$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/ayfNkQysKwwRXxq90a4S8YePAg8.roa File: ayfNkQysKwwRXxq90a4S8YePAg8.roa (raw, json) Hash identifier: Of1d56D1L5ueuyzbYct5VCaJkYgBVcKp++fBRCUOHhs= Subject key identifier: 6B:27:CD:91:0C:AC:2B:0C:11:5F:1A:BD:D1:AE:12:F1:87:8F:02:0F Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 1EE3 Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/ayfNkQysKwwRXxq90a4S8YePAg8.roa Signing time: Sat 13 Sep 2025 03:05:35 +0000 ROA not before: Sat 13 Sep 2025 03:05:35 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 24373 IP address blocks: 45.252.28.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 15:05:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7907 (0x1ee3) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Sep 13 03:05:35 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=6B27CD910CAC2B0C115F1ABDD1AE12F1878F020F Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f1:01:c8:7c:a6:fc:85:ec:63:3f:16:87:f8:89: 35:af:33:88:99:8b:c3:54:2f:4e:08:c5:c9:36:bd: 8b:6b:7f:00:11:28:4c:20:a2:c6:9e:44:62:90:83: 03:c5:96:d4:a8:29:d7:db:69:25:cb:7d:c4:94:d2: 99:b3:e5:c6:30:06:a9:62:72:ac:1d:ce:9c:f2:f3: 3f:3d:46:f7:0f:24:a9:43:49:76:72:cc:7f:98:ce: 6a:9e:4c:43:f6:1a:fa:d4:ed:48:67:8a:95:a7:d8: 83:c1:2a:c9:da:69:e1:df:a1:5f:7e:0e:54:f2:b5: 5d:8f:99:d6:2b:e7:9f:ee:8e:5c:81:5f:a5:03:b3: c7:d9:30:ab:ac:dd:e3:4d:8a:84:46:fa:3d:2e:0e: a6:b2:86:bd:04:d5:f5:1d:62:15:67:34:59:e4:ab: eb:47:f4:95:ac:d7:db:dc:e1:fa:dc:90:d9:17:af: 9d:6b:84:58:7c:72:39:8a:48:3d:c8:56:30:e5:f4: 97:9c:36:c7:3b:06:36:31:09:b6:f2:0b:46:3b:9d: 09:cf:13:43:a4:49:f0:2f:9d:ad:8e:e8:65:45:fd: 36:04:28:ef:77:d0:a5:99:5a:9a:52:fb:08:07:f3: 1c:bc:7e:61:8e:56:b3:24:ad:89:79:7e:df:eb:45: 5f:3b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6B:27:CD:91:0C:AC:2B:0C:11:5F:1A:BD:D1:AE:12:F1:87:8F:02:0F X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/ayfNkQysKwwRXxq90a4S8YePAg8.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 45.252.28.0/22 Signature Algorithm: sha256WithRSAEncryption b5:fb:c8:04:ff:16:2d:c9:23:bc:03:24:25:cd:ab:42:82:bc: 0f:61:b0:38:97:e3:8f:b2:43:b6:9e:bc:3a:a6:95:99:e5:6f: 9a:90:4c:a9:29:a3:ba:a1:e8:b8:e4:ff:bc:b5:d4:60:87:a3: e4:42:ce:9c:7e:cb:c8:8e:88:eb:97:79:6c:cf:c0:a7:ca:95: 83:a0:8f:f2:60:fd:b2:4e:b1:77:f6:55:5d:d5:54:47:32:82: 31:fa:29:ce:78:ff:8a:da:fb:a7:40:2c:bb:52:a2:e1:c1:34: 3f:d4:ca:1f:5e:98:15:d1:9f:65:59:79:ab:e3:f2:fd:30:b0: 77:43:9a:c3:ca:10:f4:58:9f:3b:48:65:8f:f0:b9:b3:17:6b: fd:0c:dc:53:d1:12:b7:d2:3e:c2:96:93:1b:f2:e1:f8:b1:1d: ea:ed:61:02:61:5b:37:db:35:b6:9a:98:01:2e:fe:9b:ba:f6: 45:fc:40:a3:ae:8c:89:a4:37:7f:4d:84:77:29:84:dc:de:21: 46:d8:41:48:1f:4f:bb:58:40:8f:57:65:23:ab:35:31:f9:fd: 51:fe:76:da:7e:fc:89:e3:ae:a5:0a:f6:35:72:79:02:ee:5b: fd:46:b2:ec:66:e7:2f:af:07:5c:50:a8:29:ff:79:32:b1:18: 4c:73:f1:9a -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICHuMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTA5MTMw MzA1MzVaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDZCMjdDRDkxMENBQzJC MEMxMTVGMUFCREQxQUUxMkYxODc4RjAyMEYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDxAch8pvyF7GM/Fof4iTWvM4iZi8NUL04Ixck2vYtrfwARKEwg osaeRGKQgwPFltSoKdfbaSXLfcSU0pmz5cYwBqlicqwdzpzy8z89RvcPJKlDSXZy zH+YzmqeTEP2GvrU7UhnipWn2IPBKsnaaeHfoV9+DlTytV2PmdYr55/ujlyBX6UD s8fZMKus3eNNioRG+j0uDqayhr0E1fUdYhVnNFnkq+tH9JWs19vc4frckNkXr51r hFh8cjmKSD3IVjDl9JecNsc7BjYxCbbyC0Y7nQnPE0OkSfAvna2O6GVF/TYEKO93 0KWZWppS+wgH8xy8fmGOVrMkrYl5ft/rRV87AgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUayfNkQysKwwRXxq90a4S8YePAg8wHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L2F5Zk5rUXlzS3d3Ulh4 cTkwYTRTOFllUEFnOC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAIt/BwwDQYJKoZIhvcNAQELBQADggEBALX7yAT/Fi3JI7wDJCXNq0KCvA9hsDiX 44+yQ7aevDqmlZnlb5qQTKkpo7qh6Ljk/7y11GCHo+RCzpx+y8iOiOuXeWzPwKfK lYOgj/Jg/bJOsXf2VV3VVEcygjH6Kc54/4ra+6dALLtSouHBND/Uyh9emBXRn2VZ eavj8v0wsHdDmsPKEPRYnztIZY/wubMXa/0M3FPRErfSPsKWkxvy4fixHertYQJh WzfbNbaamAEu/pu69kX8QKOujImkN39NhHcphNzeIUbYQUgfT7tYQI9XZSOrNTH5 /VH+dtp+/InjrqUK9jVyeQLuW/1Gsuxm5y+vB1xQqCn/eTKxGExz8Zo= -----END CERTIFICATE-----Generated at Mon Oct 20 14:31:19 2025 by rpki-client