$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/817/F44_EqTfTh-Xjwg9Wd-7FXEhZsY.roa File: F44_EqTfTh-Xjwg9Wd-7FXEhZsY.roa (raw, json) Hash identifier: IrsKWtQ5Ze9uurN9cn/9CSnoWwAArzUNs1Hv1O2W7fs= Subject key identifier: 17:8E:3F:12:A4:DF:4E:1F:97:8F:08:3D:59:DF:BB:15:71:21:66:C6 Certificate issuer: /CN=2A711AA7DC60049B0B0D884897E015B1171F37B9 Certificate serial: 2171 Authority key identifier: 2A:71:1A:A7:DC:60:04:9B:0B:0D:88:48:97:E0:15:B1:17:1F:37:B9 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/F44_EqTfTh-Xjwg9Wd-7FXEhZsY.roa Signing time: Fri 29 Aug 2025 09:05:22 +0000 ROA not before: Fri 29 Aug 2025 09:05:22 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 59077 IP address blocks: 106.75.128.0/20 maxlen: 20 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/KnEap9xgBJsLDYhIl-AVsRcfN7k.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/KnEap9xgBJsLDYhIl-AVsRcfN7k.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 09 Sep 2025 11:06:22 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8561 (0x2171) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2A711AA7DC60049B0B0D884897E015B1171F37B9 Validity Not Before: Aug 29 09:05:22 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=178E3F12A4DF4E1F978F083D59DFBB15712166C6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:7a:06:5b:51:42:1b:41:2d:48:f7:1d:84:33: 17:cf:f5:80:2e:49:ed:b3:18:13:7d:d3:e6:0d:9d: 73:75:75:9e:26:34:d6:8f:96:89:7d:81:ef:51:5b: d0:aa:20:d7:6d:52:28:23:7d:4d:c9:b2:60:58:65: 83:e0:77:41:ff:ad:bb:5c:30:c8:fe:26:03:c3:4b: c7:48:bf:78:76:32:56:a1:c5:24:c6:bb:de:6a:c0: 6a:6b:e2:48:a8:39:fb:91:4d:ad:16:ae:7d:52:cd: ff:36:76:c0:d0:87:18:7a:78:86:2c:f2:04:cc:50: 55:ae:e3:7d:a8:13:57:40:db:76:39:42:26:9d:46: f8:a1:c7:d8:94:f3:5d:68:aa:59:24:83:c3:a3:f9: 16:5f:a4:fe:e1:3f:5c:bd:e8:09:51:5b:23:dd:e4: 22:aa:fa:e6:b8:ce:c7:53:ea:44:48:f6:cd:ea:90: f2:3c:c3:fe:a6:45:60:25:be:61:89:f7:68:3b:34: b0:5e:28:20:a3:99:21:29:50:fa:ee:a0:e9:4b:ba: c8:5d:8d:ca:06:c5:63:fe:82:56:8a:22:f8:ae:50: 22:ec:5f:84:98:fe:8c:d5:d2:08:c4:07:98:da:22: 9f:b6:38:98:78:62:e2:55:66:ce:c0:e3:e3:78:71: d1:5b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 17:8E:3F:12:A4:DF:4E:1F:97:8F:08:3D:59:DF:BB:15:71:21:66:C6 X509v3 Authority Key Identifier: keyid:2A:71:1A:A7:DC:60:04:9B:0B:0D:88:48:97:E0:15:B1:17:1F:37:B9 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/KnEap9xgBJsLDYhIl-AVsRcfN7k.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/F44_EqTfTh-Xjwg9Wd-7FXEhZsY.