$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/357/A7_TBOfWNcoCaZKhjBsM-eCbm1E.roa File: A7_TBOfWNcoCaZKhjBsM-eCbm1E.roa (raw, json) Hash identifier: +dDBCkGwdU2tDXqTGw8aRO3YIU674YysRVfukmnjpWE= Subject key identifier: 03:BF:D3:04:E7:D6:35:CA:02:69:92:A1:8C:1B:0C:F9:E0:9B:9B:51 Certificate issuer: /CN=B3BA6AEF3B8FA2E5D9B5E43438E0020D426A1ECA Certificate serial: 1935 Authority key identifier: B3:BA:6A:EF:3B:8F:A2:E5:D9:B5:E4:34:38:E0:02:0D:42:6A:1E:CA Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/s7pq7zuPouXZteQ0OOACDUJqHso.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/357/A7_TBOfWNcoCaZKhjBsM-eCbm1E.roa Signing time: Sat 06 Sep 2025 08:04:56 +0000 ROA not before: Sat 06 Sep 2025 08:04:56 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 37963 IP address blocks: 112.124.0.0/14 maxlen: 14 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/357/s7pq7zuPouXZteQ0OOACDUJqHso.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/357/s7pq7zuPouXZteQ0OOACDUJqHso.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/s7pq7zuPouXZteQ0OOACDUJqHso.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 09 Sep 2025 11:06:22 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6453 (0x1935) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=B3BA6AEF3B8FA2E5D9B5E43438E0020D426A1ECA Validity Not Before: Sep 6 08:04:56 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=03BFD304E7D635CA026992A18C1B0CF9E09B9B51 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:78:b6:a9:3c:cb:9f:54:2d:00:e4:4f:84:fc: 9c:ad:66:6d:77:39:d1:31:e6:16:2a:34:89:dc:fb: 87:cb:4a:d3:ce:b3:0f:0e:67:e8:64:4e:e1:95:97: bd:e2:07:45:64:10:f6:29:99:a7:25:c4:fa:b2:06: c2:7f:21:22:5f:cf:61:51:49:97:aa:2f:6b:8c:d9: 8a:e4:ff:3b:b7:3e:22:9f:25:e1:d8:33:7f:1c:14: a6:7f:67:34:35:a7:9a:a1:07:aa:1a:05:34:e6:db: c4:d5:46:09:13:38:9c:bb:41:fe:45:b5:7e:3c:61: 9e:74:fe:3f:ff:5b:a1:c8:54:aa:23:a1:e9:5a:27: 94:56:a0:fd:ce:4a:2a:e8:eb:95:bd:ac:b3:b0:07: c3:68:3f:d6:8f:3f:21:c5:f0:a8:2a:71:5c:04:5e: 15:64:c7:3b:06:b4:6a:af:9a:d0:3a:d0:a6:37:25: f4:96:0a:6d:87:e7:f5:e4:65:c6:db:df:98:34:6b: c0:6c:54:31:e1:e7:12:c5:1a:61:c4:a5:6e:19:33: a2:61:9a:b0:5e:2c:ce:14:60:f4:60:a1:1e:74:8c: f8:35:3a:e3:be:6f:34:63:ac:93:0c:0a:18:6f:e9: 37:16:79:b5:88:15:7f:d8:23:5d:3f:8f:4d:0d:f7: 55:cd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 03:BF:D3:04:E7:D6:35:CA:02:69:92:A1:8C:1B:0C:F9:E0:9B:9B:51 X509v3 Authority Key Identifier: keyid:B3:BA:6A:EF:3B:8F:A2:E5:D9:B5:E4:34:38:E0:02:0D:42:6A:1E:CA X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/357/s7pq7zuPouXZteQ0OOACDUJqHso.