$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/unpF1-CViugO-_M1S7HzjzJfrOQ.roa File: unpF1-CViugO-_M1S7HzjzJfrOQ.roa (raw, json) Hash identifier: 8EwJ825xE94Phb3jSzQ/QWbKZLpYosa+B8v+Zvr4L38= Subject key identifier: BA:7A:45:D7:E0:95:8A:E8:0E:FB:F3:35:4B:B1:F3:8F:32:5F:AC:E4 Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 1CA5 Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/unpF1-CViugO-_M1S7HzjzJfrOQ.roa Signing time: Thu 17 Jul 2025 03:51:34 +0000 ROA not before: Thu 17 Jul 2025 03:51:34 +0000 ROA not after: Fri 03 Apr 2026 08:00:09 +0000 asID: 25734 IP address blocks: 103.221.0.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 21 Jul 2025 13:41:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7333 (0x1ca5) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Jul 17 03:51:34 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=BA7A45D7E0958AE80EFBF3354BB1F38F325FACE4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:eb:3f:99:60:1b:61:ca:90:99:2f:fa:42:e8:8f: 1c:ed:75:98:60:ae:50:3c:a6:fd:10:2b:2a:f3:20: c8:d6:2d:15:57:13:97:a5:d4:c5:42:7c:6f:e6:5f: 9b:43:47:2c:0b:36:ed:3d:de:22:23:23:12:a4:25: ff:04:96:12:50:bb:82:38:1e:31:a5:b7:9b:20:37: a7:b5:78:21:29:e7:66:bc:76:15:96:3d:3c:f6:31: 06:d3:05:94:4a:6e:f2:bf:16:5e:2b:c4:83:6a:ef: 9e:ea:7c:a5:25:e1:3a:1c:5c:de:2f:6c:12:6a:05: d8:4a:f1:e3:99:67:42:b8:61:62:1d:9b:13:9d:72: 38:11:88:4a:b7:ac:fb:5a:a0:f1:62:f4:da:2b:f9: c5:e7:7d:59:11:9c:ae:cf:fd:e5:70:96:bf:79:c6: b4:64:fc:a8:7e:1c:a2:8a:9a:01:23:31:7d:80:c0: d0:b7:64:38:10:01:3d:45:7f:f7:40:98:e3:16:19: bf:fd:25:70:e5:05:26:1f:af:52:8f:fc:24:13:d7: 37:f8:d3:d1:e5:14:1a:b2:bc:c6:28:37:2a:d4:db: 84:47:39:a6:30:aa:20:93:0e:53:1c:38:2b:b2:39: 0c:05:e7:0f:bb:f1:20:32:77:c5:f2:60:29:da:01: 4c:51 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BA:7A:45:D7:E0:95:8A:E8:0E:FB:F3:35:4B:B1:F3:8F:32:5F:AC:E4 X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/unpF1-CViugO-_M1S7HzjzJfrOQ.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.221.0.0/22 Signature Algorithm: sha256WithRSAEncryption a3:f6:bb:83:e1:83:b0:7d:a5:49:41:7c:04:d9:2c:19:b7:a2: c3:8d:44:af:76:4e:3b:02:9d:67:47:18:9f:46:e5:a5:49:95: 1f:58:ea:bd:f7:98:9b:e9:3e:30:47:8d:f7:bc:39:07:43:e8: a5:16:04:c5:b1:20:a6:aa:87:9f:d3:28:b1:ac:ab:e9:7b:f7: 1f:71:48:9e:d4:04:8e:11:2c:c3:46:ea:7c:c3:d8:c6:89:93: bd:19:2f:9f:05:83:da:e6:67:7f:ed:78:1a:bd:84:22:ce:fe: 2b:bc:83:8a:8e:36:02:e0:73:f3:b9:15:fe:a3:3c:44:9e:a9: 7a:01:c2:c3:74:19:ac:cf:c0:be:ce:59:ad:ff:e8:78:1e:61: 9f:0d:be:5c:47:ae:a6:71:b9:27:1c:6e:6d:e1:a3:ae:17:44: 51:44:36:a3:ca:24:e7:dd:81:c8:21:28:c8:1b:a0:73:2e:17: 67:25:d7:5f:b1:cb:9e:6c:e6:f7:15:96:ab:af:fa:80:ed:16: 95:32:bd:90:c6:e4:01:08:b4:b3:e2:2d:68:65:23:7a:73:6e: 7b:87:79:76:b9:63:c5:3c:e1:86:da:7b:78:04:91:c0:67:35: 63:a6:ea:8e:44:e1:52:de:b1:15:a3:bc:18:1b:22:63:7a:3f: 6d:b0:87:19 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICHKUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTA3MTcw MzUxMzRaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKEJBN0E0NUQ3RTA5NThB RTgwRUZCRjMzNTRCQjFGMzhGMzI1RkFDRTQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDrP5lgG2HKkJkv+kLojxztdZhgrlA8pv0QKyrzIMjWLRVXE5el 1MVCfG/mX5tDRywLNu093iIjIxKkJf8ElhJQu4I4HjGlt5sgN6e1eCEp52a8dhWW PTz2MQbTBZRKbvK/Fl4rxINq757qfKUl4TocXN4vbBJqBdhK8eOZZ0K4YWIdmxOd cjgRiEq3rPtaoPFi9Nor+cXnfVkRnK7P/eVwlr95xrRk/Kh+HKKKmgEjMX2AwNC3 ZDgQAT1Ff/dAmOMWGb/9JXDlBSYfr1KP/CQT1zf409HlFBqyvMYoNyrU24RHOaYw qiCTDlMcOCuyOQwF5w+78SAyd8XyYCnaAUxRAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUunpF1+CViugO+/M1S7HzjzJfrOQwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L3VucEYxLUNWaXVnTy1f TTFTN0h6anpKZnJPUS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAJn3QAwDQYJKoZIhvcNAQELBQADggEBAKP2u4Phg7B9pUlBfATZLBm3osONRK92 TjsCnWdHGJ9G5aVJlR9Y6r33mJvpPjBHjfe8OQdD6KUWBMWxIKaqh5/TKLGsq+l7 9x9xSJ7UBI4RLMNG6nzD2MaJk70ZL58Fg9rmZ3/teBq9hCLO/iu8g4qONgLgc/O5 Ff6jPESeqXoBwsN0GazPwL7OWa3/6HgeYZ8NvlxHrqZxuSccbm3ho64XRFFENqPK JOfdgcghKMgboHMuF2cl11+xy55s5vcVlquv+oDtFpUyvZDG5AEItLPiLWhlI3pz bnuHeXa5Y8U84Ybae3gEkcBnNWOm6o5E4VLesRWjvBgbImN6P22whxk= -----END CERTIFICATE-----Generated at Mon Jul 21 13:24:32 2025 by rpki-client