$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/U9GqhSbF9vmrHhu2OxyTzHE81ps.roa File: U9GqhSbF9vmrHhu2OxyTzHE81ps.roa (raw, json) Hash identifier: jThGqlbAg8oEwe85Y21sbIvy+uKIGRrw1R1xQfCBv2g= Subject key identifier: 53:D1:AA:85:26:C5:F6:F9:AB:1E:1B:B6:3B:1C:93:CC:71:3C:D6:9B Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 1C9D Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/U9GqhSbF9vmrHhu2OxyTzHE81ps.roa Signing time: Thu 17 Jul 2025 03:48:05 +0000 ROA not before: Thu 17 Jul 2025 03:48:05 +0000 ROA not after: Fri 03 Apr 2026 08:00:09 +0000 asID: 25734 IP address blocks: 45.252.100.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 21 Jul 2025 18:41:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7325 (0x1c9d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Jul 17 03:48:05 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=53D1AA8526C5F6F9AB1E1BB63B1C93CC713CD69B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:0d:1c:25:27:27:4c:d1:5a:54:a0:7b:1b:ca: 9f:f9:c6:da:b2:80:32:d8:c9:24:f7:ae:cb:62:9b: b9:f8:60:4e:78:f1:0b:c4:be:e2:38:a6:d7:b0:53: a0:39:57:e2:07:e6:15:c7:24:55:1b:aa:ef:26:23: 8b:37:5d:30:be:00:68:ca:e9:7e:19:b7:69:28:24: 97:3a:4f:2d:6d:87:e7:50:05:1f:63:d2:53:a4:20: a0:2b:2f:de:3a:8a:d6:5b:45:73:2f:08:04:cb:42: 16:44:b8:0d:2b:fe:32:6a:71:fb:eb:8b:4c:d3:39: c4:e6:c1:95:94:b4:1c:de:1a:23:5e:96:d5:22:09: e3:9e:1c:28:4d:28:19:3e:c7:00:d3:89:3d:10:b3: 6c:92:49:51:a4:f7:ca:91:d5:41:b1:09:82:3e:fe: d2:d1:10:75:c3:04:cf:bd:ac:60:a1:3d:99:34:36: ac:c4:5b:d4:cb:7b:e0:56:cd:fd:f1:a4:79:9c:79: 7e:a6:e3:30:50:06:94:9f:bd:e6:f2:49:ae:51:1a: 4c:01:dc:a1:1e:51:89:a5:27:96:45:c5:24:5b:96: 14:fb:eb:ed:99:04:9a:29:c1:0f:8f:1c:5c:80:39: 3f:ec:8b:2f:04:ce:18:35:cc:f8:0a:64:a0:18:48: 1a:79 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 53:D1:AA:85:26:C5:F6:F9:AB:1E:1B:B6:3B:1C:93:CC:71:3C:D6:9B X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/U9GqhSbF9vmrHhu2OxyTzHE81ps.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 45.252.100.0/22 Signature Algorithm: sha256WithRSAEncryption da:a1:db:90:22:55:e9:31:bc:d3:40:05:e4:7d:82:46:81:87: 3f:be:36:77:ec:b4:16:74:79:d3:a8:f1:9b:85:9b:b7:fd:c9: f7:6b:e3:7e:d9:cb:7e:83:7a:e2:1e:45:c3:af:9c:e5:a6:28: 0e:ac:fa:1a:65:6a:9e:ee:04:d0:c7:cf:01:be:4e:7a:8e:ab: f2:d6:b0:9b:e7:0a:6b:22:e2:2e:17:d9:0c:e3:7b:2e:f1:61: 3a:aa:0a:5b:80:89:30:6d:5e:29:d7:c4:41:fd:06:28:cb:51: eb:9d:42:b0:bd:58:c1:4d:27:29:57:1a:a2:eb:c5:c1:2a:04: f3:62:3a:73:bc:b2:5e:37:89:46:20:b4:36:63:b5:c1:40:5d: 6c:bb:51:ae:2c:51:d6:d4:b3:0d:21:fd:db:e2:76:7d:1b:85: 5d:28:41:25:06:08:dc:06:9c:18:c1:fe:b0:c3:0b:df:de:24: 5a:80:1f:0f:86:98:b0:64:8f:88:1c:6f:ca:49:b2:51:c7:34: ab:ac:73:9c:b5:fe:4b:5a:c5:81:6e:22:40:d5:5a:a4:f1:a6: 08:b1:83:c5:de:f0:e5:09:8d:19:ea:cf:68:7f:28:05:2d:a3: f3:93:10:69:38:9c:5e:bd:29:f1:17:85:44:11:0c:97:e1:d2: 20:2e:e0:5b -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICHJ0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTA3MTcw MzQ4MDVaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDUzRDFBQTg1MjZDNUY2 RjlBQjFFMUJCNjNCMUM5M0NDNzEzQ0Q2OUIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDHDRwlJydM0VpUoHsbyp/5xtqygDLYyST3rstim7n4YE548QvE vuI4ptewU6A5V+IH5hXHJFUbqu8mI4s3XTC+AGjK6X4Zt2koJJc6Ty1th+dQBR9j 0lOkIKArL946itZbRXMvCATLQhZEuA0r/jJqcfvri0zTOcTmwZWUtBzeGiNeltUi CeOeHChNKBk+xwDTiT0Qs2ySSVGk98qR1UGxCYI+/tLREHXDBM+9rGChPZk0NqzE W9TLe+BWzf3xpHmceX6m4zBQBpSfvebySa5RGkwB3KEeUYmlJ5ZFxSRblhT76+2Z BJopwQ+PHFyAOT/siy8Ezhg1zPgKZKAYSBp5AgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUU9GqhSbF9vmrHhu2OxyTzHE81pswHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L1U5R3FoU2JGOXZtckho dTJPeHlUekhFODFwcy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAIt/GQwDQYJKoZIhvcNAQELBQADggEBANqh25AiVekxvNNABeR9gkaBhz++Nnfs tBZ0edOo8ZuFm7f9yfdr437Zy36DeuIeRcOvnOWmKA6s+hplap7uBNDHzwG+TnqO q/LWsJvnCmsi4i4X2Qzjey7xYTqqCluAiTBtXinXxEH9BijLUeudQrC9WMFNJylX GqLrxcEqBPNiOnO8sl43iUYgtDZjtcFAXWy7Ua4sUdbUsw0h/dvidn0bhV0oQSUG CNwGnBjB/rDDC9/eJFqAHw+GmLBkj4gcb8pJslHHNKusc5y1/ktaxYFuIkDVWqTx pgixg8Xe8OUJjRnqz2h/KAUto/OTEGk4nF69KfEXhUQRDJfh0iAu4Fs= -----END CERTIFICATE-----Generated at Mon Jul 21 13:56:27 2025 by rpki-client