$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/817/PS_7Xz41qFkmmLqXgGH9SoK-QoY.roa File: PS_7Xz41qFkmmLqXgGH9SoK-QoY.roa (raw, json) Hash identifier: dNuLocmCX2GarQqSJn23A/5Bc8y2P1E+fvFhnuiECgU= Subject key identifier: 3D:2F:FB:5F:3E:35:A8:59:26:98:BA:97:80:61:FD:4A:82:BE:42:86 Certificate issuer: /CN=2A711AA7DC60049B0B0D884897E015B1171F37B9 Certificate serial: 2192 Authority key identifier: 2A:71:1A:A7:DC:60:04:9B:0B:0D:88:48:97:E0:15:B1:17:1F:37:B9 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/PS_7Xz41qFkmmLqXgGH9SoK-QoY.roa Signing time: Fri 29 Aug 2025 09:05:28 +0000 ROA not before: Fri 29 Aug 2025 09:05:28 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 4808 IP address blocks: 117.50.224.0/19 maxlen: 19 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/KnEap9xgBJsLDYhIl-AVsRcfN7k.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/KnEap9xgBJsLDYhIl-AVsRcfN7k.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 07 Sep 2025 05:34:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8594 (0x2192) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2A711AA7DC60049B0B0D884897E015B1171F37B9 Validity Not Before: Aug 29 09:05:28 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=3D2FFB5F3E35A8592698BA978061FD4A82BE4286 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:a2:b3:6f:36:d0:14:f0:10:eb:14:26:3a:0e: 12:90:3e:1e:79:83:0a:40:29:9a:68:7d:7c:00:20: 85:43:3e:e3:91:5d:d6:62:08:e2:9a:d4:5d:da:86: c5:9a:35:38:d1:22:c6:eb:4a:6b:6c:02:4f:02:7b: d5:8c:26:8f:cd:a0:8e:e4:ef:f1:59:a4:ef:91:84: 65:ce:dd:46:fc:b0:38:3d:d1:d8:b7:61:39:17:b8: d7:32:26:de:b9:4e:7d:e9:f6:d6:88:38:c7:d4:d4: 49:0e:1a:e0:df:4a:44:8d:2c:47:bf:a2:35:63:cd: 2d:d2:ab:1f:52:bd:7f:ff:d5:3d:0a:10:d9:7a:01: 6e:ca:9e:00:98:af:22:5d:30:6c:e0:08:cf:f7:a7: b0:c7:35:92:cd:3d:07:c9:82:69:66:56:07:0f:dd: 5d:f8:0d:bb:f7:f8:32:f8:9d:12:6a:14:fa:68:13: b5:aa:4c:6c:0a:80:96:ae:02:2b:46:c1:78:10:56: 69:67:7e:75:66:3a:ac:ef:66:0e:5a:7e:ec:5b:89: 84:77:fc:e7:70:e2:15:45:9f:fb:5e:14:d8:24:16: a8:17:aa:5b:e5:32:9d:ab:4a:1f:23:6d:71:a8:1e: 04:54:06:e4:49:bc:4f:04:b5:10:d8:89:53:bc:25: 55:c7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3D:2F:FB:5F:3E:35:A8:59:26:98:BA:97:80:61:FD:4A:82:BE:42:86 X509v3 Authority Key Identifier: keyid:2A:71:1A:A7:DC:60:04:9B:0B:0D:88:48:97:E0:15:B1:17:1F:37:B9 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/KnEap9xgBJsLDYhIl-AVsRcfN7k.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/PS_7Xz41qFkmmLqXgGH9SoK-QoY.