$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/yPfi4RBsA9bSv_2cnMFZK9Y1Cho.roa File: yPfi4RBsA9bSv_2cnMFZK9Y1Cho.roa (raw, json) Hash identifier: 3mzTQbaa4KkB3bY1RHVKDr5urtfkod4z86Tff2jEH+Y= Subject key identifier: C8:F7:E2:E1:10:6C:03:D6:D2:BF:FD:9C:9C:C1:59:2B:D6:35:0A:1A Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 1F2D Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/yPfi4RBsA9bSv_2cnMFZK9Y1Cho.roa Signing time: Tue 16 Sep 2025 05:50:57 +0000 ROA not before: Tue 16 Sep 2025 05:50:57 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 25743 IP address blocks: 103.220.252.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 13:37:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7981 (0x1f2d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Sep 16 05:50:57 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=C8F7E2E1106C03D6D2BFFD9C9CC1592BD6350A1A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:2d:32:e2:75:26:ac:2a:27:e5:59:4d:44:11: 44:34:71:c4:2b:f6:1f:5f:b4:56:4e:22:de:aa:a6: 4c:08:9f:7c:07:ee:ca:6b:65:19:82:11:e1:49:4e: be:7e:1c:0c:00:48:e8:0a:3e:ba:48:db:dc:7d:fc: 87:15:3f:ae:ed:f9:9a:1d:38:e3:b4:b0:ca:06:85: 8d:8e:79:17:67:ea:26:3d:fd:5e:77:6a:a8:69:40: 74:87:f7:5a:80:a2:54:a1:85:47:2c:e1:9b:da:0f: 86:99:f1:16:e5:f6:54:a9:55:31:f6:e3:ee:95:99: de:98:5f:58:12:52:86:e4:23:f3:28:d5:7c:2b:8f: d0:b0:b1:b8:bc:09:f9:2e:4f:33:34:a7:58:32:c3: 92:87:ce:43:0a:2a:7c:b5:29:b4:8f:76:df:5a:fc: b9:06:dd:3f:17:72:21:f7:93:c1:95:59:25:25:90: 0b:bf:24:f0:1b:1c:6e:38:13:33:2d:05:f9:8b:9b: 7e:d8:1f:2e:ca:54:57:2f:a2:16:4c:37:30:a4:ae: 14:f6:c3:7c:e0:91:8d:7a:d4:b3:ea:bf:e6:fa:17: 06:c6:fd:e8:3e:4e:10:a8:57:5b:a4:78:e2:2a:07: 19:ac:c4:1f:c3:a5:43:08:d4:f8:33:39:d6:90:d2: 96:cd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C8:F7:E2:E1:10:6C:03:D6:D2:BF:FD:9C:9C:C1:59:2B:D6:35:0A:1A X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/yPfi4RBsA9bSv_2cnMFZK9Y1Cho.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.220.252.0/22 Signature Algorithm: sha256WithRSAEncryption 4c:71:ce:83:f4:6c:e8:ba:8a:7e:d3:45:44:a0:4b:12:15:98: 06:fb:25:8b:85:86:5d:22:ae:08:a7:9e:35:bd:b1:e7:2a:7e: f4:67:2e:65:3c:0c:71:37:2a:e8:72:ae:a3:32:31:90:88:e6: e0:e9:9a:82:8a:fd:3d:bd:03:ac:8a:48:84:8b:ce:4c:f4:b8: 53:08:e6:32:95:cd:b5:89:0b:dd:21:fc:bc:02:97:80:02:77: b4:c4:0f:33:7c:8e:60:a0:7c:c7:b7:fd:e7:6d:ff:de:06:95: ee:b4:e0:14:28:81:24:42:57:26:33:76:66:e5:8d:79:1d:39: 4d:40:80:1a:17:56:10:52:1f:39:91:c4:21:7d:68:c1:eb:61: 4e:71:1b:1a:ef:63:0b:bf:3a:5b:df:49:2e:0c:e7:14:25:4f: 13:da:e5:be:bb:7b:27:b6:19:ff:77:95:e0:36:7f:76:8c:74: ba:53:41:22:f1:8f:ed:a2:f8:8c:6b:b0:b4:6d:55:a5:31:40: 69:75:2c:03:b5:61:52:91:97:02:4c:8d:57:e4:fc:ba:bf:e2: 53:b6:63:1c:a2:53:ce:58:88:f7:56:6c:ae:5b:46:ab:3c:ee: 7e:03:7d:79:97:50:8f:ae:ba:c7:cb:82:25:79:06:dc:02:4e: a2:e9:36:4c -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICHy0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTA5MTYw NTUwNTdaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKEM4RjdFMkUxMTA2QzAz RDZEMkJGRkQ5QzlDQzE1OTJCRDYzNTBBMUEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC+LTLidSasKiflWU1EEUQ0ccQr9h9ftFZOIt6qpkwIn3wH7spr ZRmCEeFJTr5+HAwASOgKPrpI29x9/IcVP67t+ZodOOO0sMoGhY2OeRdn6iY9/V53 aqhpQHSH91qAolShhUcs4ZvaD4aZ8Rbl9lSpVTH24+6Vmd6YX1gSUobkI/Mo1Xwr j9Cwsbi8CfkuTzM0p1gyw5KHzkMKKny1KbSPdt9a/LkG3T8XciH3k8GVWSUlkAu/ JPAbHG44EzMtBfmLm37YHy7KVFcvohZMNzCkrhT2w3zgkY161LPqv+b6FwbG/eg+ ThCoV1ukeOIqBxmsxB/DpUMI1PgzOdaQ0pbNAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUyPfi4RBsA9bSv/2cnMFZK9Y1ChowHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L3lQZmk0UkJzQTliU3Zf MmNuTUZaSzlZMUNoby5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAJn3PwwDQYJKoZIhvcNAQELBQADggEBAExxzoP0bOi6in7TRUSgSxIVmAb7JYuF hl0irginnjW9secqfvRnLmU8DHE3KuhyrqMyMZCI5uDpmoKK/T29A6yKSISLzkz0 uFMI5jKVzbWJC90h/LwCl4ACd7TEDzN8jmCgfMe3/edt/94Gle604BQogSRCVyYz dmbljXkdOU1AgBoXVhBSHzmRxCF9aMHrYU5xGxrvYwu/OlvfSS4M5xQlTxPa5b67 eye2Gf93leA2f3aMdLpTQSLxj+2i+IxrsLRtVaUxQGl1LAO1YVKRlwJMjVfk/Lq/ 4lO2YxyiU85YiPdWbK5bRqs87n4DfXmXUI+uusfLgiV5BtwCTqLpNkw= -----END CERTIFICATE-----Generated at Mon Oct 20 13:13:46 2025 by rpki-client