$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/r1tIruHMIl2xxaNsn1w3WbG31aU.roa File: r1tIruHMIl2xxaNsn1w3WbG31aU.roa (raw, json) Hash identifier: Qdma3tY1K83fqdjnM5cafKd+t3F30JGZOwiaH9xc4Ck= Subject key identifier: AF:5B:48:AE:E1:CC:22:5D:B1:C5:A3:6C:9F:5C:37:59:B1:B7:D5:A5 Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 1F33 Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/r1tIruHMIl2xxaNsn1w3WbG31aU.roa Signing time: Tue 16 Sep 2025 05:51:48 +0000 ROA not before: Tue 16 Sep 2025 05:51:48 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 25743 IP address blocks: 103.221.92.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 13:37:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7987 (0x1f33) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Sep 16 05:51:48 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=AF5B48AEE1CC225DB1C5A36C9F5C3759B1B7D5A5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:ce:11:b2:af:8a:84:9c:a2:f3:9f:9d:52:7d: d9:6d:81:35:05:82:5a:34:a9:72:77:d1:ea:3b:58: 32:4d:fb:16:42:30:96:9a:d2:d0:90:89:ac:3d:c2: f4:42:b7:76:fd:39:38:af:36:61:e8:bc:4e:f3:e0: b8:6c:e4:1d:54:4d:d7:ac:d2:b0:c3:bb:0b:33:35: 2e:72:a9:dc:6b:2e:72:e9:cc:ba:52:97:25:12:1d: 3f:99:4e:8f:84:70:b0:97:88:c4:ed:55:c7:fe:f0: e0:f3:1e:68:df:ed:1c:16:60:ed:a1:22:32:a3:75: fd:0a:b1:dc:45:58:16:17:dc:f9:05:8e:2b:f5:64: 08:77:71:d9:24:fd:d8:4f:4d:13:53:40:bb:04:82: 65:8f:66:6f:73:94:b1:5d:de:34:57:f1:ec:b0:1d: ae:85:c5:67:ed:a5:fe:9d:94:75:72:bf:ca:40:6b: 4f:16:0c:b5:75:a5:c1:0a:04:20:71:ea:1e:31:6f: b0:a6:df:87:68:a4:ab:1e:c7:f1:24:40:ef:88:11: de:33:05:3a:ea:0b:8c:7e:3e:c8:6a:cc:4a:92:95: 05:10:b6:c3:c8:b9:a8:0d:4b:68:99:fd:e2:7f:b9: d0:3b:10:c6:00:89:ed:b3:b4:79:04:4d:3c:d8:b9: 5c:e1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AF:5B:48:AE:E1:CC:22:5D:B1:C5:A3:6C:9F:5C:37:59:B1:B7:D5:A5 X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/r1tIruHMIl2xxaNsn1w3WbG31aU.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.221.92.0/22 Signature Algorithm: sha256WithRSAEncryption 55:11:c4:65:ca:0a:22:f6:49:4f:30:4e:c2:0a:c1:04:0d:dc: 0b:70:66:42:2f:eb:24:e3:8e:57:05:0e:3f:c1:ca:95:4e:48: 23:49:5c:b7:b0:40:11:83:80:2a:76:3a:02:33:c6:cb:1d:49: 27:f3:13:fb:1a:ce:24:2f:0f:e4:15:6a:10:9b:69:b2:d8:c5: 98:89:7d:f3:dc:3e:10:34:64:c9:83:f0:37:12:65:ad:9b:ac: 5a:f0:92:5d:be:28:da:9a:7e:f4:03:0f:3d:a8:3d:df:0a:5d: 05:f6:e2:18:3d:0c:36:40:6e:24:99:a2:4c:dd:6d:21:ba:7e: aa:30:62:a4:50:0d:96:f1:00:3c:1c:c3:bc:34:ff:1f:73:13: 3a:0b:02:d3:db:89:02:c0:55:1a:ac:97:45:c3:97:9e:f3:1d: b0:b3:11:12:c6:b2:cf:a1:a6:0e:42:ab:53:91:5c:46:98:6f: b7:71:01:03:1a:81:51:b0:42:07:da:e9:61:fe:6e:f1:69:81: 6c:1a:44:3d:5c:34:37:23:87:d4:bc:b6:30:26:b1:10:ed:18: 1d:92:b2:f3:95:d6:79:62:b5:9d:9f:ed:2d:f7:a9:e0:51:08: 68:28:54:f7:b1:1e:69:93:9e:7c:22:56:8b:dd:f7:0f:93:f9: 0f:bd:d2:68 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICHzMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTA5MTYw NTUxNDhaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKEFGNUI0OEFFRTFDQzIy NURCMUM1QTM2QzlGNUMzNzU5QjFCN0Q1QTUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC5zhGyr4qEnKLzn51SfdltgTUFglo0qXJ30eo7WDJN+xZCMJaa 0tCQiaw9wvRCt3b9OTivNmHovE7z4Lhs5B1UTdes0rDDuwszNS5yqdxrLnLpzLpS lyUSHT+ZTo+EcLCXiMTtVcf+8ODzHmjf7RwWYO2hIjKjdf0KsdxFWBYX3PkFjiv1 ZAh3cdkk/dhPTRNTQLsEgmWPZm9zlLFd3jRX8eywHa6FxWftpf6dlHVyv8pAa08W DLV1pcEKBCBx6h4xb7Cm34dopKsex/EkQO+IEd4zBTrqC4x+PshqzEqSlQUQtsPI uagNS2iZ/eJ/udA7EMYAie2ztHkETTzYuVzhAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUr1tIruHMIl2xxaNsn1w3WbG31aUwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L3IxdElydUhNSWwyeHhh TnNuMXczV2JHMzFhVS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAJn3VwwDQYJKoZIhvcNAQELBQADggEBAFURxGXKCiL2SU8wTsIKwQQN3AtwZkIv 6yTjjlcFDj/BypVOSCNJXLewQBGDgCp2OgIzxssdSSfzE/saziQvD+QVahCbabLY xZiJffPcPhA0ZMmD8DcSZa2brFrwkl2+KNqafvQDDz2oPd8KXQX24hg9DDZAbiSZ okzdbSG6fqowYqRQDZbxADwcw7w0/x9zEzoLAtPbiQLAVRqsl0XDl57zHbCzERLG ss+hpg5Cq1ORXEaYb7dxAQMagVGwQgfa6WH+bvFpgWwaRD1cNDcjh9S8tjAmsRDt GB2SsvOV1nlitZ2f7S33qeBRCGgoVPexHmmTnnwiVovd9w+T+Q+90mg= -----END CERTIFICATE-----Generated at Mon Oct 20 13:13:43 2025 by rpki-client