$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/X9l5aQPIatndw0NsTEL-m9xtx6A.roa File: X9l5aQPIatndw0NsTEL-m9xtx6A.roa (raw, json) Hash identifier: QAf19acFO3Iv7D+qo1/UO5AxlheKbmKS9j/I4ole7vE= Subject key identifier: 5F:D9:79:69:03:C8:6A:D9:DD:C3:43:6C:4C:42:FE:9B:DC:6D:C7:A0 Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 1E34 Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/X9l5aQPIatndw0NsTEL-m9xtx6A.roa Signing time: Sat 13 Sep 2025 03:04:55 +0000 ROA not before: Sat 13 Sep 2025 03:04:55 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 17621 IP address blocks: 43.254.152.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 15:05:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7732 (0x1e34) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Sep 13 03:04:55 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=5FD9796903C86AD9DDC3436C4C42FE9BDC6DC7A0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:41:01:80:95:36:42:dd:41:67:6f:95:fb:08: 67:d4:f3:8f:bb:03:42:09:4b:60:cc:56:9b:dc:c8: a5:25:21:0c:72:30:9f:c9:3d:1a:5d:fb:04:c7:a0: 16:36:1a:5a:15:ed:06:f5:14:fc:7e:7c:7b:c1:b1: ed:f0:ce:4c:42:68:6c:38:7e:79:b1:d1:71:80:e2: 82:d8:ed:cf:b0:af:73:a0:47:04:86:ad:57:24:f7: 53:56:7c:a7:0a:0e:b3:c6:77:2f:6a:c5:68:62:15: f9:66:5f:f9:71:b5:6c:82:b3:b4:f0:4b:0f:77:2e: a0:f3:1e:6f:af:9b:0e:a2:a0:42:8d:ef:2b:95:dd: 73:a5:34:70:15:04:07:12:44:ef:80:3c:03:e4:e5: 7b:0f:de:09:aa:e7:6d:a6:0c:f3:20:3c:fd:be:f6: 7b:e9:70:07:fd:38:4f:8d:61:8f:3c:1b:5d:ce:af: 7f:4e:4f:a5:93:2e:0a:a0:da:8a:19:76:d8:27:50: 96:c2:f8:7e:33:5b:f9:fd:01:19:bc:ed:a5:f2:9a: 07:f3:f6:51:f5:bb:e1:e2:26:18:42:d5:32:38:b2: e3:e0:21:79:d4:20:31:50:1a:da:0d:a6:0e:e8:ef: 95:ab:ae:16:0b:c3:7b:f3:7a:d4:bb:cb:51:0e:c9: eb:c3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5F:D9:79:69:03:C8:6A:D9:DD:C3:43:6C:4C:42:FE:9B:DC:6D:C7:A0 X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/X9l5aQPIatndw0NsTEL-m9xtx6A.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 43.254.152.0/24 Signature Algorithm: sha256WithRSAEncryption 95:1f:0e:3b:d0:28:7d:45:58:6b:15:76:25:a3:ad:7e:b4:ff: 61:81:d2:62:18:5b:5d:20:01:22:8a:e4:fd:05:69:55:53:c9: 80:42:c0:e9:54:ec:fd:2e:e6:af:b0:46:d1:a9:3e:0a:ca:20: 13:4d:ba:8c:42:a7:39:46:09:bc:ce:41:96:02:2b:f4:1e:e8: a6:dd:f3:0b:db:98:0a:1c:58:58:ab:58:1f:04:29:b5:3d:1b: 48:f0:c1:41:83:6b:d4:9d:f6:df:c1:ed:b9:a9:ee:cc:1c:99: 3f:9f:f5:65:70:ed:9c:e9:61:80:b4:07:d6:dc:46:30:71:97: d3:8c:23:b1:be:75:b4:ed:1d:a4:f0:02:97:24:11:4a:c7:48: d9:48:43:9d:2a:32:a3:7b:b8:53:43:56:69:84:2a:aa:31:c0: 8b:9d:dd:f7:f4:a1:c6:6b:2e:fd:06:b0:dc:03:19:5d:d6:dd: b7:6b:7a:7a:7d:d6:ea:20:38:5e:da:92:d1:ef:00:17:e8:39: 24:95:8b:68:91:cd:d6:7d:c8:04:29:1b:ec:e6:23:91:85:0d: d8:58:90:d7:43:4d:e3:1f:f7:4d:2d:57:f1:dc:49:5a:d7:8c: 54:ec:a9:a1:d5:ba:ce:68:a4:89:70:a7:04:3d:58:bc:06:ff: de:9c:84:05 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICHjQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTA5MTMw MzA0NTVaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDVGRDk3OTY5MDNDODZB RDlEREMzNDM2QzRDNDJGRTlCREM2REM3QTAwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDBQQGAlTZC3UFnb5X7CGfU84+7A0IJS2DMVpvcyKUlIQxyMJ/J PRpd+wTHoBY2GloV7Qb1FPx+fHvBse3wzkxCaGw4fnmx0XGA4oLY7c+wr3OgRwSG rVck91NWfKcKDrPGdy9qxWhiFflmX/lxtWyCs7TwSw93LqDzHm+vmw6ioEKN7yuV 3XOlNHAVBAcSRO+APAPk5XsP3gmq522mDPMgPP2+9nvpcAf9OE+NYY88G13Or39O T6WTLgqg2ooZdtgnUJbC+H4zW/n9ARm87aXymgfz9lH1u+HiJhhC1TI4suPgIXnU IDFQGtoNpg7o75WrrhYLw3vzetS7y1EOyevDAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUX9l5aQPIatndw0NsTEL+m9xtx6AwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L1g5bDVhUVBJYXRuZHcw TnNURUwtbTl4dHg2QS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAAr/pgwDQYJKoZIhvcNAQELBQADggEBAJUfDjvQKH1FWGsVdiWjrX60/2GB0mIY W10gASKK5P0FaVVTyYBCwOlU7P0u5q+wRtGpPgrKIBNNuoxCpzlGCbzOQZYCK/Qe 6Kbd8wvbmAocWFirWB8EKbU9G0jwwUGDa9Sd9t/B7bmp7swcmT+f9WVw7ZzpYYC0 B9bcRjBxl9OMI7G+dbTtHaTwApckEUrHSNlIQ50qMqN7uFNDVmmEKqoxwIud3ff0 ocZrLv0GsNwDGV3W3bdrenp91uogOF7aktHvABfoOSSVi2iRzdZ9yAQpG+zmI5GF DdhYkNdDTeMf900tV/HcSVrXjFTsqaHVus5opIlwpwQ9WLwG/96chAU= -----END CERTIFICATE-----Generated at Mon Oct 20 14:37:55 2025 by rpki-client