$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/UuTD1HXkutlQJN03UzTRQ9WbiVM.roa File: UuTD1HXkutlQJN03UzTRQ9WbiVM.roa (raw, json) Hash identifier: 6hLAvh8oR9yoWb2ljcnUjX2hpS2o9spA5j7zqGG2m+A= Subject key identifier: 52:E4:C3:D4:75:E4:BA:D9:50:24:DD:37:53:34:D1:43:D5:9B:89:53 Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 1E69 Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/UuTD1HXkutlQJN03UzTRQ9WbiVM.roa Signing time: Sat 13 Sep 2025 03:05:08 +0000 ROA not before: Sat 13 Sep 2025 03:05:08 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 13444 IP address blocks: 103.220.248.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 13:37:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7785 (0x1e69) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Sep 13 03:05:08 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=52E4C3D475E4BAD95024DD375334D143D59B8953 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:03:98:c1:85:6f:4e:ea:b5:f5:b2:0d:b0:b5: 8a:20:8a:64:cf:c6:c0:b5:9e:09:22:6f:f7:ac:2c: cd:f0:6c:97:b1:b5:82:07:89:67:27:77:e1:e4:1c: 4c:83:e4:af:d5:5a:60:da:67:95:ac:43:5c:c1:fb: 16:5b:e2:d0:c1:d7:0c:66:24:0c:9e:39:55:84:b5: e4:1a:5c:66:e3:0b:74:c7:b3:fb:08:1c:93:85:3a: 8d:ef:25:ed:a5:34:74:18:c0:c3:3f:20:f1:63:0d: 32:71:d6:22:5e:db:f1:93:aa:8e:4e:d7:ec:02:98: c1:51:5c:7e:78:22:76:68:64:ae:5c:50:1d:c0:d6: 99:ed:f5:c1:c6:26:eb:ff:f7:9c:a6:ae:d7:46:60: 80:25:94:05:9a:81:69:47:d5:fd:40:51:91:d5:d9: 53:ed:99:39:2f:33:58:83:24:40:ff:e3:a7:3c:ab: 75:53:50:11:3f:91:13:25:f5:92:5d:de:c1:03:09: f0:f3:eb:40:d7:de:25:4d:ec:6a:43:c0:25:df:79: 35:73:d4:2c:ba:b5:93:f7:5b:d6:f0:dd:f1:bd:e2: 06:98:cb:25:93:81:20:bd:72:74:aa:04:0f:06:54: 4a:e1:3b:4a:b6:a2:57:aa:77:89:8f:27:6b:53:75: 83:6d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 52:E4:C3:D4:75:E4:BA:D9:50:24:DD:37:53:34:D1:43:D5:9B:89:53 X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/UuTD1HXkutlQJN03UzTRQ9WbiVM.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.220.248.0/24 Signature Algorithm: sha256WithRSAEncryption 02:b4:91:17:05:30:f6:db:43:5b:03:89:14:93:20:61:57:17: 2c:d2:70:1f:1f:92:62:4e:a5:f1:d6:ba:3e:6d:c8:e4:c8:4c: 88:20:10:b3:ce:f2:df:47:67:cb:a0:fe:96:2b:c9:ae:87:de: b5:4b:5e:44:45:a9:ce:5d:93:23:2c:53:29:1b:99:51:30:a8: 44:74:d1:e7:f3:ec:68:d8:24:f8:bf:b0:8d:56:27:68:2d:34: b8:0e:c6:95:4b:27:c7:a8:00:ca:5f:0c:f8:64:a5:f9:e6:ec: 13:a4:03:a8:b5:0b:ff:59:a2:b5:0a:0e:01:89:05:f3:ec:10: a2:27:5f:b8:c9:9f:2a:d2:5d:4b:d9:64:cf:5c:27:a7:e5:cb: f2:3a:e3:f0:18:f5:70:7e:e6:fa:35:0d:4d:a5:c6:dd:30:a5: aa:e9:d1:67:4a:92:53:ef:af:60:32:1d:51:16:cc:c2:97:61: fa:ad:ce:73:42:ec:e6:f1:32:99:ab:a1:8e:b0:2a:97:14:4d: 0d:35:b8:08:73:59:2a:8e:43:4d:8b:75:43:cf:88:44:54:89: 01:59:fa:38:95:05:81:04:34:9c:42:d4:ba:d8:82:b0:bb:0d: c3:ac:0c:68:76:19:b3:7c:8b:a9:a8:2a:4f:99:b2:e9:ed:b2: 85:f3:4f:be -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICHmkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTA5MTMw MzA1MDhaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDUyRTRDM0Q0NzVFNEJB RDk1MDI0REQzNzUzMzREMTQzRDU5Qjg5NTMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC/A5jBhW9O6rX1sg2wtYogimTPxsC1ngkib/esLM3wbJextYIH iWcnd+HkHEyD5K/VWmDaZ5WsQ1zB+xZb4tDB1wxmJAyeOVWEteQaXGbjC3THs/sI HJOFOo3vJe2lNHQYwMM/IPFjDTJx1iJe2/GTqo5O1+wCmMFRXH54InZoZK5cUB3A 1pnt9cHGJuv/95ymrtdGYIAllAWagWlH1f1AUZHV2VPtmTkvM1iDJED/46c8q3VT UBE/kRMl9ZJd3sEDCfDz60DX3iVN7GpDwCXfeTVz1Cy6tZP3W9bw3fG94gaYyyWT gSC9cnSqBA8GVErhO0q2oleqd4mPJ2tTdYNtAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUUuTD1HXkutlQJN03UzTRQ9WbiVMwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L1V1VEQxSFhrdXRsUUpO MDNVelRSUTlXYmlWTS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BABn3PgwDQYJKoZIhvcNAQELBQADggEBAAK0kRcFMPbbQ1sDiRSTIGFXFyzScB8f kmJOpfHWuj5tyOTITIggELPO8t9HZ8ug/pYrya6H3rVLXkRFqc5dkyMsUykbmVEw qER00efz7GjYJPi/sI1WJ2gtNLgOxpVLJ8eoAMpfDPhkpfnm7BOkA6i1C/9ZorUK DgGJBfPsEKInX7jJnyrSXUvZZM9cJ6fly/I64/AY9XB+5vo1DU2lxt0wparp0WdK klPvr2AyHVEWzMKXYfqtznNC7ObxMpmroY6wKpcUTQ01uAhzWSqOQ02LdUPPiERU iQFZ+jiVBYEENJxC1LrYgrC7DcOsDGh2GbN8i6moKk+ZsuntsoXzT74= -----END CERTIFICATE-----Generated at Mon Oct 20 13:30:49 2025 by rpki-client