$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/ypOQI8wZnFMKp3FGUVtLL7HeLT0.roa File: ypOQI8wZnFMKp3FGUVtLL7HeLT0.roa (raw, json) Hash identifier: Jh8/E2BSiND5ytGkUfjNZgSrYSTKQ+Ls1wxyzPNDPOg= Subject key identifier: CA:93:90:23:CC:19:9C:53:0A:A7:71:46:51:5B:4B:2F:B1:DE:2D:3D Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 1E1D Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/ypOQI8wZnFMKp3FGUVtLL7HeLT0.roa Signing time: Sat 13 Sep 2025 03:04:51 +0000 ROA not before: Sat 13 Sep 2025 03:04:51 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 17621 IP address blocks: 103.5.192.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 13:37:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7709 (0x1e1d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Sep 13 03:04:51 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=CA939023CC199C530AA77146515B4B2FB1DE2D3D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:93:30:a7:65:4f:63:3c:e7:86:08:8e:1a:90: 6b:2e:2d:65:90:9b:09:cc:ec:7a:c1:6a:94:0f:9d: b0:48:cb:cc:a2:8a:e6:3a:e6:38:e0:45:8f:39:7a: 37:76:3c:0d:55:88:39:ee:98:d0:03:17:3f:3e:74: 88:47:b9:53:93:eb:ce:0b:01:5c:ee:24:c7:c7:99: 36:a3:59:77:b5:45:bd:be:4d:d5:69:68:6f:44:e4: 50:d8:99:da:4f:a1:7d:35:e1:0b:77:73:f7:8a:45: 08:50:aa:07:8e:ed:4c:a0:dc:33:22:0b:da:dd:26: c4:51:a6:6b:c9:25:5d:86:75:5d:c8:f7:ff:8c:af: 3a:bf:bb:43:07:8a:d2:fb:bf:aa:ed:f8:28:97:61: 6f:f9:f6:80:9e:f0:6d:f4:e7:f4:72:d4:b7:6d:4b: 7a:02:00:20:22:ac:76:1e:c2:5f:29:8d:45:92:26: ec:0c:03:00:b1:28:dd:ac:2c:59:d0:3e:89:77:0d: 7e:41:c8:a8:0b:79:47:d5:70:9e:60:0d:43:33:c6: 79:f6:05:29:6e:26:27:71:ff:d9:1c:24:59:75:0f: 42:81:c6:0e:7a:7a:21:27:67:c7:47:0c:5a:8c:43: f3:e3:b8:bc:dd:bd:2e:7c:cd:58:c7:f3:0f:5d:f5: 6d:0f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CA:93:90:23:CC:19:9C:53:0A:A7:71:46:51:5B:4B:2F:B1:DE:2D:3D X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/ypOQI8wZnFMKp3FGUVtLL7HeLT0.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.5.192.0/23 Signature Algorithm: sha256WithRSAEncryption 65:6b:c8:2a:d3:a1:ec:f3:e3:78:3a:3b:52:42:08:04:32:e7: a5:f7:53:ef:21:64:8c:62:62:29:8e:05:f0:9c:23:fc:a0:77: 0b:72:dc:9d:03:23:f1:a8:78:81:90:2b:a5:b2:cf:8e:b8:55: 2e:bc:71:47:c1:5b:ca:3d:96:51:00:1c:79:fb:cb:44:a2:53: 7b:3d:f7:a4:8c:c4:d4:1b:eb:b8:f1:88:6c:40:a6:a3:47:ba: db:30:f7:3a:2e:68:94:5b:cd:12:8e:1e:0d:17:91:25:1f:a7: 78:6e:18:50:fc:64:2e:5f:93:0b:8c:53:d3:4d:c0:9f:12:c4: 6d:3a:2d:1a:bb:c3:62:7e:e8:c5:c2:3c:d1:fa:ca:76:38:c8: 07:51:62:10:44:92:4b:bf:4b:19:43:4a:d4:1a:d9:b9:a0:4c: 58:45:a5:0b:9d:51:88:27:b3:da:79:96:85:6b:45:68:ff:f1: 4a:9d:e9:b6:50:f0:c8:fd:7b:b6:74:7b:0a:e4:6c:b7:33:97: 5c:8e:bd:aa:dd:5e:10:a9:49:56:c3:bf:fe:5c:75:98:38:0f: d1:9f:50:d3:ec:68:b2:a8:28:33:ca:72:c4:59:cf:e2:a5:b5: 75:ac:59:38:57:47:15:66:38:e8:26:93:bf:88:06:61:c6:f7: 54:e0:42:da -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICHh0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTA5MTMw MzA0NTFaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKENBOTM5MDIzQ0MxOTlD NTMwQUE3NzE0NjUxNUI0QjJGQjFERTJEM0QwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDBkzCnZU9jPOeGCI4akGsuLWWQmwnM7HrBapQPnbBIy8yiiuY6 5jjgRY85ejd2PA1ViDnumNADFz8+dIhHuVOT684LAVzuJMfHmTajWXe1Rb2+TdVp aG9E5FDYmdpPoX014Qt3c/eKRQhQqgeO7Uyg3DMiC9rdJsRRpmvJJV2GdV3I9/+M rzq/u0MHitL7v6rt+CiXYW/59oCe8G305/Ry1LdtS3oCACAirHYewl8pjUWSJuwM AwCxKN2sLFnQPol3DX5ByKgLeUfVcJ5gDUMzxnn2BSluJidx/9kcJFl1D0KBxg56 eiEnZ8dHDFqMQ/PjuLzdvS58zVjH8w9d9W0PAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUypOQI8wZnFMKp3FGUVtLL7HeLT0wHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L3lwT1FJOHdabkZNS3Az RkdVVnRMTDdIZUxUMC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAFnBcAwDQYJKoZIhvcNAQELBQADggEBAGVryCrToezz43g6O1JCCAQy56X3U+8h ZIxiYimOBfCcI/ygdwty3J0DI/GoeIGQK6Wyz464VS68cUfBW8o9llEAHHn7y0Si U3s996SMxNQb67jxiGxApqNHutsw9zouaJRbzRKOHg0XkSUfp3huGFD8ZC5fkwuM U9NNwJ8SxG06LRq7w2J+6MXCPNH6ynY4yAdRYhBEkku/SxlDStQa2bmgTFhFpQud UYgns9p5loVrRWj/8Uqd6bZQ8Mj9e7Z0ewrkbLczl1yOvardXhCpSVbDv/5cdZg4 D9GfUNPsaLKoKDPKcsRZz+KltXWsWThXRxVmOOgmk7+IBmHG91TgQto= -----END CERTIFICATE-----Generated at Mon Oct 20 11:19:17 2025 by rpki-client