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 106.75.128.0/20 Signature Algorithm: sha256WithRSAEncryption 0f:00:2f:84:58:20:cd:2f:97:f2:eb:9a:03:fe:c0:70:c7:4c: d9:f7:e7:e4:3c:98:db:4d:19:05:49:72:a1:2d:22:fa:a6:37: 90:10:1c:15:15:78:22:91:eb:45:0f:54:fd:cd:d0:95:6a:d4: 6c:3f:71:37:50:5b:ca:2b:c5:be:2d:17:0a:af:fa:b7:b4:c3: 8d:cf:3f:b9:b1:a1:ec:06:1a:fa:3d:a7:85:b0:58:07:bc:ff: 78:e4:49:fd:62:b0:47:00:dd:bb:d2:1d:ce:02:ac:7a:43:5d: 92:ec:c7:86:27:9f:03:65:dc:0c:98:80:ba:8d:4c:f2:4f:e9: 31:b5:78:bb:f4:e0:89:1f:6b:e0:21:07:77:e6:5e:4c:42:90: f1:94:8f:26:5b:fa:de:de:84:25:c8:d4:da:89:eb:f9:83:8f: f6:54:1a:8e:21:55:7a:87:a0:98:3e:db:26:f8:27:0a:7c:cd: 55:76:90:a3:11:86:d4:54:01:33:45:7e:c6:27:6d:df:05:7f: 37:72:27:df:f1:c8:94:26:6f:c3:66:33:51:a2:ca:c6:3e:18: cc:8d:e0:e1:cd:3d:e0:a1:71:be:ce:91:47:7a:69:fa:6a:3b: 70:48:ad:62:d3:77:2d:5e:f0:50:ef:ee:9a:3c:e9:ec:fd:3a: 64:48:3d:81 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICIXEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkE3 MTFBQTdEQzYwMDQ5QjBCMEQ4ODQ4OTdFMDE1QjExNzFGMzdCOTAeFw0yNTA4Mjkw OTA1MjJaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDE3OEUzRjEyQTRERjRF MUY5NzhGMDgzRDU5REZCQjE1NzEyMTY2QzYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCwegZbUUIbQS1I9x2EMxfP9YAuSe2zGBN90+YNnXN1dZ4mNNaP lol9ge9RW9CqINdtUigjfU3JsmBYZYPgd0H/rbtcMMj+JgPDS8dIv3h2MlahxSTG u95qwGpr4kioOfuRTa0Wrn1Szf82dsDQhxh6eIYs8gTMUFWu432oE1dA23Y5Qiad Rvihx9iU811oqlkkg8Oj+RZfpP7hP1y96AlRWyPd5CKq+ua4zsdT6kRI9s3qkPI8 w/6mRWAlvmGJ92g7NLBeKCCjmSEpUPruoOlLushdjcoGxWP+glaKIviuUCLsX4SY /ozV0gjEB5jaIp+2OJh4YuJVZs7A4+N4cdFbAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUF44/EqTfTh+Xjwg9Wd+7FXEhZsYwHwYDVR0jBBgwFoAUKnEap9xgBJsLDYhI l+AVsRcfN7kwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODE3 L0tuRWFwOXhnQkpzTERZaElsLUFWc1JjZk43ay5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvS25FYXA5eGdCSnNMRFloSWwtQVZzUmNmTjdrLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODE3L0Y0NF9FcVRmVGgtWGp3 ZzlXZC03RlhFaFpzWS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BARqS4AwDQYJKoZIhvcNAQELBQADggEBAA8AL4RYIM0vl/LrmgP+wHDHTNn35+Q8 mNtNGQVJcqEtIvqmN5AQHBUVeCKR60UPVP3N0JVq1Gw/cTdQW8orxb4tFwqv+re0 w43PP7mxoewGGvo9p4WwWAe8/3jkSf1isEcA3bvSHc4CrHpDXZLsx4YnnwNl3AyY gLqNTPJP6TG1eLv04Ikfa+AhB3fmXkxCkPGUjyZb+t7ehCXI1NqJ6/mDj/ZUGo4h VXqHoJg+2yb4Jwp8zVV2kKMRhtRUATNFfsYnbd8FfzdyJ9/xyJQmb8NmM1GiysY+ GMyN4OHNPeChcb7OkUd6afpqO3BIrWLTdy1e8FDv7po86ez9OmRIPYE= -----END CERTIFICATE-----Generated at Tue Sep 9 10:44:21 2025 by rpki-client