$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/do0roG_29eOPvF1gEOjrIue7KWE.roa File: do0roG_29eOPvF1gEOjrIue7KWE.roa (raw, json) Hash identifier: T6JZkMtjkyvGnhh+plP9X1W5E8LCirLM0T/c06eJIwI= Subject key identifier: 76:8D:2B:A0:6F:F6:F5:E3:8F:BC:5D:60:10:E8:EB:22:E7:BB:29:61 Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 1DF2 Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/do0roG_29eOPvF1gEOjrIue7KWE.roa Signing time: Sat 13 Sep 2025 03:04:43 +0000 ROA not before: Sat 13 Sep 2025 03:04:43 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 59083 IP address blocks: 202.174.124.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 13:37:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7666 (0x1df2) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Sep 13 03:04:43 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=768D2BA06FF6F5E38FBC5D6010E8EB22E7BB2961 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ed:6b:d0:1c:c3:ca:55:12:99:fd:64:46:98:41: 1a:7d:b3:ce:00:0c:bb:47:c7:d5:15:9e:99:b7:56: 26:d2:2e:c9:e5:2b:68:44:e2:8f:49:e2:4e:f0:5e: 74:d6:d0:42:de:d5:67:36:53:cf:a0:33:59:eb:e7: ee:91:88:5a:c7:18:73:8b:16:ff:41:cd:5b:ff:7c: 4e:51:b8:2c:91:fc:a6:90:60:42:7a:39:7b:f5:c1: 43:c7:23:bb:ad:96:08:e1:e8:84:2e:f6:58:b8:b6: d8:77:c4:8b:93:4a:2b:56:54:41:4a:dc:33:53:cb: 12:a9:f1:5a:81:73:22:dd:ae:8e:37:5e:49:69:06: ae:00:2c:6a:51:7c:55:02:35:b8:42:28:1c:6f:b9: e6:fa:79:3e:9d:64:62:ce:6f:0b:7a:1b:ba:9f:43: 28:bb:5e:0c:66:b4:73:5c:6e:e4:2d:64:cd:57:70: 30:21:01:d2:a9:53:9b:bd:92:28:3f:b4:9e:33:73: a3:2f:ff:a3:7e:e0:af:5d:d7:cc:54:2c:61:d2:b2: 43:b6:d1:57:82:e6:09:64:f8:c7:29:9d:0b:d2:6e: 02:65:d3:95:04:31:13:ac:c2:92:0d:08:a5:cc:2f: 26:20:fe:b7:5d:79:53:79:fb:dd:ca:b3:aa:c9:b6: d4:eb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 76:8D:2B:A0:6F:F6:F5:E3:8F:BC:5D:60:10:E8:EB:22:E7:BB:29:61 X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/do0roG_29eOPvF1gEOjrIue7KWE.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 202.174.124.0/22 Signature Algorithm: sha256WithRSAEncryption 0e:34:f5:c8:e3:19:f7:0b:9c:0b:e0:72:6a:24:13:47:87:f8: ec:d1:7e:56:ff:ee:6e:0e:5a:37:59:44:2e:ac:90:82:c9:2e: 47:16:7a:14:6c:aa:36:f4:ff:29:70:15:93:c3:41:41:46:a2: 5a:e6:e3:0b:99:a0:1f:c2:f2:22:c0:21:29:d3:a2:81:36:b1: fb:19:30:ec:3c:cb:38:63:11:b6:c2:a4:39:c6:c1:67:ff:76: 37:d1:3a:25:aa:36:48:fb:27:db:ba:e0:d8:16:89:21:79:58: 54:b7:c0:0e:74:d7:c8:1b:4f:f6:6b:ed:88:6f:3c:0c:80:0f: 0e:fc:d5:0f:e2:69:f9:c3:ed:fc:ae:c6:a2:d5:b0:5b:47:b2: a6:b5:f9:3b:cd:af:f5:25:53:f6:0c:e2:16:56:b0:5d:c0:21: 69:37:b2:fd:cd:e0:ed:ac:8a:b3:20:db:72:b9:c3:91:14:6a: 4b:02:aa:6e:d5:32:76:a0:fd:b1:cb:4d:09:27:04:07:42:2f: 20:97:e1:b5:49:09:b3:40:27:37:55:ec:24:b0:fe:83:87:0b: 7a:83:a4:f2:0a:c5:41:1b:18:42:96:52:a1:3d:b2:c3:d0:0f: 76:24:f6:b4:f3:07:1b:d7:e7:e0:89:b5:bf:ec:d5:95:8e:69: 64:c9:5c:9f -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICHfIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTA5MTMw MzA0NDNaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDc2OEQyQkEwNkZGNkY1 RTM4RkJDNUQ2MDEwRThFQjIyRTdCQjI5NjEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDta9Acw8pVEpn9ZEaYQRp9s84ADLtHx9UVnpm3VibSLsnlK2hE 4o9J4k7wXnTW0ELe1Wc2U8+gM1nr5+6RiFrHGHOLFv9BzVv/fE5RuCyR/KaQYEJ6 OXv1wUPHI7utlgjh6IQu9li4tth3xIuTSitWVEFK3DNTyxKp8VqBcyLdro43Xklp Bq4ALGpRfFUCNbhCKBxvueb6eT6dZGLObwt6G7qfQyi7XgxmtHNcbuQtZM1XcDAh AdKpU5u9kig/tJ4zc6Mv/6N+4K9d18xULGHSskO20VeC5glk+McpnQvSbgJl05UE MROswpINCKXMLyYg/rddeVN5+93Ks6rJttTrAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUdo0roG/29eOPvF1gEOjrIue7KWEwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L2RvMHJvR18yOWVPUHZG MWdFT2pySXVlN0tXRS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BALKrnwwDQYJKoZIhvcNAQELBQADggEBAA409cjjGfcLnAvgcmokE0eH+OzRflb/ 7m4OWjdZRC6skILJLkcWehRsqjb0/ylwFZPDQUFGolrm4wuZoB/C8iLAISnTooE2 sfsZMOw8yzhjEbbCpDnGwWf/djfROiWqNkj7J9u64NgWiSF5WFS3wA5018gbT/Zr 7YhvPAyADw781Q/iafnD7fyuxqLVsFtHsqa1+TvNr/UlU/YM4hZWsF3AIWk3sv3N 4O2sirMg23K5w5EUaksCqm7VMnag/bHLTQknBAdCLyCX4bVJCbNAJzdV7CSw/oOH C3qDpPIKxUEbGEKWUqE9ssPQD3Yk9rTzBxvX5+CJtb/s1ZWOaWTJXJ8= -----END CERTIFICATE-----Generated at Mon Oct 20 13:13:37 2025 by rpki-client