$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/i9bmZt2EXnfP1T6uXnSqQq2ZFTo.roa File: i9bmZt2EXnfP1T6uXnSqQq2ZFTo.roa (raw, json) Hash identifier: tI/In5bpXy6L2MQTqNnBGUfy+/Ylu2ALv5PvWNLboPQ= Subject key identifier: 8B:D6:E6:66:DD:84:5E:77:CF:D5:3E:AE:5E:74:AA:42:AD:99:15:3A Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 1EA5 Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/i9bmZt2EXnfP1T6uXnSqQq2ZFTo.roa Signing time: Sat 13 Sep 2025 03:05:20 +0000 ROA not before: Sat 13 Sep 2025 03:05:20 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 59083 IP address blocks: 43.254.153.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 13:37:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7845 (0x1ea5) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Sep 13 03:05:20 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=8BD6E666DD845E77CFD53EAE5E74AA42AD99153A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:0a:c3:41:63:86:1d:66:44:a1:08:25:fa:4b: fb:85:82:e1:45:30:fa:22:a1:a3:65:33:96:e0:98: 8e:f4:76:7a:a7:b4:9e:03:92:14:b2:cb:97:28:8b: 7c:e4:32:23:c8:f0:32:8c:e5:a2:ef:10:f1:ff:d5: 87:e8:a6:06:8f:a1:ac:88:2b:1f:18:c0:f2:71:1f: c0:5c:b3:14:71:16:d8:de:28:e1:22:ca:7e:16:2b: d7:44:7c:8c:21:20:2d:1a:f9:50:fc:8d:31:ff:97: a0:2d:a7:46:2d:dd:ef:af:8e:0b:23:9b:b2:85:e5: 56:81:81:41:4e:c3:c4:6a:fb:ee:64:66:4b:61:7f: c3:63:6f:e9:5c:65:85:1d:14:22:e7:ff:e3:73:82: 20:4f:c8:7c:54:49:e6:02:f6:24:98:ce:1d:1a:e8: 27:e2:7f:c1:13:c9:a1:88:e8:6f:43:b5:92:34:52: b1:3a:b9:c6:67:39:74:32:2d:5b:74:1a:ac:70:d3: 76:08:c7:80:42:1d:08:dc:21:70:ec:5a:23:98:07: 9f:18:64:e8:27:f9:5d:26:f3:05:f4:86:fe:a3:ab: 4a:41:46:f0:43:15:4a:e0:c9:79:70:cf:fe:2a:1b: c5:c1:a5:83:93:41:3c:f4:b0:29:72:ee:72:13:e4: 43:e7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8B:D6:E6:66:DD:84:5E:77:CF:D5:3E:AE:5E:74:AA:42:AD:99:15:3A X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/i9bmZt2EXnfP1T6uXnSqQq2ZFTo.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 43.254.153.0/24 Signature Algorithm: sha256WithRSAEncryption 01:61:16:79:50:86:55:d4:86:7f:9c:fa:45:6f:31:cd:17:46: 77:4b:8e:1c:ff:7e:ba:a7:af:2c:0d:87:1f:2f:e1:22:eb:e1: f1:fa:c0:ab:40:5f:30:cc:03:87:82:b4:90:2c:34:a4:58:1a: d7:05:39:ae:7e:8e:4f:e8:ac:36:33:37:06:e8:e5:c6:98:49: 65:fd:9f:e7:09:41:67:71:b0:b8:33:92:8d:2a:c6:12:a7:39: b7:ce:88:e1:27:43:96:a4:18:29:12:d5:5c:f0:28:76:a9:ea: a6:e5:84:7a:f6:eb:c1:99:5e:a2:06:69:27:58:0d:43:ef:15: 4f:15:16:48:ba:58:33:03:64:8b:7b:43:64:be:12:3f:09:ae: 56:d2:c1:0c:5e:07:a3:d7:cd:94:91:28:b2:57:37:8d:f6:d8: 7c:21:d0:a2:65:ad:93:bb:bf:99:01:86:74:62:1f:16:35:d3: f0:c3:85:18:cc:75:82:6c:2c:64:c3:46:cd:02:98:4b:35:27: d9:d4:ff:ec:d1:2e:e0:74:b7:ea:72:af:b7:62:7a:3d:0c:45: ba:fa:28:76:f5:cb:b9:b7:43:e4:ae:cb:4b:6d:62:d2:be:82: d9:32:4b:d7:29:66:0e:2e:65:45:56:c5:e2:97:44:31:3f:9e: 16:84:41:09 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICHqUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTA5MTMw MzA1MjBaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDhCRDZFNjY2REQ4NDVF NzdDRkQ1M0VBRTVFNzRBQTQyQUQ5OTE1M0EwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDOCsNBY4YdZkShCCX6S/uFguFFMPoioaNlM5bgmI70dnqntJ4D khSyy5coi3zkMiPI8DKM5aLvEPH/1YfopgaPoayIKx8YwPJxH8BcsxRxFtjeKOEi yn4WK9dEfIwhIC0a+VD8jTH/l6Atp0Yt3e+vjgsjm7KF5VaBgUFOw8Rq++5kZkth f8Njb+lcZYUdFCLn/+NzgiBPyHxUSeYC9iSYzh0a6Cfif8ETyaGI6G9DtZI0UrE6 ucZnOXQyLVt0Gqxw03YIx4BCHQjcIXDsWiOYB58YZOgn+V0m8wX0hv6jq0pBRvBD FUrgyXlwz/4qG8XBpYOTQTz0sCly7nIT5EPnAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUi9bmZt2EXnfP1T6uXnSqQq2ZFTowHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L2k5Ym1adDJFWG5mUDFU NnVYblNxUXEyWkZUby5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAAr/pkwDQYJKoZIhvcNAQELBQADggEBAAFhFnlQhlXUhn+c+kVvMc0XRndLjhz/ frqnrywNhx8v4SLr4fH6wKtAXzDMA4eCtJAsNKRYGtcFOa5+jk/orDYzNwbo5caY SWX9n+cJQWdxsLgzko0qxhKnObfOiOEnQ5akGCkS1VzwKHap6qblhHr268GZXqIG aSdYDUPvFU8VFki6WDMDZIt7Q2S+Ej8JrlbSwQxeB6PXzZSRKLJXN4322Hwh0KJl rZO7v5kBhnRiHxY10/DDhRjMdYJsLGTDRs0CmEs1J9nU/+zRLuB0t+pyr7diej0M Rbr6KHb1y7m3Q+Suy0ttYtK+gtkyS9cpZg4uZUVWxeKXRDE/nhaEQQk= -----END CERTIFICATE-----Generated at Mon Oct 20 13:31:00 2025 by rpki-client