$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/pdM-iKTurcdJ1KKAhCPyJxhCdXI.roa File: pdM-iKTurcdJ1KKAhCPyJxhCdXI.roa (raw, json) Hash identifier: RcKGVW5qX6mL35C1gMNc1kjgiRygpLjRjY4A/JhHdPM= Subject key identifier: A5:D3:3E:88:A4:EE:AD:C7:49:D4:A2:80:84:23:F2:27:18:42:75:72 Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 1EC0 Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/pdM-iKTurcdJ1KKAhCPyJxhCdXI.roa Signing time: Sat 13 Sep 2025 03:05:26 +0000 ROA not before: Sat 13 Sep 2025 03:05:26 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 13444 IP address blocks: 103.220.250.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 13:37:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7872 (0x1ec0) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Sep 13 03:05:26 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=A5D33E88A4EEADC749D4A2808423F22718427572 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:32:c2:b6:aa:7e:a9:d9:a6:ac:40:54:bf:76: 3b:31:69:66:52:72:33:b2:3f:7d:ad:cd:01:ca:07: 2f:5c:28:42:8f:ff:1e:71:0a:89:d2:39:c2:44:1a: 56:14:9a:f3:45:f5:ff:f7:08:5c:51:a5:2b:a4:e0: 16:28:39:f7:e4:4f:86:fc:60:f3:06:7a:cf:be:d6: 98:84:a6:83:8d:b9:7d:b8:da:4f:78:17:5f:4a:95: 0b:93:da:dc:2f:5c:b4:5a:87:b8:1c:0f:1c:a0:87: b0:2a:00:78:55:6a:6f:60:c4:66:b4:86:a4:c9:2a: e1:6e:e5:9c:3d:f9:02:61:4c:e8:a7:38:be:32:5d: 1f:50:f5:3f:f3:c2:87:77:74:ca:6d:96:38:71:cf: f7:17:07:59:e8:43:cf:96:37:01:45:6e:45:51:46: 02:50:92:a5:de:ee:11:2b:a2:9e:be:3f:e1:72:50: f1:8e:d6:72:17:84:29:da:21:71:26:15:83:77:26: 08:10:41:5a:b6:db:a9:d4:74:95:f7:6a:a9:c0:9c: 80:f9:fa:dd:a4:f5:42:f1:0f:aa:4d:b1:55:36:9e: 8e:29:08:6e:4b:c1:34:81:37:1a:10:4b:07:ba:45: 75:8b:ee:6d:c4:17:6a:0d:b6:99:64:8f:7c:61:f4: b9:a1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A5:D3:3E:88:A4:EE:AD:C7:49:D4:A2:80:84:23:F2:27:18:42:75:72 X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/pdM-iKTurcdJ1KKAhCPyJxhCdXI.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.220.250.0/24 Signature Algorithm: sha256WithRSAEncryption dd:39:9b:6a:fe:ce:f3:c3:2a:3c:d2:e9:6d:b5:05:fc:b7:19: e5:34:b1:f9:a8:6f:17:2a:97:69:08:99:e9:45:bb:63:26:a4: d1:5c:3d:8e:6f:0f:0a:58:78:ac:49:66:2c:7d:8c:bd:02:ba: 15:46:d9:aa:2f:26:ba:8b:ff:e7:67:ff:14:ed:37:01:31:7f: c2:55:08:34:c8:c3:83:21:7d:b7:2e:82:d0:ad:88:a8:d9:11: 38:60:3d:4b:a0:9f:99:4a:1a:20:c6:db:fe:88:4c:2f:f6:7b: 88:3e:e9:e3:ea:0f:da:dc:16:d9:c9:66:e7:9b:c7:cc:2a:fe: fc:7f:5c:2b:79:58:d5:0b:b2:73:a0:9e:19:03:34:7e:a0:53: 66:3d:bd:54:4e:da:6d:a0:1f:d0:e1:ea:28:62:ce:35:95:fb: 06:74:6c:79:81:d6:b5:55:55:94:b9:77:91:3d:57:d8:c0:6b: 33:07:89:78:32:c2:f8:73:2f:37:36:0e:99:01:98:52:5f:8b: bd:96:a0:fe:eb:b3:b7:a1:6b:b5:bd:15:52:8e:ef:bc:82:3d: d1:7c:30:1b:8f:b7:36:0d:ac:f8:4c:1b:1e:a4:70:c2:d2:4d: c7:66:17:90:13:31:dc:14:20:8f:f7:80:fe:bd:06:1c:ba:5b: 2e:1e:bc:a9 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICHsAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTA5MTMw MzA1MjZaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKEE1RDMzRTg4QTRFRUFE Qzc0OUQ0QTI4MDg0MjNGMjI3MTg0Mjc1NzIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC3MsK2qn6p2aasQFS/djsxaWZScjOyP32tzQHKBy9cKEKP/x5x ConSOcJEGlYUmvNF9f/3CFxRpSuk4BYoOffkT4b8YPMGes++1piEpoONuX242k94 F19KlQuT2twvXLRah7gcDxygh7AqAHhVam9gxGa0hqTJKuFu5Zw9+QJhTOinOL4y XR9Q9T/zwod3dMptljhxz/cXB1noQ8+WNwFFbkVRRgJQkqXe7hErop6+P+FyUPGO 1nIXhCnaIXEmFYN3JggQQVq226nUdJX3aqnAnID5+t2k9ULxD6pNsVU2no4pCG5L wTSBNxoQSwe6RXWL7m3EF2oNtplkj3xh9LmhAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUpdM+iKTurcdJ1KKAhCPyJxhCdXIwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L3BkTS1pS1R1cmNkSjFL S0FoQ1B5SnhoQ2RYSS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BABn3PowDQYJKoZIhvcNAQELBQADggEBAN05m2r+zvPDKjzS6W21Bfy3GeU0sfmo bxcql2kImelFu2MmpNFcPY5vDwpYeKxJZix9jL0CuhVG2aovJrqL/+dn/xTtNwEx f8JVCDTIw4MhfbcugtCtiKjZEThgPUugn5lKGiDG2/6ITC/2e4g+6ePqD9rcFtnJ Zuebx8wq/vx/XCt5WNULsnOgnhkDNH6gU2Y9vVRO2m2gH9Dh6ihizjWV+wZ0bHmB 1rVVVZS5d5E9V9jAazMHiXgywvhzLzc2DpkBmFJfi72WoP7rs7eha7W9FVKO77yC PdF8MBuPtzYNrPhMGx6kcMLSTcdmF5ATMdwUII/3gP69Bhy6Wy4evKk= -----END CERTIFICATE-----Generated at Mon Oct 20 13:31:03 2025 by rpki-client