$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/817/FNe0yl3xLMcrDpYz8Hp2neGSBWU.roa File: FNe0yl3xLMcrDpYz8Hp2neGSBWU.roa (raw, json) Hash identifier: qXENd1M5BFZPdxOlOf2Rnvsamxlo2JDh18Ie5v/wVwY= Subject key identifier: 14:D7:B4:CA:5D:F1:2C:C7:2B:0E:96:33:F0:7A:76:9D:E1:92:05:65 Certificate issuer: /CN=2A711AA7DC60049B0B0D884897E015B1171F37B9 Certificate serial: 21A7 Authority key identifier: 2A:71:1A:A7:DC:60:04:9B:0B:0D:88:48:97:E0:15:B1:17:1F:37:B9 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/FNe0yl3xLMcrDpYz8Hp2neGSBWU.roa Signing time: Fri 29 Aug 2025 09:05:33 +0000 ROA not before: Fri 29 Aug 2025 09:05:33 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 59077 IP address blocks: 106.75.160.0/20 maxlen: 20 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/KnEap9xgBJsLDYhIl-AVsRcfN7k.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/KnEap9xgBJsLDYhIl-AVsRcfN7k.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 09 Sep 2025 11:06:22 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8615 (0x21a7) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2A711AA7DC60049B0B0D884897E015B1171F37B9 Validity Not Before: Aug 29 09:05:33 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=14D7B4CA5DF12CC72B0E9633F07A769DE1920565 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:df:94:93:86:37:fc:83:d0:b7:1c:2d:cd:da: 66:26:5b:30:72:54:25:48:34:fb:80:1a:91:28:01: 62:1a:19:c5:bd:6b:5b:15:e0:8c:c5:0a:40:07:c5: 8c:46:f6:a6:c5:fb:a0:03:3f:bc:2a:03:d8:1d:99: 03:35:8e:78:c0:e1:e1:a2:6d:40:aa:74:15:88:4b: 45:00:20:23:b5:41:eb:5d:a6:8d:08:85:5b:cb:89: b4:b0:73:29:64:c2:18:60:3f:35:5f:3e:0c:b0:9c: 77:9d:0a:1e:2d:65:ac:14:db:61:ac:48:55:15:92: d6:61:76:51:d1:a5:01:0d:9f:98:9b:e3:f8:6a:56: c1:88:2d:6e:4f:36:99:96:47:a0:ce:da:a2:77:af: e2:15:38:64:42:e7:08:55:bf:45:f5:10:53:e1:6e: 71:62:ac:63:02:f6:52:ff:4e:29:9d:5d:5b:7a:69: ce:3a:c5:d2:77:ec:c7:89:b6:51:49:e5:5b:6e:f9: 9a:dc:6b:02:f9:d2:4c:f4:bb:ce:43:fa:6a:b4:8d: 84:2b:7f:18:ea:ad:b2:25:36:99:04:e1:12:91:f7: 4f:34:47:ab:bc:75:96:34:c1:e8:b5:75:2b:b0:30: b4:c7:72:19:75:bb:89:18:dc:77:0f:a1:6f:18:ca: 95:cb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 14:D7:B4:CA:5D:F1:2C:C7:2B:0E:96:33:F0:7A:76:9D:E1:92:05:65 X509v3 Authority Key Identifier: keyid:2A:71:1A:A7:DC:60:04:9B:0B:0D:88:48:97:E0:15:B1:17:1F:37:B9 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/KnEap9xgBJsLDYhIl-AVsRcfN7k.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/FNe0yl3xLMcrDpYz8Hp2neGSBWU.