$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/817/7eU9_cvF4mUpsayYPTdPeEsZ2wA.roa File: 7eU9_cvF4mUpsayYPTdPeEsZ2wA.roa (raw, json) Hash identifier: NjSJJxtClv0vUgd5uwZf62Y88F3NJMG5e+X2h4nTvNQ= Subject key identifier: ED:E5:3D:FD:CB:C5:E2:65:29:B1:AC:98:3D:37:4F:78:4B:19:DB:00 Certificate issuer: /CN=2A711AA7DC60049B0B0D884897E015B1171F37B9 Certificate serial: 2170 Authority key identifier: 2A:71:1A:A7:DC:60:04:9B:0B:0D:88:48:97:E0:15:B1:17:1F:37:B9 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/7eU9_cvF4mUpsayYPTdPeEsZ2wA.roa Signing time: Fri 29 Aug 2025 09:05:22 +0000 ROA not before: Fri 29 Aug 2025 09:05:22 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 59077 IP address blocks: 113.31.160.0/20 maxlen: 20 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/KnEap9xgBJsLDYhIl-AVsRcfN7k.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/KnEap9xgBJsLDYhIl-AVsRcfN7k.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 09 Sep 2025 11:06:22 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8560 (0x2170) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2A711AA7DC60049B0B0D884897E015B1171F37B9 Validity Not Before: Aug 29 09:05:22 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=EDE53DFDCBC5E26529B1AC983D374F784B19DB00 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:82:c8:6e:28:1d:b9:c9:e5:4a:67:9d:99:f5: 38:58:7b:24:9d:dd:02:3a:40:6f:39:98:12:fb:3d: 1c:1c:da:80:2f:c0:cd:39:58:f2:c0:3e:1f:bd:6b: 13:1c:7a:45:0f:c3:13:c6:aa:18:a1:df:87:46:e2: 82:e0:a6:51:9f:1c:92:29:fe:3f:4c:e6:e2:00:af: 7b:53:92:f1:f8:38:39:b7:ef:d7:b3:d2:67:43:d2: 2d:88:1d:cd:14:64:8c:a8:26:46:21:d3:86:2c:21: 2e:b4:4d:7d:07:9c:29:4e:7c:16:a6:7a:d7:3f:50: 47:0c:7a:da:e9:eb:07:91:8b:9f:86:e4:e5:79:e5: 78:a7:1a:07:73:2f:10:54:1e:b1:bc:e2:c8:1f:32: c6:36:d3:f3:1f:49:b1:ca:95:80:1b:5b:82:c5:e7: 9e:cb:24:a4:a4:cb:6c:94:2d:8a:7a:86:90:58:71: 34:64:ab:e0:c9:bd:01:2f:df:e8:50:0f:16:ae:9c: 8a:00:7b:cf:d9:79:b3:93:d3:07:44:0e:7d:48:46: 2b:1d:5c:aa:09:d7:75:97:fc:29:ca:74:14:74:e3: 10:55:00:f4:af:5f:0e:2d:9e:f5:04:f1:86:2a:c1: 3c:44:a5:68:a6:03:5d:1f:70:aa:71:f6:47:a5:1c: 94:53 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: ED:E5:3D:FD:CB:C5:E2:65:29:B1:AC:98:3D:37:4F:78:4B:19:DB:00 X509v3 Authority Key Identifier: keyid:2A:71:1A:A7:DC:60:04:9B:0B:0D:88:48:97:E0:15:B1:17:1F:37:B9 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/KnEap9xgBJsLDYhIl-AVsRcfN7k.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/7eU9_cvF4mUpsayYPTdPeEsZ2wA.