$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/6ztHi_XwJ1EvpOfDntZ8GD43_gI.roa File: 6ztHi_XwJ1EvpOfDntZ8GD43_gI.roa (raw, json) Hash identifier: G1DBNqbLKFsuRndIcvOAM7GIXHzWjW9jMoMAsSD2DRI= Subject key identifier: EB:3B:47:8B:F5:F0:27:51:2F:A4:E7:C3:9E:D6:7C:18:3E:37:FE:02 Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 1CB9 Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/6ztHi_XwJ1EvpOfDntZ8GD43_gI.roa Signing time: Thu 17 Jul 2025 03:55:30 +0000 ROA not before: Thu 17 Jul 2025 03:55:30 +0000 ROA not after: Fri 03 Apr 2026 08:00:09 +0000 asID: 394881 IP address blocks: 103.221.49.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 20 Jul 2025 18:41:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7353 (0x1cb9) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Jul 17 03:55:30 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=EB3B478BF5F027512FA4E7C39ED67C183E37FE02 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:43:db:0b:68:e4:22:30:5e:53:fc:ce:5a:ef: 08:a5:16:35:be:eb:2b:41:de:a5:70:16:62:a8:5e: 22:24:3a:97:6f:e3:57:c1:54:18:22:9f:55:51:fc: d3:06:53:f4:50:c6:33:1e:e8:d0:f5:a6:7b:47:fd: 41:9c:c9:bf:58:55:66:04:41:c5:00:bf:09:4d:b1: 3b:46:07:39:4d:5f:6f:1d:91:c7:fc:ad:85:f3:fc: 22:9b:21:89:9f:6e:cc:86:da:f9:7a:0a:62:58:56: 04:3e:db:ea:3e:96:a9:ad:06:5e:1f:6a:ad:50:ef: 5f:26:ee:8e:94:b7:7d:ec:2b:14:8b:81:8a:b5:66: cf:2b:cb:37:72:82:a3:26:e1:ab:91:46:65:b1:38: a9:c4:c6:ee:3d:de:41:60:cf:1e:f3:ec:b7:55:69: 63:30:e0:e5:cb:50:ca:ca:a0:05:0c:d3:19:7b:0a: 9d:9c:0b:27:64:5d:07:2f:81:cb:fa:7a:de:60:9f: 0a:d7:31:15:70:39:50:a8:18:1e:31:0d:81:57:62: 18:ea:75:74:ed:17:a3:32:69:26:78:a5:cf:65:a7: ba:7b:3d:07:9f:1b:29:7c:7c:ee:06:b3:f3:1b:03: 72:7b:ef:c7:a0:ff:78:90:5f:3a:39:5d:dc:8c:87: 2c:95 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EB:3B:47:8B:F5:F0:27:51:2F:A4:E7:C3:9E:D6:7C:18:3E:37:FE:02 X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/6ztHi_XwJ1EvpOfDntZ8GD43_gI.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.221.49.0/24 Signature Algorithm: sha256WithRSAEncryption 3e:f0:02:83:d9:38:ac:30:cd:6f:77:b4:27:60:a7:c3:cc:e0: 3b:7e:52:bb:37:91:1c:fa:5c:47:46:b3:b8:c2:8c:24:8f:2c: 9f:f3:bd:ce:2e:da:41:e0:48:84:b5:86:8a:0f:d1:41:a2:b4: ba:28:3f:6b:db:6c:17:97:c6:f1:51:02:d8:5e:d4:4c:84:82: 8b:ce:ac:42:97:49:6d:c7:9b:da:68:d8:27:64:aa:1f:44:a3: 00:08:ad:31:6f:f1:f1:c8:59:f7:58:e7:17:9f:0a:10:94:f6: 5f:54:7e:4a:cc:03:99:83:ab:34:61:7e:6b:d5:dc:d8:e8:6d: c5:21:d3:de:0c:b4:a5:b0:84:dd:8e:81:b2:e9:3c:ef:89:69: bb:42:24:5a:92:1c:8b:5b:3d:27:85:42:c7:08:3c:b1:5b:5c: 99:2b:7b:f4:5d:24:ec:99:0c:28:bf:d6:c7:45:74:7d:04:84: 9e:82:47:7c:c5:31:62:d3:48:d2:ff:3c:81:8e:ef:cc:08:dc: 8e:3f:e6:13:e3:d1:83:47:e6:3a:69:b3:be:9c:65:e7:78:6c: 7b:fa:95:4b:0e:23:bd:82:46:8a:a6:b0:49:ed:5c:ff:b7:17: 5e:11:b4:01:be:e2:09:77:e3:eb:2f:23:0d:82:80:3b:48:98: 0b:33:8f:3c -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICHLkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTA3MTcw MzU1MzBaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKEVCM0I0NzhCRjVGMDI3 NTEyRkE0RTdDMzlFRDY3QzE4M0UzN0ZFMDIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDGQ9sLaOQiMF5T/M5a7wilFjW+6ytB3qVwFmKoXiIkOpdv41fB VBgin1VR/NMGU/RQxjMe6ND1pntH/UGcyb9YVWYEQcUAvwlNsTtGBzlNX28dkcf8 rYXz/CKbIYmfbsyG2vl6CmJYVgQ+2+o+lqmtBl4faq1Q718m7o6Ut33sKxSLgYq1 Zs8ryzdygqMm4auRRmWxOKnExu493kFgzx7z7LdVaWMw4OXLUMrKoAUM0xl7Cp2c CydkXQcvgcv6et5gnwrXMRVwOVCoGB4xDYFXYhjqdXTtF6MyaSZ4pc9lp7p7PQef Gyl8fO4Gs/MbA3J778eg/3iQXzo5XdyMhyyVAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQU6ztHi/XwJ1EvpOfDntZ8GD43/gIwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3LzZ6dEhpX1h3SjFFdnBP ZkRudFo4R0Q0M19nSS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BABn3TEwDQYJKoZIhvcNAQELBQADggEBAD7wAoPZOKwwzW93tCdgp8PM4Dt+Urs3 kRz6XEdGs7jCjCSPLJ/zvc4u2kHgSIS1hooP0UGitLooP2vbbBeXxvFRAthe1EyE govOrEKXSW3Hm9po2Cdkqh9EowAIrTFv8fHIWfdY5xefChCU9l9UfkrMA5mDqzRh fmvV3NjobcUh094MtKWwhN2OgbLpPO+JabtCJFqSHItbPSeFQscIPLFbXJkre/Rd JOyZDCi/1sdFdH0EhJ6CR3zFMWLTSNL/PIGO78wI3I4/5hPj0YNH5jpps76cZed4 bHv6lUsOI72CRoqmsEntXP+3F14RtAG+4gl34+svIw2CgDtImAszjzw= -----END CERTIFICATE-----Generated at Sun Jul 20 14:40:02 2025 by rpki-client