$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/l6saPbBC_NE9U_YAT3lyer0j0hM.roa File: l6saPbBC_NE9U_YAT3lyer0j0hM.roa (raw, json) Hash identifier: IxYE/QMJGCZo1ig4YdMgXhu9UXykbeXxHa8Hebeo2fI= Subject key identifier: 97:AB:1A:3D:B0:42:FC:D1:3D:53:F6:00:4F:79:72:7A:BD:23:D2:13 Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 1C95 Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/l6saPbBC_NE9U_YAT3lyer0j0hM.roa Signing time: Thu 17 Jul 2025 03:48:03 +0000 ROA not before: Thu 17 Jul 2025 03:48:03 +0000 ROA not after: Fri 03 Apr 2026 08:00:09 +0000 asID: 25734 IP address blocks: 45.252.144.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 22 Jul 2025 09:11:22 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7317 (0x1c95) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Jul 17 03:48:03 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=97AB1A3DB042FCD13D53F6004F79727ABD23D213 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d3:91:da:74:70:24:5a:3f:cc:2a:75:3a:ab:6b: e5:aa:d6:38:1b:fc:5f:56:5c:d6:db:9e:9d:c6:92: 2b:30:8c:00:3e:3e:ab:91:45:27:a0:b6:ae:e2:53: d9:dc:fa:1a:4e:b7:bf:34:fd:03:f4:ab:40:66:a7: 67:61:15:c1:67:0b:8b:8e:63:46:3a:f6:d8:11:ae: 4f:06:c2:f2:e0:1e:b7:ad:6b:78:f7:dd:bd:ef:11: ca:39:ec:10:83:49:7d:09:14:28:d8:9c:cd:62:09: 5f:20:9e:bc:21:40:71:c1:9a:ee:4e:cb:ba:b4:e2: 39:87:43:30:fc:fb:0b:91:d7:e2:7c:c4:e8:a0:0a: 23:d4:65:20:5c:c2:55:9c:0f:28:fd:4a:d7:46:74: f5:b2:ed:5c:f4:5c:fe:b8:3d:9a:7d:34:b8:db:74: 33:e5:84:4f:87:ec:64:eb:99:4e:76:1f:83:55:83: b9:4f:a9:05:27:c9:fd:aa:e1:b0:aa:4d:bf:43:99: d9:c4:4f:64:83:cd:69:0a:a3:78:e9:df:50:2e:00: 1e:40:2f:df:a1:44:1a:6e:3d:37:6c:c4:ed:8b:24: 19:44:10:70:b7:5e:b8:cf:6d:2a:2b:a0:b0:03:b2: ce:e4:e0:ea:a2:a7:6d:0f:dd:87:35:64:fd:f4:1c: c1:65 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 97:AB:1A:3D:B0:42:FC:D1:3D:53:F6:00:4F:79:72:7A:BD:23:D2:13 X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/l6saPbBC_NE9U_YAT3lyer0j0hM.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 45.252.144.0/22 Signature Algorithm: sha256WithRSAEncryption 42:c6:ac:87:f9:ce:f5:b9:b5:cd:60:ed:88:50:bd:13:3e:49: f1:de:49:7b:0d:73:02:53:44:09:f8:d2:8d:72:e6:02:be:ef: cc:6f:b2:f2:1e:2f:15:e6:eb:16:45:1a:7a:94:93:61:19:ff: 79:b4:14:b4:53:71:0d:e0:8f:35:a4:27:f2:33:52:0e:5d:3b: 38:d1:2a:77:51:d8:7e:bc:cd:c0:aa:cf:9b:aa:6f:5d:e2:ad: 00:f9:b5:a7:3e:2b:a3:ce:cd:a9:22:71:bd:1b:d6:60:75:26: 85:b0:a0:75:8f:e6:e3:5b:bc:2d:ed:14:9f:48:9c:a1:3c:ed: 06:87:74:ec:75:91:82:c4:24:d5:05:e1:ef:f3:e3:ee:9d:5a: d1:f1:bf:dd:48:d1:3b:ee:50:a6:d6:4a:ef:7c:cc:3b:03:57: 81:7c:24:8e:7e:d4:6a:b2:46:3e:5f:37:4d:10:fc:85:bf:f3: ea:91:97:4b:2a:0c:05:b7:87:b4:b8:6a:d2:c5:0d:be:2a:13: f4:2a:05:3b:49:99:57:cc:37:ce:6c:20:e0:01:2f:d9:d7:81: 46:9b:17:53:35:b6:b7:28:76:1b:b1:2f:ed:7c:18:2f:d1:fd: ac:8b:4b:ca:9b:ad:c1:b7:5e:98:e6:3c:4e:cb:b3:c9:6a:c4: 29:b6:35:c5 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICHJUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTA3MTcw MzQ4MDNaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDk3QUIxQTNEQjA0MkZD RDEzRDUzRjYwMDRGNzk3MjdBQkQyM0QyMTMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDTkdp0cCRaP8wqdTqra+Wq1jgb/F9WXNbbnp3GkiswjAA+PquR RSegtq7iU9nc+hpOt780/QP0q0Bmp2dhFcFnC4uOY0Y69tgRrk8GwvLgHreta3j3 3b3vEco57BCDSX0JFCjYnM1iCV8gnrwhQHHBmu5Oy7q04jmHQzD8+wuR1+J8xOig CiPUZSBcwlWcDyj9StdGdPWy7Vz0XP64PZp9NLjbdDPlhE+H7GTrmU52H4NVg7lP qQUnyf2q4bCqTb9DmdnET2SDzWkKo3jp31AuAB5AL9+hRBpuPTdsxO2LJBlEEHC3 XrjPbSoroLADss7k4Oqip20P3Yc1ZP30HMFlAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUl6saPbBC/NE9U/YAT3lyer0j0hMwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L2w2c2FQYkJDX05FOVVf WUFUM2x5ZXIwajBoTS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAIt/JAwDQYJKoZIhvcNAQELBQADggEBAELGrIf5zvW5tc1g7YhQvRM+SfHeSXsN cwJTRAn40o1y5gK+78xvsvIeLxXm6xZFGnqUk2EZ/3m0FLRTcQ3gjzWkJ/IzUg5d OzjRKndR2H68zcCqz5uqb13irQD5tac+K6POzakicb0b1mB1JoWwoHWP5uNbvC3t FJ9InKE87QaHdOx1kYLEJNUF4e/z4+6dWtHxv91I0TvuUKbWSu98zDsDV4F8JI5+ 1GqyRj5fN00Q/IW/8+qRl0sqDAW3h7S4atLFDb4qE/QqBTtJmVfMN85sIOABL9nX gUabF1M1trcodhuxL+18GC/R/ayLS8qbrcG3XpjmPE7Ls8lqxCm2NcU= -----END CERTIFICATE-----Generated at Tue Jul 22 06:00:33 2025 by rpki-client