$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/OfpOUdna_mlJ_-ymU9gHeZAP5No.roa File: OfpOUdna_mlJ_-ymU9gHeZAP5No.roa (raw, json) Hash identifier: VIGylzvVLwBF2AlPvnNui8TTHDhufH9J7um7EaJ4dlU= Subject key identifier: 39:FA:4E:51:D9:DA:FE:69:49:FF:EC:A6:53:D8:07:79:90:0F:E4:DA Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 1E01 Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/OfpOUdna_mlJ_-ymU9gHeZAP5No.roa Signing time: Sat 13 Sep 2025 03:04:46 +0000 ROA not before: Sat 13 Sep 2025 03:04:46 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 138527 IP address blocks: 103.221.44.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 13:37:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7681 (0x1e01) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Sep 13 03:04:46 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=39FA4E51D9DAFE6949FFECA653D80779900FE4DA Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:73:7e:b7:10:0c:e1:d3:a2:97:fb:ad:36:a2: 18:53:22:d3:5c:af:7d:17:31:72:5e:c0:72:f6:ba: 38:c1:9d:30:51:91:8a:61:42:f5:6d:57:0b:dd:f1: 57:e7:76:79:0c:4c:d8:ae:3f:47:e4:66:b1:2b:54: 49:47:9c:d3:ee:8f:4e:80:9f:4d:99:dc:fb:65:6e: 6a:fc:21:ef:e6:a1:97:3f:b3:da:49:be:b3:d3:25: 75:38:28:bd:72:e2:c9:a5:c0:8f:ba:20:05:19:0e: 9c:45:63:c2:8f:5a:ac:4b:36:d9:fe:ae:af:f5:96: c2:60:1b:21:9d:c9:67:2b:69:18:e3:1e:0c:1d:d0: 60:86:d4:f1:92:c2:40:d0:af:54:2b:92:16:ea:53: 00:77:a5:e8:e5:1a:90:9a:45:f9:96:10:79:98:de: b3:06:33:44:dc:57:cf:bb:d0:5f:32:33:80:a3:8d: 46:24:41:fb:50:37:7e:2a:3a:ac:6f:57:f6:5d:4f: 36:bb:cd:eb:dd:90:81:90:a4:47:22:d4:c6:b2:57: 8d:05:ba:4c:95:31:84:05:5a:69:ac:b2:2a:49:04: 02:27:ec:6a:06:23:75:a1:a3:b4:86:a9:28:a6:e2: ac:92:68:b8:f3:5c:d3:f9:86:74:76:59:d2:66:c5: 44:59 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 39:FA:4E:51:D9:DA:FE:69:49:FF:EC:A6:53:D8:07:79:90:0F:E4:DA X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/OfpOUdna_mlJ_-ymU9gHeZAP5No.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.221.44.0/22 Signature Algorithm: sha256WithRSAEncryption 44:c7:a3:42:1d:55:ef:1a:78:e5:3a:a4:e8:7f:fb:76:7e:a8: 2b:f9:78:89:da:3c:cd:d7:4b:57:a3:6e:ca:c7:86:c0:6a:83: 10:6f:4c:cd:a5:ef:45:20:15:d8:fa:1d:2f:01:10:e1:5a:28: 57:4c:83:b0:8f:37:37:b7:1f:21:51:02:3e:29:df:c2:f5:8b: 60:17:b6:bd:3d:8d:5f:db:09:ca:fc:94:ba:a5:ba:59:87:f2: 20:12:aa:ca:b6:2f:bb:a4:af:6e:00:d5:bc:8b:5b:01:a5:3f: 1c:cb:33:86:98:61:e9:e4:3c:ef:1e:3b:41:15:bb:cd:0c:f9: 71:74:5e:16:28:1f:1f:12:3e:9a:93:c2:42:3c:ab:0f:3d:0e: 7c:6d:bc:e5:58:80:06:35:7b:17:b8:f3:0b:1c:c7:9f:9c:2b: 1e:2f:ad:56:9a:00:10:8b:c7:13:f2:a3:f5:e1:40:6d:a5:01: dc:a9:7f:38:12:b1:af:fc:f3:68:b6:9e:07:18:d7:71:fa:db: ed:8a:0b:e7:96:00:3e:1a:d8:4c:0a:f7:15:93:5f:82:7a:6e: 2e:3a:30:d4:b8:88:9e:10:b0:71:2b:6f:b7:1b:88:2d:d7:4b: b2:f7:ce:4c:9f:b6:cf:57:c7:a2:0b:d1:21:78:01:84:31:06: 57:c2:99:32 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICHgEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTA5MTMw MzA0NDZaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDM5RkE0RTUxRDlEQUZF Njk0OUZGRUNBNjUzRDgwNzc5OTAwRkU0REEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDNc363EAzh06KX+602ohhTItNcr30XMXJewHL2ujjBnTBRkYph QvVtVwvd8VfndnkMTNiuP0fkZrErVElHnNPuj06An02Z3Ptlbmr8Ie/moZc/s9pJ vrPTJXU4KL1y4smlwI+6IAUZDpxFY8KPWqxLNtn+rq/1lsJgGyGdyWcraRjjHgwd 0GCG1PGSwkDQr1QrkhbqUwB3pejlGpCaRfmWEHmY3rMGM0TcV8+70F8yM4CjjUYk QftQN34qOqxvV/ZdTza7zevdkIGQpEci1MayV40FukyVMYQFWmmssipJBAIn7GoG I3Who7SGqSim4qySaLjzXNP5hnR2WdJmxURZAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUOfpOUdna/mlJ/+ymU9gHeZAP5NowHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L09mcE9VZG5hX21sSl8t eW1VOWdIZVpBUDVOby5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAJn3SwwDQYJKoZIhvcNAQELBQADggEBAETHo0IdVe8aeOU6pOh/+3Z+qCv5eIna PM3XS1ejbsrHhsBqgxBvTM2l70UgFdj6HS8BEOFaKFdMg7CPNze3HyFRAj4p38L1 i2AXtr09jV/bCcr8lLqlulmH8iASqsq2L7ukr24A1byLWwGlPxzLM4aYYenkPO8e O0EVu80M+XF0XhYoHx8SPpqTwkI8qw89DnxtvOVYgAY1exe48wscx5+cKx4vrVaa ABCLxxPyo/XhQG2lAdypfzgSsa/882i2ngcY13H62+2KC+eWAD4a2EwK9xWTX4J6 bi46MNS4iJ4QsHErb7cbiC3XS7L3zkyfts9Xx6IL0SF4AYQxBlfCmTI= -----END CERTIFICATE-----Generated at Mon Oct 20 13:18:00 2025 by rpki-client