$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/fZhWXdptbS0qqb7bkbhf44SfyEM.roa File: fZhWXdptbS0qqb7bkbhf44SfyEM.roa (raw, json) Hash identifier: wrrX9xnXAI7nSbOKhSRkls7PMxUjd0N3XFrJR/8bvLY= Subject key identifier: 7D:98:56:5D:DA:6D:6D:2D:2A:A9:BE:DB:91:B8:5F:E3:84:9F:C8:43 Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 1EA8 Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/fZhWXdptbS0qqb7bkbhf44SfyEM.roa Signing time: Sat 13 Sep 2025 03:05:20 +0000 ROA not before: Sat 13 Sep 2025 03:05:20 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 59083 IP address blocks: 202.136.249.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 13:37:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7848 (0x1ea8) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Sep 13 03:05:20 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=7D98565DDA6D6D2D2AA9BEDB91B85FE3849FC843 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:eb:37:26:d3:59:5a:06:4c:34:2e:87:8c:6b:71: 95:f6:56:72:e9:f8:8e:29:ef:86:a6:0c:ae:7d:4d: ad:36:e3:d5:9a:ed:4c:05:74:6c:2f:c8:0c:3c:45: 8e:a1:33:61:af:e9:5b:96:91:81:6b:1c:ea:99:19: 9b:d8:9f:a6:2e:9f:a2:70:64:d3:09:03:5c:4d:d5: ae:2d:43:bf:d3:a4:1b:fb:a3:e7:55:7f:22:2e:0a: f1:e8:bd:8c:92:1a:bd:05:a2:4d:59:5b:6a:ce:79: 7a:46:69:ce:a0:46:15:c3:aa:bd:9c:1e:70:c5:2d: 2b:b9:b7:08:5d:5d:17:16:30:e3:68:1c:15:4c:d6: 95:50:ac:1d:75:df:d1:66:29:ca:ae:36:a6:85:bf: 98:04:e0:e9:b6:9a:1f:91:2c:d4:ab:bb:79:a2:47: 7e:4b:24:df:a4:af:e5:71:6d:91:d0:2d:b5:33:33: bc:34:24:1e:28:a2:83:14:5a:aa:21:d1:68:87:fb: 82:a1:24:f3:b9:9e:3c:3c:45:2d:cb:86:71:13:40: 1f:e8:9b:35:ba:0b:c1:4a:0d:77:0f:2e:03:5b:f1: bd:64:3d:34:9b:ab:6a:a4:ba:f0:d9:7d:27:2a:11: 57:42:f0:24:bb:15:b5:61:d1:d3:07:08:10:76:28: da:6b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7D:98:56:5D:DA:6D:6D:2D:2A:A9:BE:DB:91:B8:5F:E3:84:9F:C8:43 X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/fZhWXdptbS0qqb7bkbhf44SfyEM.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 202.136.249.0/24 Signature Algorithm: sha256WithRSAEncryption 32:d0:c3:b5:75:b6:b0:7b:ed:38:16:d8:4b:ca:b2:dc:e2:1d: ef:3e:0b:4b:f4:37:c3:c6:d3:b0:9b:7c:ce:18:bd:ef:3c:11: c7:65:4b:71:5a:bc:24:0c:c6:ab:8f:c5:ee:31:9d:09:10:31: 53:3f:d1:23:57:9c:b2:99:e1:26:42:65:f3:38:85:fc:58:79: 99:3c:b0:9a:8a:0d:72:8b:63:7b:68:f3:8d:35:e9:25:64:50: 4e:26:72:f2:19:99:b7:90:2f:2c:8d:fd:df:c9:fb:1c:41:17: 90:87:f8:4d:f9:49:7d:0a:b0:50:92:ea:74:f5:e5:8e:dc:6a: a2:e1:7a:be:75:c1:10:01:90:df:45:29:4b:98:55:2a:71:2e: 8b:a5:c3:10:55:33:b0:06:fb:69:dd:41:6a:2d:36:a5:0e:39: af:f9:3f:41:5a:a8:6c:ee:92:75:97:f7:d1:5e:80:74:f7:b9: a5:72:a4:75:ee:ea:95:59:f1:0c:36:5b:0f:3c:e2:52:1f:e8: 32:c9:fa:26:0c:ba:40:24:32:01:ff:0b:5a:69:ba:a8:b7:d9: 99:b7:25:07:9c:3e:f1:fb:ae:c0:b7:c3:a9:73:0a:23:f1:0c: 84:e2:d9:48:58:ca:d5:ec:c3:8d:a8:77:94:cb:f4:9d:cb:e7: eb:52:e6:c2 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICHqgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTA5MTMw MzA1MjBaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDdEOTg1NjVEREE2RDZE MkQyQUE5QkVEQjkxQjg1RkUzODQ5RkM4NDMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDrNybTWVoGTDQuh4xrcZX2VnLp+I4p74amDK59Ta0249Wa7UwF dGwvyAw8RY6hM2Gv6VuWkYFrHOqZGZvYn6Yun6JwZNMJA1xN1a4tQ7/TpBv7o+dV fyIuCvHovYySGr0Fok1ZW2rOeXpGac6gRhXDqr2cHnDFLSu5twhdXRcWMONoHBVM 1pVQrB1139FmKcquNqaFv5gE4Om2mh+RLNSru3miR35LJN+kr+VxbZHQLbUzM7w0 JB4oooMUWqoh0WiH+4KhJPO5njw8RS3LhnETQB/omzW6C8FKDXcPLgNb8b1kPTSb q2qkuvDZfScqEVdC8CS7FbVh0dMHCBB2KNprAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUfZhWXdptbS0qqb7bkbhf44SfyEMwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L2ZaaFdYZHB0YlMwcXFi N2JrYmhmNDRTZnlFTS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BADKiPkwDQYJKoZIhvcNAQELBQADggEBADLQw7V1trB77TgW2EvKstziHe8+C0v0 N8PG07CbfM4Yve88EcdlS3FavCQMxquPxe4xnQkQMVM/0SNXnLKZ4SZCZfM4hfxY eZk8sJqKDXKLY3to84016SVkUE4mcvIZmbeQLyyN/d/J+xxBF5CH+E35SX0KsFCS 6nT15Y7caqLher51wRABkN9FKUuYVSpxLoulwxBVM7AG+2ndQWotNqUOOa/5P0Fa qGzuknWX99FegHT3uaVypHXu6pVZ8Qw2Ww884lIf6DLJ+iYMukAkMgH/C1ppuqi3 2Zm3JQecPvH7rsC3w6lzCiPxDITi2UhYytXsw42od5TL9J3L5+tS5sI= -----END CERTIFICATE-----Generated at Mon Oct 20 13:13:40 2025 by rpki-client