$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/x9YJWTMTZ5HLYm6qmVNlOM4KG0I.roa File: x9YJWTMTZ5HLYm6qmVNlOM4KG0I.roa (raw, json) Hash identifier: 4BahdyFXsRHmsZI8oTNuymBaLdRGm8UDX9oFG4ojDY4= Subject key identifier: C7:D6:09:59:33:13:67:91:CB:62:6E:AA:99:53:65:38:CE:0A:1B:42 Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 1F32 Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/x9YJWTMTZ5HLYm6qmVNlOM4KG0I.roa Signing time: Tue 16 Sep 2025 05:51:48 +0000 ROA not before: Tue 16 Sep 2025 05:51:48 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 25743 IP address blocks: 103.221.50.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 13:37:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7986 (0x1f32) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Sep 16 05:51:48 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=C7D6095933136791CB626EAA99536538CE0A1B42 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:75:47:a0:8c:6c:6f:96:90:34:77:0a:bd:80: 2e:8b:b8:f3:ec:3e:d8:cd:1d:06:d7:dc:8e:51:5d: b8:e9:79:ff:7d:e1:fb:26:96:08:c0:fd:40:0f:32: 95:7b:2e:61:dc:f7:bd:04:62:2c:34:ab:dc:14:6e: f1:7b:f6:75:df:7c:73:3c:f0:f5:ea:08:22:a0:a1: df:30:4e:dd:ec:8a:f5:6e:1e:ac:01:44:31:95:af: 74:1c:9f:e5:f9:34:90:04:41:f7:0d:3b:2f:99:1f: a0:82:6a:c5:18:fc:a2:d9:2b:7e:86:55:58:f5:79: f1:05:ea:a8:7d:6c:60:7f:8e:81:8a:20:89:73:99: 77:ae:e8:85:bc:74:0e:ae:a3:16:5d:92:68:55:dd: ef:a6:0a:ba:c5:ee:85:11:b2:d0:43:9a:48:56:18: 35:e0:56:59:ae:e7:a1:9c:4b:ea:d2:87:87:5e:1a: 4f:73:ed:fd:2d:7c:ab:fb:01:9c:de:04:94:df:92: 63:b2:e1:55:1c:86:01:48:c8:2d:60:3c:95:aa:61: ae:5e:e2:83:76:c8:4f:c0:12:ad:d8:86:ff:1b:a4: 49:e2:96:df:d4:71:7d:3b:35:da:9b:e8:f4:54:ef: 01:86:19:a7:99:06:b0:7a:08:3c:0a:2e:19:2a:01: a6:09 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C7:D6:09:59:33:13:67:91:CB:62:6E:AA:99:53:65:38:CE:0A:1B:42 X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/x9YJWTMTZ5HLYm6qmVNlOM4KG0I.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.221.50.0/23 Signature Algorithm: sha256WithRSAEncryption 0e:eb:a0:d0:c1:d3:d8:c1:1a:08:bc:50:1a:77:4f:d7:9c:2d: d7:50:0d:7b:b6:9e:0a:4f:ab:c9:25:6f:17:78:f2:2d:df:66: a3:e4:91:dd:f5:5d:16:ea:76:93:79:72:9f:df:2c:81:6a:b0: 34:e1:d9:4d:1c:02:c5:83:ed:46:51:7f:31:fd:80:b9:2a:84: 50:e8:4d:3e:80:4b:1f:66:9e:da:dc:d4:3d:31:35:25:10:90: d4:f8:2d:26:85:ec:52:10:9b:da:b1:01:5f:5f:6a:3b:12:d7: b5:1a:ab:4f:b9:5c:5c:7f:7b:25:d4:c9:36:5e:52:c4:a5:c3: 6d:27:da:be:7a:1e:f1:e4:53:36:e8:92:93:fa:ff:79:c8:e6: 0a:a2:ec:2f:6f:41:45:f7:66:bd:66:bc:0a:80:ef:82:72:45: 11:89:a9:c6:b6:ce:25:37:d2:99:aa:37:94:f1:cd:2a:2a:01: 97:3a:0b:3a:79:c2:db:0f:44:cc:5a:f5:0e:57:03:8b:d4:d6: f7:fc:b0:d2:a5:1c:b9:ee:4b:57:59:42:3f:24:ee:5f:1c:26: 09:97:8b:12:6f:d9:86:fb:f4:ab:4f:9c:ae:12:c4:d1:96:9f: 51:fe:2a:ea:43:c9:b9:2d:8d:f7:ef:7e:eb:8e:51:61:97:6b: 01:97:29:8e -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICHzIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTA5MTYw NTUxNDhaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKEM3RDYwOTU5MzMxMzY3 OTFDQjYyNkVBQTk5NTM2NTM4Q0UwQTFCNDIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCxdUegjGxvlpA0dwq9gC6LuPPsPtjNHQbX3I5RXbjpef994fsm lgjA/UAPMpV7LmHc970EYiw0q9wUbvF79nXffHM88PXqCCKgod8wTt3sivVuHqwB RDGVr3Qcn+X5NJAEQfcNOy+ZH6CCasUY/KLZK36GVVj1efEF6qh9bGB/joGKIIlz mXeu6IW8dA6uoxZdkmhV3e+mCrrF7oURstBDmkhWGDXgVlmu56GcS+rSh4deGk9z 7f0tfKv7AZzeBJTfkmOy4VUchgFIyC1gPJWqYa5e4oN2yE/AEq3Yhv8bpEnilt/U cX07Ndqb6PRU7wGGGaeZBrB6CDwKLhkqAaYJAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUx9YJWTMTZ5HLYm6qmVNlOM4KG0IwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L3g5WUpXVE1UWjVITFlt NnFtVk5sT000S0cwSS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAFn3TIwDQYJKoZIhvcNAQELBQADggEBAA7roNDB09jBGgi8UBp3T9ecLddQDXu2 ngpPq8klbxd48i3fZqPkkd31XRbqdpN5cp/fLIFqsDTh2U0cAsWD7UZRfzH9gLkq hFDoTT6ASx9mntrc1D0xNSUQkNT4LSaF7FIQm9qxAV9fajsS17Uaq0+5XFx/eyXU yTZeUsSlw20n2r56HvHkUzbokpP6/3nI5gqi7C9vQUX3Zr1mvAqA74JyRRGJqca2 ziU30pmqN5TxzSoqAZc6Czp5wtsPRMxa9Q5XA4vU1vf8sNKlHLnuS1dZQj8k7l8c JgmXixJv2Yb79KtPnK4SxNGWn1H+KupDybktjffvfuuOUWGXawGXKY4= -----END CERTIFICATE-----Generated at Mon Oct 20 13:30:56 2025 by rpki-client