$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/hs1KTeQKJeG7q5B-Hs7kee_LhLQ.roa File: hs1KTeQKJeG7q5B-Hs7kee_LhLQ.roa (raw, json) Hash identifier: jSozFj4/Nj/zmr1Rqt8YD3flEuh9cNC3U1y0YD9U75Q= Subject key identifier: 86:CD:4A:4D:E4:0A:25:E1:BB:AB:90:7E:1E:CE:E4:79:EF:CB:84:B4 Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 1EED Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/hs1KTeQKJeG7q5B-Hs7kee_LhLQ.roa Signing time: Sat 13 Sep 2025 03:05:37 +0000 ROA not before: Sat 13 Sep 2025 03:05:37 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 139259 IP address blocks: 103.221.13.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 21 Oct 2025 00:35:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7917 (0x1eed) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Sep 13 03:05:37 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=86CD4A4DE40A25E1BBAB907E1ECEE479EFCB84B4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:88:1a:ed:0d:f4:86:c5:ed:65:54:7b:84:40: 7e:e9:a8:a9:59:a3:b8:84:52:aa:87:9c:40:56:46: 63:1d:01:7d:0b:8b:d2:2e:5e:cc:c2:97:1c:df:2d: 86:80:e8:15:a0:ba:55:88:b0:df:ec:19:30:14:f2: 06:5e:ff:9c:ae:34:44:70:cd:af:d6:1a:d2:3a:db: ea:a6:83:4d:06:4a:8c:25:26:33:d8:87:cf:98:63: d5:ef:ad:c2:a9:43:7d:aa:2f:09:18:9a:07:33:30: 09:17:97:d0:11:0b:dc:0a:a9:db:bb:8e:3b:e6:29: 95:ca:f4:54:7f:d2:92:08:22:c6:fd:6a:dd:80:30: 4f:20:3f:d4:62:18:af:e2:94:a6:c8:8e:59:98:99: ab:5a:b3:e0:5a:6f:14:a1:60:0f:8f:ca:6b:d9:97: c9:52:a6:b2:15:b9:2c:e2:35:4b:57:7d:92:f4:4c: 41:d8:04:ce:ea:54:27:00:f4:65:0c:b5:96:5a:98: cf:13:a6:2f:31:e8:68:b9:64:76:23:a4:ec:86:9b: 40:01:3e:c3:8f:5f:df:88:08:64:f2:4a:a2:34:4f: d5:32:01:6b:95:48:b8:6b:3b:87:8c:82:fd:e0:bb: f1:6f:10:e5:91:89:e1:11:16:91:39:d7:d3:dc:63: 68:05 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 86:CD:4A:4D:E4:0A:25:E1:BB:AB:90:7E:1E:CE:E4:79:EF:CB:84:B4 X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/hs1KTeQKJeG7q5B-Hs7kee_LhLQ.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.221.13.0/24 Signature Algorithm: sha256WithRSAEncryption 18:8d:5b:f9:b7:d7:5c:21:b2:9d:5d:f9:79:6f:a0:31:72:16: db:19:6a:81:ec:22:93:51:f2:9f:44:18:e5:77:8a:12:c5:c1: 00:04:be:f0:9a:09:5e:2d:38:e5:8b:f9:23:48:d1:8a:69:7c: f3:27:55:91:72:4e:bd:8e:a0:01:7b:15:72:ce:87:b4:74:8e: c5:ae:9a:57:2a:09:0e:d6:a5:64:5a:7e:be:1a:7d:2e:fc:08: bf:5f:2d:88:45:41:1f:55:ca:c8:14:c1:0e:9f:17:9e:0e:aa: 0f:9a:99:d9:d2:b6:61:18:be:c6:8f:90:91:55:ae:63:9d:ce: 86:76:24:de:df:7c:cf:81:35:89:b9:d8:5b:9a:bd:6a:ad:ee: 01:90:2a:9f:a7:d2:bf:da:a0:01:6b:8c:ba:bc:3e:67:b1:27: 8e:19:73:01:2d:5a:d8:5e:0c:86:7f:90:b4:20:cb:d8:3a:2f: 52:10:c9:96:3a:d9:df:56:27:01:e4:cf:9f:90:85:66:88:d0: 8d:d9:ca:a1:bb:84:f5:3f:2b:db:4e:5f:c7:a0:56:74:02:98: 80:fa:78:16:05:9f:86:4c:6f:63:1e:22:53:2b:0f:f4:ed:27: 32:7a:2b:b4:0f:d1:8d:d9:5b:26:37:ef:a1:a5:77:0a:0b:22: 06:28:2a:9b -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICHu0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTA5MTMw MzA1MzdaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDg2Q0Q0QTRERTQwQTI1 RTFCQkFCOTA3RTFFQ0VFNDc5RUZDQjg0QjQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC7iBrtDfSGxe1lVHuEQH7pqKlZo7iEUqqHnEBWRmMdAX0Li9Iu XszClxzfLYaA6BWgulWIsN/sGTAU8gZe/5yuNERwza/WGtI62+qmg00GSowlJjPY h8+YY9XvrcKpQ32qLwkYmgczMAkXl9ARC9wKqdu7jjvmKZXK9FR/0pIIIsb9at2A ME8gP9RiGK/ilKbIjlmYmatas+BabxShYA+PymvZl8lSprIVuSziNUtXfZL0TEHY BM7qVCcA9GUMtZZamM8Tpi8x6Gi5ZHYjpOyGm0ABPsOPX9+ICGTySqI0T9UyAWuV SLhrO4eMgv3gu/FvEOWRieERFpE519PcY2gFAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUhs1KTeQKJeG7q5B+Hs7kee/LhLQwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L2hzMUtUZVFLSmVHN3E1 Qi1IczdrZWVfTGhMUS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BABn3Q0wDQYJKoZIhvcNAQELBQADggEBABiNW/m311whsp1d+XlvoDFyFtsZaoHs IpNR8p9EGOV3ihLFwQAEvvCaCV4tOOWL+SNI0YppfPMnVZFyTr2OoAF7FXLOh7R0 jsWumlcqCQ7WpWRafr4afS78CL9fLYhFQR9VysgUwQ6fF54Oqg+amdnStmEYvsaP kJFVrmOdzoZ2JN7ffM+BNYm52FuavWqt7gGQKp+n0r/aoAFrjLq8PmexJ44ZcwEt WtheDIZ/kLQgy9g6L1IQyZY62d9WJwHkz5+QhWaI0I3ZyqG7hPU/K9tOX8egVnQC mID6eBYFn4ZMb2MeIlMrD/TtJzJ6K7QP0Y3ZWyY376GldwoLIgYoKps= -----END CERTIFICATE-----Generated at Mon Oct 20 23:27:27 2025 by rpki-client