$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/P5anzOUhvbZI5Jj-0LvOVuM3LOU.roa File: P5anzOUhvbZI5Jj-0LvOVuM3LOU.roa (raw, json) Hash identifier: /xQ5IpPAUih/dmc/2hDcN2nztohmQ9un/yuk7LEEthI= Subject key identifier: 3F:96:A7:CC:E5:21:BD:B6:48:E4:98:FE:D0:BB:CE:56:E3:37:2C:E5 Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 1CBE Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/P5anzOUhvbZI5Jj-0LvOVuM3LOU.roa Signing time: Thu 17 Jul 2025 03:55:32 +0000 ROA not before: Thu 17 Jul 2025 03:55:32 +0000 ROA not after: Fri 03 Apr 2026 08:00:09 +0000 asID: 25734 IP address blocks: 103.221.32.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 21 Jul 2025 13:41:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7358 (0x1cbe) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Jul 17 03:55:32 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=3F96A7CCE521BDB648E498FED0BBCE56E3372CE5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:54:57:2d:0b:d0:6d:a9:4d:56:0e:dc:a8:87: f3:99:5e:8e:b9:bf:5e:30:bf:ca:a9:6a:fe:89:3a: 94:1b:57:04:d9:6b:02:ce:b1:ae:c9:3d:1b:27:66: b5:b3:fe:69:93:08:28:f5:9a:a8:5e:c7:3e:c1:41: 11:d9:d9:3d:2d:61:e9:05:f3:69:35:1a:c9:ac:81: 8b:ef:97:9b:21:fe:dd:12:c3:ec:77:09:07:98:c8: da:62:41:5f:b8:65:d4:68:6b:07:ae:74:33:4e:fa: 1b:b3:e7:46:2c:9a:2b:a4:c4:5b:65:af:34:96:a6: 6f:4c:b2:62:dc:e8:6d:f1:fa:8f:4f:28:56:ea:47: dc:89:a3:a1:7f:9e:f9:db:59:c7:d3:03:2c:7e:df: 80:34:86:49:35:16:89:c6:73:93:f9:d7:cc:ee:4d: f9:d5:64:0f:02:c8:c5:53:e1:fe:ff:47:06:7c:66: ac:81:cb:02:ea:0d:de:2b:e0:23:a5:e6:f7:55:72: b7:d2:7f:3c:4e:4c:25:ff:df:47:7c:24:75:a4:b9: 69:9c:6f:49:42:2f:34:71:ab:7f:27:44:8f:7e:83: 39:19:56:4a:59:e6:49:eb:e2:2a:13:7e:cd:db:15: 61:de:fd:8c:1a:52:47:bb:86:4a:0d:20:11:d2:71: ef:bd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3F:96:A7:CC:E5:21:BD:B6:48:E4:98:FE:D0:BB:CE:56:E3:37:2C:E5 X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/P5anzOUhvbZI5Jj-0LvOVuM3LOU.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.221.32.0/22 Signature Algorithm: sha256WithRSAEncryption 89:88:a5:2c:2c:ba:90:15:31:6f:eb:db:0a:6c:14:de:de:70: 2e:57:4a:ba:6b:00:5b:c0:c2:37:e3:38:0c:72:c4:ee:3a:96: 9c:ae:e1:2d:85:0b:a3:ef:62:c0:78:a3:6f:09:35:b4:e2:a5: e1:0e:75:4d:9f:3f:db:93:c9:84:7b:a3:a8:14:bc:95:0f:a0: b8:f4:1a:04:ed:a6:8c:c2:be:ce:eb:e9:5b:40:19:ad:06:f5: d6:61:d6:9c:d3:de:2e:75:9a:cf:ee:77:0b:34:ae:cc:70:71: a4:63:ad:a8:2b:6e:1f:32:90:f2:90:30:32:3b:97:83:f9:e9: 57:67:cf:60:7b:1d:f9:f1:60:5d:fe:ff:93:17:74:04:ef:7e: 5d:3b:83:5a:d4:e1:50:9e:7a:ab:b0:32:28:4f:5b:97:9d:cc: ba:79:f9:e6:87:ff:37:fa:f6:94:ba:fa:a5:2b:ea:04:0e:1c: 5c:87:32:0b:3c:d7:5d:82:96:3e:22:25:bf:75:8f:b3:74:b9: 0e:41:dd:7a:cb:5c:3c:aa:f4:3c:6e:53:a0:d5:47:ab:3f:ac: d7:b7:4a:52:a6:be:c7:6e:b2:c9:0f:17:a1:20:ff:78:e0:58: cf:dd:b6:5d:e3:7d:9d:87:4f:dd:c4:da:05:92:45:92:b8:04: 3e:f9:a0:eb -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICHL4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTA3MTcw MzU1MzJaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDNGOTZBN0NDRTUyMUJE QjY0OEU0OThGRUQwQkJDRTU2RTMzNzJDRTUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC6VFctC9BtqU1WDtyoh/OZXo65v14wv8qpav6JOpQbVwTZawLO sa7JPRsnZrWz/mmTCCj1mqhexz7BQRHZ2T0tYekF82k1GsmsgYvvl5sh/t0Sw+x3 CQeYyNpiQV+4ZdRoaweudDNO+huz50YsmiukxFtlrzSWpm9MsmLc6G3x+o9PKFbq R9yJo6F/nvnbWcfTAyx+34A0hkk1FonGc5P518zuTfnVZA8CyMVT4f7/RwZ8ZqyB ywLqDd4r4COl5vdVcrfSfzxOTCX/30d8JHWkuWmcb0lCLzRxq38nRI9+gzkZVkpZ 5knr4ioTfs3bFWHe/YwaUke7hkoNIBHSce+9AgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUP5anzOUhvbZI5Jj+0LvOVuM3LOUwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L1A1YW56T1VodmJaSTVK ai0wTHZPVnVNM0xPVS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAJn3SAwDQYJKoZIhvcNAQELBQADggEBAImIpSwsupAVMW/r2wpsFN7ecC5XSrpr AFvAwjfjOAxyxO46lpyu4S2FC6PvYsB4o28JNbTipeEOdU2fP9uTyYR7o6gUvJUP oLj0GgTtpozCvs7r6VtAGa0G9dZh1pzT3i51ms/udws0rsxwcaRjragrbh8ykPKQ MDI7l4P56Vdnz2B7HfnxYF3+/5MXdATvfl07g1rU4VCeequwMihPW5edzLp5+eaH /zf69pS6+qUr6gQOHFyHMgs8112Clj4iJb91j7N0uQ5B3XrLXDyq9DxuU6DVR6s/ rNe3SlKmvsdusskPF6Eg/3jgWM/dtl3jfZ2HT93E2gWSRZK4BD75oOs= -----END CERTIFICATE-----Generated at Mon Jul 21 12:44:33 2025 by rpki-client