$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/L1jZnYUbImFeTheHMvopwG7D7o8.roa File: L1jZnYUbImFeTheHMvopwG7D7o8.roa (raw, json) Hash identifier: cs/e/px43kFKb/5lCzq9hKliPJc7gNTiYEhg95QZgCY= Subject key identifier: 2F:58:D9:9D:85:1B:22:61:5E:4E:17:87:32:FA:29:C0:6E:C3:EE:8F Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 1E5C Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/L1jZnYUbImFeTheHMvopwG7D7o8.roa Signing time: Sat 13 Sep 2025 03:05:04 +0000 ROA not before: Sat 13 Sep 2025 03:05:04 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 21859 IP address blocks: 45.252.8.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 19 Sep 2025 08:04:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7772 (0x1e5c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Sep 13 03:05:04 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=2F58D99D851B22615E4E178732FA29C06EC3EE8F Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ea:74:17:65:e4:7a:eb:84:6b:93:5e:dd:e4:05: 37:a9:75:57:f6:95:b8:d1:5c:12:8b:08:fe:b5:2c: eb:29:9e:dd:45:3a:b5:b2:19:e6:53:48:fe:57:15: 9b:c1:42:ca:8f:cc:b1:6d:bd:94:5d:8f:2b:f3:44: 52:a9:18:c5:fa:11:19:63:3b:ef:61:f4:ec:ea:06: 23:60:57:e2:e4:5e:57:bb:64:fd:53:a1:ed:ea:bb: 1e:0c:85:99:b1:1c:75:6d:5b:4b:d7:67:a2:49:e7: 3c:91:f0:a9:8a:71:10:5e:38:45:a1:a2:d2:31:1f: 75:6b:a6:f4:2a:52:25:51:60:f4:69:99:1e:a7:78: 9a:94:ca:26:5e:0e:f1:63:69:45:e5:62:e3:57:20: 14:d4:bd:09:15:70:85:9a:61:eb:cf:1e:4c:ba:5a: 56:45:54:a4:50:70:7e:0e:7c:ba:79:ec:34:8d:f2: ea:be:72:53:8a:68:b9:47:68:00:32:44:b3:5f:0e: e0:2c:ed:ed:c6:e3:5b:db:1b:b3:ba:36:f7:d1:d2: af:90:cf:c8:55:05:32:96:5d:45:21:2e:73:3c:44: 4d:c4:0d:32:ef:3b:ba:dc:16:fd:a8:47:4c:58:c2: c0:7a:ec:86:4c:73:bc:f3:44:a5:19:a3:1a:94:44: ad:f9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2F:58:D9:9D:85:1B:22:61:5E:4E:17:87:32:FA:29:C0:6E:C3:EE:8F X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/L1jZnYUbImFeTheHMvopwG7D7o8.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 45.252.8.0/24 Signature Algorithm: sha256WithRSAEncryption 4c:d6:91:33:7e:39:86:37:b0:55:27:fc:43:e4:69:40:9a:d2: 87:29:2b:82:6c:60:e5:01:e9:79:8e:f7:37:a9:47:ed:20:e6: a2:4f:90:91:75:26:49:9c:43:8f:a9:71:19:20:4f:82:ac:a6: 43:fd:dd:08:e2:c1:05:76:b8:eb:2c:bb:5e:61:40:81:bf:4d: b3:90:a1:92:30:da:ff:c5:52:9d:8b:8e:8b:fa:a0:cc:63:9e: 14:9a:9d:f1:a9:56:2e:85:0e:bc:6e:03:1c:d4:ec:ff:fe:63: 2a:eb:2a:59:91:7a:cf:d9:04:78:4f:42:20:83:57:c6:f6:1e: a4:e9:47:78:f9:c8:0d:57:8b:67:95:21:88:50:7f:01:40:e9: b1:d5:9d:ae:94:70:9c:f2:37:fe:39:d9:3c:05:af:1f:09:a8: a4:f4:ee:48:38:7c:6b:56:78:71:f0:45:5a:e8:26:b6:5b:4e: 19:43:fa:93:ab:eb:18:6b:23:10:97:0f:e0:c9:71:77:f7:0c: 2e:8d:a0:9b:4f:e5:0a:bd:d4:b5:eb:9c:0d:c1:c7:12:79:7c: c3:a6:a3:30:b4:73:29:0a:a8:df:08:f7:39:39:55:eb:a0:fa: 4c:02:e0:64:e3:de:ff:fc:e7:02:01:36:8e:fb:6d:82:0a:7b: c0:e7:9e:ae -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICHlwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTA5MTMw MzA1MDRaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDJGNThEOTlEODUxQjIy NjE1RTRFMTc4NzMyRkEyOUMwNkVDM0VFOEYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDqdBdl5HrrhGuTXt3kBTepdVf2lbjRXBKLCP61LOspnt1FOrWy GeZTSP5XFZvBQsqPzLFtvZRdjyvzRFKpGMX6ERljO+9h9OzqBiNgV+LkXle7ZP1T oe3qux4MhZmxHHVtW0vXZ6JJ5zyR8KmKcRBeOEWhotIxH3VrpvQqUiVRYPRpmR6n eJqUyiZeDvFjaUXlYuNXIBTUvQkVcIWaYevPHky6WlZFVKRQcH4OfLp57DSN8uq+ clOKaLlHaAAyRLNfDuAs7e3G41vbG7O6NvfR0q+Qz8hVBTKWXUUhLnM8RE3EDTLv O7rcFv2oR0xYwsB67IZMc7zzRKUZoxqURK35AgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUL1jZnYUbImFeTheHMvopwG7D7o8wHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L0wxalpuWVViSW1GZVRo ZUhNdm9wd0c3RDdvOC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAAt/AgwDQYJKoZIhvcNAQELBQADggEBAEzWkTN+OYY3sFUn/EPkaUCa0ocpK4Js YOUB6XmO9zepR+0g5qJPkJF1JkmcQ4+pcRkgT4KspkP93QjiwQV2uOssu15hQIG/ TbOQoZIw2v/FUp2Ljov6oMxjnhSanfGpVi6FDrxuAxzU7P/+YyrrKlmRes/ZBHhP QiCDV8b2HqTpR3j5yA1Xi2eVIYhQfwFA6bHVna6UcJzyN/452TwFrx8JqKT07kg4 fGtWeHHwRVroJrZbThlD+pOr6xhrIxCXD+DJcXf3DC6NoJtP5Qq91LXrnA3BxxJ5 fMOmozC0cykKqN8I9zk5Veug+kwC4GTj3v/85wIBNo77bYIKe8Dnnq4= -----END CERTIFICATE-----Generated at Fri Sep 19 07:51:25 2025 by rpki-client