$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/R1oZc2TBk1zcRLsOUDXEAdf5RHE.roa File: R1oZc2TBk1zcRLsOUDXEAdf5RHE.roa (raw, json) Hash identifier: 31gZymrFTWPf0P7/kQ9PggrJ083hn2qt05ndVBAuVH8= Subject key identifier: 47:5A:19:73:64:C1:93:5C:DC:44:BB:0E:50:35:C4:01:D7:F9:44:71 Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 1ED8 Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/R1oZc2TBk1zcRLsOUDXEAdf5RHE.roa Signing time: Sat 13 Sep 2025 03:05:33 +0000 ROA not before: Sat 13 Sep 2025 03:05:33 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 138527 IP address blocks: 45.252.44.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 13:37:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7896 (0x1ed8) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Sep 13 03:05:33 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=475A197364C1935CDC44BB0E5035C401D7F94471 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:db:fc:54:fe:38:12:2a:fd:50:cb:82:76:02:14: a3:24:a1:53:99:0c:68:05:cc:32:bf:86:11:26:5b: cf:41:36:4e:84:5e:ca:1a:b5:34:0c:e6:bf:7a:97: 23:ef:aa:44:e9:ea:7c:c0:dc:41:d8:e7:04:e3:88: f3:16:5d:ea:cf:52:cc:d1:cc:d1:7c:f5:a0:5c:24: 82:23:f6:e2:58:9b:b8:c8:10:32:80:65:cf:89:b5: 52:6b:18:18:e3:34:c3:c7:07:f5:2b:c1:60:98:e6: 5b:a6:3e:97:8c:81:06:0f:0d:2c:d3:35:86:95:ea: 1c:e3:54:6a:59:0e:23:75:10:fc:42:f5:49:4c:ad: d5:22:bd:db:c3:32:c3:49:06:d8:4b:1a:64:d5:b7: 52:4e:82:a9:5d:b3:f2:cc:ed:1e:ff:88:99:f5:dc: 5e:d9:06:c5:5e:97:5f:74:d8:49:1f:89:d6:c1:04: 92:7a:ba:6a:05:b9:a9:c8:11:44:07:23:1c:05:41: 14:2d:57:3a:27:d1:12:79:a0:3d:85:53:e0:22:cb: c0:77:56:13:e6:9c:ea:85:70:d2:51:78:f4:16:14: 2d:5a:c1:e9:e1:ac:b1:c7:e3:77:ed:78:b9:07:66: 27:23:2b:22:5e:3c:5c:d3:cf:a3:0f:07:e5:6e:41: 94:47 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 47:5A:19:73:64:C1:93:5C:DC:44:BB:0E:50:35:C4:01:D7:F9:44:71 X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/R1oZc2TBk1zcRLsOUDXEAdf5RHE.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 45.252.44.0/22 Signature Algorithm: sha256WithRSAEncryption 6d:4e:79:49:61:1b:77:e6:82:57:98:29:b2:c2:ab:18:9e:71: 9b:2b:32:61:38:0c:b0:51:2e:10:4f:d8:cd:c4:0f:09:8a:1e: b1:0b:57:d7:2c:61:79:24:81:8a:95:87:a0:a9:aa:5f:c1:de: f1:32:6c:14:63:ad:8c:ae:8a:bf:d9:6b:3a:10:46:e8:87:be: c4:6c:7c:91:62:3f:69:df:4d:a0:73:bd:26:e7:36:eb:af:3c: b4:5f:42:9e:bb:4e:d2:09:de:69:85:f7:33:c5:cc:27:3a:fb: 7c:c1:d0:3d:4b:47:9c:ff:27:48:e4:ed:8b:cc:60:85:7d:e9: 26:e0:f3:96:85:46:7a:43:ab:83:66:a0:90:40:52:eb:69:23: 4d:46:34:d1:90:dc:c9:68:60:11:8e:d0:8c:20:99:2a:a2:d2: 61:de:da:88:1a:1b:55:b7:52:c3:c4:37:47:cb:4c:81:b1:9d: 74:a1:19:2f:68:f3:9c:67:5e:b7:ae:ee:d6:51:71:71:3b:1f: e2:3e:48:15:32:76:89:bf:06:4b:3b:0b:24:92:e6:58:e6:6e: 41:fc:7a:34:61:3b:a3:32:f8:dd:86:d8:12:0c:1c:d6:a1:5c: 4d:e2:ca:28:32:ef:17:51:9e:39:a3:83:c2:a0:e7:8e:e4:9f: 9f:c4:d3:f0 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICHtgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTA5MTMw MzA1MzNaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDQ3NUExOTczNjRDMTkz NUNEQzQ0QkIwRTUwMzVDNDAxRDdGOTQ0NzEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDb/FT+OBIq/VDLgnYCFKMkoVOZDGgFzDK/hhEmW89BNk6EXsoa tTQM5r96lyPvqkTp6nzA3EHY5wTjiPMWXerPUszRzNF89aBcJIIj9uJYm7jIEDKA Zc+JtVJrGBjjNMPHB/UrwWCY5lumPpeMgQYPDSzTNYaV6hzjVGpZDiN1EPxC9UlM rdUivdvDMsNJBthLGmTVt1JOgqlds/LM7R7/iJn13F7ZBsVel1902EkfidbBBJJ6 umoFuanIEUQHIxwFQRQtVzon0RJ5oD2FU+Aiy8B3VhPmnOqFcNJRePQWFC1awenh rLHH43fteLkHZicjKyJePFzTz6MPB+VuQZRHAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUR1oZc2TBk1zcRLsOUDXEAdf5RHEwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L1Ixb1pjMlRCazF6Y1JM c09VRFhFQWRmNVJIRS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAIt/CwwDQYJKoZIhvcNAQELBQADggEBAG1OeUlhG3fmgleYKbLCqxiecZsrMmE4 DLBRLhBP2M3EDwmKHrELV9csYXkkgYqVh6Cpql/B3vEybBRjrYyuir/ZazoQRuiH vsRsfJFiP2nfTaBzvSbnNuuvPLRfQp67TtIJ3mmF9zPFzCc6+3zB0D1LR5z/J0jk 7YvMYIV96Sbg85aFRnpDq4NmoJBAUutpI01GNNGQ3MloYBGO0IwgmSqi0mHe2oga G1W3UsPEN0fLTIGxnXShGS9o85xnXreu7tZRcXE7H+I+SBUydom/Bks7CySS5ljm bkH8ejRhO6My+N2G2BIMHNahXE3iyigy7xdRnjmjg8Kg547kn5/E0/A= -----END CERTIFICATE-----Generated at Mon Oct 20 13:13:41 2025 by rpki-client