$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/i5HY3k4uVDkWn1Z81ZzTyF9Mzq4.roa File: i5HY3k4uVDkWn1Z81ZzTyF9Mzq4.roa (raw, json) Hash identifier: M9YgCC5ftTqeXAi2YXbA4ur8h0tIQE9nrubMh/eQORs= Subject key identifier: 8B:91:D8:DE:4E:2E:54:39:16:9F:56:7C:D5:9C:D3:C8:5F:4C:CE:AE Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 1E22 Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/i5HY3k4uVDkWn1Z81ZzTyF9Mzq4.roa Signing time: Sat 13 Sep 2025 03:04:52 +0000 ROA not before: Sat 13 Sep 2025 03:04:52 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 139259 IP address blocks: 45.252.24.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 21 Oct 2025 00:35:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7714 (0x1e22) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Sep 13 03:04:52 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=8B91D8DE4E2E5439169F567CD59CD3C85F4CCEAE Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:df:01:e7:a1:cb:93:f0:9e:0f:89:61:33:fc:07: cc:7a:1e:11:3f:f3:a1:2d:5b:58:02:f2:1e:9e:a6: ac:a2:57:00:fe:bc:fc:77:64:67:8f:53:a2:83:20: 5c:79:35:1c:d6:6e:01:fc:bf:a5:0a:f9:8e:d0:b5: 22:8c:dc:5b:34:a3:32:0c:aa:6a:9a:08:01:fc:78: bc:54:5c:20:ac:05:99:0f:10:d0:c0:da:6a:ed:d6: c5:9d:5b:1e:50:72:13:fe:2a:6d:0a:74:88:c6:84: 93:fb:f9:de:af:81:3c:3f:f2:b7:0d:9d:43:ea:29: 44:84:93:e5:ee:b9:e1:77:c9:ad:9d:c2:08:fd:0d: 54:ae:5a:cf:e4:26:07:63:6c:03:26:87:71:e9:03: 28:0a:68:32:0a:bc:ea:b5:ba:27:a9:55:12:96:5c: ce:f0:e9:1b:7b:76:23:0e:f4:3e:2b:bf:65:91:57: 66:c3:ec:4b:d9:c7:d3:b9:0b:4c:4c:d8:c1:28:99: dd:24:ef:97:e3:bc:70:04:d4:47:04:74:54:c3:18: f9:c8:00:8c:8c:bf:c1:72:ba:a1:05:99:1e:bb:da: b3:bf:1c:0a:4a:9c:79:4e:e4:a9:16:58:e3:45:3b: 5b:ca:2f:7c:86:b5:05:a7:66:7a:ef:92:d4:2d:70: a7:5d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8B:91:D8:DE:4E:2E:54:39:16:9F:56:7C:D5:9C:D3:C8:5F:4C:CE:AE X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/i5HY3k4uVDkWn1Z81ZzTyF9Mzq4.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 45.252.24.0/22 Signature Algorithm: sha256WithRSAEncryption 43:39:3e:14:be:84:b0:e7:d8:3a:fb:97:0c:1b:80:f6:c8:d1: e7:fa:41:66:56:80:a9:7b:d2:b6:32:fc:41:87:30:8a:3e:67: 10:3a:d6:81:15:a0:c2:c3:11:1b:23:ef:53:2e:86:47:37:a8: 0e:13:db:f3:c6:94:3d:12:1a:e4:a2:60:a4:09:aa:02:e7:49: da:34:79:c8:a7:6f:e4:a0:b4:37:51:18:b3:7a:87:3f:92:15: 7d:54:e0:ab:0c:71:1e:21:93:bf:e1:6a:78:7b:7b:56:6c:b8: 00:62:78:c8:14:cc:ac:11:13:47:ff:bf:b3:a1:b9:9a:ca:01: 7b:11:89:5c:62:51:35:bf:bb:6e:f9:ca:d5:fb:68:09:fc:eb: 99:d4:db:b0:1b:56:6c:c0:f9:52:41:8b:3c:83:69:91:7a:c9: c1:7b:3c:71:75:6b:5c:10:8c:01:a4:04:82:75:80:26:ef:1d: 30:37:fe:9a:72:f4:fc:b6:78:c8:b2:00:fd:f1:0a:65:58:27: 29:18:f5:98:11:16:a2:ca:4d:97:f0:cf:24:a7:10:1d:87:7a: 1e:db:e1:a0:21:e3:27:e8:a8:be:be:04:5f:96:f9:89:85:03: 67:a7:b2:75:37:dc:53:e2:a2:b2:16:86:d6:75:d3:16:0e:ba: cd:1f:36:a1 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICHiIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTA5MTMw MzA0NTJaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDhCOTFEOERFNEUyRTU0 MzkxNjlGNTY3Q0Q1OUNEM0M4NUY0Q0NFQUUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDfAeehy5Pwng+JYTP8B8x6HhE/86EtW1gC8h6epqyiVwD+vPx3 ZGePU6KDIFx5NRzWbgH8v6UK+Y7QtSKM3Fs0ozIMqmqaCAH8eLxUXCCsBZkPENDA 2mrt1sWdWx5QchP+Km0KdIjGhJP7+d6vgTw/8rcNnUPqKUSEk+XuueF3ya2dwgj9 DVSuWs/kJgdjbAMmh3HpAygKaDIKvOq1uiepVRKWXM7w6Rt7diMO9D4rv2WRV2bD 7EvZx9O5C0xM2MEomd0k75fjvHAE1EcEdFTDGPnIAIyMv8FyuqEFmR672rO/HApK nHlO5KkWWONFO1vKL3yGtQWnZnrvktQtcKddAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUi5HY3k4uVDkWn1Z81ZzTyF9Mzq4wHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L2k1SFkzazR1VkRrV24x WjgxWnpUeUY5TXpxNC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAIt/BgwDQYJKoZIhvcNAQELBQADggEBAEM5PhS+hLDn2Dr7lwwbgPbI0ef6QWZW gKl70rYy/EGHMIo+ZxA61oEVoMLDERsj71Muhkc3qA4T2/PGlD0SGuSiYKQJqgLn Sdo0ecinb+SgtDdRGLN6hz+SFX1U4KsMcR4hk7/hanh7e1ZsuABieMgUzKwRE0f/ v7OhuZrKAXsRiVxiUTW/u275ytX7aAn865nU27AbVmzA+VJBizyDaZF6ycF7PHF1 a1wQjAGkBIJ1gCbvHTA3/ppy9Py2eMiyAP3xCmVYJykY9ZgRFqLKTZfwzySnEB2H eh7b4aAh4yfoqL6+BF+W+YmFA2ensnU33FPiorIWhtZ10xYOus0fNqE= -----END CERTIFICATE-----Generated at Mon Oct 20 23:27:40 2025 by rpki-client