$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/hCIsZAvgpFDOLdPS-vyqhdQs_E4.roa File: hCIsZAvgpFDOLdPS-vyqhdQs_E4.roa (raw, json) Hash identifier: zdHdX5qpxTn4uzX8KhrSkTTWUfvpzBgcP+wbImcyQ7k= Subject key identifier: 84:22:2C:64:0B:E0:A4:50:CE:2D:D3:D2:FA:FC:AA:85:D4:2C:FC:4E Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 1E2C Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/hCIsZAvgpFDOLdPS-vyqhdQs_E4.roa Signing time: Sat 13 Sep 2025 03:04:54 +0000 ROA not before: Sat 13 Sep 2025 03:04:54 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 59083 IP address blocks: 43.254.155.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 18:07:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7724 (0x1e2c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Sep 13 03:04:54 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=84222C640BE0A450CE2DD3D2FAFCAA85D42CFC4E Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d7:a4:3f:1c:78:56:a5:03:35:9e:ce:7d:4c:58: f5:ff:f4:71:8e:41:0e:15:70:70:92:45:c2:23:14: be:bf:67:b0:60:58:44:75:5c:a8:6a:69:9d:26:71: 2e:66:6a:14:5c:1e:bd:fe:f7:e3:51:27:fc:c4:1b: 5a:83:46:24:b4:44:47:82:2a:05:8d:4e:a9:ad:d7: 8d:1f:a7:cf:3c:41:a8:d6:7f:23:95:11:6a:96:f3: cc:c9:db:fe:9f:21:47:a0:55:53:fe:d3:b6:98:c9: 26:ec:cc:24:09:4b:d3:50:0e:b6:4d:79:37:81:03: 89:33:84:72:c7:96:b4:69:c5:ed:58:01:87:89:b4: ca:ce:f0:d0:7f:c1:57:5e:3b:ba:ed:92:84:d5:20: 0b:82:d9:2a:58:99:f1:c8:7e:ff:af:6a:19:4b:a4: f8:6e:9a:f4:2e:32:e4:dc:71:54:47:79:a3:bc:d5: b6:10:43:46:d3:93:1b:a6:41:2a:30:04:37:40:97: a4:e4:c6:87:4c:f9:cd:15:fc:f1:0b:d7:eb:b6:c4: b2:c7:fa:58:b4:ad:43:c8:87:4b:87:83:7e:c7:2d: 6d:ee:d7:ed:de:b7:2c:da:f1:7c:66:90:4d:95:78: 71:65:ac:45:97:11:dd:fc:06:58:5d:c3:5e:62:c0: d5:0f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 84:22:2C:64:0B:E0:A4:50:CE:2D:D3:D2:FA:FC:AA:85:D4:2C:FC:4E X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/hCIsZAvgpFDOLdPS-vyqhdQs_E4.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 43.254.155.0/24 Signature Algorithm: sha256WithRSAEncryption 84:a1:64:87:42:b5:05:d9:30:44:d9:fb:4c:86:15:11:2e:98: b8:94:74:78:3d:64:a1:47:79:e7:09:a7:18:ec:1c:cc:93:d9: d7:a5:82:1d:32:fd:d3:1f:df:ba:e1:ea:86:7c:3e:7b:e6:28: f0:62:82:12:25:2c:ad:9d:d5:5f:82:57:27:0a:d8:38:28:f0: 8b:0d:47:47:0a:b5:d7:a9:79:e8:34:a4:db:73:ac:55:08:7d: 0f:8e:c7:7e:53:21:16:f0:f2:bd:51:5a:ed:11:2b:5f:01:87: 23:2e:d1:d3:ee:cd:ed:8f:84:82:df:f0:7d:ce:01:23:1d:03: 63:ed:6c:18:77:b6:2a:04:76:f1:7d:6b:c6:ed:ec:b0:d2:16: e2:2c:f0:0f:8c:be:ee:0e:36:ba:bb:4f:37:18:f5:ee:f3:95: c1:59:9f:f4:3e:88:45:b3:2d:21:57:8c:ce:35:83:87:bb:43: 40:09:a7:76:34:ea:fe:ef:32:8c:13:5e:b7:6b:76:81:f9:ab: 49:bd:d5:84:34:90:92:0a:0c:af:f9:7c:2b:8c:46:72:1a:40: 1a:89:d0:26:f5:9d:27:f3:cd:8a:42:3d:83:d0:73:b7:17:91: e0:16:d1:56:26:2a:cc:95:7c:4f:98:fb:64:55:13:21:61:4e: 48:80:ce:12 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICHiwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTA5MTMw MzA0NTRaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDg0MjIyQzY0MEJFMEE0 NTBDRTJERDNEMkZBRkNBQTg1RDQyQ0ZDNEUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDXpD8ceFalAzWezn1MWPX/9HGOQQ4VcHCSRcIjFL6/Z7BgWER1 XKhqaZ0mcS5mahRcHr3+9+NRJ/zEG1qDRiS0REeCKgWNTqmt140fp888QajWfyOV EWqW88zJ2/6fIUegVVP+07aYySbszCQJS9NQDrZNeTeBA4kzhHLHlrRpxe1YAYeJ tMrO8NB/wVdeO7rtkoTVIAuC2SpYmfHIfv+vahlLpPhumvQuMuTccVRHeaO81bYQ Q0bTkxumQSowBDdAl6TkxodM+c0V/PEL1+u2xLLH+li0rUPIh0uHg37HLW3u1+3e tyza8XxmkE2VeHFlrEWXEd38Blhdw15iwNUPAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUhCIsZAvgpFDOLdPS+vyqhdQs/E4wHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L2hDSXNaQXZncEZET0xk UFMtdnlxaGRRc19FNC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAAr/pswDQYJKoZIhvcNAQELBQADggEBAIShZIdCtQXZMETZ+0yGFREumLiUdHg9 ZKFHeecJpxjsHMyT2delgh0y/dMf37rh6oZ8PnvmKPBighIlLK2d1V+CVycK2Dgo 8IsNR0cKtdepeeg0pNtzrFUIfQ+Ox35TIRbw8r1RWu0RK18BhyMu0dPuze2PhILf 8H3OASMdA2PtbBh3tioEdvF9a8bt7LDSFuIs8A+Mvu4ONrq7TzcY9e7zlcFZn/Q+ iEWzLSFXjM41g4e7Q0AJp3Y06v7vMowTXrdrdoH5q0m91YQ0kJIKDK/5fCuMRnIa QBqJ0Cb1nSfzzYpCPYPQc7cXkeAW0VYmKsyVfE+Y+2RVEyFhTkiAzhI= -----END CERTIFICATE-----Generated at Mon Oct 20 17:59:20 2025 by rpki-client