$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/aTodi0AhjR97nS7uQNys9JLWLao.roa File: aTodi0AhjR97nS7uQNys9JLWLao.roa (raw, json) Hash identifier: 9zCV+ln8w0fB0CI7iK2OZxPfDz/+56ef6PtJIgPPBFg= Subject key identifier: 69:3A:1D:8B:40:21:8D:1F:7B:9D:2E:EE:40:DC:AC:F4:92:D6:2D:AA Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 1E7C Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/aTodi0AhjR97nS7uQNys9JLWLao.roa Signing time: Sat 13 Sep 2025 03:05:12 +0000 ROA not before: Sat 13 Sep 2025 03:05:12 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 59083 IP address blocks: 103.10.0.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 13:37:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7804 (0x1e7c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Sep 13 03:05:12 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=693A1D8B40218D1F7B9D2EEE40DCACF492D62DAA Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:45:8f:81:63:15:6c:13:97:5c:3e:95:b6:48: 69:91:90:a3:d0:22:58:18:ae:a8:17:ad:24:a2:26: b0:62:d0:bc:b8:38:62:ce:af:af:5a:5c:69:60:62: ba:d5:73:e2:21:56:bc:45:6a:ad:1b:80:67:68:b8: 47:17:8e:1c:20:43:d7:db:74:10:96:7a:fa:40:4c: ad:ec:2c:0d:47:d1:c3:95:7e:9a:32:76:72:f2:e1: d0:5d:1c:ac:6b:2b:ca:0c:5c:d0:91:37:d2:74:57: dc:19:b3:d1:e0:8f:8e:f0:d7:f8:c9:fe:e0:d3:a0: b3:42:49:69:4b:4f:e3:99:1b:d2:dd:90:62:48:1f: d8:77:36:42:48:25:62:b7:93:7a:c4:ef:4a:9c:e2: e9:62:69:c1:b7:07:68:9d:e4:ef:f2:75:50:69:83: c2:a3:77:66:93:4a:27:c7:84:a7:eb:3a:a4:b0:df: 4e:6e:c4:1c:c2:2b:fc:ed:2c:cf:fa:53:d5:04:62: df:db:4e:df:0f:86:e4:32:fb:9e:98:81:63:c8:a3: 05:0f:99:45:76:b0:6c:f3:29:47:c6:b4:28:db:f8: 38:fb:f9:c1:06:0c:67:76:7a:0a:4d:35:fa:2c:09: 8f:51:9f:94:9c:72:7e:90:a4:86:91:11:0a:be:46: e1:3f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 69:3A:1D:8B:40:21:8D:1F:7B:9D:2E:EE:40:DC:AC:F4:92:D6:2D:AA X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/aTodi0AhjR97nS7uQNys9JLWLao.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.10.0.0/22 Signature Algorithm: sha256WithRSAEncryption 2a:68:eb:d1:41:90:c8:bd:50:ec:38:ea:9b:fd:94:7d:79:7c: 7e:ec:5b:07:97:f9:4b:7e:05:2c:3e:d6:09:19:59:17:e0:4a: f8:78:90:24:88:4e:5c:b6:04:ce:a3:b2:15:5a:04:dd:13:0d: 9f:68:60:a2:e9:28:f3:7d:18:ef:46:57:7c:7e:1c:a8:33:f7: 88:e8:9a:dc:00:fa:ad:13:98:e1:c5:b6:64:59:d0:bd:1d:9c: 39:c2:f4:5c:80:e1:a8:e3:a1:a7:d0:5a:a0:df:f6:3f:03:ab: f4:ca:23:b1:7e:8c:0c:3e:9c:80:bd:3d:3d:77:a7:da:2a:90: 31:13:57:96:ab:0e:65:cf:4a:43:c9:ce:1f:ad:b5:a9:43:98: ab:4d:d7:ee:fb:0b:25:b3:34:6a:0c:eb:f0:5f:9f:6b:75:01: c9:f5:c9:d6:2b:ec:6a:22:c4:5e:f2:02:90:88:f1:f3:d5:05: b8:b6:1c:51:59:d3:a3:54:a3:a5:12:fe:e8:41:9c:03:58:49: 81:01:83:e6:40:f0:e0:2b:bf:f6:a5:a0:07:f6:c2:95:7c:0e: c8:02:d5:a8:3e:39:b1:53:56:90:15:f0:25:98:04:05:39:57: ad:83:ba:50:a2:6e:c8:d8:9d:85:a8:a1:3e:be:a5:bb:fa:1e: 32:82:41:2a -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICHnwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTA5MTMw MzA1MTJaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDY5M0ExRDhCNDAyMThE MUY3QjlEMkVFRTQwRENBQ0Y0OTJENjJEQUEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDBRY+BYxVsE5dcPpW2SGmRkKPQIlgYrqgXrSSiJrBi0Ly4OGLO r69aXGlgYrrVc+IhVrxFaq0bgGdouEcXjhwgQ9fbdBCWevpATK3sLA1H0cOVfpoy dnLy4dBdHKxrK8oMXNCRN9J0V9wZs9Hgj47w1/jJ/uDToLNCSWlLT+OZG9LdkGJI H9h3NkJIJWK3k3rE70qc4uliacG3B2id5O/ydVBpg8Kjd2aTSifHhKfrOqSw305u xBzCK/ztLM/6U9UEYt/bTt8PhuQy+56YgWPIowUPmUV2sGzzKUfGtCjb+Dj7+cEG DGd2egpNNfosCY9Rn5Sccn6QpIaREQq+RuE/AgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUaTodi0AhjR97nS7uQNys9JLWLaowHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L2FUb2RpMEFoalI5N25T N3VRTnlzOUpMV0xhby5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAJnCgAwDQYJKoZIhvcNAQELBQADggEBACpo69FBkMi9UOw46pv9lH15fH7sWweX +Ut+BSw+1gkZWRfgSvh4kCSITly2BM6jshVaBN0TDZ9oYKLpKPN9GO9GV3x+HKgz 94jomtwA+q0TmOHFtmRZ0L0dnDnC9FyA4ajjoafQWqDf9j8Dq/TKI7F+jAw+nIC9 PT13p9oqkDETV5arDmXPSkPJzh+ttalDmKtN1+77CyWzNGoM6/Bfn2t1Acn1ydYr 7GoixF7yApCI8fPVBbi2HFFZ06NUo6US/uhBnANYSYEBg+ZA8OArv/aloAf2wpV8 DsgC1ag+ObFTVpAV8CWYBAU5V62DulCibsjYnYWooT6+pbv6HjKCQSo= -----END CERTIFICATE-----Generated at Mon Oct 20 13:30:55 2025 by rpki-client