$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/rpI0G3Uw7k-ftMaMXX1Uv9luEJ4.roa File: rpI0G3Uw7k-ftMaMXX1Uv9luEJ4.roa (raw, json) Hash identifier: 08KNvEOyybePEoax2IY2erm7wQ23aisyqD5O6rrFRKI= Subject key identifier: AE:92:34:1B:75:30:EE:4F:9F:B4:C6:8C:5D:7D:54:BF:D9:6E:10:9E Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 1EAC Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/rpI0G3Uw7k-ftMaMXX1Uv9luEJ4.roa Signing time: Sat 13 Sep 2025 03:05:21 +0000 ROA not before: Sat 13 Sep 2025 03:05:21 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 138527 IP address blocks: 103.221.28.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 13:37:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7852 (0x1eac) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Sep 13 03:05:21 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=AE92341B7530EE4F9FB4C68C5D7D54BFD96E109E Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e7:68:66:95:2a:ad:a8:15:f3:f1:0c:aa:9c:1c: 89:d0:db:6e:e5:7d:43:1c:42:c2:c4:18:51:ff:7f: 2f:7c:6f:db:07:57:65:a4:b0:f7:d1:2d:1c:c2:70: 7d:80:35:bd:d8:b7:b7:89:d8:87:d0:fa:98:d7:14: 3a:ff:ba:63:1b:6d:88:50:ae:a6:e3:bb:ab:11:91: e0:b1:45:f3:95:b5:5d:a4:c8:68:df:d1:f2:55:3d: 3e:75:cd:5c:a4:d4:5c:18:f6:92:41:8a:b1:93:b6: 24:13:26:53:6f:a8:3a:79:7f:6c:79:9c:c1:2f:d9: ce:8f:02:4e:2c:ee:ab:50:62:ef:64:4c:5c:5f:c4: a0:20:6d:32:b7:02:83:3e:c0:32:ba:51:ed:c2:64: 6a:8c:d9:e9:74:5b:5f:2f:db:b6:d4:dc:6b:ff:b3: 5f:11:43:b6:26:7c:ca:2a:11:d5:d3:4c:a9:7d:f7: 6f:15:63:cd:e9:7a:8c:ef:d8:64:5e:0e:80:1a:35: 55:13:d0:94:f5:b2:a0:35:77:5b:43:d4:46:ae:9b: 52:b7:f2:59:44:61:dd:b3:3e:70:c4:db:39:b9:12: c1:04:52:6e:6b:cc:70:4a:72:bf:20:04:62:20:ac: f8:4a:7e:bd:68:b1:69:18:c0:aa:d2:23:8f:58:ba: 41:af Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AE:92:34:1B:75:30:EE:4F:9F:B4:C6:8C:5D:7D:54:BF:D9:6E:10:9E X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/rpI0G3Uw7k-ftMaMXX1Uv9luEJ4.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.221.28.0/22 Signature Algorithm: sha256WithRSAEncryption 3f:e4:63:89:65:60:c7:95:c6:6f:b0:87:55:cf:a2:96:63:d8: bc:61:9e:ed:1c:b5:73:eb:3b:81:eb:e1:63:d2:90:5e:5d:bf: 27:23:d3:6d:5d:c1:f9:da:db:93:98:06:1e:ab:08:eb:77:a6: 37:eb:15:11:9a:af:44:81:3b:67:f3:b0:88:63:88:38:21:30: 51:0b:34:7d:40:fa:86:5b:32:68:9a:bb:70:7f:38:af:5b:f2: a5:13:fd:3c:34:76:e6:cb:da:d0:f1:d0:c5:1e:1c:00:6c:66: 6d:72:97:b8:5a:0c:77:7d:78:2f:5b:b2:02:b9:29:93:29:04: f9:72:83:32:8e:00:84:3e:0d:e1:16:2d:e0:da:66:98:3c:a8: 60:0c:3c:3d:c4:89:ab:94:ca:31:86:44:3a:f0:c1:0f:81:19: 3d:e5:cc:71:dd:51:bd:41:d6:52:89:4b:85:9f:2b:f8:d1:40: 6a:2e:db:17:0d:82:3c:dd:58:04:6c:de:8f:ab:0d:97:9e:41: e3:74:03:76:e6:90:09:68:e4:6d:2f:fc:59:74:8e:5c:de:91: a3:14:e9:17:de:c4:9c:df:3a:17:8d:1b:55:9c:31:03:48:8c: 62:8e:c2:1e:80:1d:9d:d8:5c:a2:e4:0c:29:dc:e8:ce:f2:89: 25:7e:e6:78 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICHqwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTA5MTMw MzA1MjFaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKEFFOTIzNDFCNzUzMEVF NEY5RkI0QzY4QzVEN0Q1NEJGRDk2RTEwOUUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDnaGaVKq2oFfPxDKqcHInQ227lfUMcQsLEGFH/fy98b9sHV2Wk sPfRLRzCcH2ANb3Yt7eJ2IfQ+pjXFDr/umMbbYhQrqbju6sRkeCxRfOVtV2kyGjf 0fJVPT51zVyk1FwY9pJBirGTtiQTJlNvqDp5f2x5nMEv2c6PAk4s7qtQYu9kTFxf xKAgbTK3AoM+wDK6Ue3CZGqM2el0W18v27bU3Gv/s18RQ7YmfMoqEdXTTKl9928V Y83peozv2GReDoAaNVUT0JT1sqA1d1tD1Eaum1K38llEYd2zPnDE2zm5EsEEUm5r zHBKcr8gBGIgrPhKfr1osWkYwKrSI49YukGvAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUrpI0G3Uw7k+ftMaMXX1Uv9luEJ4wHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L3JwSTBHM1V3N2stZnRN YU1YWDFVdjlsdUVKNC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAJn3RwwDQYJKoZIhvcNAQELBQADggEBAD/kY4llYMeVxm+wh1XPopZj2Lxhnu0c tXPrO4Hr4WPSkF5dvycj021dwfna25OYBh6rCOt3pjfrFRGar0SBO2fzsIhjiDgh MFELNH1A+oZbMmiau3B/OK9b8qUT/Tw0dubL2tDx0MUeHABsZm1yl7haDHd9eC9b sgK5KZMpBPlygzKOAIQ+DeEWLeDaZpg8qGAMPD3EiauUyjGGRDrwwQ+BGT3lzHHd Ub1B1lKJS4WfK/jRQGou2xcNgjzdWARs3o+rDZeeQeN0A3bmkAlo5G0v/Fl0jlze kaMU6RfexJzfOheNG1WcMQNIjGKOwh6AHZ3YXKLkDCnc6M7yiSV+5ng= -----END CERTIFICATE-----Generated at Mon Oct 20 13:30:46 2025 by rpki-client