$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/817/Fnf6w2uIcQki4ZaX7ak2pGywwko.roa File: Fnf6w2uIcQki4ZaX7ak2pGywwko.roa (raw, json) Hash identifier: 28hwBmQSsBEQFMgvRYrbcMW4T8coU6vrbQyzFY975oY= Subject key identifier: 16:77:FA:C3:6B:88:71:09:22:E1:96:97:ED:A9:36:A4:6C:B0:C2:4A Certificate issuer: /CN=2A711AA7DC60049B0B0D884897E015B1171F37B9 Certificate serial: 2169 Authority key identifier: 2A:71:1A:A7:DC:60:04:9B:0B:0D:88:48:97:E0:15:B1:17:1F:37:B9 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/Fnf6w2uIcQki4ZaX7ak2pGywwko.roa Signing time: Fri 29 Aug 2025 09:05:20 +0000 ROA not before: Fri 29 Aug 2025 09:05:20 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 4808 IP address blocks: 106.75.32.0/19 maxlen: 19 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/KnEap9xgBJsLDYhIl-AVsRcfN7k.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/KnEap9xgBJsLDYhIl-AVsRcfN7k.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 07 Sep 2025 10:04:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8553 (0x2169) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2A711AA7DC60049B0B0D884897E015B1171F37B9 Validity Not Before: Aug 29 09:05:20 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=1677FAC36B88710922E19697EDA936A46CB0C24A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:fa:c2:5d:15:df:a2:b9:bd:c3:d3:7b:ef:26:88: 39:a6:ab:1b:45:49:77:f8:8d:b7:02:9d:4e:21:0d: cd:cb:67:77:41:3c:c9:ec:51:5d:53:38:88:56:eb: 4c:c4:14:c9:11:4f:de:79:66:da:b0:9e:84:39:1c: 53:f5:b8:d3:20:b6:8b:c8:72:04:cd:5a:a4:a7:c5: 6e:78:ce:e8:d3:b9:f8:7a:e0:91:f8:60:24:89:53: 88:a8:b6:d2:c6:b0:85:33:a5:15:e9:99:e5:93:ed: 49:83:ed:ae:ff:dd:73:c8:b9:9a:af:a8:c3:ec:99: 4f:db:e5:fa:cf:2e:f6:93:87:5b:be:38:c4:2e:7e: fa:72:23:ab:f3:0e:1e:89:89:1f:ef:11:c5:37:07: 38:af:db:c8:92:d2:66:8a:b5:22:06:5a:20:39:80: 7d:3d:b8:21:2f:26:51:9a:79:2e:e9:83:17:12:1b: 09:48:9d:a9:29:9a:24:5b:55:7f:81:19:77:ea:d1: be:75:2e:2e:9c:3c:89:c2:72:42:15:d1:40:9f:c4: 89:58:dc:5c:04:dd:7f:90:a1:f7:18:4c:6e:1f:9e: c1:fe:a8:18:f7:dd:51:09:6c:44:3c:f2:ee:a9:16: 6d:77:e3:94:eb:54:64:c3:4b:c7:78:6d:1a:e2:62: 2a:f1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 16:77:FA:C3:6B:88:71:09:22:E1:96:97:ED:A9:36:A4:6C:B0:C2:4A X509v3 Authority Key Identifier: keyid:2A:71:1A:A7:DC:60:04:9B:0B:0D:88:48:97:E0:15:B1:17:1F:37:B9 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/KnEap9xgBJsLDYhIl-AVsRcfN7k.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/Fnf6w2uIcQki4ZaX7ak2pGywwko.