$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/eQQNi2-nH-40ymZNMsLaiOqSZbQ.roa File: eQQNi2-nH-40ymZNMsLaiOqSZbQ.roa (raw, json) Hash identifier: 0K5sLxoe8SEItf+XaZkKI5TRBkJrsbaTcDWHfCaJR8g= Subject key identifier: 79:04:0D:8B:6F:A7:1F:EE:34:CA:66:4D:32:C2:DA:88:EA:92:65:B4 Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 1E79 Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/eQQNi2-nH-40ymZNMsLaiOqSZbQ.roa Signing time: Sat 13 Sep 2025 03:05:11 +0000 ROA not before: Sat 13 Sep 2025 03:05:11 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 13444 IP address blocks: 103.221.25.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 13:37:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7801 (0x1e79) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Sep 13 03:05:11 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=79040D8B6FA71FEE34CA664D32C2DA88EA9265B4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:1e:ec:19:49:8d:7b:ff:4b:1a:c2:d5:46:1c: 70:de:4d:a1:63:3e:9e:e4:1c:dc:57:3a:a2:32:f2: ae:12:22:b4:ba:b4:ee:76:89:78:dc:e3:a9:9b:6b: c2:dd:b5:e9:c8:19:69:88:0e:a4:68:bb:cc:95:eb: ac:02:42:db:8c:0d:c6:dc:4d:31:e0:cb:90:1e:cc: d5:e2:c8:c1:7f:c1:4a:ee:0c:94:b9:ef:ad:52:42: 4b:8e:d3:91:e9:ef:bd:8a:5d:39:fc:92:a4:40:7e: a9:ad:88:64:a7:2c:29:e8:cb:57:38:38:c2:76:67: 62:01:98:35:7c:12:f9:7b:fc:04:22:ee:8b:59:5f: f3:74:27:65:98:f1:d8:bd:71:9e:6b:32:72:7c:ac: bc:cd:8f:7d:8f:74:28:1f:ff:9f:58:49:67:0d:70: 93:67:bb:12:19:e9:ab:ab:b6:ca:d6:fd:92:3c:aa: 86:50:75:44:11:3e:1a:14:1b:70:54:6a:ee:f8:fe: db:64:ba:94:1f:77:a0:cc:39:1d:46:d7:05:10:71: 4c:33:c2:62:37:32:79:c3:84:e5:81:c9:d3:79:11: 6e:8f:31:64:96:fe:b6:90:c7:15:c5:c3:19:32:c5: 90:52:c2:92:15:eb:7c:0d:dd:32:4b:47:9e:28:4d: 27:8b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 79:04:0D:8B:6F:A7:1F:EE:34:CA:66:4D:32:C2:DA:88:EA:92:65:B4 X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/eQQNi2-nH-40ymZNMsLaiOqSZbQ.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.221.25.0/24 Signature Algorithm: sha256WithRSAEncryption 4b:63:bf:d2:81:7a:f9:9d:5e:b9:68:29:73:11:25:48:e9:75: f6:02:db:7a:05:fe:4c:96:58:7a:65:1c:1b:20:4f:a4:2a:29: 3e:c4:eb:b1:48:50:3c:3f:19:1d:4d:eb:24:c2:51:54:78:65: 49:c6:dc:4a:00:ba:f9:35:85:5b:a0:65:81:19:e5:26:2b:06: 1f:ae:35:19:dd:e4:02:3f:51:01:fe:54:f2:fd:88:fc:7e:8f: d7:43:a8:34:19:90:0d:e4:d2:79:bc:98:56:1b:fe:dd:af:f0: b4:b0:d6:6a:3b:e3:fe:af:a6:26:8f:80:d5:b0:85:be:59:63: 20:7a:85:73:2b:2a:a7:19:df:e0:87:00:86:f7:4c:fc:64:63: ce:b4:7f:0d:49:dc:bf:e4:e3:8d:1f:0a:09:d9:df:2f:0c:e9: 20:d9:79:b5:b4:c1:cc:8f:a7:e3:1b:ad:26:3a:0e:7d:fd:2b: 8a:d9:10:d2:b2:b4:25:80:1b:90:02:24:a1:f4:99:06:cb:08: 1e:f9:49:ac:61:25:21:84:81:7f:b1:3c:76:e4:de:13:a3:f2: 2a:49:61:aa:2f:36:0b:80:ad:fb:6e:76:32:dc:ff:86:22:39: 22:e4:6b:97:2b:f7:f0:5d:4e:02:79:f2:17:d1:e1:9b:09:c3: c8:d8:0f:ac -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICHnkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTA5MTMw MzA1MTFaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDc5MDQwRDhCNkZBNzFG RUUzNENBNjY0RDMyQzJEQTg4RUE5MjY1QjQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDNHuwZSY17/0sawtVGHHDeTaFjPp7kHNxXOqIy8q4SIrS6tO52 iXjc46mba8LdtenIGWmIDqRou8yV66wCQtuMDcbcTTHgy5AezNXiyMF/wUruDJS5 761SQkuO05Hp772KXTn8kqRAfqmtiGSnLCnoy1c4OMJ2Z2IBmDV8Evl7/AQi7otZ X/N0J2WY8di9cZ5rMnJ8rLzNj32PdCgf/59YSWcNcJNnuxIZ6aurtsrW/ZI8qoZQ dUQRPhoUG3BUau74/ttkupQfd6DMOR1G1wUQcUwzwmI3MnnDhOWBydN5EW6PMWSW /raQxxXFwxkyxZBSwpIV63wN3TJLR54oTSeLAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUeQQNi2+nH+40ymZNMsLaiOqSZbQwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L2VRUU5pMi1uSC00MHlt Wk5Nc0xhaU9xU1piUS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BABn3RkwDQYJKoZIhvcNAQELBQADggEBAEtjv9KBevmdXrloKXMRJUjpdfYC23oF /kyWWHplHBsgT6QqKT7E67FIUDw/GR1N6yTCUVR4ZUnG3EoAuvk1hVugZYEZ5SYr Bh+uNRnd5AI/UQH+VPL9iPx+j9dDqDQZkA3k0nm8mFYb/t2v8LSw1mo74/6vpiaP gNWwhb5ZYyB6hXMrKqcZ3+CHAIb3TPxkY860fw1J3L/k440fCgnZ3y8M6SDZebW0 wcyPp+MbrSY6Dn39K4rZENKytCWAG5ACJKH0mQbLCB75SaxhJSGEgX+xPHbk3hOj 8ipJYaovNguArftudjLc/4YiOSLka5cr9/BdTgJ58hfR4ZsJw8jYD6w= -----END CERTIFICATE-----Generated at Mon Oct 20 13:30:57 2025 by rpki-client