$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/xTCgRLrEfxO6EtIlR30I9DZkuDE.roa File: xTCgRLrEfxO6EtIlR30I9DZkuDE.roa (raw, json) Hash identifier: 81e/W7NDVNjnzFgYctk6z90jeRtc5n3CQYeIRYiDjX4= Subject key identifier: C5:30:A0:44:BA:C4:7F:13:BA:12:D2:25:47:7D:08:F4:36:64:B8:31 Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 1EF2 Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/xTCgRLrEfxO6EtIlR30I9DZkuDE.roa Signing time: Sat 13 Sep 2025 03:05:38 +0000 ROA not before: Sat 13 Sep 2025 03:05:38 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 59083 IP address blocks: 103.24.117.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 21 Oct 2025 00:35:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7922 (0x1ef2) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Sep 13 03:05:38 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=C530A044BAC47F13BA12D225477D08F43664B831 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:08:4b:74:47:2e:ab:43:b4:0a:b6:41:b5:e1: cc:87:63:ee:83:ee:71:91:31:a0:06:00:e1:88:7d: f7:b6:82:c2:2d:47:c0:ad:c5:b9:71:db:f5:9c:b2: e4:f8:e4:36:b4:4f:22:95:8f:b8:70:9f:c2:f9:80: 25:bf:77:ec:e9:e6:e2:30:2a:a7:46:ea:82:a4:f9: 8f:e3:ed:ce:76:d9:a1:78:76:b2:a3:b5:1d:2f:f2: e2:d5:0e:7a:3c:bd:6b:f0:73:1e:bf:23:c1:22:d3: 00:e5:6a:76:47:85:33:de:12:24:86:4d:2d:3f:3b: 9d:eb:88:51:73:d0:4e:be:88:b7:c8:d9:e2:cb:3c: d5:ba:8e:17:3f:2e:8c:be:6a:a3:d0:7f:ab:7b:dc: ad:55:81:55:03:08:cb:0b:21:40:2d:2d:7e:ee:19: f0:e3:42:f0:2a:0f:05:0c:84:66:6a:37:b0:6d:e8: 97:83:ca:c7:67:7a:1f:78:1a:31:1a:c1:04:1c:c5: ac:41:49:df:4f:16:e0:85:58:7a:0c:bb:28:15:38: 50:a5:82:58:4b:2a:43:bc:e1:a9:ea:4a:1d:b3:c6: f0:6d:e7:e9:da:ac:05:91:ae:56:98:aa:ad:06:2b: 33:ad:07:82:f0:bc:4f:b5:e8:87:ac:54:08:fe:1e: 68:25 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C5:30:A0:44:BA:C4:7F:13:BA:12:D2:25:47:7D:08:F4:36:64:B8:31 X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/xTCgRLrEfxO6EtIlR30I9DZkuDE.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.24.117.0/24 Signature Algorithm: sha256WithRSAEncryption 60:75:be:23:cf:ad:6d:c6:55:e7:20:36:af:71:b5:5a:17:d3: 0d:fc:44:f2:3a:a5:c4:dc:89:76:39:0b:9c:00:a6:b0:2a:d4: 56:25:08:d7:7d:65:b6:39:c5:b0:06:54:29:22:47:a6:1b:c0: 43:53:53:45:e4:a4:b6:8e:24:e6:d3:e2:75:4d:ce:21:ae:14: f7:cf:12:df:99:c7:47:5b:45:e5:ea:50:f5:5b:70:a6:ee:ab: a5:69:4c:f5:34:f2:87:18:56:eb:ba:b6:d7:90:37:24:96:d4: da:72:e1:b3:e5:1f:d3:1d:0d:0a:a7:ad:cd:80:38:c0:68:c9: c8:9d:13:a0:76:05:33:8c:a6:11:3e:e7:ef:2c:3d:f6:96:61: 61:42:b0:6b:cb:17:b0:8d:dd:9c:b0:ba:0f:8b:98:0f:4c:ec: 03:b2:b8:68:51:c2:98:5e:0a:11:8a:3e:11:56:f9:16:f3:5d: 2d:91:6d:24:63:b3:42:f1:23:a7:a5:23:ef:ae:d4:19:2e:9c: a8:7b:b7:4b:fd:73:12:90:e0:56:d4:b7:41:95:a0:e4:84:45: 19:4e:0d:06:93:e6:a0:e1:30:ea:df:b4:19:fd:7e:d0:ce:9d: e8:e3:67:f8:9b:30:3d:5f:85:16:39:bb:7a:f5:a6:c3:8d:41: e2:cc:f7:bf -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICHvIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTA5MTMw MzA1MzhaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKEM1MzBBMDQ0QkFDNDdG MTNCQTEyRDIyNTQ3N0QwOEY0MzY2NEI4MzEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDFCEt0Ry6rQ7QKtkG14cyHY+6D7nGRMaAGAOGIffe2gsItR8Ct xblx2/WcsuT45Da0TyKVj7hwn8L5gCW/d+zp5uIwKqdG6oKk+Y/j7c522aF4drKj tR0v8uLVDno8vWvwcx6/I8Ei0wDlanZHhTPeEiSGTS0/O53riFFz0E6+iLfI2eLL PNW6jhc/Loy+aqPQf6t73K1VgVUDCMsLIUAtLX7uGfDjQvAqDwUMhGZqN7Bt6JeD ysdneh94GjEawQQcxaxBSd9PFuCFWHoMuygVOFClglhLKkO84anqSh2zxvBt5+na rAWRrlaYqq0GKzOtB4LwvE+16IesVAj+HmglAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUxTCgRLrEfxO6EtIlR30I9DZkuDEwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L3hUQ2dSTHJFZnhPNkV0 SWxSMzBJOURaa3VERS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BABnGHUwDQYJKoZIhvcNAQELBQADggEBAGB1viPPrW3GVecgNq9xtVoX0w38RPI6 pcTciXY5C5wAprAq1FYlCNd9ZbY5xbAGVCkiR6YbwENTU0XkpLaOJObT4nVNziGu FPfPEt+Zx0dbReXqUPVbcKbuq6VpTPU08ocYVuu6tteQNySW1Npy4bPlH9MdDQqn rc2AOMBoycidE6B2BTOMphE+5+8sPfaWYWFCsGvLF7CN3Zywug+LmA9M7AOyuGhR wpheChGKPhFW+RbzXS2RbSRjs0LxI6elI++u1BkunKh7t0v9cxKQ4FbUt0GVoOSE RRlODQaT5qDhMOrftBn9ftDOnejjZ/ibMD1fhRY5u3r1psONQeLM978= -----END CERTIFICATE-----Generated at Mon Oct 20 23:27:43 2025 by rpki-client