$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/QtlEojynnjcQHprm-xPIb3gk2oM.roa File: QtlEojynnjcQHprm-xPIb3gk2oM.roa (raw, json) Hash identifier: NWs8vUCAC9LgCKsOBMVAKRSXZ6IMMR11KezJX6/4hNE= Subject key identifier: 42:D9:44:A2:3C:A7:9E:37:10:1E:9A:E6:FB:13:C8:6F:78:24:DA:83 Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 1F26 Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/QtlEojynnjcQHprm-xPIb3gk2oM.roa Signing time: Tue 16 Sep 2025 05:50:56 +0000 ROA not before: Tue 16 Sep 2025 05:50:56 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 25743 IP address blocks: 103.221.8.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 13:37:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7974 (0x1f26) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Sep 16 05:50:56 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=42D944A23CA79E37101E9AE6FB13C86F7824DA83 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dd:30:9b:6f:c0:c1:c8:08:f2:a2:3a:7e:7d:0e: 94:69:eb:06:49:84:d6:40:4a:b3:f8:ab:f4:b4:88: 09:e9:8d:7a:71:03:bb:e0:f6:e9:87:d5:15:31:7f: 7d:79:09:f9:9a:54:b5:64:91:d8:5c:b6:ad:d4:87: 11:63:6b:f0:e0:61:f3:4e:07:e2:29:3b:b3:93:4c: 69:f0:18:58:7e:c3:58:0c:63:ab:74:aa:25:db:15: 26:b0:b6:d0:50:ba:ac:14:ee:00:86:7f:4e:2b:8e: cb:5d:72:ba:f8:27:1a:7a:7e:f2:e9:d5:ee:3e:fc: 01:a8:1e:c0:97:76:2f:4a:31:9c:c9:58:75:a2:bc: 64:58:2a:f9:81:f7:83:33:e9:cb:5e:d2:76:c9:29: b3:45:ff:70:4e:38:d2:dc:a3:32:1e:4d:4c:25:b0: 49:0f:23:0d:88:65:de:18:25:1e:c0:e3:b3:4d:bf: 8a:79:36:50:9c:a5:e3:6f:1d:bf:86:82:cd:42:1e: 33:f1:2f:f4:2c:b6:fb:41:83:f8:2b:93:07:ed:d7: 4f:40:7d:90:bd:28:ee:5a:0f:3c:37:fd:51:46:0b: 34:f5:ea:19:23:82:e7:04:90:55:00:95:17:58:55: ad:9e:c1:1a:52:1b:af:95:a5:72:06:b1:67:8d:34: 08:1d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 42:D9:44:A2:3C:A7:9E:37:10:1E:9A:E6:FB:13:C8:6F:78:24:DA:83 X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/QtlEojynnjcQHprm-xPIb3gk2oM.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.221.8.0/22 Signature Algorithm: sha256WithRSAEncryption 7e:6e:f2:1d:e0:0d:98:49:5f:69:1e:9b:bd:36:12:77:c7:f8: 70:53:5b:eb:1d:3e:cb:fb:4d:e0:cd:4b:df:dd:16:f8:b7:33: 70:64:cb:d6:44:88:c0:33:05:d0:bf:76:88:e4:0b:bd:62:6e: 29:03:33:79:dd:1b:0d:72:19:f8:38:28:72:a8:64:be:b4:fa: 2b:ba:b3:7b:9e:d1:3b:f0:c1:8e:ab:8e:88:1d:58:fb:e9:12: 31:5b:ea:ed:3b:42:f8:c3:61:60:53:6d:af:f8:4a:6f:e1:59: 53:ce:95:10:23:84:45:52:98:ed:97:52:e4:59:21:64:fe:f5: ba:3e:dc:51:bf:ff:15:29:08:e1:a6:81:5e:e1:fb:21:1e:39: 7c:dc:c8:c4:19:92:a8:d0:d5:22:ad:19:f3:57:e9:94:f5:67: 3f:af:7e:3a:e2:8d:d5:c9:80:1a:e9:9e:2b:65:a3:dc:4b:30: 64:15:02:25:8a:6e:66:e0:da:49:2d:69:25:66:c2:59:c3:64: f3:3f:23:f6:2b:b6:15:78:ae:dd:1f:cd:09:54:4a:f4:ae:70: 8c:47:dc:d4:c4:d4:4a:50:2c:bb:f2:61:72:b8:59:93:19:7e: 16:85:eb:29:f9:f5:fc:5a:05:ff:19:78:cf:49:20:2d:b6:b5: 62:d6:71:9b -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICHyYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTA5MTYw NTUwNTZaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDQyRDk0NEEyM0NBNzlF MzcxMDFFOUFFNkZCMTNDODZGNzgyNERBODMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDdMJtvwMHICPKiOn59DpRp6wZJhNZASrP4q/S0iAnpjXpxA7vg 9umH1RUxf315CfmaVLVkkdhctq3UhxFja/DgYfNOB+IpO7OTTGnwGFh+w1gMY6t0 qiXbFSawttBQuqwU7gCGf04rjstdcrr4Jxp6fvLp1e4+/AGoHsCXdi9KMZzJWHWi vGRYKvmB94Mz6cte0nbJKbNF/3BOONLcozIeTUwlsEkPIw2IZd4YJR7A47NNv4p5 NlCcpeNvHb+Ggs1CHjPxL/QstvtBg/grkwft109AfZC9KO5aDzw3/VFGCzT16hkj gucEkFUAlRdYVa2ewRpSG6+VpXIGsWeNNAgdAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUQtlEojynnjcQHprm+xPIb3gk2oMwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L1F0bEVvanlubmpjUUhw cm0teFBJYjNnazJvTS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAJn3QgwDQYJKoZIhvcNAQELBQADggEBAH5u8h3gDZhJX2kem702EnfH+HBTW+sd Psv7TeDNS9/dFvi3M3Bky9ZEiMAzBdC/dojkC71ibikDM3ndGw1yGfg4KHKoZL60 +iu6s3ue0TvwwY6rjogdWPvpEjFb6u07QvjDYWBTba/4Sm/hWVPOlRAjhEVSmO2X UuRZIWT+9bo+3FG//xUpCOGmgV7h+yEeOXzcyMQZkqjQ1SKtGfNX6ZT1Zz+vfjri jdXJgBrpnitlo9xLMGQVAiWKbmbg2kktaSVmwlnDZPM/I/YrthV4rt0fzQlUSvSu cIxH3NTE1EpQLLvyYXK4WZMZfhaF6yn59fxaBf8ZeM9JIC22tWLWcZs= -----END CERTIFICATE-----Generated at Mon Oct 20 13:30:51 2025 by rpki-client