$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/-Lz--2HrHKk1RbDF_AlFpabwuyU.roa File: -Lz--2HrHKk1RbDF_AlFpabwuyU.roa (raw, json) Hash identifier: a0a/NFzPtFksbNAfWLjXq1AqFQMm4QUY+8paH7+3A/U= Subject key identifier: F8:BC:FE:FB:61:EB:1C:A9:35:45:B0:C5:FC:09:45:A5:A6:F0:BB:25 Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 1CA3 Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/-Lz--2HrHKk1RbDF_AlFpabwuyU.roa Signing time: Thu 17 Jul 2025 03:51:34 +0000 ROA not before: Thu 17 Jul 2025 03:51:34 +0000 ROA not after: Fri 03 Apr 2026 08:00:09 +0000 asID: 394881 IP address blocks: 103.221.4.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 20 Jul 2025 18:41:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7331 (0x1ca3) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Jul 17 03:51:34 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=F8BCFEFB61EB1CA93545B0C5FC0945A5A6F0BB25 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ea:bb:e1:50:cb:7a:81:93:a8:b7:42:6f:57:96: 0d:61:db:5c:7a:62:c5:5d:10:80:ec:ed:92:92:62: 46:97:85:e0:06:db:6a:9d:f7:62:86:ad:da:e0:79: 5d:df:9e:c5:21:77:28:e3:0b:99:c5:b9:10:ec:56: fe:38:5f:2b:21:ec:73:b0:23:f3:e0:53:37:9b:98: 1e:90:61:38:bb:68:e6:aa:65:0c:c4:ac:09:b6:29: 13:fa:f6:88:7a:fd:84:f7:1f:8f:71:e0:4c:ef:82: cd:40:eb:c8:02:92:6a:08:7b:31:4d:21:b9:8a:13: 27:73:ed:51:0e:da:21:a3:50:ca:1c:45:87:f8:e4: 76:63:c3:5d:e8:ed:d3:a0:2b:8e:71:f9:9c:b8:81: 0a:65:c7:28:0c:cc:e4:ad:63:18:6b:5a:88:2b:ac: 08:e8:1a:33:ff:24:ed:60:80:46:97:c9:46:94:ab: 00:54:85:c6:1c:5c:72:3a:e0:d5:a6:43:b4:c3:94: ab:7a:c6:b3:f0:95:a0:09:3e:7b:39:0a:1c:af:db: 21:b8:e5:de:a2:53:35:17:56:4b:d5:c5:32:a1:11: e9:2b:1f:1d:fd:93:7a:35:47:26:5b:b8:5e:7b:d0: d8:41:68:e7:3e:dd:9d:0e:3f:b4:bb:81:cc:9a:bb: 59:61 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F8:BC:FE:FB:61:EB:1C:A9:35:45:B0:C5:FC:09:45:A5:A6:F0:BB:25 X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/-Lz--2HrHKk1RbDF_AlFpabwuyU.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.221.4.0/22 Signature Algorithm: sha256WithRSAEncryption 67:6d:a1:5c:73:01:13:d4:24:99:fc:8f:58:32:4e:13:a8:24: 92:9c:f7:85:2c:d5:1a:ea:6e:55:07:aa:9d:6d:fe:9f:11:4e: ae:2d:c1:1b:93:c0:d7:ad:c4:26:be:08:8c:56:da:31:43:17: fd:fc:5c:81:04:7c:85:44:8b:32:e8:e4:e2:b9:39:7e:2f:ea: fa:18:c0:6a:0d:d5:e0:b5:d9:80:70:99:ac:33:ba:2c:9e:3a: a8:de:d9:37:de:19:97:35:f4:73:e2:b3:fa:68:4c:01:63:04: 8e:7a:b3:64:51:57:d9:20:a3:2b:2b:d3:b5:70:df:95:5d:11: a5:f2:c6:99:2f:75:8f:0b:e5:53:03:79:30:5c:e9:43:6b:14: 6c:b7:35:de:dd:12:61:3d:fa:7d:08:9c:0e:12:63:f1:b6:1c: 06:6d:c1:2f:9c:e2:28:1b:82:5c:8a:d4:37:79:0e:c9:59:1d: 33:81:6c:fa:e8:a9:18:9d:7e:74:a7:37:5d:41:4b:3b:9a:93: 0e:ba:37:91:67:c6:cf:5f:e5:4c:42:84:3d:4e:2d:03:4f:c7: c6:63:b1:72:90:fd:85:10:54:a7:1a:37:d6:a3:35:22:22:0a: 29:45:47:ad:3e:17:d5:eb:c3:9e:bb:e6:fd:3f:dc:a1:14:f9: 5d:63:4f:d5 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICHKMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTA3MTcw MzUxMzRaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKEY4QkNGRUZCNjFFQjFD QTkzNTQ1QjBDNUZDMDk0NUE1QTZGMEJCMjUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDqu+FQy3qBk6i3Qm9Xlg1h21x6YsVdEIDs7ZKSYkaXheAG22qd 92KGrdrgeV3fnsUhdyjjC5nFuRDsVv44Xysh7HOwI/PgUzebmB6QYTi7aOaqZQzE rAm2KRP69oh6/YT3H49x4Ezvgs1A68gCkmoIezFNIbmKEydz7VEO2iGjUMocRYf4 5HZjw13o7dOgK45x+Zy4gQplxygMzOStYxhrWogrrAjoGjP/JO1ggEaXyUaUqwBU hcYcXHI64NWmQ7TDlKt6xrPwlaAJPns5Chyv2yG45d6iUzUXVkvVxTKhEekrHx39 k3o1RyZbuF570NhBaOc+3Z0OP7S7gcyau1lhAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQU+Lz++2HrHKk1RbDF/AlFpabwuyUwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3Ly1Mei0tMkhySEtrMVJi REZfQWxGcGFid3V5VS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAJn3QQwDQYJKoZIhvcNAQELBQADggEBAGdtoVxzARPUJJn8j1gyThOoJJKc94Us 1RrqblUHqp1t/p8RTq4twRuTwNetxCa+CIxW2jFDF/38XIEEfIVEizLo5OK5OX4v 6voYwGoN1eC12YBwmawzuiyeOqje2TfeGZc19HPis/poTAFjBI56s2RRV9kgoysr 07Vw35VdEaXyxpkvdY8L5VMDeTBc6UNrFGy3Nd7dEmE9+n0InA4SY/G2HAZtwS+c 4igbglyK1Dd5DslZHTOBbProqRidfnSnN11BSzuakw66N5Fnxs9f5UxChD1OLQNP x8ZjsXKQ/YUQVKcaN9ajNSIiCilFR60+F9Xrw5675v0/3KEU+V1jT9U= -----END CERTIFICATE-----Generated at Sun Jul 20 14:39:37 2025 by rpki-client