$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/dsCmhNPF34jS8T8DQ1BGD7wFCdY.roa File: dsCmhNPF34jS8T8DQ1BGD7wFCdY.roa (raw, json) Hash identifier: 0Jun5xXRlAC7LyQLoGrOhbJYootDNaBQ5eBrpzWQS7s= Subject key identifier: 76:C0:A6:84:D3:C5:DF:88:D2:F1:3F:03:43:50:46:0F:BC:05:09:D6 Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 1EDA Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dsCmhNPF34jS8T8DQ1BGD7wFCdY.roa Signing time: Sat 13 Sep 2025 03:05:33 +0000 ROA not before: Sat 13 Sep 2025 03:05:33 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 13444 IP address blocks: 103.221.22.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 13:37:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7898 (0x1eda) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Sep 13 03:05:33 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=76C0A684D3C5DF88D2F13F034350460FBC0509D6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:b2:ae:e4:fc:f3:c0:bc:e0:8d:e1:60:82:24: c6:7d:b9:66:78:69:e7:b9:ad:79:52:c6:16:42:1b: 2f:af:eb:a0:d7:e6:77:c3:2b:20:f4:a9:18:50:87: 91:f4:f1:0f:a2:84:ed:b1:6a:74:7f:9a:51:f6:71: 61:f6:cd:0a:2b:94:1a:4f:6c:51:19:57:a5:04:b5: b2:5f:1e:07:0e:b8:69:88:39:30:d7:9e:53:01:74: e2:0e:82:2a:f5:ea:a0:24:65:d3:1c:b8:a1:0f:b3: e0:58:06:56:0c:70:ff:a6:47:6f:29:e9:ac:53:ac: 2d:33:16:6f:81:a2:96:72:20:e0:6b:f6:a1:c6:e7: 06:09:0c:77:59:8e:eb:51:d6:20:2f:aa:fa:6a:57: 01:26:57:a8:f7:76:05:9c:dc:0c:4f:0d:cc:ba:40: 92:a3:5a:18:8b:66:b3:2c:22:6f:d1:f2:ac:17:6e: 73:6d:56:9c:d5:f5:7b:2e:d7:a1:78:5e:c9:70:4e: 97:33:f8:5a:99:fe:00:d0:b4:46:12:cb:7a:ec:d5: 8d:15:44:9d:1f:3e:f1:46:3c:1b:d4:74:bc:78:c5: c4:8a:21:9b:af:60:da:77:d9:01:92:ce:a4:ae:07: 7e:79:ba:a5:6e:c8:0c:2f:64:0c:8a:d7:56:71:aa: 42:6d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 76:C0:A6:84:D3:C5:DF:88:D2:F1:3F:03:43:50:46:0F:BC:05:09:D6 X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dsCmhNPF34jS8T8DQ1BGD7wFCdY.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.221.22.0/24 Signature Algorithm: sha256WithRSAEncryption 0b:16:c4:fc:2a:a9:b2:80:95:8b:b6:05:5b:64:49:ea:ba:01: 12:28:e1:90:be:71:b6:e3:24:7c:34:e7:03:7c:89:2f:db:f8: 25:7f:0a:23:8f:19:6f:8f:19:0b:07:47:2c:7a:97:f4:f5:fb: ba:41:7f:e7:e4:30:6f:d5:03:59:5c:0a:90:84:3a:d4:88:18: d6:97:dd:40:4b:72:e9:0e:fb:7c:a4:99:36:6e:4d:32:b7:38: bd:06:64:56:f5:3c:a4:4a:1f:74:d8:3c:04:b3:da:a8:7f:4b: e8:fb:29:03:df:fe:4d:cb:74:64:76:03:23:be:28:16:47:36: 48:07:7d:24:1a:8a:92:d1:4a:2e:14:f3:da:83:a8:7e:19:ef: c1:ef:de:ba:ec:f4:7f:9d:1b:bb:62:81:8f:cb:5c:88:43:14: 83:91:66:bf:a2:ce:5a:c0:32:de:d9:7b:d1:c5:ee:61:75:d9: f4:45:c3:4d:f1:ca:1f:a6:2b:d3:01:29:ea:82:3b:5d:24:9e: c3:07:eb:6c:69:eb:dd:a9:ff:1f:cd:7c:80:8c:e3:c7:bf:dc: e3:a2:04:4b:d1:50:a2:28:48:de:ca:91:83:00:92:ca:09:4b: ae:de:fd:36:8a:de:ca:2d:3d:66:83:44:ff:9a:27:9f:b4:2d: 2d:fd:bc:c3 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICHtowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTA5MTMw MzA1MzNaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDc2QzBBNjg0RDNDNURG ODhEMkYxM0YwMzQzNTA0NjBGQkMwNTA5RDYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDJsq7k/PPAvOCN4WCCJMZ9uWZ4aee5rXlSxhZCGy+v66DX5nfD KyD0qRhQh5H08Q+ihO2xanR/mlH2cWH2zQorlBpPbFEZV6UEtbJfHgcOuGmIOTDX nlMBdOIOgir16qAkZdMcuKEPs+BYBlYMcP+mR28p6axTrC0zFm+BopZyIOBr9qHG 5wYJDHdZjutR1iAvqvpqVwEmV6j3dgWc3AxPDcy6QJKjWhiLZrMsIm/R8qwXbnNt VpzV9Xsu16F4XslwTpcz+FqZ/gDQtEYSy3rs1Y0VRJ0fPvFGPBvUdLx4xcSKIZuv YNp32QGSzqSuB355uqVuyAwvZAyK11ZxqkJtAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUdsCmhNPF34jS8T8DQ1BGD7wFCdYwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L2RzQ21oTlBGMzRqUzhU OERRMUJHRDd3RkNkWS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BABn3RYwDQYJKoZIhvcNAQELBQADggEBAAsWxPwqqbKAlYu2BVtkSeq6ARIo4ZC+ cbbjJHw05wN8iS/b+CV/CiOPGW+PGQsHRyx6l/T1+7pBf+fkMG/VA1lcCpCEOtSI GNaX3UBLcukO+3ykmTZuTTK3OL0GZFb1PKRKH3TYPASz2qh/S+j7KQPf/k3LdGR2 AyO+KBZHNkgHfSQaipLRSi4U89qDqH4Z78Hv3rrs9H+dG7tigY/LXIhDFIORZr+i zlrAMt7Ze9HF7mF12fRFw03xyh+mK9MBKeqCO10knsMH62xp692p/x/NfICM48e/ 3OOiBEvRUKIoSN7KkYMAksoJS67e/TaK3sotPWaDRP+aJ5+0LS39vMM= -----END CERTIFICATE-----Generated at Mon Oct 20 13:30:50 2025 by rpki-client