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 117.50.224.0/19 Signature Algorithm: sha256WithRSAEncryption a7:76:1c:a2:21:a2:d1:59:bc:be:8a:03:b0:e4:8c:0d:eb:9e: 95:13:58:34:af:e8:1f:52:8f:55:b4:ab:63:75:97:39:4e:60: a0:88:55:be:f9:a6:46:65:2e:a3:87:35:26:97:64:59:a8:22: 47:bd:c3:39:85:1c:4e:5f:14:a1:55:05:ac:8a:80:67:4c:2c: 36:40:71:f8:79:76:79:5a:7c:8e:d0:43:c0:f9:23:a4:fe:ad: b4:7e:c3:8e:7f:35:eb:86:ed:98:1e:b2:de:27:76:ea:26:84: 4d:67:fa:e7:87:cb:bb:23:a7:87:bf:18:ca:64:7f:03:3d:d2: e9:66:18:f2:1a:1e:6b:be:16:19:d8:65:2f:b6:32:c9:09:e7: eb:46:75:75:88:93:47:d5:72:fc:61:86:4e:a6:cb:2c:71:6e: 84:49:13:b9:5f:0f:47:a6:32:58:2a:18:ed:a3:fb:dd:7f:60: 43:c5:cf:65:90:79:96:66:0d:1b:ac:f3:b2:66:f1:2a:56:46: b0:27:22:d3:76:23:97:93:26:6a:48:6d:dc:de:93:2f:97:75: 5d:64:fe:8b:53:cd:1e:4c:e8:f9:3f:88:29:89:49:3b:ec:ad: dd:ff:6a:0b:cd:16:f0:00:55:3b:b8:84:4a:cf:bb:56:8b:5d: 72:0a:7d:9f -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICIZIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkE3 MTFBQTdEQzYwMDQ5QjBCMEQ4ODQ4OTdFMDE1QjExNzFGMzdCOTAeFw0yNTA4Mjkw OTA1MjhaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDNEMkZGQjVGM0UzNUE4 NTkyNjk4QkE5NzgwNjFGRDRBODJCRTQyODYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDKorNvNtAU8BDrFCY6DhKQPh55gwpAKZpofXwAIIVDPuORXdZi COKa1F3ahsWaNTjRIsbrSmtsAk8Ce9WMJo/NoI7k7/FZpO+RhGXO3Ub8sDg90di3 YTkXuNcyJt65Tn3p9taIOMfU1EkOGuDfSkSNLEe/ojVjzS3Sqx9SvX//1T0KENl6 AW7KngCYryJdMGzgCM/3p7DHNZLNPQfJgmlmVgcP3V34Dbv3+DL4nRJqFPpoE7Wq TGwKgJauAitGwXgQVmlnfnVmOqzvZg5afuxbiYR3/Odw4hVFn/teFNgkFqgXqlvl Mp2rSh8jbXGoHgRUBuRJvE8EtRDYiVO8JVXHAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUPS/7Xz41qFkmmLqXgGH9SoK+QoYwHwYDVR0jBBgwFoAUKnEap9xgBJsLDYhI l+AVsRcfN7kwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODE3 L0tuRWFwOXhnQkpzTERZaElsLUFWc1JjZk43ay5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvS25FYXA5eGdCSnNMRFloSWwtQVZzUmNmTjdrLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODE3L1BTXzdYejQxcUZrbW1M cVhnR0g5U29LLVFvWS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAV1MuAwDQYJKoZIhvcNAQELBQADggEBAKd2HKIhotFZvL6KA7DkjA3rnpUTWDSv 6B9Sj1W0q2N1lzlOYKCIVb75pkZlLqOHNSaXZFmoIke9wzmFHE5fFKFVBayKgGdM LDZAcfh5dnlafI7QQ8D5I6T+rbR+w45/NeuG7Zgest4nduomhE1n+ueHy7sjp4e/ GMpkfwM90ulmGPIaHmu+FhnYZS+2MskJ5+tGdXWIk0fVcvxhhk6myyxxboRJE7lf D0emMlgqGO2j+91/YEPFz2WQeZZmDRus87Jm8SpWRrAnItN2I5eTJmpIbdzeky+X dV1k/otTzR5M6Pk/iCmJSTvsrd3/agvNFvAAVTu4hErPu1aLXXIKfZ8= -----END CERTIFICATE-----Generated at Sun Sep 7 03:29:25 2025 by rpki-client