$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/o2gi8dhxwPd2kdnySxKcccui_A0.roa File: o2gi8dhxwPd2kdnySxKcccui_A0.roa (raw, json) Hash identifier: 5bcYYRFt2MPLzOsmG2t3Ss2klhCFk8zHo8+SggilvqI= Subject key identifier: A3:68:22:F1:D8:71:C0:F7:76:91:D9:F2:4B:12:9C:71:CB:A2:FC:0D Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 1DE0 Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/o2gi8dhxwPd2kdnySxKcccui_A0.roa Signing time: Sat 13 Sep 2025 03:04:39 +0000 ROA not before: Sat 13 Sep 2025 03:04:39 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 138527 IP address blocks: 45.252.12.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 23:00:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7648 (0x1de0) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Sep 13 03:04:39 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=A36822F1D871C0F77691D9F24B129C71CBA2FC0D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9a:8d:ce:84:aa:c4:65:fa:71:b4:e1:fd:b6:6c: ba:6a:a2:97:e9:8b:e8:a9:d7:7c:62:e4:15:26:f7: 22:44:14:6d:fb:62:f0:43:ca:15:d4:b7:29:1b:3d: 29:fd:f4:44:5b:8c:2d:01:e9:49:ef:64:ee:36:98: 9f:77:f3:44:53:68:3b:63:6c:1d:08:5e:c0:d3:4f: 65:f3:5d:05:94:84:33:58:22:00:d3:44:7e:7f:d5: 0b:b5:33:e4:53:a7:a2:de:c7:d2:10:e6:79:da:50: ab:5f:76:95:97:f3:92:51:7d:10:2d:70:5b:e9:94: a1:ba:fa:b3:22:5f:44:54:09:8d:f7:c6:72:75:f0: 04:f0:5d:3b:45:b5:35:61:c8:77:bd:da:56:c2:a9: a0:d1:67:d0:9b:be:8c:f2:e6:80:78:9e:91:8b:f2: e3:42:d1:99:12:62:27:54:13:73:7e:99:fd:89:87: fa:0f:1d:d0:5c:9a:5f:23:95:69:74:8b:c1:09:24: 4d:6b:0d:79:10:bc:4a:55:27:2f:b5:ef:7a:25:41: 61:73:12:10:36:d8:25:93:9f:3c:58:d1:24:fe:f9: 0d:e1:41:62:a4:00:c0:91:33:1d:08:47:5f:23:d3: 8e:96:20:a6:25:02:5d:e3:5e:96:20:2b:e4:5f:8b: ea:37 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A3:68:22:F1:D8:71:C0:F7:76:91:D9:F2:4B:12:9C:71:CB:A2:FC:0D X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/o2gi8dhxwPd2kdnySxKcccui_A0.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 45.252.12.0/22 Signature Algorithm: sha256WithRSAEncryption 09:68:27:e6:69:1e:47:4c:55:ea:bf:6d:aa:48:53:41:5c:80: bd:4f:8b:d4:e7:3e:01:43:4a:17:b6:5f:36:b2:e6:05:15:db: 15:74:e8:67:98:45:5b:ab:b6:e2:82:a2:aa:ad:e4:86:e1:76: aa:fc:b5:fe:42:da:5a:b8:3b:25:66:82:b8:ab:d6:65:0e:fa: 18:e1:78:e8:cb:4f:c8:95:0f:a5:9f:08:30:6a:33:e9:df:25: 10:38:a6:27:0c:40:99:ce:14:91:d2:7d:41:b0:30:0e:9a:66: e7:7f:6e:e8:1f:03:8c:22:97:0b:20:94:5e:cc:0c:9d:9e:87: 2c:20:21:53:b0:08:7d:57:04:14:7c:7d:06:57:88:7d:fe:13: c9:4b:a1:28:26:91:8d:e9:e1:17:a0:49:5e:09:37:b6:c3:53: dd:65:4e:d3:d1:47:b4:19:cb:fa:f4:64:a9:72:22:4e:ac:a9: c3:5f:e6:c1:fd:ce:96:ad:43:6b:d6:d0:fe:9e:95:a9:6c:68: 59:d2:84:5b:a4:b5:51:02:8f:a0:a4:1f:f2:85:5d:13:9a:f5: ee:cd:cb:1e:7f:9c:60:02:53:50:12:e1:7f:bc:bb:ee:ed:1a: 18:cb:fb:a2:e1:d7:11:94:64:0a:64:d0:f0:31:2d:f9:f6:9a: eb:ce:bf:91 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICHeAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTA5MTMw MzA0MzlaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKEEzNjgyMkYxRDg3MUMw Rjc3NjkxRDlGMjRCMTI5QzcxQ0JBMkZDMEQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCajc6EqsRl+nG04f22bLpqopfpi+ip13xi5BUm9yJEFG37YvBD yhXUtykbPSn99ERbjC0B6UnvZO42mJ9380RTaDtjbB0IXsDTT2XzXQWUhDNYIgDT RH5/1Qu1M+RTp6Lex9IQ5nnaUKtfdpWX85JRfRAtcFvplKG6+rMiX0RUCY33xnJ1 8ATwXTtFtTVhyHe92lbCqaDRZ9Cbvozy5oB4npGL8uNC0ZkSYidUE3N+mf2Jh/oP HdBcml8jlWl0i8EJJE1rDXkQvEpVJy+173olQWFzEhA22CWTnzxY0ST++Q3hQWKk AMCRMx0IR18j046WIKYlAl3jXpYgK+Rfi+o3AgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUo2gi8dhxwPd2kdnySxKcccui/A0wHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L28yZ2k4ZGh4d1BkMmtk bnlTeEtjY2N1aV9BMC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAIt/AwwDQYJKoZIhvcNAQELBQADggEBAAloJ+ZpHkdMVeq/bapIU0FcgL1Pi9Tn PgFDShe2Xzay5gUV2xV06GeYRVurtuKCoqqt5Ibhdqr8tf5C2lq4OyVmgrir1mUO +hjheOjLT8iVD6WfCDBqM+nfJRA4picMQJnOFJHSfUGwMA6aZud/bugfA4wilwsg lF7MDJ2ehywgIVOwCH1XBBR8fQZXiH3+E8lLoSgmkY3p4RegSV4JN7bDU91lTtPR R7QZy/r0ZKlyIk6sqcNf5sH9zpatQ2vW0P6elalsaFnShFuktVECj6CkH/KFXROa 9e7Nyx5/nGACU1AS4X+8u+7tGhjL+6Lh1xGUZApk0PAxLfn2muvOv5E= -----END CERTIFICATE-----Generated at Mon Oct 20 20:39:03 2025 by rpki-client