$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/TC-NNYawYvW7F76Uo4HBCELmqX4.roa File: TC-NNYawYvW7F76Uo4HBCELmqX4.roa (raw, json) Hash identifier: BK2p9+lC/dIWwlxrPVaujfZII9sCNzoWRW0ERVPxqvQ= Subject key identifier: 4C:2F:8D:35:86:B0:62:F5:BB:17:BE:94:A3:81:C1:08:42:E6:A9:7E Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 1EAB Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/TC-NNYawYvW7F76Uo4HBCELmqX4.roa Signing time: Sat 13 Sep 2025 03:05:21 +0000 ROA not before: Sat 13 Sep 2025 03:05:21 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 139259 IP address blocks: 103.221.37.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 13:37:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7851 (0x1eab) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Sep 13 03:05:21 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=4C2F8D3586B062F5BB17BE94A381C10842E6A97E Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a1:54:d5:39:89:0d:1e:2f:83:21:8d:08:af:fa: 66:b9:32:93:34:60:37:9e:cc:f0:96:29:1a:84:bf: 36:ae:d8:e3:de:01:8a:fb:0d:48:61:cb:34:3a:18: f8:6e:fd:86:6f:46:3e:da:5c:5f:38:22:3e:99:99: db:c6:ea:1e:ab:b2:fc:3e:0e:b0:e3:9a:40:e2:77: aa:eb:47:3a:67:8f:b4:1d:51:9a:20:c9:36:cb:40: b1:73:c0:f4:96:57:23:34:fd:30:45:e6:e6:87:59: 31:09:58:9a:9b:7c:66:85:cf:d8:ea:71:63:48:a1: 55:ff:05:70:16:5a:e3:d7:2e:f8:f4:f8:3c:a6:63: e6:57:29:04:0d:49:bd:d9:a7:14:38:97:dc:72:2d: ee:e0:68:28:18:4d:e3:bd:b8:9f:b5:9b:ef:75:37: bd:47:04:65:2d:bf:79:b8:1d:92:39:f2:a0:30:63: 94:f9:0f:6d:7b:5d:22:48:64:5c:bd:a9:01:28:02: 69:df:a0:76:3f:7e:a1:9d:a9:9b:e9:a2:dc:9f:a6: 21:94:b9:b4:d9:3c:7f:68:0f:cc:df:7f:d2:32:87: 88:0a:f6:df:74:40:f7:59:57:b6:1e:3c:9a:30:0c: a0:f2:c5:60:c6:71:36:e2:49:49:22:d5:14:cb:7a: 0d:5b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4C:2F:8D:35:86:B0:62:F5:BB:17:BE:94:A3:81:C1:08:42:E6:A9:7E X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/TC-NNYawYvW7F76Uo4HBCELmqX4.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.221.37.0/24 Signature Algorithm: sha256WithRSAEncryption 64:04:cd:7c:d2:3e:75:59:9a:a2:aa:b1:51:2b:f2:07:39:ee: 35:62:85:52:82:3e:fb:57:88:93:ba:fd:88:12:21:c6:a0:e0: b3:2b:77:43:7b:96:18:28:b6:06:c6:bb:15:7d:bb:b0:ea:6b: b8:3e:db:9f:2e:a6:18:da:92:33:30:96:36:be:74:77:45:6f: 0c:f7:64:bc:36:93:26:73:1c:3d:b8:b3:85:ab:f0:2b:8a:c1: b5:53:67:2a:ff:d2:d4:df:09:39:7b:54:7c:0f:ce:97:68:f1: 6a:de:4e:6e:b8:72:27:c4:fb:6a:02:99:3b:90:78:12:c0:4b: e0:35:b3:76:5f:d1:9c:2b:88:ce:06:e8:b9:2d:0d:8e:0c:cd: a4:21:a8:98:80:78:c9:b1:d7:01:45:cd:9e:30:bf:25:7f:98: 0b:6b:ce:49:1c:4f:8b:05:ad:51:e5:0e:52:34:3e:26:6b:75: f3:7f:72:d2:95:07:d6:12:ca:1a:04:1b:07:de:d1:f2:8f:64: aa:0b:95:d3:2d:88:36:43:37:4e:11:41:cd:48:39:a0:2b:73: b2:c1:7a:e6:68:f3:95:e5:31:20:9c:9c:09:0f:d5:73:8f:3c: a9:71:8a:64:75:fa:c6:7d:eb:b9:6d:4b:67:26:f3:40:fc:58: ef:88:43:24 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICHqswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTA5MTMw MzA1MjFaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDRDMkY4RDM1ODZCMDYy RjVCQjE3QkU5NEEzODFDMTA4NDJFNkE5N0UwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQChVNU5iQ0eL4MhjQiv+ma5MpM0YDeezPCWKRqEvzau2OPeAYr7 DUhhyzQ6GPhu/YZvRj7aXF84Ij6ZmdvG6h6rsvw+DrDjmkDid6rrRzpnj7QdUZog yTbLQLFzwPSWVyM0/TBF5uaHWTEJWJqbfGaFz9jqcWNIoVX/BXAWWuPXLvj0+Dym Y+ZXKQQNSb3ZpxQ4l9xyLe7gaCgYTeO9uJ+1m+91N71HBGUtv3m4HZI58qAwY5T5 D217XSJIZFy9qQEoAmnfoHY/fqGdqZvpotyfpiGUubTZPH9oD8zff9Iyh4gK9t90 QPdZV7YePJowDKDyxWDGcTbiSUki1RTLeg1bAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUTC+NNYawYvW7F76Uo4HBCELmqX4wHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L1RDLU5OWWF3WXZXN0Y3 NlVvNEhCQ0VMbXFYNC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BABn3SUwDQYJKoZIhvcNAQELBQADggEBAGQEzXzSPnVZmqKqsVEr8gc57jVihVKC PvtXiJO6/YgSIcag4LMrd0N7lhgotgbGuxV9u7Dqa7g+258uphjakjMwlja+dHdF bwz3ZLw2kyZzHD24s4Wr8CuKwbVTZyr/0tTfCTl7VHwPzpdo8WreTm64cifE+2oC mTuQeBLAS+A1s3Zf0ZwriM4G6LktDY4MzaQhqJiAeMmx1wFFzZ4wvyV/mAtrzkkc T4sFrVHlDlI0PiZrdfN/ctKVB9YSyhoEGwfe0fKPZKoLldMtiDZDN04RQc1IOaAr c7LBeuZo85XlMSCcnAkP1XOPPKlximR1+sZ967ltS2cm80D8WO+IQyQ= -----END CERTIFICATE-----Generated at Mon Oct 20 13:13:45 2025 by rpki-client