$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2578/r78L_jfDaGDjaH3rsP83eK4kcG4.roa File: r78L_jfDaGDjaH3rsP83eK4kcG4.roa (raw, json) Hash identifier: u1or2If1pLNDG9eB56Xw8Z+2kHObmlhnvE4GqSl5VaQ= Subject key identifier: AF:BF:0B:FE:37:C3:68:60:E3:68:7D:EB:B0:FF:37:78:AE:24:70:6E Certificate issuer: /CN=7CF44C06D5EA7DF0CBD4F68508F14E84DA08B752 Certificate serial: 17C5 Authority key identifier: 7C:F4:4C:06:D5:EA:7D:F0:CB:D4:F6:85:08:F1:4E:84:DA:08:B7:52 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/fPRMBtXqffDL1PaFCPFOhNoIt1I.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2578/r78L_jfDaGDjaH3rsP83eK4kcG4.roa Signing time: Mon 04 Aug 2025 13:06:15 +0000 ROA not before: Mon 04 Aug 2025 13:06:15 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 21859 IP address blocks: 103.99.76.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2578/fPRMBtXqffDL1PaFCPFOhNoIt1I.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2578/fPRMBtXqffDL1PaFCPFOhNoIt1I.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/fPRMBtXqffDL1PaFCPFOhNoIt1I.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 21 Aug 2025 08:03:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6085 (0x17c5) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=7CF44C06D5EA7DF0CBD4F68508F14E84DA08B752 Validity Not Before: Aug 4 13:06:15 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=AFBF0BFE37C36860E3687DEBB0FF3778AE24706E Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:ff:e3:aa:48:df:dd:35:57:6e:07:ed:ee:1f: 60:9d:bf:75:91:a2:89:bd:ea:b6:91:5c:3e:bf:d6: 27:c9:28:41:fe:c9:dd:17:fd:ab:56:59:68:d3:34: 5b:dd:66:2a:65:a7:78:ee:b8:8d:c9:34:ef:ea:00: d4:d5:a5:bd:13:ba:d6:1b:80:f6:6f:00:5b:12:3e: 7d:98:6a:fa:2f:34:9b:10:59:4d:cd:e2:13:79:34: 2b:70:4d:9e:98:df:1e:7f:97:a7:22:ba:35:36:c6: 79:6f:41:0d:22:de:e0:e8:e8:62:2a:09:54:4a:c6: fe:b9:14:da:f6:06:4f:0e:64:38:0f:e5:56:a7:6b: 53:82:18:66:b4:e9:ad:43:b6:f4:39:79:59:b0:09: 21:1b:6c:ae:88:5c:dd:23:2f:a8:8e:d7:f8:3a:cd: 7b:ca:df:35:5a:2b:4f:3b:54:35:0f:0a:75:a0:ee: db:77:c7:53:4e:cd:7f:51:53:1d:95:c3:69:dc:ee: aa:53:5b:70:45:12:ba:07:5e:f8:c4:c6:10:db:29: 65:31:84:e4:06:74:40:b3:07:60:5b:a3:9f:f1:6f: cf:f3:73:06:e5:c6:f0:de:c2:fc:23:e0:f3:d4:53: c8:7e:f1:75:7f:4f:00:bf:c9:43:27:3e:51:30:49: 9a:6b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AF:BF:0B:FE:37:C3:68:60:E3:68:7D:EB:B0:FF:37:78:AE:24:70:6E X509v3 Authority Key Identifier: keyid:7C:F4:4C:06:D5:EA:7D:F0:CB:D4:F6:85:08:F1:4E:84:DA:08:B7:52 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2578/fPRMBtXqffDL1PaFCPFOhNoIt1I.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/fPRMBtXqffDL1PaFCPFOhNoIt1I.