$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/XCxj_3cJkK9tWIjYCpr93u1_k7c.roa File: XCxj_3cJkK9tWIjYCpr93u1_k7c.roa (raw, json) Hash identifier: 7IswbKars1x4DDMauEYzya83QYwfWaJoxzgbKipuN9Q= Subject key identifier: 5C:2C:63:FF:77:09:90:AF:6D:58:88:D8:0A:9A:FD:DE:ED:7F:93:B7 Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 1CBA Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/XCxj_3cJkK9tWIjYCpr93u1_k7c.roa Signing time: Thu 17 Jul 2025 03:55:30 +0000 ROA not before: Thu 17 Jul 2025 03:55:30 +0000 ROA not after: Fri 03 Apr 2026 08:00:09 +0000 asID: 25734 IP address blocks: 103.221.49.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 21 Jul 2025 09:00:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7354 (0x1cba) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Jul 17 03:55:30 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=5C2C63FF770990AF6D5888D80A9AFDDEED7F93B7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9b:6f:97:ba:84:83:c8:1e:86:22:c4:22:b2:fd: ad:6c:7f:ad:e4:c6:f1:36:9f:82:74:8d:8a:c2:6d: 5a:39:0b:f7:d9:f8:f4:34:d6:37:d9:4a:48:9f:81: a5:6f:df:85:ad:6a:fa:0e:11:0f:68:dd:19:ea:5e: f2:dc:1d:df:fd:75:4b:a1:80:e8:54:3a:ba:88:0c: 01:97:45:33:f6:dd:a1:d9:64:e3:1f:e8:a1:e9:9d: 18:c2:61:a7:30:80:ab:e2:f2:7e:18:f3:44:bc:9c: 1e:0d:b2:1e:f2:1d:87:cb:88:0c:a5:df:8a:58:ba: 6f:39:f6:c8:5a:3a:c4:78:07:a1:5e:13:f6:fb:07: d5:15:de:19:70:dd:19:7f:90:1d:fa:9c:83:e4:e5: f7:d1:c6:06:1d:0a:c5:9a:a2:fc:65:d4:9b:26:bf: cf:d1:84:7d:d1:a7:f0:b8:77:e0:60:43:7c:82:b5: a9:99:60:b3:b0:74:6f:9f:a5:01:cb:e3:76:45:88: 43:b3:24:7e:ad:f4:d2:21:7f:5f:87:93:81:04:ef: 2b:41:67:11:84:16:fa:d7:08:b1:91:d8:57:ac:ed: bc:ff:f1:92:f3:9f:80:31:b8:09:63:37:30:0f:a9: d7:c3:84:db:00:0e:b2:fd:d9:e5:0b:33:25:f4:30: 90:01 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5C:2C:63:FF:77:09:90:AF:6D:58:88:D8:0A:9A:FD:DE:ED:7F:93:B7 X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/XCxj_3cJkK9tWIjYCpr93u1_k7c.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.221.49.0/24 Signature Algorithm: sha256WithRSAEncryption b2:a9:c7:67:b3:28:92:46:2d:48:a6:0c:74:56:c6:33:8a:e5: af:5a:26:fd:25:f5:23:8e:b6:c8:99:20:c7:a4:61:4f:da:43: 9e:2e:58:91:8b:33:c9:df:e0:d2:76:66:17:26:58:5f:c5:30: e0:10:4a:ce:7f:f8:06:7d:65:76:39:e3:ee:aa:92:fa:e1:7c: 22:7a:de:77:97:74:5e:92:49:65:90:b0:38:e8:59:5e:4f:a3: 29:6a:c9:be:dd:03:08:8b:c7:e3:13:b6:7e:77:3d:38:11:a5: ff:91:5d:5c:a1:6a:0c:a7:f9:bd:bb:6a:39:11:75:2a:52:46: 56:70:6f:c2:84:26:c6:d0:0e:99:db:35:89:cd:3a:81:27:32: a6:de:1d:98:f4:cc:84:8b:3c:97:9f:35:9e:10:2d:63:8c:d5: 85:56:c7:3d:03:22:f9:dc:6d:e2:a5:0e:98:0d:95:1a:0f:82: 1a:34:47:50:6d:71:b9:a9:87:4f:5a:46:b5:f8:22:b8:94:1e: 99:cf:e8:e1:8f:e9:fc:36:c5:df:ec:30:36:05:b0:86:bf:2c: e5:6b:21:e1:d4:cc:66:06:8a:1e:3a:42:b5:df:c5:12:0c:cf: 68:9c:3a:0d:69:48:c4:8e:98:e2:30:e6:8b:df:e8:3b:d6:c5: 27:ec:c3:6a -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICHLowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTA3MTcw MzU1MzBaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDVDMkM2M0ZGNzcwOTkw QUY2RDU4ODhEODBBOUFGRERFRUQ3RjkzQjcwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCbb5e6hIPIHoYixCKy/a1sf63kxvE2n4J0jYrCbVo5C/fZ+PQ0 1jfZSkifgaVv34WtavoOEQ9o3RnqXvLcHd/9dUuhgOhUOrqIDAGXRTP23aHZZOMf 6KHpnRjCYacwgKvi8n4Y80S8nB4Nsh7yHYfLiAyl34pYum859shaOsR4B6FeE/b7 B9UV3hlw3Rl/kB36nIPk5ffRxgYdCsWaovxl1Jsmv8/RhH3Rp/C4d+BgQ3yCtamZ YLOwdG+fpQHL43ZFiEOzJH6t9NIhf1+Hk4EE7ytBZxGEFvrXCLGR2Fes7bz/8ZLz n4AxuAljNzAPqdfDhNsADrL92eULMyX0MJABAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUXCxj/3cJkK9tWIjYCpr93u1/k7cwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L1hDeGpfM2NKa0s5dFdJ allDcHI5M3UxX2s3Yy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BABn3TEwDQYJKoZIhvcNAQELBQADggEBALKpx2ezKJJGLUimDHRWxjOK5a9aJv0l 9SOOtsiZIMekYU/aQ54uWJGLM8nf4NJ2ZhcmWF/FMOAQSs5/+AZ9ZXY54+6qkvrh fCJ63neXdF6SSWWQsDjoWV5Poylqyb7dAwiLx+MTtn53PTgRpf+RXVyhagyn+b27 ajkRdSpSRlZwb8KEJsbQDpnbNYnNOoEnMqbeHZj0zISLPJefNZ4QLWOM1YVWxz0D IvncbeKlDpgNlRoPgho0R1Btcbmph09aRrX4IriUHpnP6OGP6fw2xd/sMDYFsIa/ LOVrIeHUzGYGih46QrXfxRIMz2icOg1pSMSOmOIw5ovf6DvWxSfsw2o= -----END CERTIFICATE-----Generated at Mon Jul 21 08:08:53 2025 by rpki-client