$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/xbg0lPYUwnIJqTc_1Ozafqp-_2A.roa File: xbg0lPYUwnIJqTc_1Ozafqp-_2A.roa (raw, json) Hash identifier: 7to1xMD0P9o0r5BJoxHL2Fvml8T4ShWFuLPO+ZYZ1d8= Subject key identifier: C5:B8:34:94:F6:14:C2:72:09:A9:37:3F:D4:EC:DA:7E:AA:7E:FF:60 Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 1EBE Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/xbg0lPYUwnIJqTc_1Ozafqp-_2A.roa Signing time: Sat 13 Sep 2025 03:05:26 +0000 ROA not before: Sat 13 Sep 2025 03:05:26 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 24373 IP address blocks: 103.221.16.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 15:05:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7870 (0x1ebe) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Sep 13 03:05:26 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=C5B83494F614C27209A9373FD4ECDA7EAA7EFF60 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a0:d7:97:7b:db:01:54:be:a1:03:22:c6:c9:13: b9:da:88:78:da:a4:1a:26:31:6c:46:a5:02:15:ce: 43:17:e8:12:27:33:6b:ca:97:4f:7a:72:3a:cb:36: 8f:28:9e:d5:73:a7:87:64:1f:0c:d7:90:4f:12:fc: dd:1b:91:e2:70:05:26:b1:1a:ec:c8:e8:fc:55:11: 3b:27:f9:15:17:1c:2f:45:b7:2d:bc:cc:2f:f2:e6: 7a:32:73:36:af:cb:eb:6a:ab:65:06:0b:0d:61:78: 1b:2a:38:2a:da:21:dd:0a:2f:62:ca:42:7f:32:15: f2:d2:99:7a:63:5c:2b:14:09:70:55:fe:87:70:cb: 6c:ee:34:23:ac:e7:b5:64:fc:7c:28:ca:26:c3:9f: 0b:a3:14:93:9c:0f:1b:69:5e:7f:e5:ec:d0:18:33: 9c:3a:7c:06:94:9e:9e:b5:8f:8b:65:a7:00:50:7f: c5:8f:c5:95:23:d8:5c:84:af:4f:c2:6d:8a:86:45: 37:d2:f8:11:e8:76:9e:de:f8:e8:7c:2e:2f:ca:6b: 16:24:50:e6:44:a0:e9:26:5c:93:2a:51:f2:4a:c5: 86:d0:e9:c5:ee:d2:2e:a9:16:7f:f8:75:94:52:c8: 4f:96:50:9b:5b:f4:29:33:04:d4:b7:eb:ad:cb:1c: 3f:4d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C5:B8:34:94:F6:14:C2:72:09:A9:37:3F:D4:EC:DA:7E:AA:7E:FF:60 X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/xbg0lPYUwnIJqTc_1Ozafqp-_2A.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.221.16.0/22 Signature Algorithm: sha256WithRSAEncryption d9:04:d1:3d:2a:4f:d2:6a:b3:6b:31:2a:6d:48:55:e2:6d:25: 86:2c:67:c9:99:55:a9:03:55:3c:1c:f9:4a:40:6b:79:65:2c: 30:5b:58:b0:ec:6c:fb:06:63:67:8c:93:da:80:b9:a0:87:fa: 88:cc:f4:d5:06:53:1a:f2:0e:ad:2f:31:ed:e0:10:49:8d:dd: 93:12:6a:ae:86:85:72:5f:38:3c:04:62:a0:a1:91:36:c5:60: cc:5c:9d:a1:47:ce:95:9f:8a:b1:14:06:43:c6:34:da:34:ae: 18:fe:41:1f:2a:30:5c:34:b0:4d:42:ea:c0:c3:47:3c:bb:b2: 52:76:61:ab:80:ba:22:4f:23:37:37:a8:7b:6b:8a:dd:51:35: 9e:8b:e4:e1:ca:1d:70:22:35:07:39:cc:9e:f5:c3:50:5a:04: c7:56:6e:86:5d:b0:a2:f9:3e:49:83:10:d7:ec:ea:88:03:07: 5d:12:91:46:48:e9:fb:74:55:e4:32:eb:a9:47:c5:0a:e4:05: 52:7d:9d:fa:64:c9:25:87:42:30:d7:86:3e:aa:7a:b5:fc:86: 63:d6:d4:62:d8:0f:e9:0b:83:9c:6d:59:00:c3:84:e6:e9:ba: 23:e0:f0:73:e6:0b:11:5e:6d:ae:bd:d7:23:b3:5d:ab:93:80: b6:ca:f0:71 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICHr4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTA5MTMw MzA1MjZaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKEM1QjgzNDk0RjYxNEMy NzIwOUE5MzczRkQ0RUNEQTdFQUE3RUZGNjAwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCg15d72wFUvqEDIsbJE7naiHjapBomMWxGpQIVzkMX6BInM2vK l096cjrLNo8ontVzp4dkHwzXkE8S/N0bkeJwBSaxGuzI6PxVETsn+RUXHC9Fty28 zC/y5noyczavy+tqq2UGCw1heBsqOCraId0KL2LKQn8yFfLSmXpjXCsUCXBV/odw y2zuNCOs57Vk/HwoyibDnwujFJOcDxtpXn/l7NAYM5w6fAaUnp61j4tlpwBQf8WP xZUj2FyEr0/CbYqGRTfS+BHodp7e+Oh8Li/KaxYkUOZEoOkmXJMqUfJKxYbQ6cXu 0i6pFn/4dZRSyE+WUJtb9CkzBNS3663LHD9NAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUxbg0lPYUwnIJqTc/1Ozafqp+/2AwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L3hiZzBsUFlVd25JSnFU Y18xT3phZnFwLV8yQS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAJn3RAwDQYJKoZIhvcNAQELBQADggEBANkE0T0qT9Jqs2sxKm1IVeJtJYYsZ8mZ VakDVTwc+UpAa3llLDBbWLDsbPsGY2eMk9qAuaCH+ojM9NUGUxryDq0vMe3gEEmN 3ZMSaq6GhXJfODwEYqChkTbFYMxcnaFHzpWfirEUBkPGNNo0rhj+QR8qMFw0sE1C 6sDDRzy7slJ2YauAuiJPIzc3qHtrit1RNZ6L5OHKHXAiNQc5zJ71w1BaBMdWboZd sKL5PkmDENfs6ogDB10SkUZI6ft0VeQy66lHxQrkBVJ9nfpkySWHQjDXhj6qerX8 hmPW1GLYD+kLg5xtWQDDhObpuiPg8HPmCxFeba691yOzXauTgLbK8HE= -----END CERTIFICATE-----Generated at Mon Oct 20 14:31:53 2025 by rpki-client