$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/817/OuIlPUP7lLfotQH-D8ZVufl94Pk.roa File: OuIlPUP7lLfotQH-D8ZVufl94Pk.roa (raw, json) Hash identifier: qKpzQjaFaqu1cu/TzC7c3BhAc45AJlbIt7jLeY34Ems= Subject key identifier: 3A:E2:25:3D:43:FB:94:B7:E8:B5:01:FE:0F:C6:55:B9:F9:7D:E0:F9 Certificate issuer: /CN=2A711AA7DC60049B0B0D884897E015B1171F37B9 Certificate serial: 2195 Authority key identifier: 2A:71:1A:A7:DC:60:04:9B:0B:0D:88:48:97:E0:15:B1:17:1F:37:B9 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/OuIlPUP7lLfotQH-D8ZVufl94Pk.roa Signing time: Fri 29 Aug 2025 09:05:29 +0000 ROA not before: Fri 29 Aug 2025 09:05:29 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 135377 IP address blocks: 106.75.199.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/KnEap9xgBJsLDYhIl-AVsRcfN7k.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/KnEap9xgBJsLDYhIl-AVsRcfN7k.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 05 Sep 2025 10:03:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8597 (0x2195) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2A711AA7DC60049B0B0D884897E015B1171F37B9 Validity Not Before: Aug 29 09:05:29 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=3AE2253D43FB94B7E8B501FE0FC655B9F97DE0F9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:69:70:3a:a4:fd:7e:86:b1:86:b9:f4:4c:87: 05:04:6a:3b:e7:fd:11:cc:35:da:c5:de:55:2e:25: 95:f8:bd:61:16:d0:15:3f:71:f8:7e:d0:65:8e:65: 75:e2:f5:62:25:3a:60:2a:25:b0:58:50:79:a4:8c: 59:12:99:00:02:89:14:76:1a:35:61:a0:f3:d1:de: 7d:55:44:d1:ea:e8:90:94:7f:65:92:3a:28:ac:f8: db:31:a9:8b:69:da:b0:26:41:8b:f1:db:2c:04:ea: af:86:ff:63:cb:14:5d:32:b8:72:d1:08:50:68:b6: 4d:b4:80:c0:5c:6c:3a:22:b0:2f:a3:61:3f:1b:99: 54:56:5f:7f:d5:7d:cb:7f:13:16:b5:6e:ec:38:45: 18:25:d4:c6:a4:be:0b:b1:ac:23:78:f5:87:51:8d: 9f:71:18:db:b7:17:70:70:19:9a:ac:19:e8:7a:31: b7:07:5f:e2:d5:b0:85:cb:68:1d:d1:c5:2e:eb:6b: cb:22:af:d8:32:cc:27:95:06:47:86:ec:68:4e:90: 7e:01:59:9c:21:1f:ba:f6:1c:15:4c:e9:9f:69:a9: 55:83:a9:7a:09:24:8c:eb:66:64:ea:d8:12:be:1b: ee:c6:a7:9d:94:ed:ea:43:9f:3b:a1:9b:7c:1a:48: 6f:05 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3A:E2:25:3D:43:FB:94:B7:E8:B5:01:FE:0F:C6:55:B9:F9:7D:E0:F9 X509v3 Authority Key Identifier: keyid:2A:71:1A:A7:DC:60:04:9B:0B:0D:88:48:97:E0:15:B1:17:1F:37:B9 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/KnEap9xgBJsLDYhIl-AVsRcfN7k.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/OuIlPUP7lLfotQH-D8ZVufl94Pk.