$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/ZTk-sXveOWvuT8tnlVGhbwwlDQM.roa File: ZTk-sXveOWvuT8tnlVGhbwwlDQM.roa (raw, json) Hash identifier: 9pD/y8jJoCbnwjgNvQRacO/N5jNFE+akwAA21qV8dgY= Subject key identifier: 65:39:3E:B1:7B:DE:39:6B:EE:4F:CB:67:95:51:A1:6F:0C:25:0D:03 Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 1DFB Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/ZTk-sXveOWvuT8tnlVGhbwwlDQM.roa Signing time: Sat 13 Sep 2025 03:04:45 +0000 ROA not before: Sat 13 Sep 2025 03:04:45 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 139259 IP address blocks: 103.221.92.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 13:37:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7675 (0x1dfb) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Sep 13 03:04:45 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=65393EB17BDE396BEE4FCB679551A16F0C250D03 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:aa:9c:6a:51:99:eb:ee:a0:52:b6:fb:67:07: d0:e1:a5:8c:a8:e2:58:16:69:1b:36:29:f2:d8:df: 83:01:51:60:e7:65:bc:f2:45:4f:d4:f7:e4:01:cf: eb:40:8a:e8:69:51:6d:e1:ac:61:38:29:4e:d4:77: df:91:0f:7a:d1:a1:c3:41:a5:00:54:76:04:7d:d7: a8:ee:0b:b7:c4:87:dd:9c:2d:a8:0b:72:39:c1:ca: 3f:1e:43:1d:f1:25:15:5e:43:03:02:0a:17:0d:60: de:4c:64:d2:ae:0e:44:5c:db:ef:7a:22:0d:ae:ee: ba:d0:a0:ea:50:0e:ae:7d:60:68:bc:24:fc:31:14: 2e:52:8e:7f:9c:6f:9c:e8:1e:10:3d:0e:d9:38:5a: f0:d2:9a:d0:75:70:5c:ed:b9:82:4d:91:59:7a:32: 20:1a:45:32:a7:da:63:bc:63:2d:e4:45:0e:6c:1e: 41:62:9c:77:c5:47:9f:c4:df:e6:e5:a6:f0:2e:8a: b7:80:47:53:1e:a7:f1:51:df:94:0c:8f:fc:ca:ad: ec:c2:96:c1:27:f6:51:c3:95:b5:3d:37:e0:1b:2e: c5:3d:1a:cb:14:2c:3c:11:84:e9:43:c8:c6:ac:74: 80:8f:04:41:71:8e:19:61:4a:0b:1f:e5:95:35:c1: d3:91 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 65:39:3E:B1:7B:DE:39:6B:EE:4F:CB:67:95:51:A1:6F:0C:25:0D:03 X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/ZTk-sXveOWvuT8tnlVGhbwwlDQM.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.221.92.0/22 Signature Algorithm: sha256WithRSAEncryption 4e:13:5b:20:4d:cf:b9:f2:69:91:4e:d8:d8:f4:3b:4d:da:b3: 3d:cf:04:0f:34:4a:34:04:73:d5:9b:52:8e:11:14:02:cb:25: 48:64:fa:41:92:99:45:01:2a:c0:c9:a0:2d:95:1d:4e:fc:76: de:aa:95:55:b3:0d:aa:6f:ee:4f:29:20:67:7b:00:0b:93:1a: d1:aa:61:45:e0:ee:2e:38:e6:ee:f9:d0:cc:2b:96:3c:80:45: 80:e1:e7:c2:4a:ce:7e:67:08:a7:23:53:30:fe:4c:13:40:b1: e6:ab:ae:c1:d8:85:6f:c9:41:24:58:19:ba:f6:57:99:26:7e: 84:3d:34:a2:ed:ad:90:4b:f0:12:89:d6:8a:df:45:ad:eb:ec: aa:4e:50:1f:cf:5e:8f:bc:51:c3:d5:43:d9:c5:d4:52:95:06: 93:cf:1f:b1:77:96:77:71:70:08:2a:21:a8:7f:09:20:21:0d: 59:bd:a8:b7:db:6f:de:45:38:70:c8:eb:b2:ac:89:fc:ac:88: b3:3d:bd:eb:ef:06:73:d4:3b:11:c0:b7:2c:0f:21:08:19:6d: 7a:43:a9:d9:d7:07:c9:83:81:5d:83:8e:b8:0c:92:48:63:2a: 12:f4:82:76:4f:3f:4c:33:76:23:00:f3:49:8f:bb:2d:d0:d8: c6:64:37:bf -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICHfswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTA5MTMw MzA0NDVaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDY1MzkzRUIxN0JERTM5 NkJFRTRGQ0I2Nzk1NTFBMTZGMEMyNTBEMDMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDMqpxqUZnr7qBStvtnB9DhpYyo4lgWaRs2KfLY34MBUWDnZbzy RU/U9+QBz+tAiuhpUW3hrGE4KU7Ud9+RD3rRocNBpQBUdgR916juC7fEh92cLagL cjnByj8eQx3xJRVeQwMCChcNYN5MZNKuDkRc2+96Ig2u7rrQoOpQDq59YGi8JPwx FC5Sjn+cb5zoHhA9Dtk4WvDSmtB1cFztuYJNkVl6MiAaRTKn2mO8Yy3kRQ5sHkFi nHfFR5/E3+blpvAuireAR1Mep/FR35QMj/zKrezClsEn9lHDlbU9N+AbLsU9GssU LDwRhOlDyMasdICPBEFxjhlhSgsf5ZU1wdORAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUZTk+sXveOWvuT8tnlVGhbwwlDQMwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L1pUay1zWHZlT1d2dVQ4 dG5sVkdoYnd3bERRTS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAJn3VwwDQYJKoZIhvcNAQELBQADggEBAE4TWyBNz7nyaZFO2Nj0O03asz3PBA80 SjQEc9WbUo4RFALLJUhk+kGSmUUBKsDJoC2VHU78dt6qlVWzDapv7k8pIGd7AAuT GtGqYUXg7i445u750MwrljyARYDh58JKzn5nCKcjUzD+TBNAsearrsHYhW/JQSRY Gbr2V5kmfoQ9NKLtrZBL8BKJ1orfRa3r7KpOUB/PXo+8UcPVQ9nF1FKVBpPPH7F3 lndxcAgqIah/CSAhDVm9qLfbb95FOHDI67KsifysiLM9vevvBnPUOxHAtywPIQgZ bXpDqdnXB8mDgV2DjrgMkkhjKhL0gnZPP0wzdiMA80mPuy3Q2MZkN78= -----END CERTIFICATE-----Generated at Mon Oct 20 13:13:56 2025 by rpki-client