$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/Yj0pS7dfx3uzu62N5xjIUKNZl0k.roa File: Yj0pS7dfx3uzu62N5xjIUKNZl0k.roa (raw, json) Hash identifier: ksUoeDAsLuND3m278Od6VElplDxUNvQ+hJcxgrQge7Y= Subject key identifier: 62:3D:29:4B:B7:5F:C7:7B:B3:BB:AD:8D:E7:18:C8:50:A3:59:97:49 Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 1E94 Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/Yj0pS7dfx3uzu62N5xjIUKNZl0k.roa Signing time: Sat 13 Sep 2025 03:05:16 +0000 ROA not before: Sat 13 Sep 2025 03:05:16 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 138527 IP address blocks: 45.252.24.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 21 Oct 2025 00:35:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7828 (0x1e94) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Sep 13 03:05:16 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=623D294BB75FC77BB3BBAD8DE718C850A3599749 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:58:f2:31:64:fc:dd:2f:ce:ef:fd:90:20:b3: 42:d8:ea:7f:81:78:c2:35:26:50:6c:30:ec:8b:cc: 73:2c:67:ad:9e:62:91:9e:7a:ad:6b:8e:52:a0:5f: ac:5d:be:67:ff:c7:db:df:bd:b0:18:a7:07:a8:0f: 80:3b:64:4c:6c:77:12:b6:ca:a7:b3:56:0b:a7:69: a0:cb:22:95:33:49:f3:ec:ca:0f:2d:9a:5c:90:72: c2:1a:8a:6f:26:bd:8f:f6:62:b2:0a:9a:b3:bc:38: 97:3c:07:dc:18:54:16:33:20:cd:15:e3:ed:7f:bf: ca:cd:8a:04:4c:89:bb:9e:55:6f:de:d9:52:85:e3: 2e:8d:08:5c:55:8e:de:67:68:8c:5c:a0:31:76:e6: 0f:15:72:ed:e8:d7:d4:a9:83:2c:8d:94:7e:69:af: 0a:98:52:7a:05:e8:5d:22:2b:6a:79:fc:0f:72:5a: 68:23:b3:c5:e8:a8:d3:af:8c:c3:47:97:12:24:f3: 9a:90:16:96:91:ea:77:56:11:14:4a:7c:59:21:2e: ea:fd:d0:fa:76:88:1d:7d:9b:cc:1d:e5:84:77:9c: 8a:3e:c5:7d:0a:72:d4:d7:c6:c2:d9:48:c4:6c:b1: ca:b2:be:1c:d9:57:da:89:2a:e6:e0:7b:fa:ff:01: 7f:a9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 62:3D:29:4B:B7:5F:C7:7B:B3:BB:AD:8D:E7:18:C8:50:A3:59:97:49 X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/Yj0pS7dfx3uzu62N5xjIUKNZl0k.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 45.252.24.0/22 Signature Algorithm: sha256WithRSAEncryption 00:04:c5:f8:4c:79:9d:14:84:eb:95:87:f1:69:ae:ef:96:08: c6:06:43:4c:6b:3a:89:84:b5:af:31:34:99:c8:ec:b0:1d:aa: 29:1c:78:4a:af:50:63:1c:2a:8e:0e:a1:3b:0f:cd:f4:e4:41: ef:9e:4b:e4:d2:4a:f6:37:e5:46:88:70:2d:96:13:9b:68:d2: b7:07:c7:1a:50:2b:d4:48:2d:aa:b7:28:0b:b1:28:ba:8a:56: 52:59:36:0f:b6:0a:e7:9d:1c:b0:5e:18:16:a0:c1:22:5a:fb: e1:9f:64:db:11:59:88:63:24:ec:ac:ce:9b:01:9b:f4:a3:f8: 95:81:ae:e1:c7:08:44:fb:60:c1:fe:25:d8:41:0b:79:be:a6: 9f:45:ed:3c:60:79:5b:9c:2a:e1:19:67:69:73:b7:38:b5:86: 07:82:a4:28:15:3e:ae:8c:b3:bf:fe:b4:aa:e7:9d:02:30:fc: bd:7a:bc:b2:8d:4d:0c:33:3d:95:20:ff:08:87:c0:be:30:f4: 20:13:be:c3:73:d1:f4:99:6d:d7:75:40:d9:cb:25:75:3b:87: 5f:51:a6:2b:2b:36:99:42:f0:a6:c9:c1:be:84:3d:49:16:a6: 8c:70:99:b2:e5:85:8d:97:b1:2a:82:a6:64:5c:f0:23:9c:16: 2d:4c:2a:a5 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICHpQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTA5MTMw MzA1MTZaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDYyM0QyOTRCQjc1RkM3 N0JCM0JCQUQ4REU3MThDODUwQTM1OTk3NDkwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCqWPIxZPzdL87v/ZAgs0LY6n+BeMI1JlBsMOyLzHMsZ62eYpGe eq1rjlKgX6xdvmf/x9vfvbAYpweoD4A7ZExsdxK2yqezVgunaaDLIpUzSfPsyg8t mlyQcsIaim8mvY/2YrIKmrO8OJc8B9wYVBYzIM0V4+1/v8rNigRMibueVW/e2VKF 4y6NCFxVjt5naIxcoDF25g8Vcu3o19SpgyyNlH5prwqYUnoF6F0iK2p5/A9yWmgj s8XoqNOvjMNHlxIk85qQFpaR6ndWERRKfFkhLur90Pp2iB19m8wd5YR3nIo+xX0K ctTXxsLZSMRsscqyvhzZV9qJKubge/r/AX+pAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUYj0pS7dfx3uzu62N5xjIUKNZl0kwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L1lqMHBTN2RmeDN1enU2 Mk41eGpJVUtOWmwway5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAIt/BgwDQYJKoZIhvcNAQELBQADggEBAAAExfhMeZ0UhOuVh/Fpru+WCMYGQ0xr OomEta8xNJnI7LAdqikceEqvUGMcKo4OoTsPzfTkQe+eS+TSSvY35UaIcC2WE5to 0rcHxxpQK9RILaq3KAuxKLqKVlJZNg+2CuedHLBeGBagwSJa++GfZNsRWYhjJOys zpsBm/Sj+JWBruHHCET7YMH+JdhBC3m+pp9F7TxgeVucKuEZZ2lztzi1hgeCpCgV Pq6Ms7/+tKrnnQIw/L16vLKNTQwzPZUg/wiHwL4w9CATvsNz0fSZbdd1QNnLJXU7 h19RpisrNplC8KbJwb6EPUkWpoxwmbLlhY2XsSqCpmRc8COcFi1MKqU= -----END CERTIFICATE-----Generated at Mon Oct 20 23:27:12 2025 by rpki-client