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2578/r78L_jfDaGDjaH3rsP83eK4kcG4.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.99.76.0/22 Signature Algorithm: sha256WithRSAEncryption 1a:de:8a:a6:e4:be:ad:0d:02:4d:6e:65:e9:5d:28:65:1c:ae: 8b:3a:03:75:43:0c:a5:2c:a5:ad:ff:80:d5:9b:39:dd:21:63: b6:2a:67:9a:4f:59:72:68:2c:2c:4e:5f:13:29:88:d5:2b:fa: 6b:df:a6:7e:a2:52:31:1d:c5:e6:9f:8c:57:c7:ea:fa:31:e0: eb:8e:7d:2e:48:de:54:e7:bb:28:2d:4c:be:ae:0c:b8:86:bd: 1f:2b:a0:6a:66:c8:1d:44:e4:06:10:67:d4:7c:f4:63:97:91: 73:6e:d9:61:bc:2b:47:9b:85:f5:b0:a4:21:09:ca:fd:1f:25: 75:5a:e5:64:85:96:bb:e2:f7:ea:0a:28:6e:0f:81:e4:82:83: 03:94:1b:d6:67:68:e2:ab:65:16:26:1f:1b:a9:47:32:0b:59: e2:2e:2f:fd:d1:df:26:7c:af:00:35:6c:7a:1d:5f:60:0a:34: 61:db:53:93:dc:5f:44:32:ce:0b:0e:6e:1b:db:a6:ea:40:89: 03:c6:e7:bb:0f:a3:0d:94:77:27:51:5c:e5:b1:64:b5:a1:ef: 15:bd:1d:3c:39:b1:0f:d4:10:0c:f6:33:be:9e:5d:be:7d:d1: 49:af:6e:9d:ab:4b:26:60:f8:22:6e:9f:f5:88:e6:15:f9:f7: b9:64:72:de -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICF8UwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoN0NG NDRDMDZENUVBN0RGMENCRDRGNjg1MDhGMTRFODREQTA4Qjc1MjAeFw0yNTA4MDQx MzA2MTVaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKEFGQkYwQkZFMzdDMzY4 NjBFMzY4N0RFQkIwRkYzNzc4QUUyNDcwNkUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCv/+OqSN/dNVduB+3uH2Cdv3WRoom96raRXD6/1ifJKEH+yd0X /atWWWjTNFvdZiplp3juuI3JNO/qANTVpb0TutYbgPZvAFsSPn2YavovNJsQWU3N 4hN5NCtwTZ6Y3x5/l6ciujU2xnlvQQ0i3uDo6GIqCVRKxv65FNr2Bk8OZDgP5Van a1OCGGa06a1DtvQ5eVmwCSEbbK6IXN0jL6iO1/g6zXvK3zVaK087VDUPCnWg7tt3 x1NOzX9RUx2Vw2nc7qpTW3BFEroHXvjExhDbKWUxhOQGdECzB2Bbo5/xb8/zcwbl xvDewvwj4PPUU8h+8XV/TwC/yUMnPlEwSZprAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUr78L/jfDaGDjaH3rsP83eK4kcG4wHwYDVR0jBBgwFoAUfPRMBtXqffDL1PaF CPFOhNoIt1IwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjU3 OC9mUFJNQnRYcWZmREwxUGFGQ1BGT2hOb0l0MUkuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL2ZQUk1CdFhxZmZETDFQYUZDUEZPaE5vSXQxSS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI1Nzgvcjc4TF9qZkRhR0Rq YUgzcnNQODNlSzRrY0c0LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAmdjTDANBgkqhkiG9w0BAQsFAAOCAQEAGt6KpuS+rQ0CTW5l6V0oZRyuizoD dUMMpSylrf+A1Zs53SFjtipnmk9ZcmgsLE5fEymI1Sv6a9+mfqJSMR3F5p+MV8fq +jHg6459LkjeVOe7KC1Mvq4MuIa9HyugambIHUTkBhBn1Hz0Y5eRc27ZYbwrR5uF 9bCkIQnK/R8ldVrlZIWWu+L36goobg+B5IKDA5Qb1mdo4qtlFiYfG6lHMgtZ4i4v /dHfJnyvADVseh1fYAo0YdtTk9xfRDLOCw5uG9um6kCJA8bnuw+jDZR3J1Fc5bFk taHvFb0dPDmxD9QQDPYzvp5dvn3RSa9unatLJmD4Im6f9YjmFfn3uWRy3g== -----END CERTIFICATE-----Generated at Thu Aug 21 07:01:50 2025 by rpki-client