$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/lGAHa2eeEyxZwl8SERuNuR-CocY.roa File: lGAHa2eeEyxZwl8SERuNuR-CocY.roa (raw, json) Hash identifier: 15hxbNxi34Hv1aXgXEJszbQwIucUB9CQaWfwp/FD9q0= Subject key identifier: 94:60:07:6B:67:9E:13:2C:59:C2:5F:12:11:1B:8D:B9:1F:82:A1:C6 Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 1E3C Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/lGAHa2eeEyxZwl8SERuNuR-CocY.roa Signing time: Sat 13 Sep 2025 03:04:57 +0000 ROA not before: Sat 13 Sep 2025 03:04:57 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 139259 IP address blocks: 103.221.32.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 21 Oct 2025 00:35:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7740 (0x1e3c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Sep 13 03:04:57 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=9460076B679E132C59C25F12111B8DB91F82A1C6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:20:cc:d5:f6:e1:66:b5:69:a1:21:aa:1d:e7: 58:6e:72:f8:e1:72:63:aa:39:ee:83:0e:99:d9:ad: 9b:31:4e:bc:a8:f8:7b:4a:08:a2:74:05:4e:3b:ed: 88:b2:db:4b:84:30:d6:d7:10:7a:da:e8:44:d0:83: 09:42:24:90:5f:1b:89:8b:24:5b:e1:f4:fa:8c:92: 70:48:38:3a:30:fd:ec:bc:bb:68:de:e0:35:7a:ed: 0c:a1:e5:39:d0:6f:f8:d8:c4:e4:d0:78:5f:d8:8b: 1d:8b:69:76:a5:fe:30:04:57:f2:1b:88:23:c6:7a: dd:38:90:3f:1e:f9:ab:0e:94:b4:a8:1a:17:50:2a: 80:eb:5d:86:4c:cc:35:86:60:81:43:e4:4a:eb:e6: cf:cb:7c:4e:b7:87:d5:8d:9c:f5:1b:b0:3e:03:c5: 60:fb:74:09:20:87:92:a9:7f:32:e7:09:9f:e3:ac: c7:c4:88:e5:a0:2d:76:fd:f6:ce:52:5a:31:9d:2d: 06:43:e3:c3:cc:74:6a:79:99:3d:77:e6:a5:75:fd: 1b:ca:4d:ae:44:1f:02:f9:1a:ce:cb:c8:6f:d6:e8: 35:59:de:cf:14:3b:9e:c4:09:ef:df:f3:b4:22:ab: 39:ff:15:83:47:22:e1:27:2e:22:2b:e0:4c:9f:a8: 9e:67 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 94:60:07:6B:67:9E:13:2C:59:C2:5F:12:11:1B:8D:B9:1F:82:A1:C6 X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/lGAHa2eeEyxZwl8SERuNuR-CocY.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.221.32.0/24 Signature Algorithm: sha256WithRSAEncryption 94:63:8d:0e:4a:39:a9:21:25:ae:21:bc:73:06:fa:82:b1:b5: c3:f8:01:b8:a6:6b:4e:48:04:38:bd:3f:a5:45:8a:fd:a7:bb: 3a:f5:9e:c5:9b:b9:3b:cd:65:0e:33:9b:b4:58:16:58:bf:3e: 96:37:1f:65:f9:05:57:5d:8e:9d:7b:c3:63:a7:e8:07:d1:46: 53:af:ec:84:ce:3a:6e:82:42:10:74:b2:b7:c5:bb:9b:78:12: 40:f4:40:dc:f0:aa:1e:ad:7d:a2:98:1b:7e:9f:19:d1:74:bd: 96:f3:78:71:74:9b:1a:10:97:53:0e:3f:a0:6f:e3:b9:d3:a7: a7:aa:eb:1e:cf:e2:40:72:e0:94:9e:2b:a5:fb:1d:10:83:aa: 79:e0:41:0d:fb:20:c9:c3:63:40:0b:0a:c4:77:dc:d2:bb:28: 06:01:49:9e:a7:a2:63:08:b9:38:35:65:c3:61:f0:69:d9:51: da:ce:16:87:ad:0a:6e:f4:20:c3:65:4e:dd:79:07:c6:3e:a7: 21:71:87:4a:69:74:bd:5e:5b:a0:ad:cf:e6:29:21:20:b2:af: 80:ad:04:32:36:7a:73:c9:ae:30:f5:40:0a:a4:6e:98:86:34: e9:24:30:10:e4:58:22:0e:8f:f9:7d:7b:fd:ef:6e:fd:1f:5b: ad:11:6a:18 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICHjwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTA5MTMw MzA0NTdaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDk0NjAwNzZCNjc5RTEz MkM1OUMyNUYxMjExMUI4REI5MUY4MkExQzYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC/IMzV9uFmtWmhIaod51hucvjhcmOqOe6DDpnZrZsxTryo+HtK CKJ0BU477Yiy20uEMNbXEHra6ETQgwlCJJBfG4mLJFvh9PqMknBIODow/ey8u2je 4DV67Qyh5TnQb/jYxOTQeF/Yix2LaXal/jAEV/IbiCPGet04kD8e+asOlLSoGhdQ KoDrXYZMzDWGYIFD5Err5s/LfE63h9WNnPUbsD4DxWD7dAkgh5KpfzLnCZ/jrMfE iOWgLXb99s5SWjGdLQZD48PMdGp5mT135qV1/RvKTa5EHwL5Gs7LyG/W6DVZ3s8U O57ECe/f87Qiqzn/FYNHIuEnLiIr4EyfqJ5nAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUlGAHa2eeEyxZwl8SERuNuR+CocYwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L2xHQUhhMmVlRXl4Wnds OFNFUnVOdVItQ29jWS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BABn3SAwDQYJKoZIhvcNAQELBQADggEBAJRjjQ5KOakhJa4hvHMG+oKxtcP4Abim a05IBDi9P6VFiv2nuzr1nsWbuTvNZQ4zm7RYFli/PpY3H2X5BVddjp17w2On6AfR RlOv7ITOOm6CQhB0srfFu5t4EkD0QNzwqh6tfaKYG36fGdF0vZbzeHF0mxoQl1MO P6Bv47nTp6eq6x7P4kBy4JSeK6X7HRCDqnngQQ37IMnDY0ALCsR33NK7KAYBSZ6n omMIuTg1ZcNh8GnZUdrOFoetCm70IMNlTt15B8Y+pyFxh0ppdL1eW6Ctz+YpISCy r4CtBDI2enPJrjD1QAqkbpiGNOkkMBDkWCIOj/l9e/3vbv0fW60Rahg= -----END CERTIFICATE-----Generated at Mon Oct 20 23:27:42 2025 by rpki-client