$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/bZlgfdeIsV50WNI849EFImXDAk8.roa File: bZlgfdeIsV50WNI849EFImXDAk8.roa (raw, json) Hash identifier: nyBUB77LyypDDuXH4yo0OLLQWVF2b139pAQbUvWU5tw= Subject key identifier: 6D:99:60:7D:D7:88:B1:5E:74:58:D2:3C:E3:D1:05:22:65:C3:02:4F Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 1EB5 Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/bZlgfdeIsV50WNI849EFImXDAk8.roa Signing time: Sat 13 Sep 2025 03:05:24 +0000 ROA not before: Sat 13 Sep 2025 03:05:24 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 17621 IP address blocks: 150.242.238.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 13:37:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7861 (0x1eb5) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Sep 13 03:05:24 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=6D99607DD788B15E7458D23CE3D1052265C3024F Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a0:f8:75:41:a9:eb:59:89:18:24:c7:de:ff:05: b1:86:ba:43:99:cf:77:ac:9f:dc:8e:c2:6d:dc:7c: 86:f5:44:81:cc:4f:f2:25:8e:be:31:c3:ef:a9:6d: b7:1e:89:de:cb:56:aa:ea:d9:f1:79:21:8a:a7:22: 1f:89:98:d6:46:f8:63:a6:ec:c6:b5:3d:41:58:90: 3a:fa:12:52:94:50:5b:9a:f6:09:10:70:e7:50:03: 73:65:8d:65:e6:a8:45:b5:d9:8d:23:1b:1b:f3:a9: 6e:c8:37:eb:2d:99:c7:d1:b2:d8:f2:74:c9:33:69: 9c:7a:38:7a:cd:fe:09:5f:2d:4a:9c:1f:4c:b3:4e: f0:e1:b5:b6:aa:24:c3:4a:a5:73:15:0d:27:d1:61: 27:f8:a9:cc:de:f4:90:9e:5c:99:40:0c:5c:db:3f: c7:5d:5d:59:4f:4d:42:9c:71:92:a6:82:e9:0a:ef: 14:d4:ff:b3:05:22:b5:fa:22:fa:51:fa:19:d0:44: b6:05:59:41:c0:67:f9:16:7d:31:04:d3:d6:eb:c1: e8:7e:8e:b6:cb:92:1e:93:6b:6a:71:57:09:ce:a5: 4a:b3:e3:c0:3b:fe:57:4f:a7:be:a9:8b:b3:0a:0e: 4c:f5:c7:c4:5a:4b:de:cc:45:0b:bc:d2:ad:41:02: bd:ef Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6D:99:60:7D:D7:88:B1:5E:74:58:D2:3C:E3:D1:05:22:65:C3:02:4F X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/bZlgfdeIsV50WNI849EFImXDAk8.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 150.242.238.0/23 Signature Algorithm: sha256WithRSAEncryption 3f:2c:9c:7e:fa:1b:10:f4:41:2f:0f:de:b8:17:24:79:ea:78: d8:56:74:56:31:19:08:2c:3a:7d:d1:89:63:74:85:19:4d:a2: 78:3c:9f:8d:3e:26:8d:31:26:6f:2f:45:4b:9c:c9:c6:86:d6: ca:d7:7a:89:b1:0e:a9:61:c2:55:3d:e1:01:52:99:69:a2:8d: 9c:5f:d1:79:c9:11:0d:05:3f:b6:0e:a1:4b:00:39:c2:a8:75: 5f:8f:6b:93:78:f2:be:f7:e0:af:e9:ee:ba:fc:1e:63:ed:a6: f9:9d:01:5d:7b:e7:39:d6:a2:88:0f:de:61:32:33:c9:ce:4f: f8:18:08:98:c7:04:57:c3:4c:dd:97:80:5a:cb:63:88:b7:6e: 6a:06:ee:1c:06:68:fd:8d:fb:f3:b7:00:4e:37:e8:d2:6a:a8: 6b:df:9e:30:3b:2c:25:b7:64:fb:85:e4:e9:5a:b0:62:b4:d3: 26:32:b4:b3:f2:e1:aa:f5:16:8a:48:ba:01:a6:f6:eb:ae:43: 64:27:fa:98:1a:93:1a:9b:a6:00:f5:4a:78:c9:ba:3e:12:db: 95:00:1d:45:24:c6:1e:df:8d:1d:0f:c0:e9:9c:32:94:59:98: fc:8e:4f:81:4c:90:c8:e9:aa:15:b7:49:9a:7a:52:a5:f1:4e: 51:ec:4e:f9 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICHrUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTA5MTMw MzA1MjRaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDZEOTk2MDdERDc4OEIx NUU3NDU4RDIzQ0UzRDEwNTIyNjVDMzAyNEYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCg+HVBqetZiRgkx97/BbGGukOZz3esn9yOwm3cfIb1RIHMT/Il jr4xw++pbbceid7LVqrq2fF5IYqnIh+JmNZG+GOm7Ma1PUFYkDr6ElKUUFua9gkQ cOdQA3NljWXmqEW12Y0jGxvzqW7IN+stmcfRstjydMkzaZx6OHrN/glfLUqcH0yz TvDhtbaqJMNKpXMVDSfRYSf4qcze9JCeXJlADFzbP8ddXVlPTUKccZKmgukK7xTU /7MFIrX6IvpR+hnQRLYFWUHAZ/kWfTEE09brweh+jrbLkh6Ta2pxVwnOpUqz48A7 /ldPp76pi7MKDkz1x8RaS97MRQu80q1BAr3vAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUbZlgfdeIsV50WNI849EFImXDAk8wHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L2JabGdmZGVJc1Y1MFdO STg0OUVGSW1YREFrOC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAGW8u4wDQYJKoZIhvcNAQELBQADggEBAD8snH76GxD0QS8P3rgXJHnqeNhWdFYx GQgsOn3RiWN0hRlNong8n40+Jo0xJm8vRUucycaG1srXeomxDqlhwlU94QFSmWmi jZxf0XnJEQ0FP7YOoUsAOcKodV+Pa5N48r734K/p7rr8HmPtpvmdAV175znWoogP 3mEyM8nOT/gYCJjHBFfDTN2XgFrLY4i3bmoG7hwGaP2N+/O3AE436NJqqGvfnjA7 LCW3ZPuF5OlasGK00yYytLPy4ar1FopIugGm9uuuQ2Qn+pgakxqbpgD1SnjJuj4S 25UAHUUkxh7fjR0PwOmcMpRZmPyOT4FMkMjpqhW3SZp6UqXxTlHsTvk= -----END CERTIFICATE-----Generated at Mon Oct 20 11:18:45 2025 by rpki-client