$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/pmgoWPd8BeNCzIchlljZBHjz1DU.roa File: pmgoWPd8BeNCzIchlljZBHjz1DU.roa (raw, json) Hash identifier: SaeJ0OfjiELEOln4QeJAnmj/4TTuPDsgDMdCInYcUqE= Subject key identifier: A6:68:28:58:F7:7C:05:E3:42:CC:87:21:96:58:D9:04:78:F3:D4:35 Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 1E58 Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/pmgoWPd8BeNCzIchlljZBHjz1DU.roa Signing time: Sat 13 Sep 2025 03:05:03 +0000 ROA not before: Sat 13 Sep 2025 03:05:03 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 13444 IP address blocks: 103.220.249.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 13:37:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7768 (0x1e58) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Sep 13 03:05:03 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=A6682858F77C05E342CC87219658D90478F3D435 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:e0:37:0d:38:de:38:0c:5f:3d:80:01:e4:be: d0:f2:98:38:2d:e8:4b:42:c0:63:44:4b:1b:05:c9: 0a:36:9a:b0:66:dd:50:8c:20:93:c6:6d:cf:1e:9b: 7e:20:70:19:ec:3b:45:e8:39:d4:67:b2:59:06:54: 29:27:8f:d0:7f:b8:c5:e5:9f:07:bb:7d:6e:9f:1b: 8c:f7:97:a9:1b:15:25:a6:44:6b:bd:4f:64:53:7b: 42:b8:f2:df:c6:59:29:98:4c:5a:3e:24:c2:42:89: c0:8b:14:eb:39:0f:cd:04:51:b0:98:bd:81:25:b0: 33:08:51:e5:73:83:84:aa:d4:25:07:96:8a:e1:cc: 31:f1:b5:bd:ce:0f:d2:af:dc:35:0b:e0:e5:cd:89: 5b:ff:4c:f0:1f:ed:62:d9:e3:68:45:76:10:0f:a1: 09:87:3c:44:27:9b:7d:db:6c:f8:78:d8:12:c8:ec: 11:1d:46:84:40:77:cb:83:49:ad:48:6e:a0:be:f5: 35:41:af:fe:c9:ce:ab:f6:74:f1:09:4e:98:36:7a: 11:f0:0e:80:68:13:68:40:c2:63:f8:cf:3a:c0:b4: 01:68:89:6c:6e:b0:3e:da:7e:5f:e0:c8:e9:65:b9: 5c:fd:35:00:fb:f5:71:d1:4f:98:56:5b:c1:b1:4c: 0e:5d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A6:68:28:58:F7:7C:05:E3:42:CC:87:21:96:58:D9:04:78:F3:D4:35 X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/pmgoWPd8BeNCzIchlljZBHjz1DU.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.220.249.0/24 Signature Algorithm: sha256WithRSAEncryption 37:c0:44:49:85:65:13:8d:aa:1c:c9:62:eb:31:f3:01:4a:d2: 8b:8a:e2:c2:60:10:13:0b:26:9d:88:1b:7e:5a:77:47:c4:47: b0:32:64:a1:59:c7:bd:3c:91:68:f7:17:91:fb:db:99:65:4d: c5:5c:19:af:7b:87:f0:43:53:a1:10:f7:5a:c5:7e:6e:77:5c: 0e:e5:64:1d:01:c7:92:bc:02:62:f4:e0:2e:30:90:0f:17:a9: 71:e5:06:1f:b6:20:44:b1:3d:75:0a:fc:78:fa:1c:44:76:dc: 46:22:48:53:8c:20:d3:dc:ba:c4:14:07:72:34:75:22:d0:22: 5d:92:d4:d4:c0:45:7e:6e:58:20:93:e6:e0:d7:62:06:2f:03: d7:b6:84:85:44:1b:4c:c6:a4:57:24:ef:36:70:01:2f:4b:cc: 95:ec:14:58:01:9d:c7:25:58:64:62:9d:af:ec:c0:94:12:34: b0:a2:d7:eb:d3:66:0d:48:2a:c1:a0:62:bf:21:77:d6:7e:19: 75:a4:e0:c9:c4:02:65:d7:ae:ef:ca:c5:b5:a8:b2:1f:e0:4c: e3:cf:f6:7e:59:59:58:44:00:7f:0a:d9:e2:9c:b6:6a:ee:94: 5f:56:e0:1e:6b:c8:aa:49:ab:57:e4:93:a1:cc:71:53:24:0b: 12:62:38:b0 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICHlgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTA5MTMw MzA1MDNaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKEE2NjgyODU4Rjc3QzA1 RTM0MkNDODcyMTk2NThEOTA0NzhGM0Q0MzUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDI4DcNON44DF89gAHkvtDymDgt6EtCwGNESxsFyQo2mrBm3VCM IJPGbc8em34gcBnsO0XoOdRnslkGVCknj9B/uMXlnwe7fW6fG4z3l6kbFSWmRGu9 T2RTe0K48t/GWSmYTFo+JMJCicCLFOs5D80EUbCYvYElsDMIUeVzg4Sq1CUHlorh zDHxtb3OD9Kv3DUL4OXNiVv/TPAf7WLZ42hFdhAPoQmHPEQnm33bbPh42BLI7BEd RoRAd8uDSa1IbqC+9TVBr/7Jzqv2dPEJTpg2ehHwDoBoE2hAwmP4zzrAtAFoiWxu sD7afl/gyOlluVz9NQD79XHRT5hWW8GxTA5dAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUpmgoWPd8BeNCzIchlljZBHjz1DUwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L3BtZ29XUGQ4QmVOQ3pJ Y2hsbGpaQkhqejFEVS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BABn3PkwDQYJKoZIhvcNAQELBQADggEBADfAREmFZRONqhzJYusx8wFK0ouK4sJg EBMLJp2IG35ad0fER7AyZKFZx708kWj3F5H725llTcVcGa97h/BDU6EQ91rFfm53 XA7lZB0Bx5K8AmL04C4wkA8XqXHlBh+2IESxPXUK/Hj6HER23EYiSFOMINPcusQU B3I0dSLQIl2S1NTARX5uWCCT5uDXYgYvA9e2hIVEG0zGpFck7zZwAS9LzJXsFFgB ncclWGRina/swJQSNLCi1+vTZg1IKsGgYr8hd9Z+GXWk4MnEAmXXru/KxbWosh/g TOPP9n5ZWVhEAH8K2eKctmrulF9W4B5ryKpJq1fkk6HMcVMkCxJiOLA= -----END CERTIFICATE-----Generated at Mon Oct 20 13:31:05 2025 by rpki-client