$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/rKyY0QfsWohh-jLgmq2d5g1iI4s.roa File: rKyY0QfsWohh-jLgmq2d5g1iI4s.roa (raw, json) Hash identifier: ut6lScXcuLxazGE6NbD3b/EBi7cLXFRxgImXEj5TifY= Subject key identifier: AC:AC:98:D1:07:EC:5A:88:61:FA:32:E0:9A:AD:9D:E6:0D:62:23:8B Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 1EE4 Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/rKyY0QfsWohh-jLgmq2d5g1iI4s.roa Signing time: Sat 13 Sep 2025 03:05:35 +0000 ROA not before: Sat 13 Sep 2025 03:05:35 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 139259 IP address blocks: 103.221.43.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 13:37:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7908 (0x1ee4) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Sep 13 03:05:35 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=ACAC98D107EC5A8861FA32E09AAD9DE60D62238B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:5a:29:83:48:eb:e9:35:b1:67:3c:8d:2c:09: 0b:96:9f:58:8c:08:c0:40:88:b5:7a:99:ea:16:13: 6e:89:2f:ad:5c:73:3f:91:00:9a:cb:1c:5c:07:e7: c5:07:4d:cb:ba:10:54:1e:5f:05:ba:e9:8e:e2:a9: f4:6f:1f:5d:03:ad:89:16:a1:29:58:30:f2:73:5a: 4f:bc:82:e6:05:3d:88:eb:56:19:18:16:33:84:46: 7b:23:bc:c4:03:a5:c9:6e:ce:71:47:a4:e5:64:7d: f4:6a:c6:89:a7:0f:17:83:21:b8:57:9f:a0:0e:c9: 74:d5:cc:e0:bc:34:0a:0d:35:bc:69:27:36:35:34: 94:52:4e:76:8a:a0:99:b4:46:2a:a4:fd:6d:8d:66: e7:dc:7c:d3:10:4c:ef:57:0f:b9:f8:d3:dc:53:99: 52:88:59:ed:0f:5d:cf:a0:e9:77:5c:a4:17:06:0c: 34:9a:67:9b:f3:67:e1:51:35:a4:b6:84:79:34:f5: f0:c8:c5:ad:60:1a:2f:27:c8:7e:11:be:52:8d:18: 15:60:cc:ed:86:f5:0c:9b:52:b2:85:74:cc:a2:26: 8c:00:7d:0d:b7:f1:82:0f:02:1b:e1:9a:80:c2:b9: 61:cb:81:63:ad:90:5a:87:21:f8:f0:4b:b1:67:cc: 3a:ef Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AC:AC:98:D1:07:EC:5A:88:61:FA:32:E0:9A:AD:9D:E6:0D:62:23:8B X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/rKyY0QfsWohh-jLgmq2d5g1iI4s.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.221.43.0/24 Signature Algorithm: sha256WithRSAEncryption 20:fe:77:b5:b8:3b:aa:98:27:a6:f0:f5:d3:cb:1d:4e:d9:40: 5c:50:aa:d7:8c:94:ea:7b:40:bc:31:14:6b:74:91:9a:db:68: a4:e3:bb:5d:06:76:95:c8:d9:ff:5a:46:7a:a9:fc:13:db:c4: 5a:5f:30:93:46:3e:57:f3:68:32:a9:76:1e:9e:9d:9b:64:a2: fa:0f:87:00:0b:32:33:fc:d2:0a:13:86:ca:07:2f:bc:64:0a: 8f:f0:96:e0:98:e7:d0:89:ab:20:a9:18:75:28:93:f4:99:7a: 51:b2:cf:5d:b2:08:dd:ac:f3:74:8a:51:9d:d0:46:5a:76:f7: 5a:3b:44:39:1b:a0:d7:2d:f6:a4:0b:cf:5e:fb:77:86:71:a3: 0b:78:d5:00:14:a9:6a:2a:c0:94:d2:43:b0:25:eb:2a:14:cb: ee:f3:62:ca:d8:9c:69:bc:5e:e7:df:56:b9:d1:40:83:c0:40: 92:9e:14:5f:8d:0a:e3:dc:08:44:85:c3:83:72:b6:ae:e7:da: c5:8c:6f:d3:49:d8:2d:da:89:3c:6e:24:47:3c:1e:2e:10:a0: 82:f0:19:ea:43:f6:7e:d5:ca:3c:2f:5b:b9:8a:22:6f:ef:93: f5:75:c8:ad:06:22:eb:d1:8f:a2:d6:43:bd:c8:fa:cc:44:9b: 05:33:62:8e -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICHuQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTA5MTMw MzA1MzVaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKEFDQUM5OEQxMDdFQzVB ODg2MUZBMzJFMDlBQUQ5REU2MEQ2MjIzOEIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDPWimDSOvpNbFnPI0sCQuWn1iMCMBAiLV6meoWE26JL61ccz+R AJrLHFwH58UHTcu6EFQeXwW66Y7iqfRvH10DrYkWoSlYMPJzWk+8guYFPYjrVhkY FjOERnsjvMQDpcluznFHpOVkffRqxomnDxeDIbhXn6AOyXTVzOC8NAoNNbxpJzY1 NJRSTnaKoJm0Riqk/W2NZufcfNMQTO9XD7n409xTmVKIWe0PXc+g6XdcpBcGDDSa Z5vzZ+FRNaS2hHk09fDIxa1gGi8nyH4RvlKNGBVgzO2G9QybUrKFdMyiJowAfQ23 8YIPAhvhmoDCuWHLgWOtkFqHIfjwS7FnzDrvAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUrKyY0QfsWohh+jLgmq2d5g1iI4swHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L3JLeVkwUWZzV29oaC1q TGdtcTJkNWcxaUk0cy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BABn3SswDQYJKoZIhvcNAQELBQADggEBACD+d7W4O6qYJ6bw9dPLHU7ZQFxQqteM lOp7QLwxFGt0kZrbaKTju10GdpXI2f9aRnqp/BPbxFpfMJNGPlfzaDKpdh6enZtk ovoPhwALMjP80goThsoHL7xkCo/wluCY59CJqyCpGHUok/SZelGyz12yCN2s83SK UZ3QRlp291o7RDkboNct9qQLz177d4Zxowt41QAUqWoqwJTSQ7Al6yoUy+7zYsrY nGm8XuffVrnRQIPAQJKeFF+NCuPcCESFw4Nytq7n2sWMb9NJ2C3aiTxuJEc8Hi4Q oILwGepD9n7VyjwvW7mKIm/vk/V1yK0GIuvRj6LWQ73I+sxEmwUzYo4= -----END CERTIFICATE-----Generated at Mon Oct 20 13:30:45 2025 by rpki-client