$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/817/FJlsOmFvQqZvzYX4zStVDjKwoNc.roa File: FJlsOmFvQqZvzYX4zStVDjKwoNc.roa (raw, json) Hash identifier: kkm+S7lSF5kpA5eq+KIvRJ07zdBwwhqGNJ+iQ0l9t2I= Subject key identifier: 14:99:6C:3A:61:6F:42:A6:6F:CD:85:F8:CD:2B:55:0E:32:B0:A0:D7 Certificate issuer: /CN=2A711AA7DC60049B0B0D884897E015B1171F37B9 Certificate serial: 2167 Authority key identifier: 2A:71:1A:A7:DC:60:04:9B:0B:0D:88:48:97:E0:15:B1:17:1F:37:B9 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/FJlsOmFvQqZvzYX4zStVDjKwoNc.roa Signing time: Fri 29 Aug 2025 09:05:20 +0000 ROA not before: Fri 29 Aug 2025 09:05:20 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 135377 IP address blocks: 106.75.193.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/KnEap9xgBJsLDYhIl-AVsRcfN7k.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/KnEap9xgBJsLDYhIl-AVsRcfN7k.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 05 Sep 2025 10:03:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8551 (0x2167) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2A711AA7DC60049B0B0D884897E015B1171F37B9 Validity Not Before: Aug 29 09:05:20 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=14996C3A616F42A66FCD85F8CD2B550E32B0A0D7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:bf:5f:af:47:fb:28:15:5b:c3:1d:d1:39:aa: 98:fc:a1:dd:5c:83:14:96:6f:76:d0:d4:d3:a4:6d: 42:12:b0:cc:d1:fb:1f:09:42:ef:c4:3b:fe:3a:75: 16:1f:4d:b7:40:53:be:6b:6c:cb:1c:86:cf:a2:cf: 40:10:a3:f7:47:11:8f:4f:86:5e:44:62:a4:3e:0e: ce:2d:4d:3c:25:c7:2a:2a:87:95:68:6a:0c:fd:d9: 89:57:5f:7b:e4:a8:2e:a7:a7:5c:84:66:3a:79:bb: 6a:d5:21:07:c0:da:24:cf:c6:7a:a8:e1:32:f2:ca: 57:6f:53:76:a7:da:3c:52:91:a2:9c:1c:ee:92:af: cd:0d:d2:0b:3d:a2:f2:0d:79:e3:38:1a:50:73:7b: 7b:25:18:18:e3:d4:36:95:db:a1:37:17:40:c4:fb: 6b:86:aa:c9:fa:91:c0:1d:40:72:90:ce:e6:72:b5: 62:1d:c2:f6:34:ae:bf:ec:bf:96:b3:4d:8c:a7:f2: 1c:91:fa:0f:a1:2d:43:73:09:2a:26:af:6f:fa:6a: a0:86:86:88:3c:28:0e:1e:35:87:4b:b0:64:a2:02: bf:2b:97:0e:2f:01:99:4b:c5:0d:cb:d7:02:d7:2b: 28:63:9d:83:9b:00:00:f3:a2:37:7e:21:64:27:b0: 41:8b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 14:99:6C:3A:61:6F:42:A6:6F:CD:85:F8:CD:2B:55:0E:32:B0:A0:D7 X509v3 Authority Key Identifier: keyid:2A:71:1A:A7:DC:60:04:9B:0B:0D:88:48:97:E0:15:B1:17:1F:37:B9 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/KnEap9xgBJsLDYhIl-AVsRcfN7k.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/FJlsOmFvQqZvzYX4zStVDjKwoNc.