$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/XBichlKK9TZyFW6_vTFdTRKw1ks.roa File: XBichlKK9TZyFW6_vTFdTRKw1ks.roa (raw, json) Hash identifier: HvbwdGwKMNvtMpBQUUt8yGS5/sIGKNtXvk6S0/mgyUE= Subject key identifier: 5C:18:9C:86:52:8A:F5:36:72:15:6E:BF:BD:31:5D:4D:12:B0:D6:4B Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 1E62 Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/XBichlKK9TZyFW6_vTFdTRKw1ks.roa Signing time: Sat 13 Sep 2025 03:05:06 +0000 ROA not before: Sat 13 Sep 2025 03:05:06 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 139259 IP address blocks: 103.221.11.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 13:37:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7778 (0x1e62) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Sep 13 03:05:06 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=5C189C86528AF53672156EBFBD315D4D12B0D64B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e0:7f:25:ec:c3:8f:3f:62:93:c0:7c:3a:46:bd: 25:df:68:7a:d8:18:f2:59:59:f3:7f:70:e0:4a:d0: c6:3f:85:7c:a0:5b:1b:8a:73:cb:a9:aa:e5:32:ff: 33:69:4e:b0:6d:28:71:5f:86:40:a8:52:a0:11:62: e6:ff:08:a0:48:d9:44:99:5c:63:31:03:6a:38:2c: 74:df:69:68:39:98:48:a9:da:89:09:7d:88:eb:95: 1b:2b:ec:d9:3e:81:06:6a:6e:17:9a:0d:ab:f9:28: ed:93:15:a9:a0:88:55:a7:33:f0:41:01:df:d1:8f: 7b:03:e0:e4:0b:fa:75:aa:93:99:75:b2:dd:14:9b: 58:25:fb:a3:09:10:1b:77:2f:34:14:89:26:a7:6b: 9a:08:0b:63:e6:4c:c1:94:b2:ec:fd:e0:6a:13:93: 6d:01:7e:0f:dd:c7:d3:de:38:bd:35:3b:dc:a3:3c: 7c:da:93:f4:89:3e:df:72:14:c4:85:f5:1a:6b:f4: e9:ce:69:2a:dc:0b:b8:5a:8a:de:de:b3:c8:f7:67: a0:3b:0e:b8:c1:81:d5:a3:ef:a1:c0:c9:69:18:7c: 00:36:63:94:17:c2:64:6c:0c:fe:c7:48:90:3b:7f: 65:05:fc:ae:32:ce:e2:3b:48:fa:d6:8e:0b:97:b7: 53:5f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5C:18:9C:86:52:8A:F5:36:72:15:6E:BF:BD:31:5D:4D:12:B0:D6:4B X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/XBichlKK9TZyFW6_vTFdTRKw1ks.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.221.11.0/24 Signature Algorithm: sha256WithRSAEncryption ca:d1:3e:4f:61:77:4c:4d:ea:c2:f2:f2:2f:c9:69:89:ee:10: 0c:c8:a9:d9:8b:36:27:6f:84:9c:97:2a:8a:b8:0d:bb:96:2e: 63:af:b2:f4:1e:82:f0:a3:9c:12:dc:52:3f:5e:20:d7:b5:c1: d0:93:f5:a2:37:42:45:3d:b2:68:43:52:7f:ca:06:07:2b:67: 14:10:61:7e:7b:41:7f:b6:3b:1a:6d:07:d9:8c:04:2d:36:26: 5f:51:a9:fc:41:8a:54:29:ed:1a:ab:c6:99:e9:a0:5c:52:d3: 98:26:3a:86:6c:60:19:df:20:0e:66:0b:d4:bc:05:9a:57:90: 0a:2b:7f:a6:1d:df:1a:27:c8:01:3d:80:08:de:53:2b:f7:a3: dd:9e:a9:94:a8:e0:f3:4c:3d:70:06:e4:7f:37:f1:e4:8b:9c: 75:96:21:85:00:47:c2:e2:ea:3f:fc:fd:ec:81:d2:51:8c:01: ea:26:a7:ab:33:41:22:54:00:d6:20:83:1b:fe:5a:ae:99:3d: 7f:55:c4:08:f5:d3:a9:64:78:d2:86:1d:22:91:63:61:7e:8a: 80:a7:da:1c:21:48:dd:5b:17:17:22:55:0e:18:db:ec:63:e8: 08:29:c5:cf:ff:01:2e:bf:17:50:20:e7:e7:11:21:a0:7b:50: d6:a1:e8:a8 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICHmIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTA5MTMw MzA1MDZaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDVDMTg5Qzg2NTI4QUY1 MzY3MjE1NkVCRkJEMzE1RDREMTJCMEQ2NEIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDgfyXsw48/YpPAfDpGvSXfaHrYGPJZWfN/cOBK0MY/hXygWxuK c8upquUy/zNpTrBtKHFfhkCoUqARYub/CKBI2USZXGMxA2o4LHTfaWg5mEip2okJ fYjrlRsr7Nk+gQZqbheaDav5KO2TFamgiFWnM/BBAd/Rj3sD4OQL+nWqk5l1st0U m1gl+6MJEBt3LzQUiSana5oIC2PmTMGUsuz94GoTk20Bfg/dx9PeOL01O9yjPHza k/SJPt9yFMSF9Rpr9OnOaSrcC7hait7es8j3Z6A7DrjBgdWj76HAyWkYfAA2Y5QX wmRsDP7HSJA7f2UF/K4yzuI7SPrWjguXt1NfAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUXBichlKK9TZyFW6/vTFdTRKw1kswHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L1hCaWNobEtLOVRaeUZX Nl92VEZkVFJLdzFrcy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BABn3QswDQYJKoZIhvcNAQELBQADggEBAMrRPk9hd0xN6sLy8i/JaYnuEAzIqdmL NidvhJyXKoq4DbuWLmOvsvQegvCjnBLcUj9eINe1wdCT9aI3QkU9smhDUn/KBgcr ZxQQYX57QX+2OxptB9mMBC02Jl9RqfxBilQp7RqrxpnpoFxS05gmOoZsYBnfIA5m C9S8BZpXkAorf6Yd3xonyAE9gAjeUyv3o92eqZSo4PNMPXAG5H838eSLnHWWIYUA R8Li6j/8/eyB0lGMAeomp6szQSJUANYggxv+Wq6ZPX9VxAj106lkeNKGHSKRY2F+ ioCn2hwhSN1bFxciVQ4Y2+xj6Agpxc//AS6/F1Ag5+cRIaB7UNah6Kg= -----END CERTIFICATE-----Generated at Mon Oct 20 13:13:37 2025 by rpki-client