$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/817/1breWxgW9TC1Ib7MWbfrAug7ylE.roa File: 1breWxgW9TC1Ib7MWbfrAug7ylE.roa (raw, json) Hash identifier: FQjZYynNfK7Nbo7IVqURqPzFJByt/z7KiTw0aaFsayo= Subject key identifier: D5:BA:DE:5B:18:16:F5:30:B5:21:BE:CC:59:B7:EB:02:E8:3B:CA:51 Certificate issuer: /CN=2A711AA7DC60049B0B0D884897E015B1171F37B9 Certificate serial: 217C Authority key identifier: 2A:71:1A:A7:DC:60:04:9B:0B:0D:88:48:97:E0:15:B1:17:1F:37:B9 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/1breWxgW9TC1Ib7MWbfrAug7ylE.roa Signing time: Fri 29 Aug 2025 09:05:24 +0000 ROA not before: Fri 29 Aug 2025 09:05:24 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 58466 IP address blocks: 106.75.176.0/20 maxlen: 20 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/KnEap9xgBJsLDYhIl-AVsRcfN7k.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/KnEap9xgBJsLDYhIl-AVsRcfN7k.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 08 Sep 2025 16:34:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8572 (0x217c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2A711AA7DC60049B0B0D884897E015B1171F37B9 Validity Not Before: Aug 29 09:05:24 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=D5BADE5B1816F530B521BECC59B7EB02E83BCA51 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:e6:23:e2:49:f4:a8:1d:ad:2e:b4:90:2d:3c: 7e:78:ff:ad:5a:3a:9a:02:bd:49:43:96:64:27:c8: 44:2d:ac:e1:e2:69:3a:f1:84:5c:23:05:63:a6:86: 80:26:8b:18:f5:6f:80:e6:e5:ee:5e:55:60:ef:ed: 97:5a:16:a3:2c:36:14:88:63:c9:31:33:43:31:aa: 2c:05:a6:88:f3:da:e8:e5:6f:43:a3:f8:70:1b:54: 6b:52:a1:16:14:0a:9c:7c:16:22:00:5b:93:de:2d: c5:b5:16:b5:c8:2e:03:bc:51:48:8f:0b:c0:75:9b: 11:a9:ea:6d:84:9d:d5:19:24:fe:7c:65:c0:f3:61: 74:f1:1b:32:94:e8:64:02:cc:4c:c7:87:35:db:6d: 60:7a:b4:2c:83:69:be:a2:af:60:c6:04:17:e1:b7: b7:b3:e5:6a:4b:c2:fc:70:df:c6:bb:d9:22:23:f2: 8a:1f:07:80:63:b2:1c:56:a1:1b:09:3b:a7:33:0a: 35:7a:5b:a3:f2:7b:25:e0:dd:f1:e2:a8:1f:fe:14: a5:c8:c9:47:a6:4d:bb:f0:74:9c:e7:a3:51:80:e5: 86:ae:d9:5b:a8:f2:c7:df:0c:81:ef:35:fe:88:2d: 41:4e:ad:14:91:c1:24:17:ca:a2:2a:f7:53:c5:4a: 57:29 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D5:BA:DE:5B:18:16:F5:30:B5:21:BE:CC:59:B7:EB:02:E8:3B:CA:51 X509v3 Authority Key Identifier: keyid:2A:71:1A:A7:DC:60:04:9B:0B:0D:88:48:97:E0:15:B1:17:1F:37:B9 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/KnEap9xgBJsLDYhIl-AVsRcfN7k.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/1breWxgW9TC1Ib7MWbfrAug7ylE.