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 106.75.32.0/19 Signature Algorithm: sha256WithRSAEncryption 00:3c:92:ee:08:ec:37:64:43:25:6b:9d:bb:f4:aa:be:1b:c7: e7:c3:c4:34:7f:78:3d:53:db:7e:55:f4:20:73:10:9e:92:ec: ec:4b:df:59:e6:7c:e2:66:1f:58:76:da:19:68:d4:3a:0a:1f: d8:20:c3:e2:c4:70:33:d9:78:4e:78:53:ff:5d:16:e2:62:d7: d0:80:1d:58:0d:2f:67:dd:96:a1:27:36:71:16:c5:46:1f:f5: e0:60:ed:e3:5f:67:c4:30:34:04:25:a0:45:46:d7:2e:80:6f: a5:da:02:90:e9:07:68:ca:b1:0f:06:52:62:04:5d:ea:81:47: 2f:c0:f4:d8:68:4e:87:49:53:cb:99:0d:7f:f2:ef:01:c9:9f: 9b:b8:b5:d2:e9:ae:c8:b6:b3:a3:54:b9:90:40:4d:80:d5:f5: bf:44:df:4c:f0:6e:25:da:6d:d3:07:f9:f8:84:9e:e9:09:13: 7e:7c:ea:3f:1f:b5:6e:ac:c6:50:50:52:be:5c:b1:07:68:b1: 66:36:70:96:ed:61:f4:b6:5a:11:d9:79:ba:58:91:6e:8e:6c: ef:92:e0:97:fa:2b:18:b0:40:5b:30:2c:aa:be:59:26:ea:e1: 3b:24:cd:4e:19:27:e5:7c:26:27:d1:c1:44:88:ee:4e:7d:b6: 5d:b0:5f:d0 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICIWkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkE3 MTFBQTdEQzYwMDQ5QjBCMEQ4ODQ4OTdFMDE1QjExNzFGMzdCOTAeFw0yNTA4Mjkw OTA1MjBaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDE2NzdGQUMzNkI4ODcx MDkyMkUxOTY5N0VEQTkzNkE0NkNCMEMyNEEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQD6wl0V36K5vcPTe+8miDmmqxtFSXf4jbcCnU4hDc3LZ3dBPMns UV1TOIhW60zEFMkRT955ZtqwnoQ5HFP1uNMgtovIcgTNWqSnxW54zujTufh64JH4 YCSJU4iottLGsIUzpRXpmeWT7UmD7a7/3XPIuZqvqMPsmU/b5frPLvaTh1u+OMQu fvpyI6vzDh6JiR/vEcU3Bziv28iS0maKtSIGWiA5gH09uCEvJlGaeS7pgxcSGwlI nakpmiRbVX+BGXfq0b51Li6cPInCckIV0UCfxIlY3FwE3X+QofcYTG4fnsH+qBj3 3VEJbEQ88u6pFm1345TrVGTDS8d4bRriYirxAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUFnf6w2uIcQki4ZaX7ak2pGywwkowHwYDVR0jBBgwFoAUKnEap9xgBJsLDYhI l+AVsRcfN7kwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODE3 L0tuRWFwOXhnQkpzTERZaElsLUFWc1JjZk43ay5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvS25FYXA5eGdCSnNMRFloSWwtQVZzUmNmTjdrLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODE3L0ZuZjZ3MnVJY1FraTRa YVg3YWsycEd5d3drby5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAVqSyAwDQYJKoZIhvcNAQELBQADggEBAAA8ku4I7DdkQyVrnbv0qr4bx+fDxDR/ eD1T235V9CBzEJ6S7OxL31nmfOJmH1h22hlo1DoKH9ggw+LEcDPZeE54U/9dFuJi 19CAHVgNL2fdlqEnNnEWxUYf9eBg7eNfZ8QwNAQloEVG1y6Ab6XaApDpB2jKsQ8G UmIEXeqBRy/A9NhoTodJU8uZDX/y7wHJn5u4tdLprsi2s6NUuZBATYDV9b9E30zw biXabdMH+fiEnukJE3586j8ftW6sxlBQUr5csQdosWY2cJbtYfS2WhHZebpYkW6O bO+S4Jf6KxiwQFswLKq+WSbq4TskzU4ZJ+V8JifRwUSI7k59tl2wX9A= -----END CERTIFICATE-----Generated at Sun Sep 7 07:06:58 2025 by rpki-client