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/s7pq7zuPouXZteQ0OOACDUJqHso.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/357/A7_TBOfWNcoCaZKhjBsM-eCbm1E.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 112.124.0.0/14 Signature Algorithm: sha256WithRSAEncryption 9c:df:6d:b9:75:6f:c4:9b:ae:f4:f7:bf:9a:ef:01:dd:e5:18: 5d:33:b3:e5:15:88:c3:20:70:4c:d7:22:f8:fe:61:bb:86:df: a3:54:37:8a:69:33:06:ac:bd:27:dd:d1:20:f0:df:60:40:6a: 29:6f:57:7f:0c:3c:15:a5:af:08:4d:9c:05:25:9c:f1:a4:a6: 93:49:8a:69:99:d8:e0:78:47:4b:67:c2:f3:4b:b8:da:64:48: b4:18:b7:9e:7c:c1:b5:40:b0:cb:25:4c:57:88:b9:8d:82:45: d5:0f:7b:cc:f8:32:a9:81:6c:95:30:fd:e8:91:0b:6d:f5:4f: e0:67:6d:e0:fa:d6:66:a2:c4:f0:f2:22:08:96:1e:bc:ba:0d: dd:16:81:a4:08:0a:8e:eb:17:93:3b:6c:ee:cc:94:32:c4:13: d3:1b:30:2a:7a:4a:b8:68:23:ee:1e:4c:3d:f5:7b:cf:c9:82: c3:ba:d7:12:7b:c4:3f:37:0b:d4:13:75:54:11:c4:b2:05:e9: 58:24:52:97:e6:e9:a1:a6:2b:c6:6f:b2:0e:74:7f:4d:96:0a: ae:48:5a:5a:da:bc:cd:ed:a8:00:fc:3f:ae:8a:21:e1:e6:51: db:ff:28:fb:b1:0a:fe:6d:93:15:50:aa:57:06:36:bc:b3:9a: 4d:1f:58:df -----BEGIN CERTIFICATE----- MIIE1DCCA7ygAwIBAgICGTUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQjNC QTZBRUYzQjhGQTJFNUQ5QjVFNDM0MzhFMDAyMEQ0MjZBMUVDQTAeFw0yNTA5MDYw ODA0NTZaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDAzQkZEMzA0RTdENjM1 Q0EwMjY5OTJBMThDMUIwQ0Y5RTA5QjlCNTEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCueLapPMufVC0A5E+E/JytZm13OdEx5hYqNInc+4fLStPOsw8O Z+hkTuGVl73iB0VkEPYpmaclxPqyBsJ/ISJfz2FRSZeqL2uM2Yrk/zu3PiKfJeHY M38cFKZ/ZzQ1p5qhB6oaBTTm28TVRgkTOJy7Qf5FtX48YZ50/j//W6HIVKojoela J5RWoP3OSiro65W9rLOwB8NoP9aPPyHF8KgqcVwEXhVkxzsGtGqvmtA60KY3JfSW Cm2H5/XkZcbb35g0a8BsVDHh5xLFGmHEpW4ZM6JhmrBeLM4UYPRgoR50jPg1OuO+ bzRjrJMMChhv6TcWebWIFX/YI10/j00N91XNAgMBAAGjggHwMIIB7DAdBgNVHQ4E FgQUA7/TBOfWNcoCaZKhjBsM+eCbm1EwHwYDVR0jBBgwFoAUs7pq7zuPouXZteQ0 OOACDUJqHsowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzU3 L3M3cHE3enVQb3VYWnRlUTBPT0FDRFVKcUhzby5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvczdwcTd6dVBvdVhadGVRME9PQUNEVUpxSHNvLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzU3L0E3X1RCT2ZXTmNvQ2Fa S2hqQnNNLWVDYm0xRS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD AwJwfDANBgkqhkiG9w0BAQsFAAOCAQEAnN9tuXVvxJuu9Pe/mu8B3eUYXTOz5RWI wyBwTNci+P5hu4bfo1Q3imkzBqy9J93RIPDfYEBqKW9Xfww8FaWvCE2cBSWc8aSm k0mKaZnY4HhHS2fC80u42mRItBi3nnzBtUCwyyVMV4i5jYJF1Q97zPgyqYFslTD9 6JELbfVP4Gdt4PrWZqLE8PIiCJYevLoN3RaBpAgKjusXkzts7syUMsQT0xswKnpK uGgj7h5MPfV7z8mCw7rXEnvEPzcL1BN1VBHEsgXpWCRSl+bpoaYrxm+yDnR/TZYK rkhaWtq8ze2oAPw/rooh4eZR2/8o+7EK/m2TFVCqVwY2vLOaTR9Y3w== -----END CERTIFICATE-----Generated at Tue Sep 9 08:05:16 2025 by rpki-client