$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/Xwceo4C8_1T1RKJHIGw-fBQjL28.roa File: Xwceo4C8_1T1RKJHIGw-fBQjL28.roa (raw, json) Hash identifier: onRvEPycLaMNnbmJLk6vtcAzt9ZnnfX8oOPn1ZoELj8= Subject key identifier: 5F:07:1E:A3:80:BC:FF:54:F5:44:A2:47:20:6C:3E:7C:14:23:2F:6F Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 1EB3 Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/Xwceo4C8_1T1RKJHIGw-fBQjL28.roa Signing time: Sat 13 Sep 2025 03:05:23 +0000 ROA not before: Sat 13 Sep 2025 03:05:23 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 139259 IP address blocks: 103.221.39.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 13:37:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7859 (0x1eb3) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Sep 13 03:05:23 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=5F071EA380BCFF54F544A247206C3E7C14232F6F Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ec:16:11:2a:05:08:69:84:d0:2b:45:70:16:07: 24:8b:b6:ec:04:a3:d4:7a:17:05:fc:35:dc:70:0d: d9:8f:6f:38:5b:6b:8a:d4:5f:61:a6:bf:53:d8:8e: 1b:7b:f8:76:2e:c2:d0:29:30:74:73:6e:2f:79:a4: 00:40:b6:c1:e3:69:a2:f8:c6:27:d5:cb:04:26:fc: c5:aa:43:5a:aa:fc:7c:5f:73:12:1a:dd:a9:11:99: 92:cc:78:3f:9c:91:7f:d6:5d:fc:c8:5c:30:22:1e: c4:fd:98:97:ff:d4:4d:5e:35:2f:ef:5d:6b:1a:b0: 7e:f1:ea:32:14:44:75:2e:e9:6f:30:f7:9e:8b:90: 77:7b:d4:c8:b5:f6:da:39:bd:9a:e5:4a:b4:4b:71: fe:2c:b4:79:ce:a2:1b:8a:e0:13:dc:89:f3:41:0c: 46:e3:7a:e5:ee:0e:45:86:f4:ea:97:a0:63:7b:17: b5:cd:f2:ba:bc:5a:59:5a:bc:0b:95:2d:c5:04:72: f5:8c:47:53:9a:a5:5d:de:ce:d1:68:98:58:51:2b: 88:b8:bf:e1:2b:ea:18:fd:c6:01:2f:4a:ed:29:15: c2:fa:83:de:99:20:c3:89:50:69:62:9b:28:bb:f4: d0:f5:39:80:d2:fe:ec:99:39:ea:fc:81:39:35:ee: 3e:2b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5F:07:1E:A3:80:BC:FF:54:F5:44:A2:47:20:6C:3E:7C:14:23:2F:6F X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/Xwceo4C8_1T1RKJHIGw-fBQjL28.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.221.39.0/24 Signature Algorithm: sha256WithRSAEncryption 3d:15:88:38:c6:a3:cc:81:23:19:e3:de:e2:01:28:64:6e:ca: e9:8b:14:86:eb:bf:af:53:22:38:7d:4b:76:69:dd:ff:2a:20: 81:d7:c8:e1:7d:5c:cf:c3:56:b2:d0:bf:3f:a8:c6:f3:f3:ab: 52:97:97:2f:eb:48:fd:41:44:c4:47:7a:6d:54:f6:c5:ee:ac: e8:45:76:00:a9:1c:6c:91:93:26:30:83:44:79:af:fd:5d:36: f1:f7:cf:43:74:16:6f:97:a7:38:ce:41:50:97:6f:d6:93:11: 2f:3a:a6:48:b5:45:19:e6:d0:a8:7f:ea:3c:44:59:3d:b1:55: bf:65:46:fe:72:74:e5:db:ed:4b:0c:88:66:a7:c9:56:99:cb: 27:46:c7:5a:3c:b4:ce:a9:f7:04:a3:37:78:4b:49:16:02:8e: 70:cf:d3:02:0e:a4:f5:43:06:dc:d4:c6:be:30:40:81:5e:8d: c5:a3:59:01:c2:68:9e:06:3d:89:ef:d5:8e:f4:a2:32:60:76: 03:69:37:fd:7b:e6:a8:e5:74:d5:41:55:87:05:c3:aa:d2:4a: 50:39:09:c1:32:e8:c0:26:4a:8f:0f:b0:5f:b2:58:42:12:10: 1f:fb:be:7a:38:72:67:da:2e:4c:59:75:7e:90:99:4e:dc:12: 65:d5:47:2f -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICHrMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTA5MTMw MzA1MjNaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDVGMDcxRUEzODBCQ0ZG NTRGNTQ0QTI0NzIwNkMzRTdDMTQyMzJGNkYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDsFhEqBQhphNArRXAWBySLtuwEo9R6FwX8NdxwDdmPbzhba4rU X2Gmv1PYjht7+HYuwtApMHRzbi95pABAtsHjaaL4xifVywQm/MWqQ1qq/HxfcxIa 3akRmZLMeD+ckX/WXfzIXDAiHsT9mJf/1E1eNS/vXWsasH7x6jIURHUu6W8w956L kHd71Mi19to5vZrlSrRLcf4stHnOohuK4BPcifNBDEbjeuXuDkWG9OqXoGN7F7XN 8rq8WllavAuVLcUEcvWMR1OapV3eztFomFhRK4i4v+Er6hj9xgEvSu0pFcL6g96Z IMOJUGlimyi79ND1OYDS/uyZOer8gTk17j4rAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUXwceo4C8/1T1RKJHIGw+fBQjL28wHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L1h3Y2VvNEM4XzFUMVJL SkhJR3ctZkJRakwyOC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BABn3ScwDQYJKoZIhvcNAQELBQADggEBAD0ViDjGo8yBIxnj3uIBKGRuyumLFIbr v69TIjh9S3Zp3f8qIIHXyOF9XM/DVrLQvz+oxvPzq1KXly/rSP1BRMRHem1U9sXu rOhFdgCpHGyRkyYwg0R5r/1dNvH3z0N0Fm+XpzjOQVCXb9aTES86pki1RRnm0Kh/ 6jxEWT2xVb9lRv5ydOXb7UsMiGanyVaZyydGx1o8tM6p9wSjN3hLSRYCjnDP0wIO pPVDBtzUxr4wQIFejcWjWQHCaJ4GPYnv1Y70ojJgdgNpN/175qjldNVBVYcFw6rS SlA5CcEy6MAmSo8PsF+yWEISEB/7vno4cmfaLkxZdX6QmU7cEmXVRy8= -----END CERTIFICATE-----Generated at Mon Oct 20 13:13:38 2025 by rpki-client