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 106.75.199.0/24 Signature Algorithm: sha256WithRSAEncryption b4:9d:cb:21:92:0c:c0:a5:16:96:a8:55:2f:7d:9a:ff:8c:bd: 32:88:ee:01:1c:99:f8:8d:16:4b:34:87:45:9b:a5:16:3a:e6: be:d0:67:d4:5b:93:bf:02:26:cf:1c:c3:9e:6d:76:b4:4a:07: 5e:b8:e6:99:05:5d:2b:e4:32:d5:62:85:90:b5:9e:02:52:e8: bf:2f:7a:7f:0e:da:7a:d1:c5:b6:d2:5c:90:94:de:25:71:c0: 99:62:68:93:32:e0:8b:e8:4c:22:6b:f8:ad:69:36:56:56:27: 4c:b8:91:23:00:7d:6c:40:31:38:1c:88:60:e0:00:64:57:77: 6e:3b:fd:24:57:50:b2:a4:7e:81:0f:3e:90:cc:05:86:a3:16: 94:b3:a1:31:e4:b8:92:d8:1c:4c:c6:8b:b3:23:83:83:f1:a6: 18:32:a6:bc:37:89:c2:20:b4:cf:9f:8f:01:2c:90:0c:6c:b8: 15:41:aa:56:aa:c9:85:ac:1d:7b:2d:31:ae:01:a4:33:34:4d: 98:0b:8a:40:7e:ac:63:97:44:05:dc:93:e0:8d:83:18:64:a9: 04:2f:66:69:55:25:e2:00:c9:f5:0c:2b:39:0a:22:dc:2b:b1: 0f:94:a3:e4:b6:84:8d:61:81:c7:92:cd:49:9f:ef:34:b2:42: 86:1a:60:f4 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICIZUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkE3 MTFBQTdEQzYwMDQ5QjBCMEQ4ODQ4OTdFMDE1QjExNzFGMzdCOTAeFw0yNTA4Mjkw OTA1MjlaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDNBRTIyNTNENDNGQjk0 QjdFOEI1MDFGRTBGQzY1NUI5Rjk3REUwRjkwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC/aXA6pP1+hrGGufRMhwUEajvn/RHMNdrF3lUuJZX4vWEW0BU/ cfh+0GWOZXXi9WIlOmAqJbBYUHmkjFkSmQACiRR2GjVhoPPR3n1VRNHq6JCUf2WS Oiis+NsxqYtp2rAmQYvx2ywE6q+G/2PLFF0yuHLRCFBotk20gMBcbDoisC+jYT8b mVRWX3/Vfct/Exa1buw4RRgl1MakvguxrCN49YdRjZ9xGNu3F3BwGZqsGeh6MbcH X+LVsIXLaB3RxS7ra8sir9gyzCeVBkeG7GhOkH4BWZwhH7r2HBVM6Z9pqVWDqXoJ JIzrZmTq2BK+G+7Gp52U7epDnzuhm3waSG8FAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUOuIlPUP7lLfotQH+D8ZVufl94PkwHwYDVR0jBBgwFoAUKnEap9xgBJsLDYhI l+AVsRcfN7kwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODE3 L0tuRWFwOXhnQkpzTERZaElsLUFWc1JjZk43ay5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvS25FYXA5eGdCSnNMRFloSWwtQVZzUmNmTjdrLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODE3L091SWxQVVA3bExmb3RR SC1EOFpWdWZsOTRQay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BABqS8cwDQYJKoZIhvcNAQELBQADggEBALSdyyGSDMClFpaoVS99mv+MvTKI7gEc mfiNFks0h0WbpRY65r7QZ9Rbk78CJs8cw55tdrRKB1645pkFXSvkMtVihZC1ngJS 6L8ven8O2nrRxbbSXJCU3iVxwJliaJMy4IvoTCJr+K1pNlZWJ0y4kSMAfWxAMTgc iGDgAGRXd247/SRXULKkfoEPPpDMBYajFpSzoTHkuJLYHEzGi7Mjg4Pxphgyprw3 icIgtM+fjwEskAxsuBVBqlaqyYWsHXstMa4BpDM0TZgLikB+rGOXRAXck+CNgxhk qQQvZmlVJeIAyfUMKzkKItwrsQ+Uo+S2hI1hgceSzUmf7zSyQoYaYPQ= -----END CERTIFICATE-----Generated at Fri Sep 5 09:12:51 2025 by rpki-client