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 113.31.160.0/20 Signature Algorithm: sha256WithRSAEncryption 72:d8:ab:9d:c9:76:4e:fd:b9:de:b8:eb:52:0e:2b:17:08:d9: 40:48:dc:53:bf:68:98:c4:c8:b7:ed:23:f8:ee:f9:81:e0:8c: 55:7d:ed:80:9a:91:1b:c0:92:a6:2b:54:2f:02:ce:c9:d7:f4: c6:f9:73:bc:da:3b:da:08:ae:e1:8d:8e:be:86:e1:ad:dd:85: 6d:f7:dd:7a:a0:13:c5:e1:74:37:ff:64:63:a4:49:32:6d:e5: 76:42:c1:e4:ee:b8:a1:f5:87:d1:51:39:52:a3:19:65:8c:9b: d8:e8:08:fb:0b:73:dc:57:83:e3:f3:ca:ff:5d:f1:5b:ba:87: 6a:26:3a:95:64:01:65:c3:ce:f2:eb:93:bc:b4:c1:94:fa:8a: 16:cc:50:f6:74:d7:09:f4:33:33:03:70:52:7f:db:fe:42:b0: c4:32:e7:a3:bc:eb:c8:a9:08:9b:f4:4f:6a:77:58:01:b5:58: 72:a4:df:75:99:78:15:5a:98:da:bd:6d:74:11:e5:6b:04:e1: 76:84:2b:81:10:eb:89:3d:56:da:1e:14:49:ee:94:a7:fe:e3: f0:e0:70:97:02:82:60:10:e1:74:53:99:58:63:d1:53:4a:f3: f4:f6:e1:94:03:7e:e3:5f:49:37:db:15:14:39:aa:d9:fd:42: 8d:9f:e9:23 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICIXAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkE3 MTFBQTdEQzYwMDQ5QjBCMEQ4ODQ4OTdFMDE1QjExNzFGMzdCOTAeFw0yNTA4Mjkw OTA1MjJaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKEVERTUzREZEQ0JDNUUy NjUyOUIxQUM5ODNEMzc0Rjc4NEIxOURCMDAwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCwgshuKB25yeVKZ52Z9ThYeySd3QI6QG85mBL7PRwc2oAvwM05 WPLAPh+9axMcekUPwxPGqhih34dG4oLgplGfHJIp/j9M5uIAr3tTkvH4ODm379ez 0mdD0i2IHc0UZIyoJkYh04YsIS60TX0HnClOfBametc/UEcMetrp6weRi5+G5OV5 5XinGgdzLxBUHrG84sgfMsY20/MfSbHKlYAbW4LF557LJKSky2yULYp6hpBYcTRk q+DJvQEv3+hQDxaunIoAe8/ZebOT0wdEDn1IRisdXKoJ13WX/CnKdBR04xBVAPSv Xw4tnvUE8YYqwTxEpWimA10fcKpx9kelHJRTAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQU7eU9/cvF4mUpsayYPTdPeEsZ2wAwHwYDVR0jBBgwFoAUKnEap9xgBJsLDYhI l+AVsRcfN7kwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODE3 L0tuRWFwOXhnQkpzTERZaElsLUFWc1JjZk43ay5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvS25FYXA5eGdCSnNMRFloSWwtQVZzUmNmTjdrLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODE3LzdlVTlfY3ZGNG1VcHNh eVlQVGRQZUVzWjJ3QS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BARxH6AwDQYJKoZIhvcNAQELBQADggEBAHLYq53Jdk79ud6461IOKxcI2UBI3FO/ aJjEyLftI/ju+YHgjFV97YCakRvAkqYrVC8CzsnX9Mb5c7zaO9oIruGNjr6G4a3d hW333XqgE8XhdDf/ZGOkSTJt5XZCweTuuKH1h9FROVKjGWWMm9joCPsLc9xXg+Pz yv9d8Vu6h2omOpVkAWXDzvLrk7y0wZT6ihbMUPZ01wn0MzMDcFJ/2/5CsMQy56O8 68ipCJv0T2p3WAG1WHKk33WZeBVamNq9bXQR5WsE4XaEK4EQ64k9VtoeFEnulKf+ 4/DgcJcCgmAQ4XRTmVhj0VNK8/T24ZQDfuNfSTfbFRQ5qtn9Qo2f6SM= -----END CERTIFICATE-----Generated at Tue Sep 9 10:44:21 2025 by rpki-client