$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/lx8XZIoc8YVDrRfo4OhFDgVjj1s.roa File: lx8XZIoc8YVDrRfo4OhFDgVjj1s.roa (raw, json) Hash identifier: PRAtXI6u5k4clhPWrGaU5r+Llns/DRfcNkpvJDKLz0Q= Subject key identifier: 97:1F:17:64:8A:1C:F1:85:43:AD:17:E8:E0:E8:45:0E:05:63:8F:5B Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 1E97 Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/lx8XZIoc8YVDrRfo4OhFDgVjj1s.roa Signing time: Sat 13 Sep 2025 03:05:17 +0000 ROA not before: Sat 13 Sep 2025 03:05:17 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 139259 IP address blocks: 103.221.21.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 13:37:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7831 (0x1e97) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Sep 13 03:05:17 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=971F17648A1CF18543AD17E8E0E8450E05638F5B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e2:43:c9:52:69:d0:ee:ce:89:28:c9:49:5e:99: 33:4a:a8:6e:99:57:d7:00:64:eb:f9:be:bd:24:28: f1:14:66:4f:f2:8c:2b:f8:ce:1d:71:46:30:42:47: 8c:9b:44:38:6b:8e:5d:ad:e2:3d:f9:5d:62:c8:12: f0:a5:63:ef:41:87:16:58:e7:c5:a8:4b:3f:05:05: 75:e1:20:8f:96:8b:fe:10:7f:22:32:30:2f:01:a4: e3:77:5f:93:a6:34:96:61:e9:f1:4f:c2:b0:10:02: 1f:b0:86:9a:4c:75:1d:6a:a3:b9:a1:5e:b2:1b:51: ca:aa:e5:e7:09:1a:a1:08:ce:58:74:79:70:46:ae: 4d:3a:e1:af:95:f4:b0:86:07:5b:ca:ed:e0:62:0d: c4:5f:b4:23:29:d4:4d:60:e1:7f:04:e5:9d:19:31: 20:fd:0d:17:e9:73:e2:5d:a5:b2:77:e2:c2:ec:51: 93:21:5b:da:02:01:53:48:ee:ec:a9:ec:24:39:2b: 17:c2:8d:b5:ab:30:31:f9:3b:63:7b:91:cf:1d:26: 06:3c:99:6c:71:3b:59:f2:89:90:07:f8:33:44:22: fe:07:4e:2c:69:ee:c1:db:6d:51:17:54:80:07:f1: c4:c1:a0:81:fe:e1:36:0a:03:59:8d:70:e4:ba:40: 84:6d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 97:1F:17:64:8A:1C:F1:85:43:AD:17:E8:E0:E8:45:0E:05:63:8F:5B X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/lx8XZIoc8YVDrRfo4OhFDgVjj1s.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.221.21.0/24 Signature Algorithm: sha256WithRSAEncryption cd:2e:d1:9e:5f:27:d5:b1:8b:ea:7f:04:18:13:8b:53:75:c2: d1:cf:1a:a2:15:30:5f:b2:2e:71:b7:e2:55:f6:08:64:eb:f9: e5:74:00:8e:9b:4f:90:f6:25:b9:51:ed:c1:a0:7e:40:6a:7c: 60:cc:6b:16:75:2e:a1:fd:62:9f:c1:c7:63:de:d8:03:7e:83: 7c:d9:93:b0:11:9c:b9:e6:04:2c:19:0b:b4:06:3f:05:74:46: 6b:77:e7:07:68:cc:ed:1f:5a:a3:54:5e:7f:98:39:39:de:fb: 15:51:fc:48:5f:ca:c4:29:9c:17:5e:b5:0a:0a:bd:ca:d8:5b: f4:bf:8c:26:c6:1b:4f:54:ae:4f:13:81:04:85:50:96:33:85: 08:c1:fd:10:40:c0:e4:6a:68:3d:2e:dc:74:4f:51:a7:11:e1: 9f:4e:a1:7f:d9:eb:64:09:48:84:07:42:28:d4:66:3d:7b:a3: bc:a6:68:27:4c:a7:2a:09:69:33:3a:bc:6f:34:cf:40:da:67: 24:0a:c6:07:eb:bd:39:00:70:fa:22:74:d7:d6:07:4c:9a:fb: f8:1f:34:37:11:d9:bc:05:ce:a8:3d:19:5d:bd:47:28:e0:4a: c4:39:ba:4c:bd:90:dd:1c:0b:36:0f:70:61:bc:f8:05:84:25: 77:af:de:52 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICHpcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTA5MTMw MzA1MTdaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDk3MUYxNzY0OEExQ0Yx ODU0M0FEMTdFOEUwRTg0NTBFMDU2MzhGNUIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDiQ8lSadDuzokoyUlemTNKqG6ZV9cAZOv5vr0kKPEUZk/yjCv4 zh1xRjBCR4ybRDhrjl2t4j35XWLIEvClY+9BhxZY58WoSz8FBXXhII+Wi/4QfyIy MC8BpON3X5OmNJZh6fFPwrAQAh+whppMdR1qo7mhXrIbUcqq5ecJGqEIzlh0eXBG rk064a+V9LCGB1vK7eBiDcRftCMp1E1g4X8E5Z0ZMSD9DRfpc+JdpbJ34sLsUZMh W9oCAVNI7uyp7CQ5KxfCjbWrMDH5O2N7kc8dJgY8mWxxO1nyiZAH+DNEIv4HTixp 7sHbbVEXVIAH8cTBoIH+4TYKA1mNcOS6QIRtAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUlx8XZIoc8YVDrRfo4OhFDgVjj1swHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L2x4OFhaSW9jOFlWRHJS Zm80T2hGRGdWamoxcy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BABn3RUwDQYJKoZIhvcNAQELBQADggEBAM0u0Z5fJ9Wxi+p/BBgTi1N1wtHPGqIV MF+yLnG34lX2CGTr+eV0AI6bT5D2JblR7cGgfkBqfGDMaxZ1LqH9Yp/Bx2Pe2AN+ g3zZk7ARnLnmBCwZC7QGPwV0Rmt35wdozO0fWqNUXn+YOTne+xVR/EhfysQpnBde tQoKvcrYW/S/jCbGG09Urk8TgQSFUJYzhQjB/RBAwORqaD0u3HRPUacR4Z9OoX/Z 62QJSIQHQijUZj17o7ymaCdMpyoJaTM6vG80z0DaZyQKxgfrvTkAcPoidNfWB0ya +/gfNDcR2bwFzqg9GV29RyjgSsQ5uky9kN0cCzYPcGG8+AWEJXev3lI= -----END CERTIFICATE-----Generated at Mon Oct 20 13:13:37 2025 by rpki-client