$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/721/X9U6c4cYKAx0rXhgtX8hkxalSFs.roa File: X9U6c4cYKAx0rXhgtX8hkxalSFs.roa (raw, json) Hash identifier: GoRC8cSZH4f3OWCxKXSnZPnR9NAmS+/EImBAzeimhQ8= Subject key identifier: 5F:D5:3A:73:87:18:28:0C:74:AD:78:60:B5:7F:21:93:16:A5:48:5B Certificate issuer: /CN=EE887ACC7CE4B5F66CCF4946F02BFACBDE28B76A Certificate serial: 1E7A Authority key identifier: EE:88:7A:CC:7C:E4:B5:F6:6C:CF:49:46:F0:2B:FA:CB:DE:28:B7:6A Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/7oh6zHzktfZsz0lG8Cv6y94ot2o.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/721/X9U6c4cYKAx0rXhgtX8hkxalSFs.roa Signing time: Sat 06 Sep 2025 08:02:56 +0000 ROA not before: Sat 06 Sep 2025 08:02:56 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 134764 IP address blocks: 43.255.212.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/721/7oh6zHzktfZsz0lG8Cv6y94ot2o.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/721/7oh6zHzktfZsz0lG8Cv6y94ot2o.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/7oh6zHzktfZsz0lG8Cv6y94ot2o.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 08 Sep 2025 01:02:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7802 (0x1e7a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=EE887ACC7CE4B5F66CCF4946F02BFACBDE28B76A Validity Not Before: Sep 6 08:02:56 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=5FD53A738718280C74AD7860B57F219316A5485B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e6:9e:6b:b6:5b:ba:d9:53:e6:76:83:d9:6f:c5: 3d:2a:47:01:6c:ad:0a:bf:98:08:ae:5b:7d:c8:0e: bc:98:2a:41:96:56:53:ab:3e:fc:21:60:82:15:fd: 14:58:34:4c:18:09:32:66:bd:49:4c:a6:3e:24:eb: 45:47:41:32:98:ae:06:35:16:3a:bc:47:a5:b0:7b: b9:e4:58:cf:97:f6:f1:fe:c2:9e:b0:15:86:18:2a: be:f7:be:4b:74:a3:8e:91:3d:bd:9d:dc:13:66:e7: 34:36:fb:7b:d7:85:9c:b6:77:6b:58:38:49:74:a9: 15:f7:d2:6e:1d:b6:3b:09:86:09:1f:47:d1:2e:b9: 22:2e:24:f2:74:f0:e7:05:0d:53:13:57:ca:ab:4a: bd:a3:3c:31:fb:d7:48:6c:58:1a:ac:8d:c7:db:3a: b3:7b:b0:dd:11:a6:c1:2c:d7:dc:27:05:e1:eb:80: fe:5e:20:7a:18:b7:73:1e:74:2b:16:cd:5f:59:65: 89:f3:4c:a8:ab:0d:16:fe:7f:f1:28:b8:ac:63:9e: a8:b6:d1:81:26:e8:83:df:92:0e:66:ab:b8:dc:cb: cf:bc:34:c1:5a:f2:18:4a:2f:96:5b:9e:a7:a7:66: 86:72:be:c3:19:48:ac:8e:26:87:b8:bc:24:6a:b2: 89:21 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5F:D5:3A:73:87:18:28:0C:74:AD:78:60:B5:7F:21:93:16:A5:48:5B X509v3 Authority Key Identifier: keyid:EE:88:7A:CC:7C:E4:B5:F6:6C:CF:49:46:F0:2B:FA:CB:DE:28:B7:6A X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/721/7oh6zHzktfZsz0lG8Cv6y94ot2o.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/7oh6zHzktfZsz0lG8Cv6y94ot2o.