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 106.75.193.0/24 Signature Algorithm: sha256WithRSAEncryption 94:30:96:da:03:f9:61:ae:88:dd:fb:2b:12:6d:87:97:07:a2: 6e:1d:5d:98:1c:8a:59:14:b6:bf:2f:95:cd:4e:63:5f:d0:5a: 07:4d:e0:18:9c:bc:59:8b:f4:0d:4a:fc:b5:ba:9f:f8:86:0d: b0:d3:dd:1c:b3:46:b5:8f:6e:eb:84:54:c9:d5:ae:d9:38:bc: eb:c6:1a:94:1a:05:81:49:cf:0a:3a:90:f0:0a:f0:61:e0:b0: b4:b6:7c:c2:69:31:ff:7a:93:b4:ce:83:8c:53:a8:7f:0c:c9: 5e:c6:10:29:e5:43:b0:a7:0d:8e:77:38:e5:f4:5b:8f:95:37: e8:3e:18:cb:3e:1e:1c:23:01:2a:6c:35:2f:6f:4f:46:8b:8e: 57:ca:3c:b5:2b:9a:f9:19:6b:be:5f:8b:e8:87:c2:6b:7c:a2: d6:1b:8b:78:fd:69:69:42:e2:19:60:2d:59:28:1f:5e:e2:6e: fc:16:54:4a:1c:82:cc:a9:8c:84:08:9b:93:28:ee:19:ca:e4: 69:f1:60:36:4f:d9:94:2f:48:9d:89:4d:36:69:b7:eb:01:41: 14:32:9a:0b:df:77:07:6e:4c:90:df:b3:aa:1a:4a:00:e5:46: bb:34:be:8f:e0:0e:72:40:14:0a:f3:00:ca:08:41:1c:b0:e9: d4:6a:07:33 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICIWcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkE3 MTFBQTdEQzYwMDQ5QjBCMEQ4ODQ4OTdFMDE1QjExNzFGMzdCOTAeFw0yNTA4Mjkw OTA1MjBaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDE0OTk2QzNBNjE2RjQy QTY2RkNEODVGOENEMkI1NTBFMzJCMEEwRDcwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC5v1+vR/soFVvDHdE5qpj8od1cgxSWb3bQ1NOkbUISsMzR+x8J Qu/EO/46dRYfTbdAU75rbMschs+iz0AQo/dHEY9Phl5EYqQ+Ds4tTTwlxyoqh5Vo agz92YlXX3vkqC6np1yEZjp5u2rVIQfA2iTPxnqo4TLyyldvU3an2jxSkaKcHO6S r80N0gs9ovINeeM4GlBze3slGBjj1DaV26E3F0DE+2uGqsn6kcAdQHKQzuZytWId wvY0rr/sv5azTYyn8hyR+g+hLUNzCSomr2/6aqCGhog8KA4eNYdLsGSiAr8rlw4v AZlLxQ3L1wLXKyhjnYObAADzojd+IWQnsEGLAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUFJlsOmFvQqZvzYX4zStVDjKwoNcwHwYDVR0jBBgwFoAUKnEap9xgBJsLDYhI l+AVsRcfN7kwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODE3 L0tuRWFwOXhnQkpzTERZaElsLUFWc1JjZk43ay5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvS25FYXA5eGdCSnNMRFloSWwtQVZzUmNmTjdrLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODE3L0ZKbHNPbUZ2UXFadnpZ WDR6U3RWRGpLd29OYy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BABqS8EwDQYJKoZIhvcNAQELBQADggEBAJQwltoD+WGuiN37KxJth5cHom4dXZgc ilkUtr8vlc1OY1/QWgdN4BicvFmL9A1K/LW6n/iGDbDT3RyzRrWPbuuEVMnVrtk4 vOvGGpQaBYFJzwo6kPAK8GHgsLS2fMJpMf96k7TOg4xTqH8MyV7GECnlQ7CnDY53 OOX0W4+VN+g+GMs+HhwjASpsNS9vT0aLjlfKPLUrmvkZa75fi+iHwmt8otYbi3j9 aWlC4hlgLVkoH17ibvwWVEocgsypjIQIm5Mo7hnK5GnxYDZP2ZQvSJ2JTTZpt+sB QRQymgvfdwduTJDfs6oaSgDlRrs0vo/gDnJAFArzAMoIQRyw6dRqBzM= -----END CERTIFICATE-----Generated at Fri Sep 5 09:02:54 2025 by rpki-client