$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/s7DIrHekqZeKABZNwcNdBhzed_U.roa File: s7DIrHekqZeKABZNwcNdBhzed_U.roa (raw, json) Hash identifier: JXaDj20ci/bgktlgN7r6OwwXbBV3P076fZtbOdMzVuU= Subject key identifier: B3:B0:C8:AC:77:A4:A9:97:8A:00:16:4D:C1:C3:5D:06:1C:DE:77:F5 Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 1F2F Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/s7DIrHekqZeKABZNwcNdBhzed_U.roa Signing time: Tue 16 Sep 2025 05:50:58 +0000 ROA not before: Tue 16 Sep 2025 05:50:58 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 25743 IP address blocks: 103.221.36.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 13:37:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7983 (0x1f2f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Sep 16 05:50:58 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=B3B0C8AC77A4A9978A00164DC1C35D061CDE77F5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e8:d7:1b:cf:39:75:de:61:4d:8a:75:cc:bc:7b: bf:72:94:62:f4:bd:c6:ba:d3:3c:e9:2d:98:7f:84: f0:4b:18:fc:9d:f7:81:0a:e9:cb:ec:8a:26:57:ca: f0:65:db:43:c1:e6:3e:3b:17:40:ab:40:47:11:7d: b9:f5:b7:bd:58:3e:d9:4e:35:26:d6:97:d7:7b:a1: 0d:15:dc:c2:ab:3d:6a:fc:4f:1d:08:05:ee:73:8e: 75:91:39:f5:b8:47:51:86:6f:fb:9b:d1:af:a5:ed: 74:cd:fc:5d:9a:19:7a:f3:ae:87:65:4b:63:08:0e: 75:43:5c:c8:7c:03:d0:b5:13:aa:d8:d3:86:11:20: b7:7e:ff:7c:87:16:bb:04:d2:d0:3b:16:d0:41:bd: 8d:aa:c0:95:1f:24:7d:2d:69:09:8d:16:ed:53:dc: 17:c8:7f:7a:79:09:de:ab:d2:16:5e:e9:40:e9:5f: 2f:8e:a5:6c:db:4d:72:f3:74:66:b2:31:56:08:eb: 1f:68:58:87:17:90:5a:3c:b5:f0:1d:4a:4b:e8:c0: 04:33:fa:44:51:93:a4:76:bd:13:d0:b7:29:12:30: 43:2c:7a:12:f9:e9:7b:c9:3f:cc:28:11:97:22:a8: 19:97:71:93:eb:b7:60:8d:13:63:47:2f:88:e4:c4: cf:27 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B3:B0:C8:AC:77:A4:A9:97:8A:00:16:4D:C1:C3:5D:06:1C:DE:77:F5 X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/s7DIrHekqZeKABZNwcNdBhzed_U.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.221.36.0/22 Signature Algorithm: sha256WithRSAEncryption 9d:6b:e3:2e:71:ab:e4:51:46:ce:26:d4:96:1c:53:ee:b6:03: da:0b:75:6a:20:86:68:32:82:e7:7c:5d:e0:ad:cf:1a:20:82: 52:de:38:9f:ff:8e:59:da:fa:8c:2b:c3:9e:b7:c5:02:f1:0d: b9:91:12:93:45:c5:1c:fa:01:fe:68:26:b8:46:db:88:09:e3: 81:9b:ea:e5:7d:fc:31:b1:d4:07:cb:28:37:39:c9:80:c5:69: 0e:e5:57:53:87:06:75:ac:6d:0a:38:7e:04:f6:54:d2:74:38: 2d:06:99:e5:3b:cd:ea:ca:c9:c7:ff:40:81:1e:79:5d:f9:d0: 7c:ba:53:1a:fb:5f:2b:59:4b:fb:b8:d7:41:6e:94:d3:eb:e6: ff:b9:63:a0:8b:e1:59:84:45:46:c1:a3:8e:57:d6:fb:b9:aa: 30:57:ed:84:80:28:81:de:f5:1b:fb:5a:bd:c2:01:86:3a:ce: 7a:a9:84:e9:a4:e0:90:4f:fd:ba:93:4a:10:f8:2a:c9:e8:cb: b8:78:dc:2d:c6:db:d5:84:ce:b8:f5:ea:84:a5:f7:ec:5c:5c: eb:0e:c7:69:68:e2:c9:b0:4e:7a:66:bc:d3:82:07:cf:87:f4: 23:e4:c4:4e:8d:98:f8:d5:b7:ab:d4:58:c1:58:77:48:da:13: d1:02:ef:33 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICHy8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTA5MTYw NTUwNThaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKEIzQjBDOEFDNzdBNEE5 OTc4QTAwMTY0REMxQzM1RDA2MUNERTc3RjUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDo1xvPOXXeYU2Kdcy8e79ylGL0vca60zzpLZh/hPBLGPyd94EK 6cvsiiZXyvBl20PB5j47F0CrQEcRfbn1t71YPtlONSbWl9d7oQ0V3MKrPWr8Tx0I Be5zjnWROfW4R1GGb/ub0a+l7XTN/F2aGXrzrodlS2MIDnVDXMh8A9C1E6rY04YR ILd+/3yHFrsE0tA7FtBBvY2qwJUfJH0taQmNFu1T3BfIf3p5Cd6r0hZe6UDpXy+O pWzbTXLzdGayMVYI6x9oWIcXkFo8tfAdSkvowAQz+kRRk6R2vRPQtykSMEMsehL5 6XvJP8woEZciqBmXcZPrt2CNE2NHL4jkxM8nAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUs7DIrHekqZeKABZNwcNdBhzed/UwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L3M3RElySGVrcVplS0FC Wk53Y05kQmh6ZWRfVS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAJn3SQwDQYJKoZIhvcNAQELBQADggEBAJ1r4y5xq+RRRs4m1JYcU+62A9oLdWog hmgygud8XeCtzxogglLeOJ//jlna+owrw563xQLxDbmREpNFxRz6Af5oJrhG24gJ 44Gb6uV9/DGx1AfLKDc5yYDFaQ7lV1OHBnWsbQo4fgT2VNJ0OC0GmeU7zerKycf/ QIEeeV350Hy6Uxr7XytZS/u410FulNPr5v+5Y6CL4VmERUbBo45X1vu5qjBX7YSA KIHe9Rv7Wr3CAYY6znqphOmk4JBP/bqTShD4Ksnoy7h43C3G29WEzrj16oSl9+xc XOsOx2lo4smwTnpmvNOCB8+H9CPkxE6NmPjVt6vUWMFYd0jaE9EC7zM= -----END CERTIFICATE-----Generated at Mon Oct 20 13:13:56 2025 by rpki-client