$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/p2D2y_wVMRnFDkfV5WbPrQ9i5pc.roa File: p2D2y_wVMRnFDkfV5WbPrQ9i5pc.roa (raw, json) Hash identifier: IT/fUwjNHv6dD5hXZr0mXxVa7N/TO8j0zhzNM/6X0jA= Subject key identifier: A7:60:F6:CB:FC:15:31:19:C5:0E:47:D5:E5:66:CF:AD:0F:62:E6:97 Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 1DFF Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/p2D2y_wVMRnFDkfV5WbPrQ9i5pc.roa Signing time: Sat 13 Sep 2025 03:04:46 +0000 ROA not before: Sat 13 Sep 2025 03:04:46 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 13444 IP address blocks: 103.221.36.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 13:37:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7679 (0x1dff) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Sep 13 03:04:46 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=A760F6CBFC153119C50E47D5E566CFAD0F62E697 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:de:27:59:98:27:79:b8:70:eb:70:3c:c7:dc:77: b0:67:1c:89:ae:aa:b5:74:1c:2e:54:c7:9a:94:c3: af:c4:2d:6f:f2:2c:20:0f:42:a3:45:26:b5:ea:34: a6:86:2a:e7:fa:73:b1:87:bb:e4:12:3f:5c:58:2c: 3c:66:40:61:a1:57:b6:07:df:86:08:85:be:78:6e: ca:50:26:e2:79:e8:ca:89:80:db:cc:8d:e4:e4:e8: ef:dc:d8:78:db:a4:88:03:c8:7e:fb:b9:20:c5:f3: 5a:e5:bd:a1:53:a0:04:1f:aa:f1:e9:23:52:68:06: da:f2:df:41:64:6d:ab:42:46:53:59:99:5b:0e:41: 6d:89:6c:9e:f2:1a:97:a0:8b:58:9f:0e:6e:f5:21: 6d:f1:a6:a1:5f:00:cc:69:cb:79:d2:d5:04:2e:d7: 66:ba:ad:1e:29:30:a0:73:14:4e:04:79:33:d1:cb: 1a:24:b5:96:ec:c7:4c:5a:21:e7:47:18:f1:77:b3: 64:65:c4:d4:d8:cd:31:c4:c1:d9:a5:a8:06:50:61: 8e:55:e5:b7:d8:5d:78:75:03:1e:70:be:c3:8b:14: 57:84:f2:3b:2d:3b:18:1c:76:94:bd:6f:8e:d6:4f: fb:0e:06:99:9e:9e:64:2b:ca:59:c1:16:19:5d:7c: 82:a9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A7:60:F6:CB:FC:15:31:19:C5:0E:47:D5:E5:66:CF:AD:0F:62:E6:97 X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/p2D2y_wVMRnFDkfV5WbPrQ9i5pc.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.221.36.0/24 Signature Algorithm: sha256WithRSAEncryption 11:a8:54:6d:5a:1d:61:e1:44:11:53:aa:b4:99:94:ea:55:dc: 21:52:cf:4b:8f:ef:f6:9c:bc:85:af:bb:a2:80:fd:aa:3a:4c: 0a:89:d5:59:a4:52:e2:37:3f:5a:ca:38:11:ef:b6:39:2b:96: 33:f2:0b:14:98:f5:6a:0c:53:c0:b2:f3:1a:b6:f1:20:10:dc: b1:93:cf:5c:5b:b7:b6:6a:6d:07:b2:41:3a:c7:e6:c2:19:8e: 55:f1:f0:34:10:37:f9:c6:4b:74:8b:0c:71:6a:67:26:a8:e5: 6c:26:e4:8e:cf:65:18:54:10:68:40:c2:d6:75:69:d2:f5:a7: da:6d:d2:42:15:ed:58:90:93:f0:36:ea:47:0d:65:ae:a6:a6: 9d:10:d6:34:8e:71:cc:b8:9e:aa:34:1c:95:58:58:c7:72:2c: a3:f0:60:71:74:ea:83:f0:46:dd:27:82:b1:7f:b9:9b:47:82: ab:52:57:b4:14:ee:86:a9:b8:26:fc:99:ca:d6:0f:05:b6:4f: 12:4a:83:c0:9f:2e:29:b9:d9:5f:c1:4a:52:32:1f:bc:cd:58: 07:92:48:b2:39:8e:08:77:c7:15:79:2b:f8:24:23:5b:59:fd: 1b:9d:7a:cc:53:a9:bf:c2:32:30:31:63:70:5d:ef:fa:24:66: 54:dc:80:e7 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICHf8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTA5MTMw MzA0NDZaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKEE3NjBGNkNCRkMxNTMx MTlDNTBFNDdENUU1NjZDRkFEMEY2MkU2OTcwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDeJ1mYJ3m4cOtwPMfcd7BnHImuqrV0HC5Ux5qUw6/ELW/yLCAP QqNFJrXqNKaGKuf6c7GHu+QSP1xYLDxmQGGhV7YH34YIhb54bspQJuJ56MqJgNvM jeTk6O/c2HjbpIgDyH77uSDF81rlvaFToAQfqvHpI1JoBtry30FkbatCRlNZmVsO QW2JbJ7yGpegi1ifDm71IW3xpqFfAMxpy3nS1QQu12a6rR4pMKBzFE4EeTPRyxok tZbsx0xaIedHGPF3s2RlxNTYzTHEwdmlqAZQYY5V5bfYXXh1Ax5wvsOLFFeE8jst OxgcdpS9b47WT/sOBpmenmQrylnBFhldfIKpAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUp2D2y/wVMRnFDkfV5WbPrQ9i5pcwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L3AyRDJ5X3dWTVJuRkRr ZlY1V2JQclE5aTVwYy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BABn3SQwDQYJKoZIhvcNAQELBQADggEBABGoVG1aHWHhRBFTqrSZlOpV3CFSz0uP 7/acvIWvu6KA/ao6TAqJ1VmkUuI3P1rKOBHvtjkrljPyCxSY9WoMU8Cy8xq28SAQ 3LGTz1xbt7ZqbQeyQTrH5sIZjlXx8DQQN/nGS3SLDHFqZyao5Wwm5I7PZRhUEGhA wtZ1adL1p9pt0kIV7ViQk/A26kcNZa6mpp0Q1jSOccy4nqo0HJVYWMdyLKPwYHF0 6oPwRt0ngrF/uZtHgqtSV7QU7oapuCb8mcrWDwW2TxJKg8CfLim52V/BSlIyH7zN WAeSSLI5jgh3xxV5K/gkI1tZ/RudesxTqb/CMjAxY3Bd7/okZlTcgOc= -----END CERTIFICATE-----Generated at Mon Oct 20 12:50:54 2025 by rpki-client