$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/HmD1hr6Lr3HNRAZDmSz6mVgSv9M.roa File: HmD1hr6Lr3HNRAZDmSz6mVgSv9M.roa (raw, json) Hash identifier: yFPpopi22vfor+9x23RHUsRz76xLCDRntTJm40QWA04= Subject key identifier: 1E:60:F5:86:BE:8B:AF:71:CD:44:06:43:99:2C:FA:99:58:12:BF:D3 Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 1CAD Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/HmD1hr6Lr3HNRAZDmSz6mVgSv9M.roa Signing time: Thu 17 Jul 2025 03:51:37 +0000 ROA not before: Thu 17 Jul 2025 03:51:37 +0000 ROA not after: Fri 03 Apr 2026 08:00:09 +0000 asID: 394881 IP address blocks: 103.221.44.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 20 Jul 2025 18:41:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7341 (0x1cad) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Jul 17 03:51:37 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=1E60F586BE8BAF71CD440643992CFA995812BFD3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:14:4b:a4:fc:72:93:1b:0e:fa:67:db:9d:57: 7c:bf:c2:f3:7d:65:41:bc:94:d5:8e:dc:1c:46:35: 92:e4:b9:5c:c0:15:c8:78:90:90:bd:91:d0:af:ec: e6:28:06:db:12:22:d7:37:1e:d0:ea:69:f7:33:75: b2:95:32:1b:be:79:76:10:d0:c1:b3:23:4e:7b:14: a0:a7:4f:6b:37:e4:54:19:16:74:48:eb:45:7f:16: f8:01:a1:c8:41:19:d3:33:8b:66:e2:60:00:ed:c8: da:6c:07:b9:e9:fb:40:6a:6d:71:46:d0:f6:98:e8: 6f:27:f1:87:e2:9a:8a:1d:71:0e:5c:81:4e:c8:11: 29:2f:39:41:16:5a:d6:29:9a:5e:01:fd:83:f8:91: 81:43:91:74:1b:17:f3:7a:79:0e:4a:42:40:d3:3a: 19:80:6a:cf:b8:de:ad:56:0d:00:57:17:63:d5:98: 14:f1:92:cb:44:cf:de:40:d6:f3:95:d4:28:31:09: ff:92:2a:34:5e:eb:e9:f1:2c:1d:3d:1a:8f:0e:eb: c0:aa:af:f5:4f:dd:18:dd:4b:a9:b9:af:58:38:0a: 34:4c:1a:18:b1:e2:22:44:1e:87:80:55:0c:b0:b4: a8:f3:0f:5a:51:a9:f2:35:fd:f0:f4:c2:40:4e:9f: 4f:dd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1E:60:F5:86:BE:8B:AF:71:CD:44:06:43:99:2C:FA:99:58:12:BF:D3 X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/HmD1hr6Lr3HNRAZDmSz6mVgSv9M.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.221.44.0/22 Signature Algorithm: sha256WithRSAEncryption a4:4a:62:06:73:49:1a:2c:cc:cd:f8:1f:74:89:b0:1d:51:43: 6a:61:1c:77:6c:57:c5:06:d5:46:57:be:cd:99:22:04:83:58: 9a:e0:e6:f8:dc:ab:b0:bf:64:30:ba:3f:57:93:28:ea:d0:f7: 8d:9f:7d:67:5f:01:63:99:a1:42:cf:72:09:fa:f7:07:01:cc: bb:42:ba:e3:29:4c:7c:c2:12:db:8a:57:21:53:6d:3a:1e:ab: 00:ac:62:86:01:ae:35:8a:7d:d0:90:c1:24:23:b4:1c:28:cb: 46:37:a3:14:c1:70:39:31:cc:2c:22:a7:6f:5d:01:01:b4:b2: 04:d7:29:87:fd:0e:e5:d0:af:96:c2:36:42:29:30:b8:bc:5f: e1:0b:02:a3:6d:1b:d5:e2:c2:22:0c:ab:a4:e3:94:8f:9d:be: 0d:1d:29:6c:a7:27:7e:4a:46:b5:4b:2e:57:64:97:3b:cd:ee: db:25:3a:d4:48:7f:00:4b:26:5b:2d:29:58:41:3c:05:86:42: 31:2d:9e:08:e0:2f:0e:ae:a8:e0:53:a5:0c:4d:92:28:59:b3: 49:fe:c9:af:91:10:3e:43:2c:6b:b3:d7:1d:d1:c5:97:20:9b: 3c:a4:e0:9e:cf:8b:79:3d:1f:95:1f:35:0f:f5:d6:a8:d0:d3: 1c:94:51:27 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICHK0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTA3MTcw MzUxMzdaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDFFNjBGNTg2QkU4QkFG NzFDRDQ0MDY0Mzk5MkNGQTk5NTgxMkJGRDMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDKFEuk/HKTGw76Z9udV3y/wvN9ZUG8lNWO3BxGNZLkuVzAFch4 kJC9kdCv7OYoBtsSItc3HtDqafczdbKVMhu+eXYQ0MGzI057FKCnT2s35FQZFnRI 60V/FvgBochBGdMzi2biYADtyNpsB7np+0BqbXFG0PaY6G8n8YfimoodcQ5cgU7I ESkvOUEWWtYpml4B/YP4kYFDkXQbF/N6eQ5KQkDTOhmAas+43q1WDQBXF2PVmBTx kstEz95A1vOV1CgxCf+SKjRe6+nxLB09Go8O68Cqr/VP3RjdS6m5r1g4CjRMGhix 4iJEHoeAVQywtKjzD1pRqfI1/fD0wkBOn0/dAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUHmD1hr6Lr3HNRAZDmSz6mVgSv9MwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L0htRDFocjZMcjNITlJB WkRtU3o2bVZnU3Y5TS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAJn3SwwDQYJKoZIhvcNAQELBQADggEBAKRKYgZzSRoszM34H3SJsB1RQ2phHHds V8UG1UZXvs2ZIgSDWJrg5vjcq7C/ZDC6P1eTKOrQ942ffWdfAWOZoULPcgn69wcB zLtCuuMpTHzCEtuKVyFTbToeqwCsYoYBrjWKfdCQwSQjtBwoy0Y3oxTBcDkxzCwi p29dAQG0sgTXKYf9DuXQr5bCNkIpMLi8X+ELAqNtG9XiwiIMq6TjlI+dvg0dKWyn J35KRrVLLldklzvN7tslOtRIfwBLJlstKVhBPAWGQjEtngjgLw6uqOBTpQxNkihZ s0n+ya+RED5DLGuz1x3RxZcgmzyk4J7Pi3k9H5UfNQ/11qjQ0xyUUSc= -----END CERTIFICATE-----Generated at Sun Jul 20 14:39:58 2025 by rpki-client