$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/817/34WSiniWfYPasTdJd2mS6KRyIcg.roa File: 34WSiniWfYPasTdJd2mS6KRyIcg.roa (raw, json) Hash identifier: isIILatFjxpsyTCDkibrASRKIldly/tc/qnfmot9qfM= Subject key identifier: DF:85:92:8A:78:96:7D:83:DA:B1:37:49:77:69:92:E8:A4:72:21:C8 Certificate issuer: /CN=2A711AA7DC60049B0B0D884897E015B1171F37B9 Certificate serial: 21A1 Authority key identifier: 2A:71:1A:A7:DC:60:04:9B:0B:0D:88:48:97:E0:15:B1:17:1F:37:B9 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/34WSiniWfYPasTdJd2mS6KRyIcg.roa Signing time: Fri 29 Aug 2025 09:05:32 +0000 ROA not before: Fri 29 Aug 2025 09:05:32 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 4811 IP address blocks: 113.31.144.0/20 maxlen: 20 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/KnEap9xgBJsLDYhIl-AVsRcfN7k.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/KnEap9xgBJsLDYhIl-AVsRcfN7k.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 08 Sep 2025 01:34:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8609 (0x21a1) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2A711AA7DC60049B0B0D884897E015B1171F37B9 Validity Not Before: Aug 29 09:05:32 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=DF85928A78967D83DAB13749776992E8A47221C8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:22:be:5e:b4:5b:09:cd:8e:19:02:9e:64:86: d4:25:b8:55:d3:a4:f8:f6:25:48:2d:03:90:c2:b1: de:f6:6e:6e:f3:7d:0b:47:72:da:aa:8f:b9:97:4f: 00:e2:ff:e3:c5:e2:29:fe:16:a6:ba:f3:3d:bd:7d: 9c:0f:ec:05:2b:bb:64:11:e4:f4:83:57:61:84:78: de:88:5a:f7:c0:e2:e0:08:1c:47:27:ad:29:da:73: 38:e2:d8:c6:0d:8b:dd:93:d7:21:e0:6d:77:b9:4a: e6:eb:62:ce:f7:fb:8f:cc:fd:a3:f8:66:4e:c7:c2: 8b:1a:99:8f:aa:93:f0:ef:21:9b:2b:6d:d1:ab:ce: c9:11:86:2c:a9:89:cb:05:76:69:53:bc:e7:5c:c2: b7:ae:e5:30:b0:b2:d4:44:ec:56:f6:40:45:79:45: ba:f5:7a:ca:6a:c1:f8:fe:09:aa:74:9c:de:9c:dc: 29:5f:71:0e:15:f4:b2:99:2c:de:cd:e6:03:7f:85: 4d:70:dc:ac:25:a2:3d:87:9e:14:d5:2c:25:82:82: da:17:b9:4e:6b:57:91:55:a3:66:b6:77:b3:25:f9: c0:19:82:86:94:fb:a8:90:ff:2c:72:fe:0c:87:ef: 04:dc:f0:ca:01:3f:b1:89:b6:3f:a1:d1:ee:f8:ff: b4:a5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DF:85:92:8A:78:96:7D:83:DA:B1:37:49:77:69:92:E8:A4:72:21:C8 X509v3 Authority Key Identifier: keyid:2A:71:1A:A7:DC:60:04:9B:0B:0D:88:48:97:E0:15:B1:17:1F:37:B9 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/KnEap9xgBJsLDYhIl-AVsRcfN7k.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/34WSiniWfYPasTdJd2mS6KRyIcg.