$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/STq7nHgP3IY7e3kb67Yu1y9zlpQ.roa File: STq7nHgP3IY7e3kb67Yu1y9zlpQ.roa (raw, json) Hash identifier: FU0fQ5nGIQucWGgSXfZpzkoASDZVh0TVHtg3FoILWgE= Subject key identifier: 49:3A:BB:9C:78:0F:DC:86:3B:7B:79:1B:EB:B6:2E:D7:2F:73:96:94 Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 1EE1 Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/STq7nHgP3IY7e3kb67Yu1y9zlpQ.roa Signing time: Sat 13 Sep 2025 03:05:34 +0000 ROA not before: Sat 13 Sep 2025 03:05:34 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 13444 IP address blocks: 45.252.84.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 13:37:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7905 (0x1ee1) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Sep 13 03:05:34 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=493ABB9C780FDC863B7B791BEBB62ED72F739694 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d9:0a:76:1b:f6:a4:10:2b:34:d1:44:15:03:2a: 1a:1c:f1:01:4e:9a:5e:e8:f7:9d:e4:31:a9:1c:00: 2c:d3:b1:a6:5c:44:bd:85:f8:2a:36:99:2a:97:64: 62:50:a8:5d:1b:ba:67:69:77:13:9f:bb:d2:2c:16: ab:42:97:a7:87:17:fb:00:bf:d9:0b:7f:6f:02:6f: 25:0c:8d:fc:fe:92:25:22:8a:8a:99:c9:84:6a:60: e0:33:f7:51:d3:8c:0a:bb:90:7e:e7:82:e5:76:a1: 96:8b:64:fb:9c:9a:a5:19:b7:c5:fd:fa:b0:09:c2: 5c:47:c2:0f:cf:d5:d9:56:87:7c:e1:70:06:06:7f: 2e:c9:bc:44:6b:8b:ff:e2:1c:70:2a:7e:5b:03:35: c5:2b:25:20:79:eb:ed:32:4a:72:d9:52:49:1a:a6: 55:1e:29:18:ac:19:25:fa:52:1c:e4:9a:54:7d:32: 9f:b4:c7:24:ac:ae:c9:36:14:21:54:22:27:a8:60: 00:78:08:7f:46:0c:af:20:5d:c8:12:25:b5:c3:9d: bc:1b:98:b9:96:f9:85:db:27:a8:6d:99:00:55:1c: ce:a3:eb:61:4d:50:bc:84:68:3d:43:53:de:ed:10: a1:2b:88:96:99:7f:9d:0f:8e:c9:ce:02:bd:70:07: 13:15 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 49:3A:BB:9C:78:0F:DC:86:3B:7B:79:1B:EB:B6:2E:D7:2F:73:96:94 X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/STq7nHgP3IY7e3kb67Yu1y9zlpQ.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 45.252.84.0/22 Signature Algorithm: sha256WithRSAEncryption 2f:f6:6a:53:fb:a9:db:be:07:d1:89:1c:3e:d2:45:f8:4f:15: b3:42:10:ed:43:de:b0:09:d2:4a:58:19:a0:13:6a:c3:19:9b: dd:08:30:4d:25:79:52:49:08:6e:e1:14:c1:4e:ba:af:2c:32: 14:db:a3:fb:07:cc:f4:36:70:42:4b:2c:4a:fb:72:1a:11:41: f4:c4:ce:66:18:4e:9a:72:f7:6f:08:b4:9d:e3:93:16:6f:05: b0:c6:c5:98:93:74:25:38:27:12:cb:29:79:fc:ec:52:19:ca: 0c:b4:a5:b7:3f:38:77:68:63:ea:c6:4a:b2:67:ea:1d:e0:14: 25:a7:3d:e7:3c:13:41:08:c5:25:9d:fd:24:88:f0:8d:f6:cf: 59:d4:41:b9:05:2a:59:0f:b8:f9:34:03:86:38:4f:ff:5d:52: 04:3f:a7:64:ce:7d:31:1c:91:51:fc:0f:53:5d:c4:30:bb:57: 1b:cb:cd:39:4d:39:ff:8c:c3:19:78:f2:d1:9a:6a:2c:70:8b: 64:79:a8:45:2b:5e:51:d6:6f:e5:d9:87:98:2e:3f:1f:b0:e6: 92:e9:d3:0c:c2:ad:7b:0d:bf:c8:9f:34:76:03:ea:31:d6:ed: 9c:5b:a8:fc:fe:5b:41:62:94:66:40:ea:f9:6c:9c:ee:b2:f4: fa:5e:45:08 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICHuEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTA5MTMw MzA1MzRaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDQ5M0FCQjlDNzgwRkRD ODYzQjdCNzkxQkVCQjYyRUQ3MkY3Mzk2OTQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDZCnYb9qQQKzTRRBUDKhoc8QFOml7o953kMakcACzTsaZcRL2F +Co2mSqXZGJQqF0bumdpdxOfu9IsFqtCl6eHF/sAv9kLf28CbyUMjfz+kiUiioqZ yYRqYOAz91HTjAq7kH7nguV2oZaLZPucmqUZt8X9+rAJwlxHwg/P1dlWh3zhcAYG fy7JvERri//iHHAqflsDNcUrJSB56+0ySnLZUkkaplUeKRisGSX6UhzkmlR9Mp+0 xySsrsk2FCFUIieoYAB4CH9GDK8gXcgSJbXDnbwbmLmW+YXbJ6htmQBVHM6j62FN ULyEaD1DU97tEKEriJaZf50PjsnOAr1wBxMVAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUSTq7nHgP3IY7e3kb67Yu1y9zlpQwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L1NUcTduSGdQM0lZN2Uz a2I2N1l1MXk5emxwUS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAIt/FQwDQYJKoZIhvcNAQELBQADggEBAC/2alP7qdu+B9GJHD7SRfhPFbNCEO1D 3rAJ0kpYGaATasMZm90IME0leVJJCG7hFMFOuq8sMhTbo/sHzPQ2cEJLLEr7choR QfTEzmYYTppy928ItJ3jkxZvBbDGxZiTdCU4JxLLKXn87FIZygy0pbc/OHdoY+rG SrJn6h3gFCWnPec8E0EIxSWd/SSI8I32z1nUQbkFKlkPuPk0A4Y4T/9dUgQ/p2TO fTEckVH8D1NdxDC7VxvLzTlNOf+Mwxl48tGaaixwi2R5qEUrXlHWb+XZh5guPx+w 5pLp0wzCrXsNv8ifNHYD6jHW7ZxbqPz+W0FilGZA6vlsnO6y9PpeRQg= -----END CERTIFICATE-----Generated at Mon Oct 20 13:13:49 2025 by rpki-client