhTKaLlJtuORcHwhheloIdqC5vzjd2BpNI8JtzRR07UwPAnGt0blDWPifFy FY3P9HOhE2V0Dau8ND45vST/TrHcABQihKPIkACGmLHN/kghZHjPcvVtxYG5FnFz 8i7x2FI+cUhsRJqwCC/FvisZ3P1gIsdG35odfr035RMrKkpzasr2ZqFqqs901KJ1 BD4ZuPHIG1xTqlGsOwOWIPFXThmdMmo5oPFGRz5JD4F1Ug+B7QDq/fg= -----END CERTIFICATE-----Generated at Mon Oct 20 23:27:34 2025 by rpki-client