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/721/X9U6c4cYKAx0rXhgtX8hkxalSFs.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 43.255.212.0/22 Signature Algorithm: sha256WithRSAEncryption 9e:ec:d4:b4:b6:f6:5d:5e:8b:32:03:cf:cd:da:fe:87:69:f3: 20:b5:53:b3:16:85:da:c4:ee:cc:eb:e9:42:23:0b:96:8d:30: 76:86:01:f2:9d:3f:f5:3a:3f:a1:62:91:ee:c5:8c:6a:c8:eb: b9:32:08:d9:06:9c:86:26:bd:a7:83:20:bc:01:c9:0d:4b:62: 14:dc:ca:f2:e7:10:9f:65:28:4d:a0:61:0c:50:a5:c8:3c:b6: 9d:20:41:7a:1c:41:80:e1:08:cb:19:e4:06:84:80:7b:17:d8: b6:1b:b1:d5:fc:70:4c:e2:8c:fc:33:10:53:c5:40:99:e2:4e: 6b:f6:7d:4a:94:51:4e:a4:b6:bd:09:7f:5a:95:ea:30:6b:17: 50:75:d8:21:d4:a3:d3:c4:0c:13:e6:be:c5:61:33:2f:ed:a6: db:6c:5e:0d:b4:f8:e6:af:9b:ed:bb:fa:a9:2e:24:73:98:c4: 64:87:02:74:d3:a9:68:52:34:8c:51:72:ee:54:73:d2:6e:91: 1b:38:e5:58:4d:62:8c:61:1b:99:34:7f:55:d1:61:30:4f:a1: c4:50:85:d9:c4:25:83:50:02:44:ea:f9:e5:7b:9c:2c:ca:d4: f9:b9:03:ed:df:7d:ec:51:11:24:46:d2:95:36:25:5d:94:fe: 49:03:1a:63 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICHnowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUU4 ODdBQ0M3Q0U0QjVGNjZDQ0Y0OTQ2RjAyQkZBQ0JERTI4Qjc2QTAeFw0yNTA5MDYw ODAyNTZaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDVGRDUzQTczODcxODI4 MEM3NEFENzg2MEI1N0YyMTkzMTZBNTQ4NUIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDmnmu2W7rZU+Z2g9lvxT0qRwFsrQq/mAiuW33IDryYKkGWVlOr PvwhYIIV/RRYNEwYCTJmvUlMpj4k60VHQTKYrgY1Fjq8R6Wwe7nkWM+X9vH+wp6w FYYYKr73vkt0o46RPb2d3BNm5zQ2+3vXhZy2d2tYOEl0qRX30m4dtjsJhgkfR9Eu uSIuJPJ08OcFDVMTV8qrSr2jPDH710hsWBqsjcfbOrN7sN0RpsEs19wnBeHrgP5e IHoYt3MedCsWzV9ZZYnzTKirDRb+f/EouKxjnqi20YEm6IPfkg5mq7jcy8+8NMFa 8hhKL5ZbnqenZoZyvsMZSKyOJoe4vCRqsokhAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUX9U6c4cYKAx0rXhgtX8hkxalSFswHwYDVR0jBBgwFoAU7oh6zHzktfZsz0lG 8Cv6y94ot2owGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzIx LzdvaDZ6SHprdGZac3owbEc4Q3Y2eTk0b3Qyby5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvN29oNnpIemt0ZlpzejBsRzhDdjZ5OTRvdDJvLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzIxL1g5VTZjNGNZS0F4MHJY aGd0WDhoa3hhbFNGcy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAIr/9QwDQYJKoZIhvcNAQELBQADggEBAJ7s1LS29l1eizIDz83a/odp8yC1U7MW hdrE7szr6UIjC5aNMHaGAfKdP/U6P6Fike7FjGrI67kyCNkGnIYmvaeDILwByQ1L YhTcyvLnEJ9lKE2gYQxQpcg8tp0gQXocQYDhCMsZ5AaEgHsX2LYbsdX8cEzijPwz EFPFQJniTmv2fUqUUU6ktr0Jf1qV6jBrF1B12CHUo9PEDBPmvsVhMy/tpttsXg20 +Oavm+27+qkuJHOYxGSHAnTTqWhSNIxRcu5Uc9JukRs45VhNYoxhG5k0f1XRYTBP ocRQhdnEJYNQAkTq+eV7nCzK1Pm5A+3ffexRESRG0pU2JV2U/kkDGmM= -----END CERTIFICATE-----Generated at Sun Sep 7 22:23:32 2025 by rpki-client