$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/BtT80tGLlAxMEa9v7Gukl2pEqok.roa File: BtT80tGLlAxMEa9v7Gukl2pEqok.roa (raw, json) Hash identifier: PTOwr/Y5SizG/dyFpCcTKTk9V6ibE4jS6dQtN8OHHS4= Subject key identifier: 06:D4:FC:D2:D1:8B:94:0C:4C:11:AF:6F:EC:6B:A4:97:6A:44:AA:89 Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 1C7A Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/BtT80tGLlAxMEa9v7Gukl2pEqok.roa Signing time: Sat 12 Jul 2025 12:21:11 +0000 ROA not before: Sat 12 Jul 2025 12:21:11 +0000 ROA not after: Fri 03 Apr 2026 08:00:09 +0000 asID: 25743 IP address blocks: 103.221.49.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 20 Jul 2025 23:40:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7290 (0x1c7a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Jul 12 12:21:11 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=06D4FCD2D18B940C4C11AF6FEC6BA4976A44AA89 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d7:34:df:5b:db:3d:c3:36:8b:85:d2:ce:8f:4d: 38:be:85:13:bc:15:75:7b:fd:b2:52:fa:8d:55:ee: de:31:56:9d:5a:4c:e0:90:42:a8:e9:c0:f3:f3:4c: 8d:4b:05:ba:1a:74:0c:90:5f:ab:66:83:d0:9f:5a: 26:f4:fd:d9:ff:d3:b9:74:52:a3:1b:53:a3:2b:8e: 86:07:e9:7a:7c:8b:00:4b:77:77:68:88:37:ca:67: 08:d2:6e:fb:d1:ea:38:36:f8:ed:ae:5f:3f:1c:5f: e2:47:96:dd:bc:0b:e3:fe:d8:1f:2d:22:f9:ec:57: b0:50:dc:83:13:c1:db:d0:d4:b8:1c:71:dd:1e:02: 71:21:2f:65:85:41:53:ad:be:8b:d6:20:72:3f:54: b0:11:fd:6d:27:fd:d7:36:12:26:2a:90:fb:13:52: fe:f1:0a:31:d7:e8:b0:0e:c2:97:b7:b7:18:bb:cb: 2e:7a:0e:cc:fe:0d:23:43:79:d2:bb:ab:45:69:ab: 01:62:17:86:a4:8c:4d:ae:94:bf:45:d8:7e:0c:79: 4b:6d:55:74:fc:97:84:a9:47:ce:ba:c5:38:0f:49: 6f:7f:0e:d0:2f:43:27:43:0c:d7:77:96:49:14:6c: 1c:dd:12:b7:88:cb:fe:60:a5:51:7f:05:3b:97:e4: a4:2d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 06:D4:FC:D2:D1:8B:94:0C:4C:11:AF:6F:EC:6B:A4:97:6A:44:AA:89 X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/BtT80tGLlAxMEa9v7Gukl2pEqok.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.221.49.0/24 Signature Algorithm: sha256WithRSAEncryption 50:54:8d:bf:30:1f:19:4b:8d:a5:b8:dd:5d:9d:ae:0b:9e:91: 63:02:dd:d1:eb:e1:6b:6d:25:33:dd:eb:56:3c:e3:b4:fc:f2: e8:7d:f7:91:dc:46:05:aa:b8:4a:a3:c2:eb:d9:10:fd:8e:f2: 05:89:a1:86:a8:4b:c1:49:1d:db:c9:2c:8e:8f:a1:e8:a2:c4: 5a:74:a6:af:b7:f8:77:9f:05:4b:5e:2b:d5:3f:c2:36:95:1d: cf:e0:5f:0d:a0:64:97:8f:0f:68:15:b8:71:68:6b:a5:2c:ef: 42:78:da:3b:7a:02:2b:6c:86:c3:87:2e:48:ad:65:21:67:a8: 26:7d:ed:3b:bd:f4:97:55:b7:23:b4:1e:f3:1f:10:ac:ab:f7: 2e:f5:66:66:19:d3:c6:60:86:4b:ce:e5:05:bf:fc:7d:93:e8: 0f:86:b0:c0:7e:4f:89:3e:01:7d:b0:f2:7f:28:e7:14:03:e3: d8:e9:74:34:01:63:7d:3b:ed:af:65:ed:8a:06:47:22:71:a6: d4:57:37:53:ef:a0:f8:8b:9a:e0:e6:28:e7:e7:a6:db:b5:e5: 20:7c:58:1f:c6:f7:1f:8c:fa:99:6a:88:74:c6:75:6a:b8:ba: bf:f6:6e:0a:88:de:a1:f4:9d:23:75:82:c1:46:a9:ca:ce:1c: 8a:00:01:e4 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICHHowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTA3MTIx MjIxMTFaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDA2RDRGQ0QyRDE4Qjk0 MEM0QzExQUY2RkVDNkJBNDk3NkE0NEFBODkwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDXNN9b2z3DNouF0s6PTTi+hRO8FXV7/bJS+o1V7t4xVp1aTOCQ QqjpwPPzTI1LBboadAyQX6tmg9CfWib0/dn/07l0UqMbU6MrjoYH6Xp8iwBLd3do iDfKZwjSbvvR6jg2+O2uXz8cX+JHlt28C+P+2B8tIvnsV7BQ3IMTwdvQ1Lgccd0e AnEhL2WFQVOtvovWIHI/VLAR/W0n/dc2EiYqkPsTUv7xCjHX6LAOwpe3txi7yy56 Dsz+DSNDedK7q0VpqwFiF4akjE2ulL9F2H4MeUttVXT8l4SpR866xTgPSW9/DtAv QydDDNd3lkkUbBzdEreIy/5gpVF/BTuX5KQtAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUBtT80tGLlAxMEa9v7Gukl2pEqokwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L0J0VDgwdEdMbEF4TUVh OXY3R3VrbDJwRXFvay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BABn3TEwDQYJKoZIhvcNAQELBQADggEBAFBUjb8wHxlLjaW43V2drguekWMC3dHr 4WttJTPd61Y847T88uh995HcRgWquEqjwuvZEP2O8gWJoYaoS8FJHdvJLI6Poeii xFp0pq+3+HefBUteK9U/wjaVHc/gXw2gZJePD2gVuHFoa6Us70J42jt6AitshsOH LkitZSFnqCZ97Tu99JdVtyO0HvMfEKyr9y71ZmYZ08ZghkvO5QW//H2T6A+GsMB+ T4k+AX2w8n8o5xQD49jpdDQBY3077a9l7YoGRyJxptRXN1PvoPiLmuDmKOfnptu1 5SB8WB/G9x+M+plqiHTGdWq4ur/2bgqI3qH0nSN1gsFGqcrOHIoAAeQ= -----END CERTIFICATE-----Generated at Sun Jul 20 20:44:15 2025 by rpki-client