$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/721/ErfEwcAx898tX4S9822NVXpbrGo.roa File: ErfEwcAx898tX4S9822NVXpbrGo.roa (raw, json) Hash identifier: VAxgA96n0yvdmKEC0RETcM04sas17swBidGI/3NcD+c= Subject key identifier: 12:B7:C4:C1:C0:31:F3:DF:2D:5F:84:BD:F3:6D:8D:55:7A:5B:AC:6A Certificate issuer: /CN=EE887ACC7CE4B5F66CCF4946F02BFACBDE28B76A Certificate serial: 1E7B Authority key identifier: EE:88:7A:CC:7C:E4:B5:F6:6C:CF:49:46:F0:2B:FA:CB:DE:28:B7:6A Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/7oh6zHzktfZsz0lG8Cv6y94ot2o.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/721/ErfEwcAx898tX4S9822NVXpbrGo.roa Signing time: Sat 06 Sep 2025 08:02:56 +0000 ROA not before: Sat 06 Sep 2025 08:02:56 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 56040 IP address blocks: 43.255.212.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/721/7oh6zHzktfZsz0lG8Cv6y94ot2o.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/721/7oh6zHzktfZsz0lG8Cv6y94ot2o.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/7oh6zHzktfZsz0lG8Cv6y94ot2o.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 08 Sep 2025 11:03:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7803 (0x1e7b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=EE887ACC7CE4B5F66CCF4946F02BFACBDE28B76A Validity Not Before: Sep 6 08:02:56 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=12B7C4C1C031F3DF2D5F84BDF36D8D557A5BAC6A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:a7:a6:09:ba:7f:79:f3:d9:a3:25:16:0f:5f: 50:07:f4:cb:74:a6:ca:7f:b4:ec:36:42:b0:b6:81: 02:b1:e2:64:e7:f2:43:0b:e9:83:42:25:81:22:fc: 79:1f:59:46:7b:51:4f:1f:56:1c:97:86:16:74:b0: 86:ba:d2:93:b0:53:95:fd:94:e3:6b:b6:fb:9a:3e: af:6d:9e:77:e7:f4:7f:cf:0e:14:97:ec:fd:cc:f7: 49:f8:0c:2f:16:f7:db:b9:9e:c1:f6:f3:66:e3:50: eb:e2:a8:16:68:e0:6f:b6:75:6d:e1:96:c2:d5:d5: 0a:5f:e4:c0:e9:d6:ec:6a:60:5f:87:43:f1:06:c8: 76:ff:60:5e:8e:4c:fc:d6:c9:4a:7e:5c:d1:fd:a8: 66:59:de:c0:ed:9e:bf:e0:5c:26:ed:d6:d4:1d:2e: 5b:c8:64:bc:7c:f2:5b:58:3f:4d:2e:64:ee:5c:a0: 77:de:71:d8:96:fd:b2:50:8f:58:45:fa:a4:40:7b: 61:f7:d9:d4:c3:d8:b3:0e:81:27:f6:f7:e0:65:21: 22:d2:1a:2a:74:4a:7a:32:21:72:5b:01:23:27:94: 53:c9:01:f1:11:4d:27:8d:3e:1b:d3:62:2c:fd:b5: b7:76:4a:84:40:68:56:89:6a:5c:5a:db:ff:dd:35: 4c:89 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 12:B7:C4:C1:C0:31:F3:DF:2D:5F:84:BD:F3:6D:8D:55:7A:5B:AC:6A X509v3 Authority Key Identifier: keyid:EE:88:7A:CC:7C:E4:B5:F6:6C:CF:49:46:F0:2B:FA:CB:DE:28:B7:6A X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/721/7oh6zHzktfZsz0lG8Cv6y94ot2o.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/7oh6zHzktfZsz0lG8Cv6y94ot2o.