$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/YDvYkZCgTI8P8lxjXs4VfKG-HSE.roa File: YDvYkZCgTI8P8lxjXs4VfKG-HSE.roa (raw, json) Hash identifier: xygytrYkQ1eiAmJR6BO80AyaewBbQ+DDpvoYT2H4uBM= Subject key identifier: 60:3B:D8:91:90:A0:4C:8F:0F:F2:5C:63:5E:CE:15:7C:A1:BE:1D:21 Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 1E57 Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/YDvYkZCgTI8P8lxjXs4VfKG-HSE.roa Signing time: Sat 13 Sep 2025 03:05:03 +0000 ROA not before: Sat 13 Sep 2025 03:05:03 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 139259 IP address blocks: 103.220.252.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 13:37:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7767 (0x1e57) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Sep 13 03:05:03 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=603BD89190A04C8F0FF25C635ECE157CA1BE1D21 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:2b:1c:9d:0e:38:ce:23:7e:ea:aa:5e:13:1a: bb:03:ed:df:00:df:2e:30:86:82:9c:aa:a5:0a:07: 5b:7e:f3:a4:98:bd:78:52:cd:ef:e8:3b:fe:8c:ca: 15:b7:71:a5:f7:08:de:75:95:70:52:22:db:f9:d5: 32:2c:3e:c4:3a:49:17:52:55:7e:af:ba:f5:95:9a: db:ba:c8:2a:c5:ea:3f:6b:d6:e6:f5:8b:9d:6b:d6: 74:22:fe:da:45:51:56:95:4a:e8:fe:4d:c4:df:22: f5:14:0d:30:d5:69:21:03:04:5b:1b:cb:b8:aa:e5: 72:0f:53:f1:d6:19:b5:04:6e:4c:c1:6a:2f:98:cc: 6a:65:bd:cb:f1:48:aa:af:4a:8c:93:f4:a6:5f:1b: 51:fa:2f:22:cc:90:e1:10:6b:52:1f:91:66:2a:bd: 16:a9:4e:f1:74:e3:f6:59:48:4c:6b:a2:bf:fb:ba: 22:90:c8:0f:8c:d0:c7:e1:1f:96:95:c2:9d:d8:77: dd:cf:0d:e6:75:50:3b:1b:b7:5a:ad:73:8b:12:a7: 17:7b:64:2a:e1:3b:77:72:32:af:06:52:73:49:c7: 3c:ba:55:5d:5c:ca:fb:a4:37:ff:1d:dc:0d:09:93: 63:b6:fd:84:50:57:5d:51:be:30:6f:e9:5c:8f:b0: 80:df Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 60:3B:D8:91:90:A0:4C:8F:0F:F2:5C:63:5E:CE:15:7C:A1:BE:1D:21 X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/YDvYkZCgTI8P8lxjXs4VfKG-HSE.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.220.252.0/22 Signature Algorithm: sha256WithRSAEncryption 8a:ad:f9:e9:e9:84:ba:24:9f:ee:1f:ea:9a:47:10:f9:4a:55: e5:bf:da:86:b0:64:33:4b:1b:c4:33:d2:8d:d2:62:c9:02:01: 3e:59:89:c9:ee:b8:35:a0:92:99:11:43:10:ae:1e:f3:12:42: 7a:ab:9c:e0:6d:8a:a8:7c:ef:1a:95:d3:9f:2a:e3:86:a8:da: 83:06:70:07:00:dc:48:4e:f9:c0:bc:06:8c:ca:8a:4e:94:76: 88:1c:34:bf:bd:27:c7:ab:cd:77:9b:87:97:a5:77:e4:a8:72: 2a:53:2c:96:ab:de:e5:8d:2d:1a:d1:5f:f0:ea:d7:ae:00:7a: a4:57:9f:ca:a6:26:4c:0e:91:b9:ee:51:3e:74:35:29:ec:11: ca:17:6c:7c:d6:66:0c:64:2d:17:e9:51:0f:d9:af:29:99:d4: c4:7d:46:12:d9:77:c5:74:1b:c2:80:07:29:84:40:c4:04:34: ab:3d:8a:ab:34:e2:b5:be:f1:a2:b4:97:fe:9f:78:06:c5:17: 69:09:56:5b:ca:26:83:d3:dd:f0:11:13:92:f4:65:b8:71:33: fb:22:1d:c4:6e:3a:9d:15:04:e0:b0:23:5f:d1:1e:e5:8b:d8: d2:3a:6e:77:8b:51:eb:10:69:cb:de:06:f7:2f:64:1c:7d:29: 62:47:f1:d7 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICHlcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTA5MTMw MzA1MDNaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDYwM0JEODkxOTBBMDRD OEYwRkYyNUM2MzVFQ0UxNTdDQTFCRTFEMjEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCtKxydDjjOI37qql4TGrsD7d8A3y4whoKcqqUKB1t+86SYvXhS ze/oO/6MyhW3caX3CN51lXBSItv51TIsPsQ6SRdSVX6vuvWVmtu6yCrF6j9r1ub1 i51r1nQi/tpFUVaVSuj+TcTfIvUUDTDVaSEDBFsby7iq5XIPU/HWGbUEbkzBai+Y zGplvcvxSKqvSoyT9KZfG1H6LyLMkOEQa1IfkWYqvRapTvF04/ZZSExror/7uiKQ yA+M0MfhH5aVwp3Yd93PDeZ1UDsbt1qtc4sSpxd7ZCrhO3dyMq8GUnNJxzy6VV1c yvukN/8d3A0Jk2O2/YRQV11RvjBv6VyPsIDfAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUYDvYkZCgTI8P8lxjXs4VfKG+HSEwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L1lEdllrWkNnVEk4UDhs eGpYczRWZktHLUhTRS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAJn3PwwDQYJKoZIhvcNAQELBQADggEBAIqt+enphLokn+4f6ppHEPlKVeW/2oaw ZDNLG8Qz0o3SYskCAT5ZicnuuDWgkpkRQxCuHvMSQnqrnOBtiqh87xqV058q44ao 2oMGcAcA3EhO+cC8BozKik6UdogcNL+9J8erzXebh5eld+SocipTLJar3uWNLRrR X/Dq164AeqRXn8qmJkwOkbnuUT50NSnsEcoXbHzWZgxkLRfpUQ/ZrymZ1MR9RhLZ d8V0G8KABymEQMQENKs9iqs04rW+8aK0l/6feAbFF2kJVlvKJoPT3fARE5L0Zbhx M/siHcRuOp0VBOCwI1/RHuWL2NI6bneLUesQacveBvcvZBx9KWJH8dc= -----END CERTIFICATE-----Generated at Mon Oct 20 13:30:55 2025 by rpki-client