$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/ftxnZGl4xVBpzWBKE1RhxF5qSes.roa File: ftxnZGl4xVBpzWBKE1RhxF5qSes.roa (raw, json) Hash identifier: 5uJOveSzRRtzIze2whDjhSbz0LUWoR/REKzqQvCIiJI= Subject key identifier: 7E:DC:67:64:69:78:C5:50:69:CD:60:4A:13:54:61:C4:5E:6A:49:EB Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 1E47 Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/ftxnZGl4xVBpzWBKE1RhxF5qSes.roa Signing time: Sat 13 Sep 2025 03:04:59 +0000 ROA not before: Sat 13 Sep 2025 03:04:59 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 4812 IP address blocks: 43.254.152.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 18:07:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7751 (0x1e47) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Sep 13 03:04:59 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=7EDC67646978C55069CD604A135461C45E6A49EB Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:75:f5:fd:72:ec:bd:77:04:06:47:37:3c:42: d8:92:b3:45:98:ea:19:f0:fa:e8:9d:16:ad:60:1f: 36:b1:85:c8:f8:db:f2:af:d6:88:99:8b:48:e7:55: d0:41:3f:17:2c:fd:d7:ab:d3:ab:c0:e2:6b:d8:d3: 77:1b:f1:cc:25:87:57:6e:90:cb:6a:37:59:89:e9: 49:fa:91:09:cc:3e:de:f9:3f:74:5e:ba:21:b0:d5: 0b:f7:5e:57:15:07:a0:dc:b6:cf:d4:80:46:ff:7a: 6f:c4:9b:88:ca:bf:17:6f:48:77:41:27:5b:c1:9c: c5:03:4b:b9:f6:1b:9f:56:6d:53:d3:57:95:6e:0b: 81:b3:78:f2:1e:a2:42:b6:fc:90:09:be:a1:ac:77: e5:78:d3:05:c2:d5:7e:33:d9:22:0f:54:5d:2a:6b: 78:52:11:ab:06:12:d1:1d:ee:57:84:6e:31:69:d4: 0c:74:41:67:d3:e5:7d:ac:5b:50:31:e4:fd:20:7d: 99:9b:bc:90:9c:00:62:47:b0:d0:73:0e:48:55:4d: 78:1f:17:9b:a0:e1:44:f9:ef:41:23:e9:ae:c3:bb: f5:76:e5:df:82:34:e5:ad:f5:47:10:cc:47:dd:cf: e4:01:d0:da:3e:2a:85:4b:de:4f:80:de:7b:ec:f7: f4:45 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7E:DC:67:64:69:78:C5:50:69:CD:60:4A:13:54:61:C4:5E:6A:49:EB X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/ftxnZGl4xVBpzWBKE1RhxF5qSes.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 43.254.152.0/24 Signature Algorithm: sha256WithRSAEncryption 0d:d8:d7:e8:4c:92:94:13:fd:9c:5d:40:b8:c7:9d:a4:bd:55: 96:67:7c:24:0c:46:0f:bb:71:78:60:b5:f5:af:cf:29:a2:2c: c8:fb:a7:65:87:31:ac:78:62:df:5e:39:58:70:9f:82:5c:4d: 0c:67:e1:18:b1:8e:b4:8a:b6:c5:ae:1d:b3:a2:55:4f:e7:5d: 15:28:a6:1e:8d:31:b6:22:af:e8:8f:6c:92:76:b6:b1:32:90: 05:c8:42:6f:71:a5:9a:10:a2:ee:6f:99:84:84:e1:36:52:2a: 96:2b:22:24:80:cd:ec:16:6d:7a:4f:47:2c:4a:a2:d1:5d:47: 86:f0:0f:cf:eb:87:44:34:d2:88:70:17:ba:a6:be:df:81:ba: 59:61:9e:8b:ca:1b:b0:a2:39:94:4e:1f:b3:9a:f7:e6:16:95: 1a:a4:b3:24:36:e1:9a:71:df:a4:4a:85:23:dd:5b:83:06:f6: 1f:b9:44:56:a6:38:d7:13:64:af:fb:ac:53:7b:3c:84:7e:4d: 42:27:29:59:7d:b4:f7:78:08:55:ef:dc:ea:f9:77:e9:c2:c6: 0f:36:c1:cd:2a:fa:da:19:f3:e8:ea:d7:13:f4:b2:82:5b:3f: db:fa:9b:39:5c:ad:83:e1:5e:e3:39:1c:58:6f:7c:53:35:93: b7:31:15:3f -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICHkcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTA5MTMw MzA0NTlaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDdFREM2NzY0Njk3OEM1 NTA2OUNENjA0QTEzNTQ2MUM0NUU2QTQ5RUIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC7dfX9cuy9dwQGRzc8QtiSs0WY6hnw+uidFq1gHzaxhcj42/Kv 1oiZi0jnVdBBPxcs/der06vA4mvY03cb8cwlh1dukMtqN1mJ6Un6kQnMPt75P3Re uiGw1Qv3XlcVB6Dcts/UgEb/em/Em4jKvxdvSHdBJ1vBnMUDS7n2G59WbVPTV5Vu C4GzePIeokK2/JAJvqGsd+V40wXC1X4z2SIPVF0qa3hSEasGEtEd7leEbjFp1Ax0 QWfT5X2sW1Ax5P0gfZmbvJCcAGJHsNBzDkhVTXgfF5ug4UT570Ej6a7Du/V25d+C NOWt9UcQzEfdz+QB0No+KoVL3k+A3nvs9/RFAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUftxnZGl4xVBpzWBKE1RhxF5qSeswHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L2Z0eG5aR2w0eFZCcHpX QktFMVJoeEY1cVNlcy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAAr/pgwDQYJKoZIhvcNAQELBQADggEBAA3Y1+hMkpQT/ZxdQLjHnaS9VZZnfCQM Rg+7cXhgtfWvzymiLMj7p2WHMax4Yt9eOVhwn4JcTQxn4RixjrSKtsWuHbOiVU/n XRUoph6NMbYir+iPbJJ2trEykAXIQm9xpZoQou5vmYSE4TZSKpYrIiSAzewWbXpP RyxKotFdR4bwD8/rh0Q00ohwF7qmvt+BullhnovKG7CiOZROH7Oa9+YWlRqksyQ2 4Zpx36RKhSPdW4MG9h+5RFamONcTZK/7rFN7PIR+TUInKVl9tPd4CFXv3Or5d+nC xg82wc0q+toZ8+jq1xP0soJbP9v6mzlcrYPhXuM5HFhvfFM1k7cxFT8= -----END CERTIFICATE-----Generated at Mon Oct 20 17:52:11 2025 by rpki-client