$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/rjcG7Q5Nhd4AqWQ69hx1b8QFfaE.roa File: rjcG7Q5Nhd4AqWQ69hx1b8QFfaE.roa (raw, json) Hash identifier: JP7GG7lqZXyDAW+fRro5G+IySD8yp0ANCKgcvl+GGPo= Subject key identifier: AE:37:06:ED:0E:4D:85:DE:00:A9:64:3A:F6:1C:75:6F:C4:05:7D:A1 Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 1C99 Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/rjcG7Q5Nhd4AqWQ69hx1b8QFfaE.roa Signing time: Thu 17 Jul 2025 03:48:04 +0000 ROA not before: Thu 17 Jul 2025 03:48:04 +0000 ROA not after: Fri 03 Apr 2026 08:00:09 +0000 asID: 25734 IP address blocks: 103.220.252.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 21 Jul 2025 09:00:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7321 (0x1c99) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Jul 17 03:48:04 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=AE3706ED0E4D85DE00A9643AF61C756FC4057DA1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:41:2b:32:61:89:a1:cf:a0:03:ba:4b:bd:2b: 34:63:8a:37:ad:9a:8c:5f:04:bd:23:34:09:63:e3: 7b:73:7b:02:da:0f:d6:32:cd:e4:a5:da:8e:36:51: 45:f2:5a:02:fc:15:a2:75:3a:9d:db:a5:cb:b4:54: 21:21:6c:23:b0:db:e2:22:b4:ce:67:80:6b:44:43: 92:ab:6d:65:84:b5:ed:38:ac:72:5f:57:ba:57:a8: fa:0c:fa:bc:7b:74:7a:09:ef:72:c4:08:1f:de:0b: 43:48:3c:65:f2:cf:78:f5:3a:4b:30:a5:5f:82:ae: 26:e0:71:80:68:ca:31:45:9b:8e:4e:69:53:51:5f: a9:c8:60:98:98:97:d8:e5:69:50:08:80:19:8d:ed: eb:36:2a:20:3f:b6:15:61:70:51:a1:0f:a8:7e:3f: 5a:8c:30:62:43:f3:7e:6d:2c:d7:42:3b:20:8d:72: e8:01:90:2e:77:39:f6:c9:2f:b9:93:6d:af:6d:18: e0:17:2e:0d:d0:54:02:a3:81:34:01:e3:42:b8:04: 6b:ba:fa:8d:5e:e9:d1:4f:f4:da:94:60:bd:b3:54: 53:a4:a7:b7:ed:89:be:3d:d8:a5:95:8f:3e:67:50: 9f:2b:f9:e8:9f:72:8b:fa:bc:f3:bd:d4:99:54:53: 09:e3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AE:37:06:ED:0E:4D:85:DE:00:A9:64:3A:F6:1C:75:6F:C4:05:7D:A1 X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/rjcG7Q5Nhd4AqWQ69hx1b8QFfaE.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.220.252.0/22 Signature Algorithm: sha256WithRSAEncryption d2:9f:3f:b4:3b:72:09:fc:bc:fb:0d:e2:14:4e:45:28:87:9c: ac:cf:9d:5c:cc:62:41:3a:fa:7f:f9:08:4f:0b:af:69:ec:b8: e7:14:0c:c9:ac:9b:b0:af:6c:50:0d:cf:a1:eb:c2:d8:ab:f7: 1f:5c:40:15:ec:29:7c:de:45:5b:2a:91:e9:96:d5:1c:26:1d: d8:c0:6e:54:76:a9:d6:e0:fe:2c:c1:0e:7f:8b:ae:65:3e:74: e6:ac:05:32:a5:ea:a4:70:0e:3f:69:c9:63:ad:35:97:63:15: e2:85:b9:d6:e9:6c:0a:2f:36:1a:b5:c7:27:75:8c:74:50:2b: e1:04:ba:48:8f:f2:91:35:66:e7:d3:c0:ea:8a:85:55:44:18: 8a:4a:be:50:fc:1b:9b:03:76:4e:08:45:42:cd:a3:9a:55:22: 0b:83:5a:47:3e:82:07:81:46:ee:5e:3d:7c:43:5f:55:37:e6: 4b:8a:90:28:b8:1e:6c:5c:d2:c5:6f:2a:b9:d4:3a:09:e3:3b: bf:0f:b6:c0:02:fe:bc:2f:8b:24:64:9d:59:cd:b7:f3:8e:3c: 8f:3b:21:2b:50:1a:7e:b6:1d:9e:fb:c3:fd:7a:9c:8c:29:8c: 2f:aa:e2:d0:80:0b:11:0e:85:6b:c2:23:1f:ec:db:32:29:42: b1:23:20:e8 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICHJkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTA3MTcw MzQ4MDRaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKEFFMzcwNkVEMEU0RDg1 REUwMEE5NjQzQUY2MUM3NTZGQzQwNTdEQTEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDOQSsyYYmhz6ADuku9KzRjijetmoxfBL0jNAlj43tzewLaD9Yy zeSl2o42UUXyWgL8FaJ1Op3bpcu0VCEhbCOw2+IitM5ngGtEQ5KrbWWEte04rHJf V7pXqPoM+rx7dHoJ73LECB/eC0NIPGXyz3j1OkswpV+CribgcYBoyjFFm45OaVNR X6nIYJiYl9jlaVAIgBmN7es2KiA/thVhcFGhD6h+P1qMMGJD835tLNdCOyCNcugB kC53OfbJL7mTba9tGOAXLg3QVAKjgTQB40K4BGu6+o1e6dFP9NqUYL2zVFOkp7ft ib492KWVjz5nUJ8r+eifcov6vPO91JlUUwnjAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUrjcG7Q5Nhd4AqWQ69hx1b8QFfaEwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L3JqY0c3UTVOaGQ0QXFX UTY5aHgxYjhRRmZhRS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAJn3PwwDQYJKoZIhvcNAQELBQADggEBANKfP7Q7cgn8vPsN4hRORSiHnKzPnVzM YkE6+n/5CE8Lr2nsuOcUDMmsm7CvbFANz6Hrwtir9x9cQBXsKXzeRVsqkemW1Rwm HdjAblR2qdbg/izBDn+LrmU+dOasBTKl6qRwDj9pyWOtNZdjFeKFudbpbAovNhq1 xyd1jHRQK+EEukiP8pE1ZufTwOqKhVVEGIpKvlD8G5sDdk4IRULNo5pVIguDWkc+ ggeBRu5ePXxDX1U35kuKkCi4Hmxc0sVvKrnUOgnjO78PtsAC/rwviyRknVnNt/OO PI87IStQGn62HZ77w/16nIwpjC+q4tCACxEOhWvCIx/s2zIpQrEjIOg= -----END CERTIFICATE-----Generated at Mon Jul 21 08:14:50 2025 by rpki-client