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 106.75.160.0/20 Signature Algorithm: sha256WithRSAEncryption 1d:13:41:95:22:cb:e1:dd:39:47:74:41:ce:c1:05:5b:81:32: fd:8a:15:98:29:4d:d6:2d:da:6b:19:f1:ba:c6:53:56:55:c6: 62:15:78:5a:f7:d4:ca:bd:97:30:57:fe:66:11:8a:92:37:82: 1d:31:c1:d9:34:12:82:e1:6d:b4:36:14:81:33:f9:31:1e:4c: b6:9c:12:73:ab:0c:9e:52:f2:f3:0f:a5:e3:9a:3c:8e:04:d9: bc:5b:1d:a6:67:23:98:96:49:a4:39:4e:af:11:dc:fa:54:6c: 13:50:9e:7a:cb:0f:f7:d0:6b:bd:20:29:88:9b:e8:79:85:3e: e6:25:eb:28:db:fa:12:7a:6a:cf:ad:fe:7f:0f:cb:e4:61:67: 54:3c:85:6d:f8:c1:3f:cd:30:53:23:bc:c5:a6:26:42:f3:96: 5f:1a:ba:41:7f:dc:82:0e:cf:a2:63:2a:d1:09:ad:4d:86:f6: 89:74:26:ae:30:80:b4:f0:1e:77:c5:3d:f7:09:a9:f1:fe:e8: 73:70:5c:05:07:99:14:b6:e3:9a:90:e5:3c:92:1b:6a:fd:4c: 7e:96:86:39:74:bf:c0:4e:56:25:94:a8:0b:92:ed:98:ee:67: ea:a3:10:9c:95:50:89:48:96:c8:15:fb:79:00:82:03:8e:54: 02:f4:50:a5 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICIacwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkE3 MTFBQTdEQzYwMDQ5QjBCMEQ4ODQ4OTdFMDE1QjExNzFGMzdCOTAeFw0yNTA4Mjkw OTA1MzNaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDE0RDdCNENBNURGMTJD QzcyQjBFOTYzM0YwN0E3NjlERTE5MjA1NjUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDJ35SThjf8g9C3HC3N2mYmWzByVCVINPuAGpEoAWIaGcW9a1sV 4IzFCkAHxYxG9qbF+6ADP7wqA9gdmQM1jnjA4eGibUCqdBWIS0UAICO1Qetdpo0I hVvLibSwcylkwhhgPzVfPgywnHedCh4tZawU22GsSFUVktZhdlHRpQENn5ib4/hq VsGILW5PNpmWR6DO2qJ3r+IVOGRC5whVv0X1EFPhbnFirGMC9lL/TimdXVt6ac46 xdJ37MeJtlFJ5Vtu+ZrcawL50kz0u85D+mq0jYQrfxjqrbIlNpkE4RKR9080R6u8 dZY0wei1dSuwMLTHchl1u4kY3HcPoW8YypXLAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUFNe0yl3xLMcrDpYz8Hp2neGSBWUwHwYDVR0jBBgwFoAUKnEap9xgBJsLDYhI l+AVsRcfN7kwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODE3 L0tuRWFwOXhnQkpzTERZaElsLUFWc1JjZk43ay5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvS25FYXA5eGdCSnNMRFloSWwtQVZzUmNmTjdrLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODE3L0ZOZTB5bDN4TE1jckRw WXo4SHAybmVHU0JXVS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BARqS6AwDQYJKoZIhvcNAQELBQADggEBAB0TQZUiy+HdOUd0Qc7BBVuBMv2KFZgp TdYt2msZ8brGU1ZVxmIVeFr31Mq9lzBX/mYRipI3gh0xwdk0EoLhbbQ2FIEz+TEe TLacEnOrDJ5S8vMPpeOaPI4E2bxbHaZnI5iWSaQ5Tq8R3PpUbBNQnnrLD/fQa70g KYib6HmFPuYl6yjb+hJ6as+t/n8Py+RhZ1Q8hW34wT/NMFMjvMWmJkLzll8aukF/ 3IIOz6JjKtEJrU2G9ol0Jq4wgLTwHnfFPfcJqfH+6HNwXAUHmRS245qQ5TySG2r9 TH6Whjl0v8BOViWUqAuS7ZjuZ+qjEJyVUIlIlsgV+3kAggOOVAL0UKU= -----END CERTIFICATE-----Generated at Tue Sep 9 10:44:20 2025 by rpki-client