$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/QH_7BQ5-nhfXeV25DivvQ8H28kQ.roa File: QH_7BQ5-nhfXeV25DivvQ8H28kQ.roa (raw, json) Hash identifier: pHcPU485ElS1rP+2ZnASVCenuhcbfOwR0HdphA8Hu0M= Subject key identifier: 40:7F:FB:05:0E:7E:9E:17:D7:79:5D:B9:0E:2B:EF:43:C1:F6:F2:44 Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 1CB1 Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/QH_7BQ5-nhfXeV25DivvQ8H28kQ.roa Signing time: Thu 17 Jul 2025 03:51:38 +0000 ROA not before: Thu 17 Jul 2025 03:51:38 +0000 ROA not after: Fri 03 Apr 2026 08:00:09 +0000 asID: 394881 IP address blocks: 103.221.40.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 20 Jul 2025 23:40:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7345 (0x1cb1) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Jul 17 03:51:38 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=407FFB050E7E9E17D7795DB90E2BEF43C1F6F244 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:03:f5:64:e5:26:bf:0d:b5:1d:2c:19:c0:30: cd:8a:89:8b:c1:67:7c:14:9e:c9:59:4f:f1:eb:ff: 31:f6:a0:41:e7:67:d1:fb:1e:6d:76:3c:14:03:27: e7:bb:14:bb:8d:0d:b1:48:a4:a0:43:0b:de:4f:2b: 4c:f4:d0:a0:02:49:80:3c:76:87:bb:86:b8:2f:6f: 42:58:25:fc:32:68:73:b4:c3:21:f9:26:25:dc:a2: 3c:57:b1:2c:26:13:74:53:62:d4:47:d5:b7:d1:00: 44:1c:b4:f8:19:cf:09:1c:ff:46:b7:cf:3e:1b:e1: 76:c2:bf:de:df:1e:be:03:e4:99:5b:fa:52:27:73: bf:46:fe:30:1b:4b:5d:51:04:e9:23:ec:1a:18:0b: 85:ee:9b:b8:c7:6b:92:7e:26:92:8d:21:2d:ad:a8: 87:47:17:58:42:97:be:31:6c:99:75:33:7e:c7:e1: 4f:50:5e:48:74:be:5b:96:76:62:88:b5:29:ed:e6: 3f:7c:bb:cf:a4:1a:68:49:23:58:4a:22:58:72:85: 8c:f9:84:91:d1:f6:ac:00:1c:aa:1e:57:77:87:22: e9:f4:ea:7f:4e:3a:4c:b0:1f:1a:d3:64:6b:79:59: 82:8c:8e:51:75:eb:1c:c1:fe:bc:91:7b:11:99:fb: d9:61 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 40:7F:FB:05:0E:7E:9E:17:D7:79:5D:B9:0E:2B:EF:43:C1:F6:F2:44 X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/QH_7BQ5-nhfXeV25DivvQ8H28kQ.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.221.40.0/22 Signature Algorithm: sha256WithRSAEncryption 71:0d:7c:13:f7:d9:80:f0:0a:38:98:c7:81:69:da:7f:04:14: 96:50:d4:aa:f3:37:97:91:a4:8f:eb:e2:a1:25:14:95:e1:24: a4:6a:8d:34:4e:32:34:a3:95:f7:fd:65:90:1c:df:91:02:8c: 74:64:43:44:6e:d3:91:08:b3:f0:a6:19:44:60:ec:1e:da:46: 88:1e:05:08:75:ef:17:58:7c:96:fe:2b:5d:fe:0e:73:78:50: 97:b1:b0:97:91:c5:09:bd:b9:fc:56:91:ca:96:fe:f2:97:ce: f6:a7:6b:09:0c:13:a5:d1:68:54:f9:71:dc:d3:2e:6f:1a:52: e4:7b:08:49:0b:42:00:a8:71:0e:c8:a2:99:c1:53:ed:e0:46: a0:41:1e:9f:0b:d1:a0:83:0b:37:37:8a:a3:af:be:a3:84:e6: 7f:7a:aa:9d:cd:2e:aa:c4:23:df:fb:a2:96:40:57:6f:82:75: fb:69:d3:32:0e:72:69:a2:f9:51:2f:b1:83:ad:6e:41:c7:c0: 17:b0:50:39:19:9d:7f:23:40:71:78:5b:4f:35:3c:88:fe:a5: 77:91:31:6a:de:c8:59:c8:38:48:20:80:75:65:d9:2f:3b:94: 42:6e:c7:3d:74:6a:4d:ef:08:24:52:9b:c6:73:7c:ec:a7:14: c9:3e:d1:26 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICHLEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTA3MTcw MzUxMzhaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDQwN0ZGQjA1MEU3RTlF MTdENzc5NURCOTBFMkJFRjQzQzFGNkYyNDQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCtA/Vk5Sa/DbUdLBnAMM2KiYvBZ3wUnslZT/Hr/zH2oEHnZ9H7 Hm12PBQDJ+e7FLuNDbFIpKBDC95PK0z00KACSYA8doe7hrgvb0JYJfwyaHO0wyH5 JiXcojxXsSwmE3RTYtRH1bfRAEQctPgZzwkc/0a3zz4b4XbCv97fHr4D5Jlb+lIn c79G/jAbS11RBOkj7BoYC4Xum7jHa5J+JpKNIS2tqIdHF1hCl74xbJl1M37H4U9Q Xkh0vluWdmKItSnt5j98u8+kGmhJI1hKIlhyhYz5hJHR9qwAHKoeV3eHIun06n9O OkywHxrTZGt5WYKMjlF16xzB/ryRexGZ+9lhAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUQH/7BQ5+nhfXeV25DivvQ8H28kQwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L1FIXzdCUTUtbmhmWGVW MjVEaXZ2UThIMjhrUS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAJn3SgwDQYJKoZIhvcNAQELBQADggEBAHENfBP32YDwCjiYx4Fp2n8EFJZQ1Krz N5eRpI/r4qElFJXhJKRqjTROMjSjlff9ZZAc35ECjHRkQ0Ru05EIs/CmGURg7B7a RogeBQh17xdYfJb+K13+DnN4UJexsJeRxQm9ufxWkcqW/vKXzvanawkME6XRaFT5 cdzTLm8aUuR7CEkLQgCocQ7IopnBU+3gRqBBHp8L0aCDCzc3iqOvvqOE5n96qp3N LqrEI9/7opZAV2+Cdftp0zIOcmmi+VEvsYOtbkHHwBewUDkZnX8jQHF4W081PIj+ pXeRMWreyFnIOEgggHVl2S87lEJuxz10ak3vCCRSm8ZzfOynFMk+0SY= -----END CERTIFICATE-----Generated at Sun Jul 20 19:05:45 2025 by rpki-client