$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/OqDAUoIYXJaGna9tHlKE1um4rxo.roa File: OqDAUoIYXJaGna9tHlKE1um4rxo.roa (raw, json) Hash identifier: sR/5VIT1ovVa1r8cQXmU9hQOdn05QxQZPvUBcdC3AR0= Subject key identifier: 3A:A0:C0:52:82:18:5C:96:86:9D:AF:6D:1E:52:84:D6:E9:B8:AF:1A Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 1EDC Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/OqDAUoIYXJaGna9tHlKE1um4rxo.roa Signing time: Sat 13 Sep 2025 03:05:33 +0000 ROA not before: Sat 13 Sep 2025 03:05:33 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 139259 IP address blocks: 103.221.18.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 13:37:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7900 (0x1edc) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Sep 13 03:05:33 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=3AA0C05282185C96869DAF6D1E5284D6E9B8AF1A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d4:ab:a8:22:b7:01:c0:00:64:b9:23:ac:0a:8f: aa:81:bd:60:01:eb:f5:35:b8:53:dd:65:21:d5:ec: 3c:0d:c2:ea:56:5a:72:24:2a:9e:8f:25:1b:9a:6f: bd:7b:d9:c7:bd:b6:96:79:06:66:b0:13:a3:d1:86: a4:2d:a9:ca:5a:80:02:62:b3:5e:9f:02:3f:89:17: f2:0f:af:29:70:04:cb:d7:54:a3:39:4a:56:19:4c: 6c:45:4f:f3:4c:d2:be:b6:26:b5:28:ba:87:b7:22: f4:9e:0a:2f:d1:ff:bb:fc:0b:20:18:a7:9f:04:8d: 3b:02:07:48:a9:e7:40:a8:d6:ed:c9:7d:a4:f1:0a: ca:84:f8:1a:0f:06:a9:59:1c:d0:74:e9:4d:b3:d3: d1:ad:d3:9b:77:c7:c7:23:71:a0:41:1e:b5:a9:3c: ae:a2:ac:76:c9:7e:83:02:4d:3d:81:58:ef:35:c6: 6b:e7:11:75:eb:4b:3a:d2:6c:e7:f1:c7:6c:26:08: 0d:7b:e5:46:63:a8:24:46:3f:a0:c6:4a:d8:54:f3: 4c:79:47:24:ad:d1:09:2f:d3:9e:cd:10:3e:b8:bc: cf:93:3f:95:5c:74:eb:f9:ac:3b:a2:1d:7e:6e:18: 76:4e:3f:46:12:82:82:fc:43:c2:5f:59:3c:55:f4: ce:97 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3A:A0:C0:52:82:18:5C:96:86:9D:AF:6D:1E:52:84:D6:E9:B8:AF:1A X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/OqDAUoIYXJaGna9tHlKE1um4rxo.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.221.18.0/24 Signature Algorithm: sha256WithRSAEncryption 16:90:c2:69:8a:6f:13:27:26:17:5e:65:c6:8a:46:7a:45:1a: 10:30:68:2b:90:b1:b4:7f:db:bc:6b:e8:43:28:55:a5:ca:cc: 7b:5b:52:6f:c3:40:eb:65:2e:c2:71:ab:aa:52:58:1c:26:d2: 5a:99:7d:f9:8f:16:b4:c0:aa:21:eb:53:59:1f:71:96:fc:c4: 8f:7c:6b:3b:14:8b:aa:02:de:ca:b4:c2:cc:a2:c7:c9:03:76: 21:3b:57:94:df:d3:4b:a7:a9:0a:a3:6c:c9:fb:28:31:47:ac: 02:a9:3d:70:2d:25:a7:3d:24:b7:e0:d4:56:c9:e1:51:de:62: ab:fb:d5:22:a8:76:8a:d3:ff:eb:2d:72:24:00:e6:c1:4d:cb: 1a:5e:c9:7b:c4:6d:18:b5:46:97:f3:c3:14:27:95:cb:31:e9: cc:0b:d4:79:1e:85:27:6c:26:f5:5f:6d:96:a5:e3:30:da:cc: 99:95:0e:bb:76:37:01:09:c1:ce:22:9a:ee:f6:e0:50:e7:e1: 00:72:12:70:18:d1:69:df:b4:cb:94:fe:08:98:7e:2c:17:97: 60:90:4b:72:66:57:db:87:97:e9:13:49:15:47:a0:69:80:e8: be:f6:27:f4:b1:53:53:ba:2d:ab:0b:d9:d1:56:38:12:32:31: 57:c4:fa:0e -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICHtwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTA5MTMw MzA1MzNaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDNBQTBDMDUyODIxODVD OTY4NjlEQUY2RDFFNTI4NEQ2RTlCOEFGMUEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDUq6gitwHAAGS5I6wKj6qBvWAB6/U1uFPdZSHV7DwNwupWWnIk Kp6PJRuab7172ce9tpZ5BmawE6PRhqQtqcpagAJis16fAj+JF/IPrylwBMvXVKM5 SlYZTGxFT/NM0r62JrUouoe3IvSeCi/R/7v8CyAYp58EjTsCB0ip50Co1u3JfaTx CsqE+BoPBqlZHNB06U2z09Gt05t3x8cjcaBBHrWpPK6irHbJfoMCTT2BWO81xmvn EXXrSzrSbOfxx2wmCA175UZjqCRGP6DGSthU80x5RySt0Qkv057NED64vM+TP5Vc dOv5rDuiHX5uGHZOP0YSgoL8Q8JfWTxV9M6XAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUOqDAUoIYXJaGna9tHlKE1um4rxowHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L09xREFVb0lZWEphR25h OXRIbEtFMXVtNHJ4by5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BABn3RIwDQYJKoZIhvcNAQELBQADggEBABaQwmmKbxMnJhdeZcaKRnpFGhAwaCuQ sbR/27xr6EMoVaXKzHtbUm/DQOtlLsJxq6pSWBwm0lqZffmPFrTAqiHrU1kfcZb8 xI98azsUi6oC3sq0wsyix8kDdiE7V5Tf00unqQqjbMn7KDFHrAKpPXAtJac9JLfg 1FbJ4VHeYqv71SKodorT/+stciQA5sFNyxpeyXvEbRi1RpfzwxQnlcsx6cwL1Hke hSdsJvVfbZal4zDazJmVDrt2NwEJwc4imu724FDn4QByEnAY0WnftMuU/giYfiwX l2CQS3JmV9uHl+kTSRVHoGmA6L72J/SxU1O6LasL2dFWOBIyMVfE+g4= -----END CERTIFICATE-----Generated at Mon Oct 20 13:30:54 2025 by rpki-client