$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/XzcIKFVg26SagxFLglTegBpUxOA.roa File: XzcIKFVg26SagxFLglTegBpUxOA.roa (raw, json) Hash identifier: tPq2zf6JtpE3/j2etmM6c7oRR/E2q5EJDln9HgazEUc= Subject key identifier: 5F:37:08:28:55:60:DB:A4:9A:83:11:4B:82:54:DE:80:1A:54:C4:E0 Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 1E2A Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/XzcIKFVg26SagxFLglTegBpUxOA.roa Signing time: Sat 13 Sep 2025 03:04:54 +0000 ROA not before: Sat 13 Sep 2025 03:04:54 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 139259 IP address blocks: 103.221.41.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 21 Oct 2025 00:35:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7722 (0x1e2a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Sep 13 03:04:54 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=5F3708285560DBA49A83114B8254DE801A54C4E0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f1:fa:3a:1b:3e:ee:66:ee:43:ce:7b:ea:d9:55: 53:f7:dd:e0:83:1a:72:82:dc:92:66:4f:01:c1:fd: 1e:72:66:28:6d:2f:ce:da:8f:53:83:33:ee:3a:d1: f9:07:bf:bd:08:11:91:01:71:8c:8a:5e:7a:e9:54: 55:a9:11:0f:90:72:6d:df:78:a1:b2:18:11:9c:f3: d0:2b:84:8f:3a:d0:81:2f:e2:b7:ce:6f:7b:c1:be: 4f:ed:25:9a:4a:9c:c1:b6:44:d9:d4:dd:c4:54:5f: e1:8d:8d:ad:eb:b5:0f:ff:94:90:65:cf:bb:68:88: b5:7c:b2:04:13:8a:ce:75:5b:00:a4:80:cb:32:0b: 75:11:f4:df:90:94:cd:0c:5d:eb:66:0e:e0:e9:c6: 32:f9:9d:15:0a:45:48:4d:36:e8:63:a2:cb:88:91: ff:11:00:f2:fc:5f:5a:df:4a:6b:74:2a:d2:de:ea: 1d:18:5a:9c:b6:b4:49:ef:24:a5:77:3b:e0:b7:5b: 6d:d8:5d:ef:48:3b:d5:2e:23:f6:40:ea:0c:ef:78: ef:4b:46:94:f1:65:bf:c5:81:13:ad:8e:73:cd:99: 20:bc:a4:dc:1e:dd:92:d4:aa:54:64:e9:61:d9:67: 01:75:77:7f:75:c5:f2:28:2b:10:cd:2d:82:f6:b2: fa:2d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5F:37:08:28:55:60:DB:A4:9A:83:11:4B:82:54:DE:80:1A:54:C4:E0 X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/XzcIKFVg26SagxFLglTegBpUxOA.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.221.41.0/24 Signature Algorithm: sha256WithRSAEncryption 68:f8:8b:ed:b7:0f:b0:5c:f6:c7:f0:e9:34:17:af:b2:2a:91: 4f:32:4f:80:87:3e:2b:03:57:4b:22:5a:76:51:bd:3b:3c:66: 46:f9:ea:49:77:78:b7:47:15:40:b7:55:06:77:c9:31:9c:16: 42:e4:89:21:ac:50:01:7c:28:0b:d1:d1:46:6f:da:96:2a:70: 79:f1:f6:c3:b6:06:f8:b2:35:30:fb:1a:9c:7a:d7:a4:87:51: 2e:0d:7c:26:ea:24:10:6b:35:a2:7c:0d:0f:75:68:9d:ce:6f: 1d:f1:9c:9b:24:8e:94:4e:35:6c:d1:9a:d6:32:a1:21:eb:41: ba:3b:22:66:65:0b:1e:9f:5d:85:e4:3f:67:59:80:1a:4c:07: 1f:14:ab:2b:81:79:dc:79:b5:9e:84:d6:69:a2:e9:ac:30:ce: 89:d9:30:90:f5:d6:50:cd:aa:56:de:c4:46:46:3e:c4:f9:1d: 4c:3c:ed:42:9d:12:4a:23:57:42:59:bb:5b:e0:7b:5e:49:6f: eb:8a:47:b7:b7:81:69:21:c3:d7:a2:5c:2f:c7:5f:f9:77:0a: e7:19:ce:6f:e8:bb:f7:47:0b:85:b1:57:72:c1:43:34:54:83: ae:a1:1b:f8:58:26:46:03:f4:a6:36:f4:20:09:52:95:39:3c: 50:7c:6b:2c -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICHiowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTA5MTMw MzA0NTRaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDVGMzcwODI4NTU2MERC QTQ5QTgzMTE0QjgyNTRERTgwMUE1NEM0RTAwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDx+jobPu5m7kPOe+rZVVP33eCDGnKC3JJmTwHB/R5yZihtL87a j1ODM+460fkHv70IEZEBcYyKXnrpVFWpEQ+Qcm3feKGyGBGc89ArhI860IEv4rfO b3vBvk/tJZpKnMG2RNnU3cRUX+GNja3rtQ//lJBlz7toiLV8sgQTis51WwCkgMsy C3UR9N+QlM0MXetmDuDpxjL5nRUKRUhNNuhjosuIkf8RAPL8X1rfSmt0KtLe6h0Y Wpy2tEnvJKV3O+C3W23YXe9IO9UuI/ZA6gzveO9LRpTxZb/FgROtjnPNmSC8pNwe 3ZLUqlRk6WHZZwF1d391xfIoKxDNLYL2svotAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUXzcIKFVg26SagxFLglTegBpUxOAwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L1h6Y0lLRlZnMjZTYWd4 RkxnbFRlZ0JwVXhPQS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BABn3SkwDQYJKoZIhvcNAQELBQADggEBAGj4i+23D7Bc9sfw6TQXr7IqkU8yT4CH PisDV0siWnZRvTs8Zkb56kl3eLdHFUC3VQZ3yTGcFkLkiSGsUAF8KAvR0UZv2pYq cHnx9sO2BviyNTD7Gpx616SHUS4NfCbqJBBrNaJ8DQ91aJ3Obx3xnJskjpRONWzR mtYyoSHrQbo7ImZlCx6fXYXkP2dZgBpMBx8UqyuBedx5tZ6E1mmi6awwzonZMJD1 1lDNqlbexEZGPsT5HUw87UKdEkojV0JZu1vge15Jb+uKR7e3gWkhw9eiXC/HX/l3 CucZzm/ou/dHC4WxV3LBQzRUg66hG/hYJkYD9KY29CAJUpU5PFB8ayw= -----END CERTIFICATE-----Generated at Mon Oct 20 23:27:23 2025 by rpki-client