$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/rWXYnx5yWYGgrPvOPZbfy2yMZhU.roa File: rWXYnx5yWYGgrPvOPZbfy2yMZhU.roa (raw, json) Hash identifier: UXfjhK+4nkwwh3GdfopfStokhsASWUw15U69wDmLRAs= Subject key identifier: AD:65:D8:9F:1E:72:59:81:A0:AC:FB:CE:3D:96:DF:CB:6C:8C:66:15 Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 1E71 Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/rWXYnx5yWYGgrPvOPZbfy2yMZhU.roa Signing time: Sat 13 Sep 2025 03:05:10 +0000 ROA not before: Sat 13 Sep 2025 03:05:10 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 138527 IP address blocks: 45.252.144.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 13:37:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7793 (0x1e71) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Sep 13 03:05:10 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=AD65D89F1E725981A0ACFBCE3D96DFCB6C8C6615 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ed:38:cb:d5:66:a4:1e:45:6c:14:ba:61:2f:00: 67:c3:ab:9b:f0:70:d8:a3:06:b5:af:b5:ea:d7:c6: ce:23:3f:07:29:dd:a5:a4:63:71:1a:a3:e5:2a:79: da:1a:a5:93:6d:01:ae:b3:1e:15:fb:9d:9b:ed:1d: f6:86:49:67:46:ad:98:cb:09:07:47:51:cb:f0:a0: c7:87:31:9a:e2:c8:d3:c5:34:48:18:8e:bf:a8:87: dd:f9:0a:30:dd:a6:f0:8f:b1:78:dd:80:d3:39:e0: 13:c7:a6:fe:5b:5c:92:d7:2b:d2:5d:26:4a:7f:32: 2d:14:74:bb:37:1b:c6:53:f4:3c:0f:72:b8:01:0c: a2:0d:a6:85:bc:ce:77:87:60:78:0f:c9:90:16:50: 69:2e:3b:89:18:7e:d9:d0:8d:4e:4d:51:42:73:9c: 0f:c7:25:05:4b:45:4a:e6:29:99:c2:5d:2f:c3:f2: 6e:59:8e:a6:17:44:29:17:16:9f:a4:62:95:f8:55: 33:60:0e:d7:00:cc:77:b6:fe:90:29:5a:f8:60:67: ed:51:27:b6:ea:7a:f4:bf:e4:41:1c:82:24:e0:1d: 9c:34:96:2e:8a:66:53:83:88:f3:55:3c:2b:96:a7: f9:85:86:3e:a2:98:73:8d:d6:31:37:b6:20:83:f2: b5:9f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AD:65:D8:9F:1E:72:59:81:A0:AC:FB:CE:3D:96:DF:CB:6C:8C:66:15 X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/rWXYnx5yWYGgrPvOPZbfy2yMZhU.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 45.252.144.0/22 Signature Algorithm: sha256WithRSAEncryption ca:14:f3:53:98:e7:07:70:ca:9b:29:60:ec:09:0f:8c:a3:63: 8c:3c:dd:26:33:a6:03:e6:66:d7:9a:36:f1:31:48:e9:22:7c: c6:ea:bf:56:72:61:4b:4b:a7:e2:5a:91:76:7f:96:1b:42:6c: 2f:a4:a7:a1:ab:13:bf:1b:63:27:81:54:7c:7d:cb:18:18:b7: 3f:c6:b4:c9:8c:c7:62:37:90:6c:ff:b8:8d:e7:65:53:f1:e5: c3:f8:0c:fc:97:80:eb:78:30:8b:bb:5a:e5:9f:54:4f:70:76: 0f:63:35:b1:cf:53:2e:e7:5b:2c:7e:7c:f6:83:a1:ce:5e:3b: 8b:80:6d:bb:28:4a:2d:ca:0d:62:34:f7:59:33:0f:b6:49:d0: 60:3c:bb:ec:5f:c3:45:ea:e1:75:4a:6e:b8:c8:fc:75:63:56: f7:52:77:e1:a9:d8:a6:44:17:4d:66:80:08:65:ca:58:41:62: 52:9e:80:77:bd:63:c5:17:f4:3d:26:25:38:c6:98:01:c8:61: 2c:9f:35:19:17:4b:ce:dc:cf:3b:2d:37:c4:ec:0a:c6:72:7f: 79:ab:43:d7:31:02:82:72:72:1a:21:11:06:89:36:0d:2d:1e: 4e:ef:cb:32:c5:c9:94:e9:60:d8:5b:57:57:7f:85:84:f8:66: d4:56:33:c1 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICHnEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTA5MTMw MzA1MTBaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKEFENjVEODlGMUU3MjU5 ODFBMEFDRkJDRTNEOTZERkNCNkM4QzY2MTUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDtOMvVZqQeRWwUumEvAGfDq5vwcNijBrWvterXxs4jPwcp3aWk Y3Eao+UqedoapZNtAa6zHhX7nZvtHfaGSWdGrZjLCQdHUcvwoMeHMZriyNPFNEgY jr+oh935CjDdpvCPsXjdgNM54BPHpv5bXJLXK9JdJkp/Mi0UdLs3G8ZT9DwPcrgB DKINpoW8zneHYHgPyZAWUGkuO4kYftnQjU5NUUJznA/HJQVLRUrmKZnCXS/D8m5Z jqYXRCkXFp+kYpX4VTNgDtcAzHe2/pApWvhgZ+1RJ7bqevS/5EEcgiTgHZw0li6K ZlODiPNVPCuWp/mFhj6imHON1jE3tiCD8rWfAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUrWXYnx5yWYGgrPvOPZbfy2yMZhUwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L3JXWFlueDV5V1lHZ3JQ dk9QWmJmeTJ5TVpoVS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAIt/JAwDQYJKoZIhvcNAQELBQADggEBAMoU81OY5wdwypspYOwJD4yjY4w83SYz pgPmZteaNvExSOkifMbqv1ZyYUtLp+JakXZ/lhtCbC+kp6GrE78bYyeBVHx9yxgY tz/GtMmMx2I3kGz/uI3nZVPx5cP4DPyXgOt4MIu7WuWfVE9wdg9jNbHPUy7nWyx+ fPaDoc5eO4uAbbsoSi3KDWI091kzD7ZJ0GA8u+xfw0Xq4XVKbrjI/HVjVvdSd+Gp 2KZEF01mgAhlylhBYlKegHe9Y8UX9D0mJTjGmAHIYSyfNRkXS87czzstN8TsCsZy f3mrQ9cxAoJychohEQaJNg0tHk7vyzLFyZTpYNhbV1d/hYT4ZtRWM8E= -----END CERTIFICATE-----Generated at Mon Oct 20 13:13:47 2025 by rpki-client