$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/SgYNeyshzO_xtQtxTP0lHighCs8.roa File: SgYNeyshzO_xtQtxTP0lHighCs8.roa (raw, json) Hash identifier: LGAEqyZfqxDr+CP2IPCVI+f5NNrvtfJxhPpLuPfxxLc= Subject key identifier: 4A:06:0D:7B:2B:21:CC:EF:F1:B5:0B:71:4C:FD:25:1E:28:21:0A:CF Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 1F21 Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/SgYNeyshzO_xtQtxTP0lHighCs8.roa Signing time: Tue 16 Sep 2025 05:50:55 +0000 ROA not before: Tue 16 Sep 2025 05:50:55 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 25743 IP address blocks: 45.252.144.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 23:00:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7969 (0x1f21) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Sep 16 05:50:55 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=4A060D7B2B21CCEFF1B50B714CFD251E28210ACF Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:1d:28:ec:dd:78:a5:92:b0:76:69:8f:9c:16: e5:d9:8b:75:ae:67:49:d9:61:c5:5d:a7:6a:58:84: 85:f6:8c:e8:f0:23:85:06:c8:06:da:fb:4b:03:4c: 02:70:83:fb:f9:25:a3:a8:9b:4a:c3:e9:bc:f9:49: 2f:49:fd:64:90:1f:5d:9c:33:a8:2f:23:ca:44:dd: 48:34:79:cc:a5:66:68:e3:0f:84:4d:9a:fd:f9:e4: 5c:b2:1c:ae:af:ba:bc:f9:8c:1d:3a:52:41:a0:0f: 87:92:04:d3:2e:6b:38:05:b1:93:47:02:18:f8:8c: 0a:37:a8:3c:ea:c7:35:b1:dd:5a:22:30:06:3b:16: c4:06:0e:44:f9:4c:9b:22:2c:bc:f9:33:38:f1:aa: 4f:a7:12:fd:70:74:83:38:e0:d8:8a:be:43:54:af: bd:e9:ee:49:59:4d:5f:11:b0:ed:f4:6e:e1:60:1b: 76:ba:28:45:41:77:ff:6c:cb:de:13:21:27:43:30: a5:a2:1c:2b:c6:48:a9:92:62:10:d6:7c:f9:2a:fc: fb:20:67:5a:f3:28:5a:04:15:14:ad:c6:1d:b1:28: 2d:a7:d5:5c:d2:17:2a:f0:b6:be:7e:77:20:28:a4: 62:25:88:95:0a:1e:f7:61:b9:6a:49:b9:cd:a1:96: 53:59 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4A:06:0D:7B:2B:21:CC:EF:F1:B5:0B:71:4C:FD:25:1E:28:21:0A:CF X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/SgYNeyshzO_xtQtxTP0lHighCs8.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 45.252.144.0/22 Signature Algorithm: sha256WithRSAEncryption c0:99:30:c3:92:08:53:13:31:0f:2e:02:aa:88:56:f9:99:31: f1:7b:6f:73:52:d5:b8:64:df:d0:da:cd:0d:54:27:42:15:5b: ee:05:82:86:96:c7:4d:d9:9e:a6:97:62:84:f1:0d:32:3b:b3: 21:ee:e2:57:f5:c8:3d:76:72:e7:a2:f4:43:1c:5e:8e:0c:4d: 69:ab:a5:c4:27:85:1c:d3:8f:a7:d0:8b:18:a2:21:3a:a9:1c: 0e:68:11:1e:a8:68:87:43:34:20:6e:cf:cb:88:65:ae:35:ad: b1:6d:9e:7d:06:b3:76:b7:08:a3:83:5e:d6:07:83:54:3f:07: 5c:6c:39:5e:c9:44:3c:03:fe:74:5e:4f:6d:0d:d4:4a:8d:1d: 61:3c:a8:92:1a:2b:45:ac:f7:21:d1:90:ec:26:b7:2b:fa:77: a4:a2:2e:09:ba:ff:81:1a:20:03:1a:8b:c1:45:6b:30:bc:10: b1:5e:66:f7:4d:72:95:77:25:bc:72:9a:6a:a6:7a:ad:d5:8f: 3a:c0:a9:7c:77:b4:7d:bc:a5:e0:d0:03:6b:13:1c:c3:39:5a: d7:1d:ba:a5:04:4d:b2:65:c3:d8:94:b9:de:38:c1:f8:42:35: e7:76:67:88:bc:21:af:fb:c1:18:0b:d6:3d:88:19:72:be:e0: 0e:d0:d3:47 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICHyEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTA5MTYw NTUwNTVaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDRBMDYwRDdCMkIyMUND RUZGMUI1MEI3MTRDRkQyNTFFMjgyMTBBQ0YwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCtHSjs3XilkrB2aY+cFuXZi3WuZ0nZYcVdp2pYhIX2jOjwI4UG yAba+0sDTAJwg/v5JaOom0rD6bz5SS9J/WSQH12cM6gvI8pE3Ug0ecylZmjjD4RN mv355FyyHK6vurz5jB06UkGgD4eSBNMuazgFsZNHAhj4jAo3qDzqxzWx3VoiMAY7 FsQGDkT5TJsiLLz5Mzjxqk+nEv1wdIM44NiKvkNUr73p7klZTV8RsO30buFgG3a6 KEVBd/9sy94TISdDMKWiHCvGSKmSYhDWfPkq/PsgZ1rzKFoEFRStxh2xKC2n1VzS Fyrwtr5+dyAopGIliJUKHvdhuWpJuc2hllNZAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUSgYNeyshzO/xtQtxTP0lHighCs8wHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L1NnWU5leXNoek9feHRR dHhUUDBsSGlnaENzOC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAIt/JAwDQYJKoZIhvcNAQELBQADggEBAMCZMMOSCFMTMQ8uAqqIVvmZMfF7b3NS 1bhk39DazQ1UJ0IVW+4FgoaWx03ZnqaXYoTxDTI7syHu4lf1yD12cuei9EMcXo4M TWmrpcQnhRzTj6fQixiiITqpHA5oER6oaIdDNCBuz8uIZa41rbFtnn0Gs3a3CKOD XtYHg1Q/B1xsOV7JRDwD/nReT20N1EqNHWE8qJIaK0Ws9yHRkOwmtyv6d6SiLgm6 /4EaIAMai8FFazC8ELFeZvdNcpV3Jbxymmqmeq3VjzrAqXx3tH28peDQA2sTHMM5 WtcduqUETbJlw9iUud44wfhCNed2Z4i8Ia/7wRgL1j2IGXK+4A7Q00c= -----END CERTIFICATE-----Generated at Mon Oct 20 20:39:44 2025 by rpki-client