$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/cHxlMEpt0wnBw9ev2EPd6zW4rRA.roa File: cHxlMEpt0wnBw9ev2EPd6zW4rRA.roa (raw, json) Hash identifier: A64bTB1lUpKEEIHEjVgejDKK/RvGkVUxEIwQbB/Fw2c= Subject key identifier: 70:7C:65:30:4A:6D:D3:09:C1:C3:D7:AF:D8:43:DD:EB:35:B8:AD:10 Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 1E07 Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/cHxlMEpt0wnBw9ev2EPd6zW4rRA.roa Signing time: Sat 13 Sep 2025 03:04:48 +0000 ROA not before: Sat 13 Sep 2025 03:04:48 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 139259 IP address blocks: 45.252.28.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 13:37:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7687 (0x1e07) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Sep 13 03:04:48 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=707C65304A6DD309C1C3D7AFD843DDEB35B8AD10 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:db:97:8f:55:4c:1d:21:c6:98:67:6e:c9:1d:df: f2:12:be:89:5c:79:e3:af:0a:4c:8d:d4:fc:01:08: d6:0f:60:ca:40:65:5c:23:12:ff:db:38:cc:33:98: 81:c8:32:9f:6a:c1:25:b9:53:89:e5:22:85:ef:ac: 69:6d:8d:a6:eb:f3:f8:aa:cd:b3:ba:cf:24:c3:5f: 27:24:88:50:eb:79:3b:18:ad:44:4f:30:b5:9f:ee: 6d:5b:74:f5:6a:32:e3:62:d3:d8:89:52:54:07:08: 6b:c9:bd:04:18:c1:3a:ac:cd:ee:86:37:e3:7a:dd: 73:47:bf:5a:ca:6f:3f:a0:f9:aa:6b:1e:54:8e:10: 81:74:1b:f7:5b:2e:98:79:c6:65:60:28:16:41:ca: d8:79:ed:07:d1:5c:a1:0e:8b:79:7f:d7:4d:19:ea: 63:ca:63:0e:4e:cd:e7:b0:eb:fa:8d:a3:f8:ea:9f: d2:a5:b1:92:12:cf:c4:cb:57:29:c8:bb:fa:a3:3d: 83:95:7f:1b:06:c2:25:81:ff:bf:8b:ab:29:ed:04: 22:6a:5b:ed:ed:a9:0f:d4:0d:88:51:7c:12:09:01: f8:2c:bd:08:6d:5c:ea:06:5f:b5:27:b7:8b:18:f8: ee:61:35:6c:7b:f3:7f:b4:56:f0:71:2d:67:46:a7: 49:95 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 70:7C:65:30:4A:6D:D3:09:C1:C3:D7:AF:D8:43:DD:EB:35:B8:AD:10 X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/cHxlMEpt0wnBw9ev2EPd6zW4rRA.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 45.252.28.0/22 Signature Algorithm: sha256WithRSAEncryption 71:ab:ef:55:3f:ed:f7:24:fe:08:a5:08:2f:ec:92:9b:ef:33: 27:8a:b5:81:09:3e:23:6a:84:76:b6:a5:dd:7e:0e:a5:d7:ff: e0:f0:15:d4:18:d4:f8:76:f8:cc:b4:33:68:68:b0:00:06:99: 8e:46:65:3a:94:08:1a:d2:1d:29:22:bf:5e:ed:49:74:b1:ce: b3:7b:01:34:c0:a4:93:3c:5e:af:b5:43:00:5f:f0:30:c0:9d: cc:a5:07:3f:b3:4e:f9:d2:9f:f9:04:75:8c:65:aa:fe:2d:86: 1d:bc:ed:b9:9a:0b:52:31:c4:7d:66:75:ef:d7:de:d8:4c:55: 94:e9:e3:a1:b2:34:56:96:a7:b6:70:c9:e0:0d:a5:65:75:0f: f4:01:2c:02:3b:4a:51:5f:02:00:d2:04:25:c9:89:84:89:0b: ec:39:f8:8d:55:cf:62:29:b8:5e:11:d5:3a:de:ed:2a:9b:85: 1d:6b:39:4a:f8:a1:30:09:07:06:0a:eb:7d:05:55:f1:7f:b8: 2b:1f:1d:54:4f:f6:08:7f:06:7d:e2:7d:48:e9:b5:6a:ab:83: 0e:25:e2:f8:0c:77:82:49:3b:e4:bf:dc:a7:99:a9:77:5b:c0: 6a:37:6e:c1:86:bb:8e:14:71:03:2b:a2:3a:df:fd:88:54:b4: e0:5d:b0:f5 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICHgcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTA5MTMw MzA0NDhaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDcwN0M2NTMwNEE2REQz MDlDMUMzRDdBRkQ4NDNEREVCMzVCOEFEMTAwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDbl49VTB0hxphnbskd3/ISvolceeOvCkyN1PwBCNYPYMpAZVwj Ev/bOMwzmIHIMp9qwSW5U4nlIoXvrGltjabr8/iqzbO6zyTDXyckiFDreTsYrURP MLWf7m1bdPVqMuNi09iJUlQHCGvJvQQYwTqsze6GN+N63XNHv1rKbz+g+aprHlSO EIF0G/dbLph5xmVgKBZByth57QfRXKEOi3l/100Z6mPKYw5Ozeew6/qNo/jqn9Kl sZISz8TLVynIu/qjPYOVfxsGwiWB/7+LqyntBCJqW+3tqQ/UDYhRfBIJAfgsvQht XOoGX7Unt4sY+O5hNWx783+0VvBxLWdGp0mVAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUcHxlMEpt0wnBw9ev2EPd6zW4rRAwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L2NIeGxNRXB0MHduQnc5 ZXYyRVBkNnpXNHJSQS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAIt/BwwDQYJKoZIhvcNAQELBQADggEBAHGr71U/7fck/gilCC/skpvvMyeKtYEJ PiNqhHa2pd1+DqXX/+DwFdQY1Ph2+My0M2hosAAGmY5GZTqUCBrSHSkiv17tSXSx zrN7ATTApJM8Xq+1QwBf8DDAncylBz+zTvnSn/kEdYxlqv4thh287bmaC1IxxH1m de/X3thMVZTp46GyNFaWp7ZwyeANpWV1D/QBLAI7SlFfAgDSBCXJiYSJC+w5+I1V z2IpuF4R1Tre7SqbhR1rOUr4oTAJBwYK630FVfF/uCsfHVRP9gh/Bn3ifUjptWqr gw4l4vgMd4JJO+S/3KeZqXdbwGo3bsGGu44UcQMrojrf/YhUtOBdsPU= -----END CERTIFICATE-----Generated at Mon Oct 20 13:13:42 2025 by rpki-client