$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/kw0Ic1jvC7ymWbqMB7Z1spfDeWU.roa File: kw0Ic1jvC7ymWbqMB7Z1spfDeWU.roa (raw, json) Hash identifier: 4aORHfzd4SscNisFYITRAzJN9DWwwo0XCBUEq7RyXgE= Subject key identifier: 93:0D:08:73:58:EF:0B:BC:A6:59:BA:8C:07:B6:75:B2:97:C3:79:65 Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 1EEF Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/kw0Ic1jvC7ymWbqMB7Z1spfDeWU.roa Signing time: Sat 13 Sep 2025 03:05:38 +0000 ROA not before: Sat 13 Sep 2025 03:05:38 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 139259 IP address blocks: 103.220.253.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 13:37:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7919 (0x1eef) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Sep 13 03:05:38 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=930D087358EF0BBCA659BA8C07B675B297C37965 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:a0:3b:3f:f0:79:b0:3c:48:fe:e9:8d:b5:f4: c8:0e:54:0e:ef:29:b3:3f:6a:69:e3:c6:df:aa:30: 6c:88:47:ed:4f:1e:00:6d:0d:03:e8:46:62:02:c4: 34:5e:1d:f4:b1:b2:10:c3:2c:19:cc:56:49:83:60: 85:b4:42:0e:4e:97:2c:3b:f8:e0:a0:1e:6d:72:b9: 6c:40:c2:42:e9:63:95:b2:55:44:8f:e9:cb:c2:1f: 24:2a:11:77:be:65:45:5a:18:56:d2:ae:13:48:f9: c3:89:c4:0b:7a:14:0f:2a:f9:93:f1:9b:5c:df:cb: ad:dd:bf:23:d5:1f:f3:f2:d5:1b:e3:fe:e9:2b:cb: 80:03:eb:c1:b4:e3:21:d0:cc:de:1f:ed:c6:60:37: 49:3f:c8:bd:76:39:13:93:58:7c:b0:99:fa:fc:99: 48:1c:95:dc:b4:e3:d4:8e:a0:63:59:e2:c1:f0:2e: 28:a6:58:39:31:ca:3d:cf:77:04:fa:b5:4a:18:1e: 68:2e:30:3b:6b:b7:fd:5e:80:bc:57:12:6f:42:2b: 99:06:60:4c:45:22:97:cf:2d:c0:60:ff:ea:df:05: 26:a1:ac:e6:34:35:f6:95:a4:2b:80:9a:02:9e:c7: 8f:a7:e1:2c:d0:b5:1f:79:06:14:14:a0:63:f2:6e: 40:4b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 93:0D:08:73:58:EF:0B:BC:A6:59:BA:8C:07:B6:75:B2:97:C3:79:65 X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/kw0Ic1jvC7ymWbqMB7Z1spfDeWU.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.220.253.0/24 Signature Algorithm: sha256WithRSAEncryption 53:16:78:58:a6:89:49:2f:99:23:7c:c0:f0:da:db:57:93:86: f5:cc:56:c2:ec:07:e3:c6:c8:08:44:99:36:b3:22:83:37:b7: 67:a1:b3:54:ae:af:0e:b4:f2:2b:83:a5:eb:92:ce:7c:fa:ca: 8c:ad:e1:7c:6b:ac:41:0c:34:40:ea:23:75:85:08:0e:da:ec: 3a:72:08:82:4d:54:06:a4:ea:35:41:09:72:fc:65:cf:cc:a5: 24:8c:79:9c:ab:1a:ff:d9:fa:4b:2c:c4:89:0b:c6:af:00:3b: 71:de:d9:d4:70:89:6b:3c:32:d0:5d:c4:66:42:48:27:86:81: 04:7a:b8:af:7d:57:2f:9a:5d:8c:76:e6:1a:81:1a:e3:5f:51: 35:ff:f2:68:62:52:67:7b:e2:46:be:e3:0e:f2:a9:57:1d:ae: 62:df:59:02:9e:68:e7:ff:b3:f1:21:57:b0:9d:05:7e:e0:4a: b6:50:21:ca:74:98:1c:cc:f3:87:c2:f9:e5:5a:07:d0:cb:b4: cf:7d:5b:2f:2b:78:2d:0e:cc:71:72:41:24:35:44:d1:e6:e7: fd:43:26:12:38:12:7c:d5:4f:83:5d:2d:f9:58:46:e9:da:ae: 17:4f:17:7e:ea:3a:8e:09:d9:6d:1a:0d:33:33:74:7a:60:e6: dc:91:f7:93 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICHu8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTA5MTMw MzA1MzhaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDkzMEQwODczNThFRjBC QkNBNjU5QkE4QzA3QjY3NUIyOTdDMzc5NjUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCnoDs/8HmwPEj+6Y219MgOVA7vKbM/amnjxt+qMGyIR+1PHgBt DQPoRmICxDReHfSxshDDLBnMVkmDYIW0Qg5Olyw7+OCgHm1yuWxAwkLpY5WyVUSP 6cvCHyQqEXe+ZUVaGFbSrhNI+cOJxAt6FA8q+ZPxm1zfy63dvyPVH/Py1Rvj/ukr y4AD68G04yHQzN4f7cZgN0k/yL12OROTWHywmfr8mUgcldy049SOoGNZ4sHwLiim WDkxyj3PdwT6tUoYHmguMDtrt/1egLxXEm9CK5kGYExFIpfPLcBg/+rfBSahrOY0 NfaVpCuAmgKex4+n4SzQtR95BhQUoGPybkBLAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUkw0Ic1jvC7ymWbqMB7Z1spfDeWUwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L2t3MEljMWp2Qzd5bVdi cU1CN1oxc3BmRGVXVS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BABn3P0wDQYJKoZIhvcNAQELBQADggEBAFMWeFimiUkvmSN8wPDa21eThvXMVsLs B+PGyAhEmTazIoM3t2ehs1Surw608iuDpeuSznz6yoyt4XxrrEEMNEDqI3WFCA7a 7DpyCIJNVAak6jVBCXL8Zc/MpSSMeZyrGv/Z+kssxIkLxq8AO3He2dRwiWs8MtBd xGZCSCeGgQR6uK99Vy+aXYx25hqBGuNfUTX/8mhiUmd74ka+4w7yqVcdrmLfWQKe aOf/s/EhV7CdBX7gSrZQIcp0mBzM84fC+eVaB9DLtM99Wy8reC0OzHFyQSQ1RNHm 5/1DJhI4EnzVT4NdLflYRunarhdPF37qOo4J2W0aDTMzdHpg5tyR95M= -----END CERTIFICATE-----Generated at Mon Oct 20 13:30:58 2025 by rpki-client