$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/jNT0WI36rV1gn2WrAxbmN6CRLH4.roa File: jNT0WI36rV1gn2WrAxbmN6CRLH4.roa (raw, json) Hash identifier: PxPImjdtH07KhbAP5eqf4w+t7WWq7zeoc6l/AzQhmTg= Subject key identifier: 8C:D4:F4:58:8D:FA:AD:5D:60:9F:65:AB:03:16:E6:37:A0:91:2C:7E Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 1E4A Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/jNT0WI36rV1gn2WrAxbmN6CRLH4.roa Signing time: Sat 13 Sep 2025 03:04:59 +0000 ROA not before: Sat 13 Sep 2025 03:04:59 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 139259 IP address blocks: 103.221.27.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 18:07:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7754 (0x1e4a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Sep 13 03:04:59 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=8CD4F4588DFAAD5D609F65AB0316E637A0912C7E Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:85:5a:40:55:79:2b:23:6e:d8:1a:20:64:dc: f8:5c:f9:41:0d:7a:a2:8f:53:f6:fb:61:8c:70:9e: ea:5b:a8:3c:34:c7:60:0c:92:b5:95:7c:ca:8c:7a: e1:50:db:85:a5:fd:26:45:59:da:77:b2:27:1d:3e: bb:f0:ff:00:0a:9e:b0:8d:5c:7e:67:fd:da:66:7e: f1:cc:6a:40:e0:b6:f9:46:2f:10:c6:09:1b:a0:91: db:de:e9:26:78:e0:59:b7:ac:0f:de:9c:5d:3e:1e: f0:a6:7b:8a:51:d5:75:6f:c5:ce:1b:05:b8:e1:ed: 79:f6:4e:7c:a4:91:b6:be:8d:26:a7:5d:2f:ec:6d: 80:76:c3:a3:da:0b:a9:2b:8f:68:29:1d:db:fe:a0: e6:1e:cb:9e:9f:9d:a8:f9:c5:0a:3a:a8:d5:33:6c: 51:90:61:07:bd:f3:7d:1f:fa:a4:e5:a8:ba:da:be: 45:d3:f8:e8:1e:ba:a5:9a:7c:2f:15:dd:26:10:d0: c0:6d:7f:b9:97:55:0d:07:ac:d5:36:0f:33:8f:bf: a9:02:03:9a:bc:60:62:a0:09:c1:47:c7:85:92:c1: ca:e1:d0:df:33:6d:41:25:55:82:f7:d9:06:98:d1: 55:6f:d5:62:e1:00:eb:7f:3a:50:fd:94:fd:60:02: 68:93 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8C:D4:F4:58:8D:FA:AD:5D:60:9F:65:AB:03:16:E6:37:A0:91:2C:7E X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/jNT0WI36rV1gn2WrAxbmN6CRLH4.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.221.27.0/24 Signature Algorithm: sha256WithRSAEncryption 71:4e:3e:b1:0b:7b:0d:3c:0d:6a:34:20:ac:b7:16:62:49:bd: ef:38:48:7d:2a:56:1e:7d:9a:b5:f4:12:de:2b:a7:78:48:a0: fe:c0:e8:c4:85:45:16:2f:7e:ae:1b:42:ac:42:cb:77:74:40: bb:27:93:ed:2e:1f:ea:64:c6:e7:d6:4e:b9:25:c2:7d:6c:b2: 2c:c6:89:bd:e8:22:5a:79:6a:24:92:46:ff:a3:9c:7f:e3:a2: 93:77:09:d1:f9:30:28:6e:6d:68:61:4c:f1:21:c3:20:92:8c: 96:c3:54:f3:5e:f1:2e:30:ef:8d:c6:de:5f:d1:80:90:91:a8: 85:7d:c7:6d:4f:84:1d:85:cd:50:bc:2f:4f:37:40:d3:82:30: 42:cc:74:81:1a:f3:91:9d:1a:06:9c:da:7c:43:72:94:78:d2: 4b:b9:89:1c:d7:9b:8b:91:5d:64:2d:2f:82:3c:70:a9:b1:2c: 9f:9e:ac:42:dd:e0:7c:fa:c4:e4:22:44:87:52:ca:11:ab:10: 91:ba:9d:27:c1:50:40:74:cd:e0:06:53:af:c9:85:12:f5:15: 83:df:70:da:27:d2:6a:84:db:4a:ee:e3:2b:f6:2f:16:5f:c7: 5f:54:12:74:de:a0:5b:eb:ac:7a:34:9f:67:62:3d:9c:43:fd: d7:c6:f6:56 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICHkowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTA5MTMw MzA0NTlaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDhDRDRGNDU4OERGQUFE NUQ2MDlGNjVBQjAzMTZFNjM3QTA5MTJDN0UwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDHhVpAVXkrI27YGiBk3Phc+UENeqKPU/b7YYxwnupbqDw0x2AM krWVfMqMeuFQ24Wl/SZFWdp3sicdPrvw/wAKnrCNXH5n/dpmfvHMakDgtvlGLxDG CRugkdve6SZ44Fm3rA/enF0+HvCme4pR1XVvxc4bBbjh7Xn2Tnykkba+jSanXS/s bYB2w6PaC6krj2gpHdv+oOYey56fnaj5xQo6qNUzbFGQYQe9830f+qTlqLravkXT +OgeuqWafC8V3SYQ0MBtf7mXVQ0HrNU2DzOPv6kCA5q8YGKgCcFHx4WSwcrh0N8z bUElVYL32QaY0VVv1WLhAOt/OlD9lP1gAmiTAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUjNT0WI36rV1gn2WrAxbmN6CRLH4wHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L2pOVDBXSTM2clYxZ24y V3JBeGJtTjZDUkxINC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BABn3RswDQYJKoZIhvcNAQELBQADggEBAHFOPrELew08DWo0IKy3FmJJve84SH0q Vh59mrX0Et4rp3hIoP7A6MSFRRYvfq4bQqxCy3d0QLsnk+0uH+pkxufWTrklwn1s sizGib3oIlp5aiSSRv+jnH/jopN3CdH5MChubWhhTPEhwyCSjJbDVPNe8S4w743G 3l/RgJCRqIV9x21PhB2FzVC8L083QNOCMELMdIEa85GdGgac2nxDcpR40ku5iRzX m4uRXWQtL4I8cKmxLJ+erELd4Hz6xOQiRIdSyhGrEJG6nSfBUEB0zeAGU6/JhRL1 FYPfcNon0mqE20ru4yv2LxZfx19UEnTeoFvrrHo0n2diPZxD/dfG9lY= -----END CERTIFICATE-----Generated at Mon Oct 20 17:58:55 2025 by rpki-client