$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/yS1PGoajxluRUEsT5cGAFXFZ7hk.roa File: yS1PGoajxluRUEsT5cGAFXFZ7hk.roa (raw, json) Hash identifier: 23EjwgB6rBCrk4cfo+VCBkucEtl4B4Qxn5EqkQvd9fs= Subject key identifier: C9:2D:4F:1A:86:A3:C6:5B:91:50:4B:13:E5:C1:80:15:71:59:EE:19 Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 1DFA Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/yS1PGoajxluRUEsT5cGAFXFZ7hk.roa Signing time: Sat 13 Sep 2025 03:04:45 +0000 ROA not before: Sat 13 Sep 2025 03:04:45 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 13444 IP address blocks: 103.221.43.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 13:37:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7674 (0x1dfa) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Sep 13 03:04:45 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=C92D4F1A86A3C65B91504B13E5C180157159EE19 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d4:7c:cd:37:b6:4d:e4:e7:8c:bb:e5:a9:9d:d3: df:b7:72:1d:48:e8:f1:52:ea:e4:42:77:ea:73:51: 49:dd:31:66:0c:80:df:2e:0e:6b:09:94:54:18:da: aa:8d:cc:8c:bd:d7:72:fa:77:c7:17:ef:e7:31:de: 96:6a:53:39:6f:51:05:d1:13:05:90:81:bc:f9:85: 8e:24:30:29:ab:d3:e0:72:ea:77:5b:90:36:d1:5a: ff:9e:29:e0:6a:fc:48:d6:97:a3:0d:37:f7:df:91: 41:a0:8c:7c:e7:46:30:00:a3:28:30:17:b7:0c:7d: 24:65:6d:61:1a:6d:a9:71:fb:80:2d:c9:34:4c:fa: a8:df:03:73:86:2d:8b:36:f9:43:0c:66:13:2f:32: fa:f9:92:6f:4f:1e:c8:82:06:1f:bb:5c:dd:54:1e: 7c:f6:60:74:d4:a8:e2:1f:48:e3:e1:53:c1:d8:ad: 09:48:d1:e9:35:3f:bf:ce:81:21:07:34:32:f8:e0: 43:9c:e7:89:16:3e:d9:c8:6f:a0:3b:3b:42:34:94: d0:ac:9a:36:e0:a8:33:22:cd:81:bb:b4:45:9c:5d: 7a:f5:88:ef:39:29:38:0b:a9:cf:ee:ce:5d:28:a0: 20:e7:ed:82:ab:73:02:e8:bc:35:be:a7:9b:d1:0a: 01:8b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C9:2D:4F:1A:86:A3:C6:5B:91:50:4B:13:E5:C1:80:15:71:59:EE:19 X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/yS1PGoajxluRUEsT5cGAFXFZ7hk.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.221.43.0/24 Signature Algorithm: sha256WithRSAEncryption 38:a0:12:25:82:8f:0c:96:c9:eb:00:28:0e:a6:f7:f7:92:26: 9b:e7:a6:43:2f:e0:a1:3b:38:8e:d0:01:cc:3c:f5:ca:47:94: a5:c1:76:52:5a:5a:9f:c9:2a:63:88:4d:af:85:cc:e8:69:09: ad:3d:eb:ad:bc:b8:c5:46:49:8b:57:60:21:af:24:80:42:ca: ef:a7:71:48:3c:f4:dc:5d:82:bf:e0:d0:b1:78:e1:a2:ec:41: 90:30:10:0b:e7:c0:5e:1a:00:05:a4:01:b8:07:12:56:f0:34: b3:5f:29:d0:f2:b7:a9:f0:08:30:c9:72:c4:2c:e7:d8:59:82: ab:1a:d3:28:40:c3:28:3b:78:94:c5:9d:bc:cd:13:bf:8f:3d: 54:29:7c:8f:23:63:25:29:b9:23:c2:98:e7:48:fb:0e:65:6e: f3:45:a3:68:98:4d:42:b9:1e:29:a7:df:8f:3e:50:12:21:95: ce:a8:db:68:75:23:21:9b:7e:7c:2b:16:62:30:65:b4:d2:ac: e4:83:80:10:bf:09:22:26:3f:86:e4:95:97:0b:50:ca:de:85: b0:e5:63:f6:2d:83:01:3e:63:a5:de:3c:5c:da:35:ef:45:f7: ec:06:c8:eb:b1:80:8d:90:19:98:25:af:a4:a6:4c:b9:9e:c1: dd:56:fb:f7 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICHfowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTA5MTMw MzA0NDVaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKEM5MkQ0RjFBODZBM0M2 NUI5MTUwNEIxM0U1QzE4MDE1NzE1OUVFMTkwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDUfM03tk3k54y75amd09+3ch1I6PFS6uRCd+pzUUndMWYMgN8u DmsJlFQY2qqNzIy913L6d8cX7+cx3pZqUzlvUQXREwWQgbz5hY4kMCmr0+By6ndb kDbRWv+eKeBq/EjWl6MNN/ffkUGgjHznRjAAoygwF7cMfSRlbWEabalx+4AtyTRM +qjfA3OGLYs2+UMMZhMvMvr5km9PHsiCBh+7XN1UHnz2YHTUqOIfSOPhU8HYrQlI 0ek1P7/OgSEHNDL44EOc54kWPtnIb6A7O0I0lNCsmjbgqDMizYG7tEWcXXr1iO85 KTgLqc/uzl0ooCDn7YKrcwLovDW+p5vRCgGLAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUyS1PGoajxluRUEsT5cGAFXFZ7hkwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L3lTMVBHb2FqeGx1UlVF c1Q1Y0dBRlhGWjdoay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BABn3SswDQYJKoZIhvcNAQELBQADggEBADigEiWCjwyWyesAKA6m9/eSJpvnpkMv 4KE7OI7QAcw89cpHlKXBdlJaWp/JKmOITa+FzOhpCa096628uMVGSYtXYCGvJIBC yu+ncUg89Nxdgr/g0LF44aLsQZAwEAvnwF4aAAWkAbgHElbwNLNfKdDyt6nwCDDJ csQs59hZgqsa0yhAwyg7eJTFnbzNE7+PPVQpfI8jYyUpuSPCmOdI+w5lbvNFo2iY TUK5Himn348+UBIhlc6o22h1IyGbfnwrFmIwZbTSrOSDgBC/CSImP4bklZcLUMre hbDlY/YtgwE+Y6XePFzaNe9F9+wGyOuxgI2QGZglr6SmTLmewd1W+/c= -----END CERTIFICATE-----Generated at Mon Oct 20 13:13:47 2025 by rpki-client