$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/xr_FzNG2FmL7PFCniZ0VJXLEefo.roa File: xr_FzNG2FmL7PFCniZ0VJXLEefo.roa (raw, json) Hash identifier: fpmhbH5VESYZFEZHReAyxUg/XqQedD0YCBJiVShUXeM= Subject key identifier: C6:BF:C5:CC:D1:B6:16:62:FB:3C:50:A7:89:9D:15:25:72:C4:79:FA Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 1E45 Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/xr_FzNG2FmL7PFCniZ0VJXLEefo.roa Signing time: Sat 13 Sep 2025 03:04:58 +0000 ROA not before: Sat 13 Sep 2025 03:04:58 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 59083 IP address blocks: 202.89.108.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 18:07:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7749 (0x1e45) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Sep 13 03:04:58 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=C6BFC5CCD1B61662FB3C50A7899D152572C479FA Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:ab:5a:49:50:2d:8c:e6:bc:65:e6:ce:17:79: f2:0f:ca:c6:32:3f:66:82:14:a9:bf:51:f4:f6:60: 64:be:42:09:f3:63:a0:81:ea:1d:4f:13:9a:7f:34: ae:ce:5a:15:05:4a:1c:05:c0:18:d5:28:b7:09:92: 4c:c9:81:63:6c:aa:fe:ff:23:9e:6e:68:a0:c7:f8: a6:02:4c:f6:6a:b3:1c:73:3e:42:49:85:16:a1:fe: ee:7a:4c:20:3d:d2:32:a8:63:84:44:8f:9e:ab:d3: 59:1b:d2:55:e1:72:1e:af:8d:31:8d:95:18:34:7b: 99:a0:5c:39:3f:6e:c6:af:fc:d1:9d:e3:d9:4f:63: 20:65:46:12:a6:6e:20:65:3f:a7:df:97:60:7f:de: b5:a7:c5:1a:f3:7b:e9:43:76:fc:ba:91:3d:ff:d0: d4:e2:80:2b:71:8f:45:d1:8e:9b:89:c0:f9:ab:0a: 7e:69:16:2a:fd:72:65:43:99:34:60:a4:82:9e:6c: 47:fe:97:f9:73:9c:54:b3:bd:22:33:f0:a2:f8:06: 8d:6d:88:e5:e2:90:a6:9e:ea:6c:0a:e8:e8:f9:0f: c4:e7:b0:54:c1:e2:12:07:1c:31:82:db:a8:da:84: f6:29:6f:02:9f:1a:92:f1:e0:c3:a3:1b:26:0d:6e: 6d:6b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C6:BF:C5:CC:D1:B6:16:62:FB:3C:50:A7:89:9D:15:25:72:C4:79:FA X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/xr_FzNG2FmL7PFCniZ0VJXLEefo.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 202.89.108.0/22 Signature Algorithm: sha256WithRSAEncryption ad:e0:4d:a6:94:c6:92:66:78:78:89:da:fd:98:57:f0:0b:9e: de:22:fe:67:ca:05:c9:8f:6b:12:2a:1a:99:01:bf:0f:48:0e: 00:a9:42:7a:28:88:a6:dc:b3:17:a8:80:a2:98:a9:26:4f:7c: 1d:30:af:4f:74:b5:09:38:25:a7:cc:80:a6:16:1d:47:b1:52: 8c:de:89:43:ff:45:6d:7f:59:f6:ac:6c:35:7f:ae:7f:f5:ba: ed:4b:70:46:74:0b:f4:97:80:06:23:ef:6b:81:fb:56:f5:36: 73:7d:5a:4c:12:82:2e:ab:e4:58:c9:4d:d8:c4:1d:42:a1:3d: 6c:07:86:9b:cf:98:51:d7:44:87:0c:af:1d:47:0e:38:92:8b: d5:ab:b7:52:0d:e8:cb:6a:95:c7:4b:a4:5e:7b:be:1a:46:18: 41:a1:97:c3:28:5b:79:f2:4f:75:61:b4:f6:c9:16:a5:e6:42: 59:1e:98:35:7f:94:2a:f3:b4:a6:32:1f:5b:b1:27:e2:40:ff: 85:e5:03:0c:90:4d:06:71:0d:85:06:44:2f:64:bf:10:86:6a: 57:96:4a:30:c5:4d:e4:f6:46:49:d0:02:75:83:21:6d:c3:28: 5a:67:8b:bd:8d:5e:8d:d8:e7:fc:8d:13:6f:9e:48:f5:d2:f2: 38:fa:8c:b0 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICHkUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTA5MTMw MzA0NThaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKEM2QkZDNUNDRDFCNjE2 NjJGQjNDNTBBNzg5OUQxNTI1NzJDNDc5RkEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDLq1pJUC2M5rxl5s4XefIPysYyP2aCFKm/UfT2YGS+QgnzY6CB 6h1PE5p/NK7OWhUFShwFwBjVKLcJkkzJgWNsqv7/I55uaKDH+KYCTPZqsxxzPkJJ hRah/u56TCA90jKoY4REj56r01kb0lXhch6vjTGNlRg0e5mgXDk/bsav/NGd49lP YyBlRhKmbiBlP6ffl2B/3rWnxRrze+lDdvy6kT3/0NTigCtxj0XRjpuJwPmrCn5p Fir9cmVDmTRgpIKebEf+l/lznFSzvSIz8KL4Bo1tiOXikKae6mwK6Oj5D8TnsFTB 4hIHHDGC26jahPYpbwKfGpLx4MOjGyYNbm1rAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUxr/FzNG2FmL7PFCniZ0VJXLEefowHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L3hyX0Z6TkcyRm1MN1BG Q25pWjBWSlhMRWVmby5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BALKWWwwDQYJKoZIhvcNAQELBQADggEBAK3gTaaUxpJmeHiJ2v2YV/ALnt4i/mfK BcmPaxIqGpkBvw9IDgCpQnooiKbcsxeogKKYqSZPfB0wr090tQk4JafMgKYWHUex UozeiUP/RW1/WfasbDV/rn/1uu1LcEZ0C/SXgAYj72uB+1b1NnN9WkwSgi6r5FjJ TdjEHUKhPWwHhpvPmFHXRIcMrx1HDjiSi9Wrt1IN6MtqlcdLpF57vhpGGEGhl8Mo W3nyT3VhtPbJFqXmQlkemDV/lCrztKYyH1uxJ+JA/4XlAwyQTQZxDYUGRC9kvxCG aleWSjDFTeT2RknQAnWDIW3DKFpni72NXo3Y5/yNE2+eSPXS8jj6jLA= -----END CERTIFICATE-----Generated at Mon Oct 20 17:58:53 2025 by rpki-client