$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/y97eU6I851oOj1k1Rt0EbZRtyAI.roa File: y97eU6I851oOj1k1Rt0EbZRtyAI.roa (raw, json) Hash identifier: jFLmFS4VoMjILCFvtFTwTT2FSqdHx85a2eHXF/kB9C0= Subject key identifier: CB:DE:DE:53:A2:3C:E7:5A:0E:8F:59:35:46:DD:04:6D:94:6D:C8:02 Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 1E2F Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/y97eU6I851oOj1k1Rt0EbZRtyAI.roa Signing time: Sat 13 Sep 2025 03:04:55 +0000 ROA not before: Sat 13 Sep 2025 03:04:55 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 13444 IP address blocks: 103.221.37.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 13:37:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7727 (0x1e2f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Sep 13 03:04:55 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=CBDEDE53A23CE75A0E8F593546DD046D946DC802 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:12:33:db:d0:85:e6:0c:5f:6f:01:a1:11:7b: 94:19:d9:33:17:04:c6:3d:ec:82:26:a4:ff:5d:24: f0:f3:d5:79:ea:a7:9b:a6:12:e0:c8:07:ca:b3:1b: 14:94:69:9a:47:5a:a1:47:39:55:41:f0:ee:2b:26: 75:9b:71:bf:6a:17:c4:f6:0a:d7:c5:82:77:1f:06: fd:c1:03:1d:a6:88:0a:27:62:f3:bf:21:0c:9a:e9: ae:29:70:ed:b7:7f:c3:36:e5:fb:71:47:d2:d9:b2: f3:13:ae:c4:79:c3:a9:e0:9c:a8:2f:09:51:ce:fe: 9d:f3:d1:08:2d:fe:38:85:9b:8a:0c:10:88:60:75: c1:39:94:55:5c:e1:c8:bd:85:55:2c:95:c6:46:6a: 90:26:00:f4:04:01:2c:28:95:a6:a0:16:70:64:89: aa:79:fe:d5:df:09:13:7d:39:f4:f3:9a:ca:e1:0b: 32:41:25:df:26:a4:f6:c2:e7:9c:93:07:34:eb:87: ee:a4:d6:f0:b0:7b:61:48:db:95:47:03:40:f1:93: b4:75:82:33:10:ae:52:2b:d8:b8:d3:c5:45:d6:81: 7d:7d:21:ca:01:ec:23:4b:86:fe:88:da:30:ca:d6: 67:bc:df:66:54:67:5e:95:93:de:80:3b:cb:b8:7b: d9:8f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CB:DE:DE:53:A2:3C:E7:5A:0E:8F:59:35:46:DD:04:6D:94:6D:C8:02 X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/y97eU6I851oOj1k1Rt0EbZRtyAI.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.221.37.0/24 Signature Algorithm: sha256WithRSAEncryption c8:8a:ca:19:c6:12:87:d9:84:5e:a7:ee:95:3d:fa:b6:fa:46: b7:09:2a:34:1c:e9:8f:5d:a7:3e:f6:b6:b9:04:19:14:25:22: 11:b1:b4:f4:72:d0:b6:f4:cd:54:ee:b3:ad:46:26:10:f2:99: 78:ab:b4:67:03:1c:7c:56:b6:9b:e1:d0:49:e9:02:3a:24:35: 3a:91:92:89:8c:81:e0:4d:83:31:9d:0c:90:31:00:d4:d1:dc: 73:f0:e2:20:b2:73:44:90:10:44:d3:ee:53:71:84:f8:10:5a: 99:af:a5:a6:e3:ab:d2:26:fd:85:c4:3c:f1:99:4e:30:27:a4: a9:b5:58:f2:74:95:7a:47:4c:45:4c:fb:25:9a:ac:22:6a:3f: 95:e2:43:14:75:ea:d5:e4:f1:7a:8c:b1:8f:85:d2:86:04:6e: 68:bf:a2:81:05:91:8f:cf:8e:bd:89:ae:99:fa:2f:1f:2b:04: d0:b0:a4:1e:87:93:b2:ef:0b:87:ad:98:f4:c8:ec:ad:c3:01: 8b:d2:27:f4:d4:2a:3d:ea:65:07:88:be:d3:c5:17:50:c7:6e: 71:87:33:d2:60:dc:af:39:40:58:ce:20:80:47:b7:57:24:a7: 47:e8:0c:c4:e0:0b:b6:ff:9b:86:13:74:c8:85:69:4e:e0:6d: b8:4a:f8:ba -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICHi8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTA5MTMw MzA0NTVaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKENCREVERTUzQTIzQ0U3 NUEwRThGNTkzNTQ2REQwNDZEOTQ2REM4MDIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC/EjPb0IXmDF9vAaERe5QZ2TMXBMY97IImpP9dJPDz1Xnqp5um EuDIB8qzGxSUaZpHWqFHOVVB8O4rJnWbcb9qF8T2CtfFgncfBv3BAx2miAonYvO/ IQya6a4pcO23f8M25ftxR9LZsvMTrsR5w6ngnKgvCVHO/p3z0Qgt/jiFm4oMEIhg dcE5lFVc4ci9hVUslcZGapAmAPQEASwolaagFnBkiap5/tXfCRN9OfTzmsrhCzJB Jd8mpPbC55yTBzTrh+6k1vCwe2FI25VHA0Dxk7R1gjMQrlIr2LjTxUXWgX19IcoB 7CNLhv6I2jDK1me832ZUZ16Vk96AO8u4e9mPAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUy97eU6I851oOj1k1Rt0EbZRtyAIwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L3k5N2VVNkk4NTFvT2ox azFSdDBFYlpSdHlBSS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BABn3SUwDQYJKoZIhvcNAQELBQADggEBAMiKyhnGEofZhF6n7pU9+rb6RrcJKjQc 6Y9dpz72trkEGRQlIhGxtPRy0Lb0zVTus61GJhDymXirtGcDHHxWtpvh0EnpAjok NTqRkomMgeBNgzGdDJAxANTR3HPw4iCyc0SQEETT7lNxhPgQWpmvpabjq9Im/YXE PPGZTjAnpKm1WPJ0lXpHTEVM+yWarCJqP5XiQxR16tXk8XqMsY+F0oYEbmi/ooEF kY/Pjr2Jrpn6Lx8rBNCwpB6Hk7LvC4etmPTI7K3DAYvSJ/TUKj3qZQeIvtPFF1DH bnGHM9Jg3K85QFjOIIBHt1ckp0foDMTgC7b/m4YTdMiFaU7gbbhK+Lo= -----END CERTIFICATE-----Generated at Mon Oct 20 13:30:57 2025 by rpki-client