$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/cgI8MvF3dACOH10m0f7pe5d1uew.roa File: cgI8MvF3dACOH10m0f7pe5d1uew.roa (raw, json) Hash identifier: pIHry9nvvuFifuS8JyX4vkymrc/ckVTlRnARF410EWY= Subject key identifier: 72:02:3C:32:F1:77:74:00:8E:1F:5D:26:D1:FE:E9:7B:97:75:B9:EC Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 1E04 Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/cgI8MvF3dACOH10m0f7pe5d1uew.roa Signing time: Sat 13 Sep 2025 03:04:47 +0000 ROA not before: Sat 13 Sep 2025 03:04:47 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 13444 IP address blocks: 103.221.28.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 13:37:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7684 (0x1e04) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Sep 13 03:04:47 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=72023C32F17774008E1F5D26D1FEE97B9775B9EC Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a2:2d:53:fa:b7:d8:ea:35:e5:d7:6d:e8:4d:1e: 87:34:1c:b3:47:84:7a:16:58:0a:69:13:47:f7:8f: cc:6a:ec:d8:b5:c7:53:80:07:0f:d6:d4:50:fe:37: e6:a6:cf:2a:47:70:89:51:3e:ce:17:67:be:02:f2: 97:6a:e5:91:42:4d:93:8e:c3:75:a8:1b:1c:c3:5b: ca:f8:83:e0:f5:e1:b5:1c:e9:f3:06:d9:3b:37:62: 45:79:88:62:ef:a7:88:bc:26:d4:59:bb:88:f5:3c: cb:eb:55:76:57:54:c2:6b:d7:3f:5b:59:8f:c2:e1: cb:98:41:f1:12:0d:d3:81:22:00:a0:c6:4a:a7:ff: 52:b5:ca:13:9a:fd:de:dc:da:f1:2a:f8:f4:1d:81: 88:87:90:85:2a:5f:0f:38:f4:73:22:ab:39:e0:77: f1:13:01:ed:43:2d:73:82:22:b2:25:25:d3:4d:44: b3:d9:41:b2:64:f6:02:39:7c:de:88:af:b0:b7:2e: 25:cb:06:54:72:bb:3b:5c:0c:52:e4:47:ea:fc:06: 80:a2:b8:45:8e:b6:0b:1a:ab:28:de:17:f8:9c:82: 8f:5d:9c:51:6b:29:ce:96:75:1d:fa:c7:a5:ce:69: 6a:7b:27:66:e1:28:4d:f7:e4:8a:ea:44:2a:59:12: 9c:0b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 72:02:3C:32:F1:77:74:00:8E:1F:5D:26:D1:FE:E9:7B:97:75:B9:EC X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/cgI8MvF3dACOH10m0f7pe5d1uew.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.221.28.0/24 Signature Algorithm: sha256WithRSAEncryption d3:03:d0:b9:50:9b:2f:99:ea:5e:d4:a7:f4:65:ad:72:ee:ae: 06:9c:b0:33:e5:09:b7:ce:56:46:59:19:a7:19:9a:a7:3c:2e: 2c:39:92:46:8e:b3:20:9b:e1:ad:8a:5f:e9:80:0b:21:2e:8c: 65:b8:b2:98:17:de:94:c0:b7:12:bb:da:d9:51:35:23:51:09: a9:a8:76:82:cf:c2:3c:40:a8:8a:21:5e:e4:0c:d2:8c:d4:47: e8:c3:8e:70:05:db:fd:22:eb:31:13:72:e7:7c:dc:fb:b0:c7: 4f:8f:50:ea:4c:17:7c:bd:4d:51:76:9e:e1:1b:74:76:16:cd: 19:24:ce:0c:00:56:ee:4f:31:83:f4:0c:54:eb:9a:67:3a:2e: 48:59:1c:4a:56:2b:af:88:87:40:0d:9e:8f:e6:53:20:47:e3: 75:8f:71:8f:64:28:96:86:dd:09:6c:83:0d:b1:fa:21:50:0e: bc:93:b6:e6:22:a0:a9:78:44:1c:fa:6b:8e:35:8b:7f:9d:c3: 71:d5:a2:7a:2b:25:d2:7b:33:4d:0a:14:8e:5a:d3:52:8b:1c: 0e:9b:42:1f:d5:cc:77:c4:43:ff:76:e9:92:62:9a:b7:05:d6: cb:1c:1a:d1:03:79:b3:9e:1d:25:3a:3f:84:2f:ca:1a:dc:7f: fc:4b:65:eb -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICHgQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTA5MTMw MzA0NDdaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDcyMDIzQzMyRjE3Nzc0 MDA4RTFGNUQyNkQxRkVFOTdCOTc3NUI5RUMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCiLVP6t9jqNeXXbehNHoc0HLNHhHoWWAppE0f3j8xq7Ni1x1OA Bw/W1FD+N+amzypHcIlRPs4XZ74C8pdq5ZFCTZOOw3WoGxzDW8r4g+D14bUc6fMG 2Ts3YkV5iGLvp4i8JtRZu4j1PMvrVXZXVMJr1z9bWY/C4cuYQfESDdOBIgCgxkqn /1K1yhOa/d7c2vEq+PQdgYiHkIUqXw849HMiqzngd/ETAe1DLXOCIrIlJdNNRLPZ QbJk9gI5fN6Ir7C3LiXLBlRyuztcDFLkR+r8BoCiuEWOtgsaqyjeF/icgo9dnFFr Kc6WdR36x6XOaWp7J2bhKE335IrqRCpZEpwLAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUcgI8MvF3dACOH10m0f7pe5d1uewwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L2NnSThNdkYzZEFDT0gx MG0wZjdwZTVkMXVldy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BABn3RwwDQYJKoZIhvcNAQELBQADggEBANMD0LlQmy+Z6l7Up/RlrXLurgacsDPl CbfOVkZZGacZmqc8Liw5kkaOsyCb4a2KX+mACyEujGW4spgX3pTAtxK72tlRNSNR CamodoLPwjxAqIohXuQM0ozUR+jDjnAF2/0i6zETcud83Puwx0+PUOpMF3y9TVF2 nuEbdHYWzRkkzgwAVu5PMYP0DFTrmmc6LkhZHEpWK6+Ih0ANno/mUyBH43WPcY9k KJaG3Qlsgw2x+iFQDryTtuYioKl4RBz6a441i3+dw3HVonorJdJ7M00KFI5a01KL HA6bQh/VzHfEQ/926ZJimrcF1sscGtEDebOeHSU6P4Qvyhrcf/xLZes= -----END CERTIFICATE-----Generated at Mon Oct 20 13:30:52 2025 by rpki-client