$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/df7v4ZEJbYuGC3KqSy7nQ6LpX90.roa File: df7v4ZEJbYuGC3KqSy7nQ6LpX90.roa (raw, json) Hash identifier: uccP8qC3p8mk188fCB3uE4VES5KkexZnnkinGVvW7pc= Subject key identifier: 75:FE:EF:E1:91:09:6D:8B:86:0B:72:AA:4B:2E:E7:43:A2:E9:5F:DD Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 1DED Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/df7v4ZEJbYuGC3KqSy7nQ6LpX90.roa Signing time: Sat 13 Sep 2025 03:04:42 +0000 ROA not before: Sat 13 Sep 2025 03:04:42 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 13444 IP address blocks: 103.221.51.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 13:37:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7661 (0x1ded) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Sep 13 03:04:42 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=75FEEFE191096D8B860B72AA4B2EE743A2E95FDD Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:34:36:39:48:66:3a:e0:66:83:8b:5f:d7:4c: 60:47:d8:92:be:90:fd:f7:fb:5f:41:10:6d:ff:2d: 56:a7:be:b5:fa:7a:83:a7:8b:e4:31:af:16:b5:95: 83:47:b4:1d:f8:ea:65:ee:9d:1b:46:bd:ff:cd:4c: e2:e2:db:27:14:85:d6:fa:b6:b4:8e:3e:37:43:c9: f6:48:77:67:54:e8:26:c4:6a:88:24:02:d3:3f:af: 47:5c:e5:ac:21:42:92:20:99:31:4e:97:a3:88:76: 9c:a8:72:c2:34:97:09:d1:7f:ff:93:fe:1f:53:ac: bb:4f:bd:0f:a2:e1:18:b8:5f:35:4c:b8:d5:29:2d: fa:8c:5e:14:1b:92:62:8b:64:cd:db:16:f3:64:49: 1d:57:5e:24:f1:1a:97:c0:88:f6:09:c5:ca:bc:3b: 93:2e:c0:16:1e:cd:d9:8b:92:b7:40:44:f6:67:19: 15:4e:28:d4:c4:7e:fd:ae:8e:47:d0:82:d6:f3:c3: 9b:f8:6d:f8:c7:70:39:3d:53:75:96:c7:c8:54:6f: 21:67:0e:cc:0a:eb:f0:27:37:f2:57:18:e1:e7:3c: f4:e0:fc:e5:6a:65:6f:0b:2d:58:20:5a:95:00:ea: b7:93:b3:fe:ac:b3:1c:91:ca:0c:aa:f6:5a:a4:15: eb:1b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 75:FE:EF:E1:91:09:6D:8B:86:0B:72:AA:4B:2E:E7:43:A2:E9:5F:DD X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/df7v4ZEJbYuGC3KqSy7nQ6LpX90.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.221.51.0/24 Signature Algorithm: sha256WithRSAEncryption 39:22:c2:62:d6:b0:c6:d8:27:5b:a1:a4:e7:5e:cd:59:8d:1d: 12:c5:45:9b:a7:6f:df:ed:c3:c0:7c:ec:fd:05:14:6d:8a:75: db:1d:54:8e:08:2e:1d:29:30:ed:d8:c6:bd:e1:c8:0c:82:b6: c8:eb:ad:76:1c:6f:47:71:73:cb:09:8c:9d:09:b7:b4:dc:28: 71:c4:00:b4:4e:15:4c:25:d5:33:e1:35:b8:5e:5b:5b:dc:8f: 4d:23:45:9a:c0:1e:53:1d:6e:4d:c8:31:ef:4b:25:5e:01:7d: 1d:40:51:73:fe:1e:f3:98:2a:48:e9:fe:87:4e:f9:7e:bc:83: 65:e7:db:6a:76:f4:d2:e3:1d:13:5a:14:db:56:5e:5b:09:57: b8:1c:16:b3:16:f1:70:f3:8e:0e:bb:f9:8e:cb:2b:cf:36:a3: 7b:4f:57:64:aa:43:fb:d6:f1:29:10:26:39:1d:05:dc:24:6d: b5:c6:76:e0:29:fa:b4:91:e0:10:0b:44:fc:3d:92:ce:db:96: e8:f7:eb:86:20:cb:7a:7b:76:68:3f:7c:6d:de:3a:0d:a8:fc: 44:68:01:cd:cc:19:74:30:ac:ee:99:e9:ed:75:78:21:10:16: 72:9e:ae:df:23:cb:18:05:48:f7:1d:05:0f:be:82:7d:62:96: 1d:14:23:39 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICHe0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTA5MTMw MzA0NDJaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDc1RkVFRkUxOTEwOTZE OEI4NjBCNzJBQTRCMkVFNzQzQTJFOTVGREQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCsNDY5SGY64GaDi1/XTGBH2JK+kP33+19BEG3/LVanvrX6eoOn i+Qxrxa1lYNHtB346mXunRtGvf/NTOLi2ycUhdb6trSOPjdDyfZId2dU6CbEaogk AtM/r0dc5awhQpIgmTFOl6OIdpyocsI0lwnRf/+T/h9TrLtPvQ+i4Ri4XzVMuNUp LfqMXhQbkmKLZM3bFvNkSR1XXiTxGpfAiPYJxcq8O5MuwBYezdmLkrdARPZnGRVO KNTEfv2ujkfQgtbzw5v4bfjHcDk9U3WWx8hUbyFnDswK6/AnN/JXGOHnPPTg/OVq ZW8LLVggWpUA6reTs/6ssxyRygyq9lqkFesbAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUdf7v4ZEJbYuGC3KqSy7nQ6LpX90wHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L2RmN3Y0WkVKYll1R0Mz S3FTeTduUTZMcFg5MC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BABn3TMwDQYJKoZIhvcNAQELBQADggEBADkiwmLWsMbYJ1uhpOdezVmNHRLFRZun b9/tw8B87P0FFG2KddsdVI4ILh0pMO3Yxr3hyAyCtsjrrXYcb0dxc8sJjJ0Jt7Tc KHHEALROFUwl1TPhNbheW1vcj00jRZrAHlMdbk3IMe9LJV4BfR1AUXP+HvOYKkjp /odO+X68g2Xn22p29NLjHRNaFNtWXlsJV7gcFrMW8XDzjg67+Y7LK882o3tPV2Sq Q/vW8SkQJjkdBdwkbbXGduAp+rSR4BALRPw9ks7bluj364Ygy3p7dmg/fG3eOg2o /ERoAc3MGXQwrO6Z6e11eCEQFnKert8jyxgFSPcdBQ++gn1ilh0UIzk= -----END CERTIFICATE-----Generated at Mon Oct 20 13:13:40 2025 by rpki-client