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 113.31.144.0/20 Signature Algorithm: sha256WithRSAEncryption 6b:d0:a6:24:2a:e7:c7:e7:f5:7a:00:b0:c0:9e:7e:d5:b4:26: a5:43:3d:60:a2:87:a5:96:d1:a3:33:ba:2b:aa:d1:00:f8:9c: 71:0f:38:5a:57:7a:8d:8d:51:2f:4d:5d:b6:3d:86:81:43:7a: 09:3b:9a:55:9a:4b:dd:8f:e8:a8:f8:7b:0e:6f:fd:5b:11:3d: c3:37:03:5b:a4:7f:23:f8:83:9b:ac:e5:00:41:c4:fc:b0:90: 49:09:52:e4:1c:ed:96:e2:79:82:7f:31:ab:63:02:3e:f0:37: 50:ff:be:ab:9b:aa:0a:06:69:5c:9a:00:1f:bd:17:ce:03:47: ba:59:bd:21:01:bd:dd:cf:8e:0d:00:5d:1a:5d:67:ed:58:62: b0:b9:61:03:3f:e8:b7:4b:7e:d9:4a:a3:97:78:f6:de:a4:16: 1c:d7:6d:e0:d9:98:29:65:74:1b:95:c5:71:83:e6:38:23:5f: c4:12:ae:cf:f8:ea:b0:51:f1:ed:aa:c6:84:b4:43:ec:f4:2e: de:97:7b:66:a0:03:63:e5:eb:3b:f1:4c:b1:f1:97:53:7c:e0: 30:5c:fe:35:a2:ac:fc:05:85:ef:6d:52:79:37:2f:75:1d:9b: 45:dc:71:46:64:fd:6e:d7:40:fb:c3:8f:c7:26:1f:71:37:f3: 3b:ba:ae:30 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICIaEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkE3 MTFBQTdEQzYwMDQ5QjBCMEQ4ODQ4OTdFMDE1QjExNzFGMzdCOTAeFw0yNTA4Mjkw OTA1MzJaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKERGODU5MjhBNzg5NjdE ODNEQUIxMzc0OTc3Njk5MkU4QTQ3MjIxQzgwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDGIr5etFsJzY4ZAp5khtQluFXTpPj2JUgtA5DCsd72bm7zfQtH ctqqj7mXTwDi/+PF4in+Fqa68z29fZwP7AUru2QR5PSDV2GEeN6IWvfA4uAIHEcn rSnaczji2MYNi92T1yHgbXe5SubrYs73+4/M/aP4Zk7HwosamY+qk/DvIZsrbdGr zskRhiypicsFdmlTvOdcwreu5TCwstRE7Fb2QEV5Rbr1espqwfj+Cap0nN6c3Clf cQ4V9LKZLN7N5gN/hU1w3Kwloj2HnhTVLCWCgtoXuU5rV5FVo2a2d7Ml+cAZgoaU +6iQ/yxy/gyH7wTc8MoBP7GJtj+h0e74/7SlAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQU34WSiniWfYPasTdJd2mS6KRyIcgwHwYDVR0jBBgwFoAUKnEap9xgBJsLDYhI l+AVsRcfN7kwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODE3 L0tuRWFwOXhnQkpzTERZaElsLUFWc1JjZk43ay5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvS25FYXA5eGdCSnNMRFloSWwtQVZzUmNmTjdrLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODE3LzM0V1NpbmlXZllQYXNU ZEpkMm1TNktSeUljZy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BARxH5AwDQYJKoZIhvcNAQELBQADggEBAGvQpiQq58fn9XoAsMCeftW0JqVDPWCi h6WW0aMzuiuq0QD4nHEPOFpXeo2NUS9NXbY9hoFDegk7mlWaS92P6Kj4ew5v/VsR PcM3A1ukfyP4g5us5QBBxPywkEkJUuQc7ZbieYJ/MatjAj7wN1D/vqubqgoGaVya AB+9F84DR7pZvSEBvd3Pjg0AXRpdZ+1YYrC5YQM/6LdLftlKo5d49t6kFhzXbeDZ mClldBuVxXGD5jgjX8QSrs/46rBR8e2qxoS0Q+z0Lt6Xe2agA2Pl6zvxTLHxl1N8 4DBc/jWirPwFhe9tUnk3L3Udm0XccUZk/W7XQPvDj8cmH3E38zu6rjA= -----END CERTIFICATE-----Generated at Sun Sep 7 22:24:04 2025 by rpki-client