$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/sIsxiaXXsugFzkCf67FYQSPTm4I.roa File: sIsxiaXXsugFzkCf67FYQSPTm4I.roa (raw, json) Hash identifier: C1SPrwaWF/MpMpx0gZ4Hg30wq3eYgwnu79XBQ3FMJG8= Subject key identifier: B0:8B:31:89:A5:D7:B2:E8:05:CE:40:9F:EB:B1:58:41:23:D3:9B:82 Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 1F2A Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/sIsxiaXXsugFzkCf67FYQSPTm4I.roa Signing time: Tue 16 Sep 2025 05:50:57 +0000 ROA not before: Tue 16 Sep 2025 05:50:57 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 25743 IP address blocks: 103.221.16.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 13:37:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7978 (0x1f2a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Sep 16 05:50:57 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=B08B3189A5D7B2E805CE409FEBB1584123D39B82 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:9e:9b:7e:8c:06:0c:ff:67:43:af:cb:1c:b5: f0:10:d6:6a:be:26:29:15:ec:65:42:e3:91:b9:dd: bd:e2:37:2b:66:c3:24:4e:bd:d6:3d:99:f7:93:90: e8:43:eb:9b:40:c7:c5:6f:76:fc:ca:7c:dd:df:76: a6:1b:d2:c3:c6:e1:e6:6d:38:41:2f:4a:4b:64:51: 8d:3c:23:5c:f4:a9:9f:be:fc:5e:9f:5d:e1:f1:59: eb:92:d4:38:d4:e7:90:bb:2a:94:83:c6:30:4b:b9: 22:2f:c8:61:4f:19:75:98:23:c8:f5:65:79:1f:44: 7b:1d:7f:2a:b0:5a:c3:fe:1a:f0:18:b2:49:ea:bb: f8:5e:d2:22:8f:80:c5:ed:3d:cd:0e:eb:fe:19:c9: 3b:e9:0a:b0:09:4a:0a:95:63:d7:a8:40:7e:09:e6: d5:06:71:1d:c4:01:bf:e1:cd:8c:71:17:7e:01:0d: b9:8d:47:e4:49:f1:c9:32:33:47:7e:0b:d1:34:4a: 88:ab:a1:a8:4c:41:66:91:99:8c:b7:88:61:b8:94: be:68:d7:a5:fb:48:8d:e3:f1:df:35:cf:ae:05:ad: 1e:8c:6b:89:ce:20:f3:3a:d2:b5:74:b1:a4:8e:98: 41:23:ff:45:1d:e4:ad:23:62:80:77:e2:46:97:30: f3:c1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B0:8B:31:89:A5:D7:B2:E8:05:CE:40:9F:EB:B1:58:41:23:D3:9B:82 X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/sIsxiaXXsugFzkCf67FYQSPTm4I.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.221.16.0/22 Signature Algorithm: sha256WithRSAEncryption 38:9b:17:c4:a6:0b:99:eb:48:db:9a:09:02:73:92:98:b4:16: 11:31:63:e9:07:d9:7e:9d:3b:60:d8:c3:1e:b5:1d:5e:40:c7: da:ba:f6:11:bf:f1:5b:d7:58:7d:1f:a1:7f:84:a3:58:97:0e: 63:7b:56:72:68:36:5e:fb:2e:d8:93:69:11:4a:bf:b3:05:83: d7:9d:1a:a5:b6:1b:ba:1c:62:99:4e:5a:de:dc:05:a7:3d:ef: 05:1c:be:53:b2:26:0a:0e:8d:6d:ae:d6:af:8c:62:60:ad:89: 46:b1:91:e9:bb:6a:d7:d9:b2:74:c0:db:8a:4d:fe:80:9a:3c: dd:00:34:cb:60:2a:c6:97:de:58:63:6e:bd:3e:68:f0:47:d4: 0e:93:78:19:4f:1f:22:fb:61:08:ec:b4:46:76:6f:6e:0a:2a: 58:76:66:0a:fb:7d:5e:39:42:cf:cb:2d:66:bd:7b:f1:0e:38: 21:de:ed:9f:b3:38:70:4c:68:4e:16:c3:77:e3:4e:a0:6f:f5: 34:a3:ef:5c:ce:91:2e:70:bb:ec:8a:69:e7:78:5c:d5:f0:00: f1:db:8a:a4:a4:14:b8:d0:40:04:e6:3b:5b:66:36:05:59:c5: e5:a9:f7:f6:ea:07:68:ab:66:05:fa:bc:05:03:2a:a7:a1:27: f4:1a:a2:44 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICHyowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTA5MTYw NTUwNTdaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKEIwOEIzMTg5QTVEN0Iy RTgwNUNFNDA5RkVCQjE1ODQxMjNEMzlCODIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC0npt+jAYM/2dDr8sctfAQ1mq+JikV7GVC45G53b3iNytmwyRO vdY9mfeTkOhD65tAx8VvdvzKfN3fdqYb0sPG4eZtOEEvSktkUY08I1z0qZ++/F6f XeHxWeuS1DjU55C7KpSDxjBLuSIvyGFPGXWYI8j1ZXkfRHsdfyqwWsP+GvAYsknq u/he0iKPgMXtPc0O6/4ZyTvpCrAJSgqVY9eoQH4J5tUGcR3EAb/hzYxxF34BDbmN R+RJ8ckyM0d+C9E0SoiroahMQWaRmYy3iGG4lL5o16X7SI3j8d81z64FrR6Ma4nO IPM60rV0saSOmEEj/0Ud5K0jYoB34kaXMPPBAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUsIsxiaXXsugFzkCf67FYQSPTm4IwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L3NJc3hpYVhYc3VnRnpr Q2Y2N0ZZUVNQVG00SS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAJn3RAwDQYJKoZIhvcNAQELBQADggEBADibF8SmC5nrSNuaCQJzkpi0FhExY+kH 2X6dO2DYwx61HV5Ax9q69hG/8VvXWH0foX+Eo1iXDmN7VnJoNl77LtiTaRFKv7MF g9edGqW2G7ocYplOWt7cBac97wUcvlOyJgoOjW2u1q+MYmCtiUaxkem7atfZsnTA 24pN/oCaPN0ANMtgKsaX3lhjbr0+aPBH1A6TeBlPHyL7YQjstEZ2b24KKlh2Zgr7 fV45Qs/LLWa9e/EOOCHe7Z+zOHBMaE4Ww3fjTqBv9TSj71zOkS5wu+yKaed4XNXw APHbiqSkFLjQQATmO1tmNgVZxeWp9/bqB2irZgX6vAUDKqehJ/QaokQ= -----END CERTIFICATE-----Generated at Mon Oct 20 13:13:54 2025 by rpki-client