$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/UTGzhK5cec2rsvC5I1e3XuvnrYg.roa File: UTGzhK5cec2rsvC5I1e3XuvnrYg.roa (raw, json) Hash identifier: 9xBmRWPuLnp2DgcXhBQc0zo65Cemw/4PTm3Ky7apgXc= Subject key identifier: 51:31:B3:84:AE:5C:79:CD:AB:B2:F0:B9:23:57:B7:5E:EB:E7:AD:88 Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 1E81 Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/UTGzhK5cec2rsvC5I1e3XuvnrYg.roa Signing time: Sat 13 Sep 2025 03:05:13 +0000 ROA not before: Sat 13 Sep 2025 03:05:13 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 139259 IP address blocks: 103.220.249.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 13:37:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7809 (0x1e81) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Sep 13 03:05:13 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=5131B384AE5C79CDABB2F0B92357B75EEBE7AD88 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:a9:c7:d4:f7:14:a0:91:ea:f4:ec:14:b2:8e: 48:0d:a1:f5:ac:f4:8d:5b:7e:f7:d0:b3:27:b7:b4: c2:b7:f4:6c:1e:d0:11:0b:a3:66:75:d3:8e:67:f2: d8:73:86:e5:5b:06:ad:fc:e3:e0:9c:e0:ea:97:a9: df:b9:f2:4d:3d:97:99:c1:e0:44:4f:b7:9c:36:70: 3f:3f:56:96:fc:fb:85:b8:00:6e:2f:03:97:7b:22: 77:b2:b0:d5:a9:62:4b:00:00:ee:c5:c5:9a:f7:11: 95:a3:9d:f3:07:41:09:d3:c6:04:ce:22:66:8c:23: 8d:f6:37:21:75:97:90:07:e7:30:5b:87:7a:5f:26: c9:14:c5:f3:1e:1f:18:0c:21:76:60:04:ae:a6:a6: 58:ba:32:09:4a:19:2e:21:d7:ec:f5:23:71:e0:4b: 20:23:ce:69:b5:07:61:ff:8f:f4:4a:2a:83:28:07: 55:3a:16:ff:ab:aa:b3:f3:0b:7d:6e:fe:b3:7f:01: 97:5d:ec:3a:dd:86:22:9c:92:a3:15:d8:6b:62:e2: 05:55:ca:6f:84:a2:04:a8:3d:51:55:5a:33:e3:4b: 24:70:4e:25:f1:1c:30:58:16:ad:47:3b:c5:0c:e2: 49:f8:cd:82:d9:01:ae:36:7c:7d:18:9d:59:8b:1a: a4:f3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 51:31:B3:84:AE:5C:79:CD:AB:B2:F0:B9:23:57:B7:5E:EB:E7:AD:88 X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/UTGzhK5cec2rsvC5I1e3XuvnrYg.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.220.249.0/24 Signature Algorithm: sha256WithRSAEncryption 3b:d9:ae:c8:66:c8:89:ce:39:6c:2b:2d:b3:6d:3e:48:56:cf: cf:7f:42:9f:be:1b:b4:e7:44:27:27:c2:1a:72:21:6b:78:49: 3d:3f:b5:13:e1:32:8d:72:00:46:3a:fb:2d:91:c4:ba:c0:0e: d3:55:89:c4:28:4b:32:38:0e:20:77:ba:7e:9a:8a:9f:a9:2b: 5e:92:01:ac:6a:07:1b:9d:ff:04:c4:9d:66:aa:34:dd:94:86: 3c:1d:2d:26:f2:f8:45:75:5f:49:86:6b:6f:97:5f:f4:52:e8: 78:54:14:98:c0:8e:75:86:0f:95:67:f1:ee:32:93:5d:a5:2d: e8:e5:96:d8:f7:f9:08:3b:df:85:e5:31:a5:81:fe:55:96:db: ba:69:3d:62:7c:d7:ac:a9:5d:85:ac:9f:29:f8:2c:c1:68:52: 42:1a:6e:70:ec:e1:e8:5c:48:25:2d:55:db:f3:8c:e3:b7:06: 6c:86:c2:4b:da:93:f9:db:ef:3f:90:cb:0e:d6:f4:da:43:be: 41:ae:f0:d2:dd:4b:d2:52:5b:69:bb:fa:35:e9:4f:6e:72:0f: 66:86:37:25:c3:1e:38:4f:d7:eb:95:b9:0e:e3:10:76:72:78: 34:c3:43:24:65:cb:e3:30:a9:bf:f9:6b:e5:ea:45:20:13:c7: b2:14:bf:73 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICHoEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTA5MTMw MzA1MTNaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDUxMzFCMzg0QUU1Qzc5 Q0RBQkIyRjBCOTIzNTdCNzVFRUJFN0FEODgwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDHqcfU9xSgker07BSyjkgNofWs9I1bfvfQsye3tMK39Gwe0BEL o2Z1045n8thzhuVbBq384+Cc4OqXqd+58k09l5nB4ERPt5w2cD8/Vpb8+4W4AG4v A5d7IneysNWpYksAAO7FxZr3EZWjnfMHQQnTxgTOImaMI432NyF1l5AH5zBbh3pf JskUxfMeHxgMIXZgBK6mpli6MglKGS4h1+z1I3HgSyAjzmm1B2H/j/RKKoMoB1U6 Fv+rqrPzC31u/rN/AZdd7DrdhiKckqMV2Gti4gVVym+EogSoPVFVWjPjSyRwTiXx HDBYFq1HO8UM4kn4zYLZAa42fH0YnVmLGqTzAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUUTGzhK5cec2rsvC5I1e3XuvnrYgwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L1VUR3poSzVjZWMycnN2 QzVJMWUzWHV2bnJZZy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BABn3PkwDQYJKoZIhvcNAQELBQADggEBADvZrshmyInOOWwrLbNtPkhWz89/Qp++ G7TnRCcnwhpyIWt4ST0/tRPhMo1yAEY6+y2RxLrADtNVicQoSzI4DiB3un6aip+p K16SAaxqBxud/wTEnWaqNN2UhjwdLSby+EV1X0mGa2+XX/RS6HhUFJjAjnWGD5Vn 8e4yk12lLejlltj3+Qg734XlMaWB/lWW27ppPWJ816ypXYWsnyn4LMFoUkIabnDs 4ehcSCUtVdvzjOO3BmyGwkvak/nb7z+Qyw7W9NpDvkGu8NLdS9JSW2m7+jXpT25y D2aGNyXDHjhP1+uVuQ7jEHZyeDTDQyRly+Mwqb/5a+XqRSATx7IUv3M= -----END CERTIFICATE-----Generated at Mon Oct 20 13:18:00 2025 by rpki-client