$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/817/DBkGffNMWR3382PMF3RwUCWxlyw.roa File: DBkGffNMWR3382PMF3RwUCWxlyw.roa (raw, json) Hash identifier: r0Kkl/ztnn7ND/PoBkeyI5UcaFRdwAXwuo1RNn2mfak= Subject key identifier: 0C:19:06:7D:F3:4C:59:1D:F7:F3:63:CC:17:74:70:50:25:B1:97:2C Certificate issuer: /CN=2A711AA7DC60049B0B0D884897E015B1171F37B9 Certificate serial: 219F Authority key identifier: 2A:71:1A:A7:DC:60:04:9B:0B:0D:88:48:97:E0:15:B1:17:1F:37:B9 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/DBkGffNMWR3382PMF3RwUCWxlyw.roa Signing time: Fri 29 Aug 2025 09:05:32 +0000 ROA not before: Fri 29 Aug 2025 09:05:32 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 4808 IP address blocks: 106.75.0.0/19 maxlen: 19 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/KnEap9xgBJsLDYhIl-AVsRcfN7k.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/KnEap9xgBJsLDYhIl-AVsRcfN7k.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 07 Sep 2025 05:34:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8607 (0x219f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2A711AA7DC60049B0B0D884897E015B1171F37B9 Validity Not Before: Aug 29 09:05:32 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=0C19067DF34C591DF7F363CC1774705025B1972C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dd:8d:69:ee:56:8f:ca:04:36:7f:aa:a7:1c:69: 34:b1:0d:95:f5:75:43:e2:da:5e:da:49:b7:19:d5: 94:a0:5d:7a:68:8f:20:dc:aa:1c:ad:c9:34:66:16: 12:8e:f8:4b:12:3e:67:03:5b:b6:16:8a:af:48:01: b6:7b:ca:a5:66:45:b6:e8:41:8c:c3:f9:3a:44:28: e5:5f:7c:4e:d3:05:07:e1:cf:c6:9b:e0:cc:da:b9: bf:3e:44:05:4c:c7:cf:66:ef:54:ad:8f:4d:28:fe: d5:e4:19:65:9a:64:e6:13:66:86:7a:de:da:09:ff: 8a:ad:e8:ce:3a:7e:bd:51:21:5d:9c:1a:42:e8:3a: 47:7c:f0:f7:6b:7f:1f:b4:78:85:31:8b:9a:9d:2e: f8:7a:0f:96:91:b2:21:82:0d:34:82:35:44:12:fe: f5:d4:88:4e:3e:45:80:5a:e5:86:45:b8:27:26:b1: 09:7c:79:89:c4:80:67:44:08:09:f0:82:b0:84:45: 5c:b0:1d:96:f8:d5:73:33:bf:1c:da:81:ae:d4:27: fe:89:3e:fc:5f:3a:68:a3:83:56:28:4c:87:06:07: 67:eb:a2:ca:22:67:30:c4:13:cf:d8:5d:0a:17:ff: 81:6f:3b:12:70:6e:9a:1f:d7:d6:29:cc:d0:9e:7c: ab:c9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0C:19:06:7D:F3:4C:59:1D:F7:F3:63:CC:17:74:70:50:25:B1:97:2C X509v3 Authority Key Identifier: keyid:2A:71:1A:A7:DC:60:04:9B:0B:0D:88:48:97:E0:15:B1:17:1F:37:B9 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/KnEap9xgBJsLDYhIl-AVsRcfN7k.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/DBkGffNMWR3382PMF3RwUCWxlyw.