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 106.75.176.0/20 Signature Algorithm: sha256WithRSAEncryption 0a:1a:69:4e:0c:40:28:4e:e5:33:6c:53:9a:a5:70:fe:21:e3: d1:d5:5c:b4:73:6f:8e:8b:b5:cf:55:5a:77:f7:cf:61:ad:b9: a5:1d:56:91:35:16:d0:63:7b:e7:d4:9b:f8:51:07:1b:88:bf: da:ac:33:38:8c:7c:1d:cd:e3:a5:44:d9:f7:4f:da:70:ee:2b: b9:44:cd:a8:75:cb:fa:59:1c:c3:7c:7c:2d:53:59:d8:0b:2d: b6:82:b1:dc:e8:32:dc:9b:1f:9c:f1:38:28:3c:cf:a3:e3:a1: 2a:c8:92:fa:1e:1f:59:59:a2:2f:e2:12:2f:03:be:b5:c2:fe: 4d:18:61:69:e3:75:27:9c:84:3e:6e:22:c2:7d:58:50:ba:b6: ab:64:29:ba:9e:18:e0:92:69:ef:cb:19:e5:3d:d4:af:23:0e: af:e0:1a:46:c2:83:db:0c:59:61:c7:7c:9c:00:ad:59:a0:dd: fd:15:b5:38:8c:6b:a3:66:48:3d:a5:a6:f7:78:63:e4:3f:ee: 6a:07:a8:c2:0c:eb:46:23:d0:3b:a3:1c:56:69:43:01:1b:2e: 29:a2:13:29:b6:26:5c:e2:45:e5:d0:4c:42:88:c1:24:70:6b: 70:1f:79:87:c4:a5:b5:66:87:bd:54:d9:3a:59:81:7c:67:b5: 57:88:6e:f3 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICIXwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkE3 MTFBQTdEQzYwMDQ5QjBCMEQ4ODQ4OTdFMDE1QjExNzFGMzdCOTAeFw0yNTA4Mjkw OTA1MjRaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKEQ1QkFERTVCMTgxNkY1 MzBCNTIxQkVDQzU5QjdFQjAyRTgzQkNBNTEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDH5iPiSfSoHa0utJAtPH54/61aOpoCvUlDlmQnyEQtrOHiaTrx hFwjBWOmhoAmixj1b4Dm5e5eVWDv7ZdaFqMsNhSIY8kxM0MxqiwFpojz2ujlb0Oj +HAbVGtSoRYUCpx8FiIAW5PeLcW1FrXILgO8UUiPC8B1mxGp6m2EndUZJP58ZcDz YXTxGzKU6GQCzEzHhzXbbWB6tCyDab6ir2DGBBfht7ez5WpLwvxw38a72SIj8oof B4BjshxWoRsJO6czCjV6W6PyeyXg3fHiqB/+FKXIyUemTbvwdJzno1GA5Yau2Vuo 8sffDIHvNf6ILUFOrRSRwSQXyqIq91PFSlcpAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQU1breWxgW9TC1Ib7MWbfrAug7ylEwHwYDVR0jBBgwFoAUKnEap9xgBJsLDYhI l+AVsRcfN7kwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODE3 L0tuRWFwOXhnQkpzTERZaElsLUFWc1JjZk43ay5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvS25FYXA5eGdCSnNMRFloSWwtQVZzUmNmTjdrLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODE3LzFicmVXeGdXOVRDMUli N01XYmZyQXVnN3lsRS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BARqS7AwDQYJKoZIhvcNAQELBQADggEBAAoaaU4MQChO5TNsU5qlcP4h49HVXLRz b46Ltc9VWnf3z2GtuaUdVpE1FtBje+fUm/hRBxuIv9qsMziMfB3N46VE2fdP2nDu K7lEzah1y/pZHMN8fC1TWdgLLbaCsdzoMtybH5zxOCg8z6PjoSrIkvoeH1lZoi/i Ei8DvrXC/k0YYWnjdSechD5uIsJ9WFC6tqtkKbqeGOCSae/LGeU91K8jDq/gGkbC g9sMWWHHfJwArVmg3f0VtTiMa6NmSD2lpvd4Y+Q/7moHqMIM60Yj0DujHFZpQwEb LimiEym2JlziReXQTEKIwSRwa3AfeYfEpbVmh71U2TpZgXxntVeIbvM= -----END CERTIFICATE-----Generated at Mon Sep 8 13:35:14 2025 by rpki-client