$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/PrrOXDlEGsQN_iMxeWjLaHjl_ck.roa File: PrrOXDlEGsQN_iMxeWjLaHjl_ck.roa (raw, json) Hash identifier: B+NYAgBKwzXnl1JsrdAqNsRRer4CxxF1HeN10fDphM0= Subject key identifier: 3E:BA:CE:5C:39:44:1A:C4:0D:FE:23:31:79:68:CB:68:78:E5:FD:C9 Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 1EBD Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/PrrOXDlEGsQN_iMxeWjLaHjl_ck.roa Signing time: Sat 13 Sep 2025 03:05:25 +0000 ROA not before: Sat 13 Sep 2025 03:05:25 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 139259 IP address blocks: 103.221.40.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 13:37:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7869 (0x1ebd) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Sep 13 03:05:25 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=3EBACE5C39441AC40DFE23317968CB6878E5FDC9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:cc:96:a2:67:cc:da:23:38:94:27:9f:61:11: 1f:1e:3c:c7:ac:ea:ca:39:d1:4c:6d:45:54:37:b3: a8:a2:dc:2b:79:4c:37:4b:98:a5:60:d2:e0:96:16: 0c:24:93:d7:1c:82:ab:ec:72:1e:c8:29:14:a5:86: 47:64:e8:d2:3c:d6:8f:6f:cd:e3:48:46:a2:73:a1: de:07:2f:e5:9a:39:86:2b:15:2d:c7:d9:ef:4e:4a: a3:f1:a3:db:e5:d4:07:2b:f6:87:88:37:60:8a:df: 4d:b1:17:c5:20:3f:35:34:7e:d5:ee:a2:b9:40:49: e4:14:78:f5:2d:ac:46:a3:74:63:60:09:cb:5c:f4: c7:34:ad:9e:bb:56:5d:70:19:90:89:4d:99:18:6e: 12:d8:0e:ca:51:ca:44:a8:d3:31:55:ec:54:b4:da: 1e:d3:34:4e:ca:ce:70:7a:bb:81:e6:52:3a:c8:ee: e9:16:1e:a2:72:54:ce:73:3b:7b:40:05:57:0e:ca: f1:ee:99:94:6a:ca:a2:39:db:11:3f:ff:c5:fd:55: c6:ef:07:2c:f5:ad:f5:8b:67:23:fb:84:95:0d:e2: 9e:12:f4:f4:68:4f:23:78:d9:86:df:10:32:34:a0: 4f:f3:21:2c:40:84:6e:dd:ad:f8:ed:92:48:71:9e: b3:87 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3E:BA:CE:5C:39:44:1A:C4:0D:FE:23:31:79:68:CB:68:78:E5:FD:C9 X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/PrrOXDlEGsQN_iMxeWjLaHjl_ck.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.221.40.0/22 Signature Algorithm: sha256WithRSAEncryption bb:86:04:82:c7:37:cf:98:6e:45:2e:90:49:e2:cb:e3:c4:f9: 04:01:5f:a5:de:52:d3:62:77:35:ba:c8:82:1c:5c:94:71:95: 77:da:8c:6a:b9:c6:d8:4c:7f:94:72:00:c9:02:ef:9c:e2:fa: e5:fb:9c:83:48:e5:9b:47:5b:17:c2:a8:7e:88:d6:3b:6b:d9: 25:ca:b3:4c:9f:72:c3:7f:81:ca:45:34:83:34:98:51:37:59: f0:22:70:44:d1:0c:5f:9b:10:3e:d8:db:b6:6b:4c:d1:68:dc: 6c:2b:44:e7:7e:e6:ec:2d:f5:a6:6a:5f:8b:46:16:24:74:8e: 38:b5:b0:7a:ef:cf:13:a0:17:bc:fc:19:39:8b:52:b5:c7:ad: ab:07:e0:45:08:f0:a0:32:c8:b6:59:22:7e:1c:8c:8e:54:53: 12:91:ae:75:14:55:1d:a8:2c:5f:cf:ac:b9:09:33:40:76:17: db:32:cd:67:c9:d5:7c:00:83:3a:bc:57:d6:1b:3c:ec:7d:1f: 33:0f:7a:11:c3:d4:31:ab:13:71:cc:ea:52:44:f4:2f:8f:1e: 9f:47:e5:69:75:99:a8:64:03:25:a1:79:2c:b7:ec:3b:5c:ac: f4:70:56:33:64:0b:e1:30:3f:62:a1:c8:bb:69:8e:54:b9:db: 9c:ed:54:3e -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICHr0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTA5MTMw MzA1MjVaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDNFQkFDRTVDMzk0NDFB QzQwREZFMjMzMTc5NjhDQjY4NzhFNUZEQzkwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDLzJaiZ8zaIziUJ59hER8ePMes6so50UxtRVQ3s6ii3Ct5TDdL mKVg0uCWFgwkk9ccgqvsch7IKRSlhkdk6NI81o9vzeNIRqJzod4HL+WaOYYrFS3H 2e9OSqPxo9vl1Acr9oeIN2CK302xF8UgPzU0ftXuorlASeQUePUtrEajdGNgCctc 9Mc0rZ67Vl1wGZCJTZkYbhLYDspRykSo0zFV7FS02h7TNE7KznB6u4HmUjrI7ukW HqJyVM5zO3tABVcOyvHumZRqyqI52xE//8X9VcbvByz1rfWLZyP7hJUN4p4S9PRo TyN42YbfEDI0oE/zISxAhG7drfjtkkhxnrOHAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUPrrOXDlEGsQN/iMxeWjLaHjl/ckwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L1Byck9YRGxFR3NRTl9p TXhlV2pMYUhqbF9jay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAJn3SgwDQYJKoZIhvcNAQELBQADggEBALuGBILHN8+YbkUukEniy+PE+QQBX6Xe UtNidzW6yIIcXJRxlXfajGq5xthMf5RyAMkC75zi+uX7nINI5ZtHWxfCqH6I1jtr 2SXKs0yfcsN/gcpFNIM0mFE3WfAicETRDF+bED7Y27ZrTNFo3GwrROd+5uwt9aZq X4tGFiR0jji1sHrvzxOgF7z8GTmLUrXHrasH4EUI8KAyyLZZIn4cjI5UUxKRrnUU VR2oLF/PrLkJM0B2F9syzWfJ1XwAgzq8V9YbPOx9HzMPehHD1DGrE3HM6lJE9C+P Hp9H5Wl1mahkAyWheSy37DtcrPRwVjNkC+EwP2KhyLtpjlS525ztVD4= -----END CERTIFICATE-----Generated at Mon Oct 20 13:13:43 2025 by rpki-client