$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/BaKhA5aasPdzBWC29PVOmbsxlGo.roa File: BaKhA5aasPdzBWC29PVOmbsxlGo.roa (raw, json) Hash identifier: 5rtuLqGtiWetHQq2Yz5cYQiW1cOhgd/FTnN3IxUQp6c= Subject key identifier: 05:A2:A1:03:96:9A:B0:F7:73:05:60:B6:F4:F5:4E:99:BB:31:94:6A Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 1CB7 Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/BaKhA5aasPdzBWC29PVOmbsxlGo.roa Signing time: Thu 17 Jul 2025 03:55:30 +0000 ROA not before: Thu 17 Jul 2025 03:55:30 +0000 ROA not after: Fri 03 Apr 2026 08:00:09 +0000 asID: 25734 IP address blocks: 103.221.92.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 22 Jul 2025 04:41:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7351 (0x1cb7) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Jul 17 03:55:30 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=05A2A103969AB0F7730560B6F4F54E99BB31946A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:19:a0:f6:99:0a:9c:4f:17:1a:51:2d:e3:b3: 57:e8:84:66:1c:23:8b:de:a2:d7:5a:9a:fb:31:e4: b8:61:05:3f:ac:ab:df:68:c8:64:9b:0f:ff:07:b2: d3:18:37:15:4c:a0:74:38:73:46:d6:81:c5:48:e8: 3b:c4:78:81:57:1a:00:02:02:eb:81:f8:f2:32:94: 9f:df:38:68:cd:b1:b5:12:38:21:1d:4d:4b:f7:14: 95:c7:5c:71:10:cd:c8:54:75:65:b8:5c:9b:38:89: a0:44:de:a7:3b:0b:3f:11:bd:73:4c:3d:8f:15:e4: 71:10:7b:cd:31:74:85:e1:41:92:85:65:6c:cc:9b: ff:7b:5c:10:3e:e0:ed:01:75:05:9b:7b:1b:8e:e6: cc:b0:7e:ff:d3:a2:d1:f0:3b:9a:67:3b:8e:7d:12: 99:fb:20:c6:b2:f3:1d:b0:6f:05:cf:02:89:60:df: 16:43:7d:ff:46:f8:96:f0:39:7e:fb:c7:1a:48:11: ec:06:0e:9b:9a:f6:bd:37:68:f6:55:e5:f0:70:96: 91:cd:07:10:26:6f:24:c4:b7:e2:97:a7:70:7e:fd: db:02:7c:a3:d2:65:e9:eb:4a:8d:13:aa:04:21:96: 43:d8:37:bb:af:a6:c9:ce:e0:5d:f8:f5:fe:3d:3e: 64:a9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 05:A2:A1:03:96:9A:B0:F7:73:05:60:B6:F4:F5:4E:99:BB:31:94:6A X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/BaKhA5aasPdzBWC29PVOmbsxlGo.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.221.92.0/22 Signature Algorithm: sha256WithRSAEncryption 6f:22:ab:ea:46:18:49:93:39:64:ed:22:f7:9d:84:5c:35:6a: 4b:21:04:b8:c9:aa:d9:27:5d:78:f3:67:01:15:cb:45:fa:61: e4:5e:8a:60:61:7d:c7:6a:27:24:d5:6d:df:34:4f:17:61:f2: 16:b7:93:55:f3:97:f1:f8:cb:e1:14:c9:03:31:98:65:1f:72: 83:a3:f7:d2:38:04:8f:51:7c:b1:db:07:46:c0:8b:4a:ba:7d: d2:53:20:fe:45:73:f8:98:db:74:1b:a6:6e:ee:74:b0:8c:7b: 2c:83:06:b5:38:06:c6:7b:14:02:00:38:eb:2f:99:f5:63:20: 9a:a5:03:ff:3b:02:c9:e5:86:4b:49:0a:3e:02:ce:c5:9e:2d: a0:82:19:e9:6a:08:30:1c:b7:05:54:73:75:fb:89:8a:55:bf: 39:b9:85:1e:76:0b:d0:3c:bb:00:ad:84:10:f4:69:d7:be:dd: c8:a0:e8:12:d1:af:91:f2:91:6b:57:c8:b2:b2:eb:c0:73:e8: 34:1f:1c:38:0b:ed:cc:c4:c2:82:89:a3:fc:d6:61:7e:29:f3: 0c:67:78:09:e9:3e:27:4d:77:9b:ef:6c:2c:a1:48:c4:87:9e: 98:29:8c:d1:92:ca:25:96:03:21:14:e5:13:52:d5:74:b1:f1: 69:5a:e1:b3 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICHLcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTA3MTcw MzU1MzBaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDA1QTJBMTAzOTY5QUIw Rjc3MzA1NjBCNkY0RjU0RTk5QkIzMTk0NkEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCqGaD2mQqcTxcaUS3js1fohGYcI4veotdamvsx5LhhBT+sq99o yGSbD/8HstMYNxVMoHQ4c0bWgcVI6DvEeIFXGgACAuuB+PIylJ/fOGjNsbUSOCEd TUv3FJXHXHEQzchUdWW4XJs4iaBE3qc7Cz8RvXNMPY8V5HEQe80xdIXhQZKFZWzM m/97XBA+4O0BdQWbexuO5sywfv/TotHwO5pnO459Epn7IMay8x2wbwXPAolg3xZD ff9G+JbwOX77xxpIEewGDpua9r03aPZV5fBwlpHNBxAmbyTEt+KXp3B+/dsCfKPS ZenrSo0TqgQhlkPYN7uvpsnO4F349f49PmSpAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUBaKhA5aasPdzBWC29PVOmbsxlGowHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L0JhS2hBNWFhc1BkekJX QzI5UFZPbWJzeGxHby5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAJn3VwwDQYJKoZIhvcNAQELBQADggEBAG8iq+pGGEmTOWTtIvedhFw1akshBLjJ qtknXXjzZwEVy0X6YeReimBhfcdqJyTVbd80Txdh8ha3k1Xzl/H4y+EUyQMxmGUf coOj99I4BI9RfLHbB0bAi0q6fdJTIP5Fc/iY23Qbpm7udLCMeyyDBrU4BsZ7FAIA OOsvmfVjIJqlA/87AsnlhktJCj4CzsWeLaCCGelqCDActwVUc3X7iYpVvzm5hR52 C9A8uwCthBD0ade+3cig6BLRr5HykWtXyLKy68Bz6DQfHDgL7czEwoKJo/zWYX4p 8wxneAnpPidNd5vvbCyhSMSHnpgpjNGSyiWWAyEU5RNS1XSx8Wla4bM= -----END CERTIFICATE-----Generated at Tue Jul 22 02:36:02 2025 by rpki-client