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 106.75.0.0/19 Signature Algorithm: sha256WithRSAEncryption 23:06:1e:98:6c:20:c1:6d:0f:b3:b8:c0:f4:73:72:13:9c:0e: 7c:bd:0f:14:7f:81:e4:f9:f9:ec:f9:b8:24:de:eb:55:80:66: 45:d7:d8:aa:39:a4:88:94:7a:3c:d5:71:15:25:7a:08:5a:d5: 31:6a:ec:57:83:16:30:92:7e:ca:19:88:3a:fe:06:35:46:51: b5:e8:90:6f:f2:fd:54:b7:9b:26:5f:c1:a5:7f:05:90:2d:5d: b0:24:3a:b4:e4:25:ab:88:02:5b:8e:fa:6e:f4:c0:09:c1:2b: a5:61:95:86:2a:76:23:c9:2a:c1:f0:a8:ed:3d:58:96:2f:28: 09:2e:9c:43:9f:a3:20:83:06:06:68:5a:74:1e:c8:4e:74:cc: 42:8e:74:b6:b8:ee:e7:25:0f:16:81:7e:b6:5a:54:d9:ad:a5: 3d:13:e9:6d:6c:b7:18:91:19:d8:16:cf:8e:31:3c:be:c8:e5: ef:dc:19:30:e4:a4:64:32:2a:17:e2:b7:1f:69:54:2a:78:48: 90:bb:81:40:fd:77:80:c5:61:7b:04:9b:a3:cb:43:b8:08:92: 6f:81:92:db:ff:2b:be:79:b8:41:11:26:67:f5:1e:f5:96:c3: 20:b3:95:37:75:9f:40:58:a2:0f:27:6d:4a:b9:74:03:0a:61: 53:cb:55:61 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICIZ8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkE3 MTFBQTdEQzYwMDQ5QjBCMEQ4ODQ4OTdFMDE1QjExNzFGMzdCOTAeFw0yNTA4Mjkw OTA1MzJaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDBDMTkwNjdERjM0QzU5 MURGN0YzNjNDQzE3NzQ3MDUwMjVCMTk3MkMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDdjWnuVo/KBDZ/qqccaTSxDZX1dUPi2l7aSbcZ1ZSgXXpojyDc qhytyTRmFhKO+EsSPmcDW7YWiq9IAbZ7yqVmRbboQYzD+TpEKOVffE7TBQfhz8ab 4Mzaub8+RAVMx89m71Stj00o/tXkGWWaZOYTZoZ63toJ/4qt6M46fr1RIV2cGkLo Okd88Pdrfx+0eIUxi5qdLvh6D5aRsiGCDTSCNUQS/vXUiE4+RYBa5YZFuCcmsQl8 eYnEgGdECAnwgrCERVywHZb41XMzvxzaga7UJ/6JPvxfOmijg1YoTIcGB2frosoi ZzDEE8/YXQoX/4FvOxJwbpof19YpzNCefKvJAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUDBkGffNMWR3382PMF3RwUCWxlywwHwYDVR0jBBgwFoAUKnEap9xgBJsLDYhI l+AVsRcfN7kwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODE3 L0tuRWFwOXhnQkpzTERZaElsLUFWc1JjZk43ay5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvS25FYXA5eGdCSnNMRFloSWwtQVZzUmNmTjdrLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODE3L0RCa0dmZk5NV1IzMzgy UE1GM1J3VUNXeGx5dy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAVqSwAwDQYJKoZIhvcNAQELBQADggEBACMGHphsIMFtD7O4wPRzchOcDny9DxR/ geT5+ez5uCTe61WAZkXX2Ko5pIiUejzVcRUlegha1TFq7FeDFjCSfsoZiDr+BjVG UbXokG/y/VS3myZfwaV/BZAtXbAkOrTkJauIAluO+m70wAnBK6VhlYYqdiPJKsHw qO09WJYvKAkunEOfoyCDBgZoWnQeyE50zEKOdLa47uclDxaBfrZaVNmtpT0T6W1s txiRGdgWz44xPL7I5e/cGTDkpGQyKhfitx9pVCp4SJC7gUD9d4DFYXsEm6PLQ7gI km+Bktv/K755uEERJmf1HvWWwyCzlTd1n0BYog8nbUq5dAMKYVPLVWE= -----END CERTIFICATE-----Generated at Sun Sep 7 03:31:53 2025 by rpki-client