$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/meuVXzvFtMROzFqzcKrvDlytvBg.roa File: meuVXzvFtMROzFqzcKrvDlytvBg.roa (raw, json) Hash identifier: HEly8g+CPM8vFDpp8F+eYOvMQkZSncGebwD7oCG56Js= Subject key identifier: 99:EB:95:5F:3B:C5:B4:C4:4E:CC:5A:B3:70:AA:EF:0E:5C:AD:BC:18 Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 1EC7 Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/meuVXzvFtMROzFqzcKrvDlytvBg.roa Signing time: Sat 13 Sep 2025 03:05:28 +0000 ROA not before: Sat 13 Sep 2025 03:05:28 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 24373 IP address blocks: 45.252.20.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 15:05:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7879 (0x1ec7) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Sep 13 03:05:28 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=99EB955F3BC5B4C44ECC5AB370AAEF0E5CADBC18 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:d6:07:d7:1e:09:61:32:06:f7:22:35:85:92: e8:e1:89:b5:62:a7:dd:ef:55:80:04:ea:58:7f:47: 4e:62:eb:a2:c2:53:0e:56:c6:33:17:27:f5:d8:6b: db:d8:b8:c3:54:47:e6:b4:69:69:2e:42:4f:94:53: 7a:c9:44:26:2b:0a:51:9e:47:a2:f1:05:ba:70:62: 74:5f:20:da:a4:7c:e9:ae:1a:e7:14:fc:0f:f0:14: 8f:86:75:00:7e:7a:87:b4:f5:33:56:26:af:1f:fb: 86:85:f7:d1:49:df:43:15:6b:fc:62:d5:31:b3:15: 1f:17:8d:e1:61:6e:8f:72:48:98:a0:4b:26:e5:33: 3c:1a:c5:c5:73:0a:9d:78:76:ca:44:bd:c2:4a:c9: 02:cb:f4:d8:40:97:c6:a1:a9:e3:77:be:64:6f:84: 79:9f:e9:04:7e:b6:68:8e:5b:76:99:99:1f:a7:c3: ba:18:7b:ca:98:10:1c:8c:01:da:19:d5:3e:f3:56: 2e:51:79:19:09:99:48:f9:84:b1:15:5a:39:fe:68: 1a:fb:da:36:ca:78:84:5b:07:f5:7b:4e:ad:a3:cf: ae:e7:4e:6c:ab:12:18:60:a9:a0:3f:4b:28:cd:b6: 29:61:6b:05:54:6f:df:8e:2c:1e:7e:9b:c2:72:9a: f9:d7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 99:EB:95:5F:3B:C5:B4:C4:4E:CC:5A:B3:70:AA:EF:0E:5C:AD:BC:18 X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/meuVXzvFtMROzFqzcKrvDlytvBg.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 45.252.20.0/22 Signature Algorithm: sha256WithRSAEncryption 19:7d:36:c4:17:32:45:4a:d0:af:51:56:31:df:0a:13:76:b9: 3d:19:73:f3:18:dc:e2:ad:b2:31:ad:96:54:1f:55:cf:7d:b4: dc:cc:44:55:27:c1:16:4a:f3:f7:71:7f:b3:57:cb:84:8e:1a: 52:ca:e9:f3:c8:1e:5e:6a:c9:e5:4c:7c:30:0f:36:be:da:cf: 17:68:de:5f:45:f0:b1:c7:df:39:c4:d8:a0:37:2a:37:bf:08: 41:3a:e6:7b:2c:83:9a:a5:86:89:b4:ea:69:ee:ca:73:50:6d: 60:aa:33:48:1e:15:c1:58:66:9f:16:b0:1a:8f:44:71:68:ce: 0a:3d:f9:06:ba:27:ab:1b:7b:b8:ed:b9:0a:22:02:58:ec:d1: 03:5d:34:c5:99:32:6d:28:27:b3:69:dc:69:66:de:6f:ae:12: 7c:19:3c:e5:d1:17:5e:25:5c:6a:80:5e:ac:10:11:5c:e4:51: 37:75:da:0a:2b:dc:0e:57:38:db:dc:de:73:b7:5e:73:07:2c: 33:b1:08:8c:92:db:6c:90:b3:9c:7e:23:64:04:65:98:b4:71: 6a:b8:f1:dd:3b:20:32:73:87:2f:63:11:d6:70:22:40:74:12: 9d:b2:a1:71:29:e8:71:05:48:de:8a:59:2a:72:5e:7f:33:a7: 91:94:cb:f6 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICHscwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTA5MTMw MzA1MjhaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDk5RUI5NTVGM0JDNUI0 QzQ0RUNDNUFCMzcwQUFFRjBFNUNBREJDMTgwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCt1gfXHglhMgb3IjWFkujhibVip93vVYAE6lh/R05i66LCUw5W xjMXJ/XYa9vYuMNUR+a0aWkuQk+UU3rJRCYrClGeR6LxBbpwYnRfINqkfOmuGucU /A/wFI+GdQB+eoe09TNWJq8f+4aF99FJ30MVa/xi1TGzFR8XjeFhbo9ySJigSybl MzwaxcVzCp14dspEvcJKyQLL9NhAl8ahqeN3vmRvhHmf6QR+tmiOW3aZmR+nw7oY e8qYEByMAdoZ1T7zVi5ReRkJmUj5hLEVWjn+aBr72jbKeIRbB/V7Tq2jz67nTmyr EhhgqaA/SyjNtilhawVUb9+OLB5+m8JymvnXAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUmeuVXzvFtMROzFqzcKrvDlytvBgwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L21ldVZYenZGdE1ST3pG cXpjS3J2RGx5dHZCZy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAIt/BQwDQYJKoZIhvcNAQELBQADggEBABl9NsQXMkVK0K9RVjHfChN2uT0Zc/MY 3OKtsjGtllQfVc99tNzMRFUnwRZK8/dxf7NXy4SOGlLK6fPIHl5qyeVMfDAPNr7a zxdo3l9F8LHH3znE2KA3Kje/CEE65nssg5qlhom06mnuynNQbWCqM0geFcFYZp8W sBqPRHFozgo9+Qa6J6sbe7jtuQoiAljs0QNdNMWZMm0oJ7Np3Glm3m+uEnwZPOXR F14lXGqAXqwQEVzkUTd12gor3A5XONvc3nO3XnMHLDOxCIyS22yQs5x+I2QEZZi0 cWq48d07IDJzhy9jEdZwIkB0Ep2yoXEp6HEFSN6KWSpyXn8zp5GUy/Y= -----END CERTIFICATE-----Generated at Mon Oct 20 14:31:45 2025 by rpki-client