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/721/ErfEwcAx898tX4S9822NVXpbrGo.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 43.255.212.0/22 Signature Algorithm: sha256WithRSAEncryption 20:6e:89:7f:e3:4a:f4:f8:7f:08:d2:a5:0f:2d:00:5a:9a:68: 21:69:5e:cc:3e:e3:d6:37:21:9c:cc:b0:1a:60:75:36:d1:9e: c0:86:36:c7:ec:b3:94:5b:c8:6b:91:fb:c6:94:c4:2a:a2:c8: fd:f4:a0:de:89:4c:8d:a9:e3:b5:f4:54:a6:24:c4:99:58:61: f4:26:1b:22:cb:78:8f:17:1f:4f:19:dc:e7:91:c7:3c:fb:c6: c0:4e:35:8d:d9:d5:c9:b4:5a:2a:07:59:00:92:1d:a2:97:bf: d6:50:74:5c:f1:32:0c:bd:ed:b5:19:45:00:e8:6b:69:ab:bf: 83:91:a2:00:f4:c5:a2:4b:3a:12:fd:e6:f3:1d:2c:00:b9:5c: 13:df:b0:c1:22:34:2e:b1:b1:11:61:ff:b6:ea:7a:d1:b8:79: f5:85:5a:97:ad:54:93:3b:f1:ea:6a:fb:e6:f8:37:f2:64:bd: da:68:94:0d:a5:af:28:07:bc:24:76:a5:4d:a8:fd:95:0d:0a: 20:76:45:f6:65:19:0e:ab:b2:99:06:2e:cb:2d:fb:24:e4:b5: 8f:d2:90:8b:8f:aa:3a:0b:68:cb:d9:84:44:7a:7c:26:d0:fe: f7:8d:ff:15:0f:9d:f3:61:a7:45:f7:6b:5b:a8:cd:4e:72:2d: ec:12:39:0d -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICHnswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUU4 ODdBQ0M3Q0U0QjVGNjZDQ0Y0OTQ2RjAyQkZBQ0JERTI4Qjc2QTAeFw0yNTA5MDYw ODAyNTZaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDEyQjdDNEMxQzAzMUYz REYyRDVGODRCREYzNkQ4RDU1N0E1QkFDNkEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDBp6YJun9589mjJRYPX1AH9Mt0psp/tOw2QrC2gQKx4mTn8kML 6YNCJYEi/HkfWUZ7UU8fVhyXhhZ0sIa60pOwU5X9lONrtvuaPq9tnnfn9H/PDhSX 7P3M90n4DC8W99u5nsH282bjUOviqBZo4G+2dW3hlsLV1Qpf5MDp1uxqYF+HQ/EG yHb/YF6OTPzWyUp+XNH9qGZZ3sDtnr/gXCbt1tQdLlvIZLx88ltYP00uZO5coHfe cdiW/bJQj1hF+qRAe2H32dTD2LMOgSf29+BlISLSGip0SnoyIXJbASMnlFPJAfER TSeNPhvTYiz9tbd2SoRAaFaJalxa2//dNUyJAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUErfEwcAx898tX4S9822NVXpbrGowHwYDVR0jBBgwFoAU7oh6zHzktfZsz0lG 8Cv6y94ot2owGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzIx LzdvaDZ6SHprdGZac3owbEc4Q3Y2eTk0b3Qyby5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvN29oNnpIemt0ZlpzejBsRzhDdjZ5OTRvdDJvLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzIxL0VyZkV3Y0F4ODk4dFg0 Uzk4MjJOVlhwYnJHby5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAIr/9QwDQYJKoZIhvcNAQELBQADggEBACBuiX/jSvT4fwjSpQ8tAFqaaCFpXsw+ 49Y3IZzMsBpgdTbRnsCGNsfss5RbyGuR+8aUxCqiyP30oN6JTI2p47X0VKYkxJlY YfQmGyLLeI8XH08Z3OeRxzz7xsBONY3Z1cm0WioHWQCSHaKXv9ZQdFzxMgy97bUZ RQDoa2mrv4ORogD0xaJLOhL95vMdLAC5XBPfsMEiNC6xsRFh/7bqetG4efWFWpet VJM78epq++b4N/JkvdpolA2lrygHvCR2pU2o/ZUNCiB2RfZlGQ6rspkGLsst+yTk tY/SkIuPqjoLaMvZhER6fCbQ/veN/xUPnfNhp0X3a1uozU5yLewSOQ0= -----END CERTIFICATE-----Generated at Mon Sep 8 09:05:07 2025 by rpki-client