$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/817/TaJZ7PzGNp1xGwIOiJ7iIjjFQAE.roa File: TaJZ7PzGNp1xGwIOiJ7iIjjFQAE.roa (raw, json) Hash identifier: rz7CyELh9AR34gBtCqqI2cr/PeNXA+oDkiC/TSh9q6I= Subject key identifier: 4D:A2:59:EC:FC:C6:36:9D:71:1B:02:0E:88:9E:E2:22:38:C5:40:01 Certificate issuer: /CN=2A711AA7DC60049B0B0D884897E015B1171F37B9 Certificate serial: 217F Authority key identifier: 2A:71:1A:A7:DC:60:04:9B:0B:0D:88:48:97:E0:15:B1:17:1F:37:B9 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/TaJZ7PzGNp1xGwIOiJ7iIjjFQAE.roa Signing time: Fri 29 Aug 2025 09:05:25 +0000 ROA not before: Fri 29 Aug 2025 09:05:25 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 23724 IP address blocks: 117.50.0.0/19 maxlen: 19 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/KnEap9xgBJsLDYhIl-AVsRcfN7k.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/KnEap9xgBJsLDYhIl-AVsRcfN7k.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 27 Oct 2025 01:05:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8575 (0x217f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2A711AA7DC60049B0B0D884897E015B1171F37B9 Validity Not Before: Aug 29 09:05:25 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=4DA259ECFCC6369D711B020E889EE22238C54001 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:81:7d:1c:41:40:ff:97:9c:79:c9:1d:b5:60: aa:3c:39:f1:b8:86:10:47:22:10:48:a1:ed:ee:39: 7c:e0:ad:e1:1b:16:3e:65:34:0d:a0:1f:53:67:bb: ff:3c:d2:af:b4:cb:4a:fc:3e:b8:27:6b:1c:b8:ae: 76:52:db:b9:86:87:34:10:c4:9e:d0:6f:2e:83:5b: c0:c4:e0:73:40:0d:93:cb:45:ad:f0:8b:ab:0a:3b: 4f:19:ec:33:ce:c5:84:b0:ff:6e:be:68:0c:f3:12: 8b:4c:37:f1:fd:3a:28:8b:f2:21:be:e8:38:8a:4c: 75:26:fd:53:b7:b8:12:3c:05:f5:b2:5b:64:95:6d: c6:e3:2d:50:1b:96:ad:db:58:cb:92:47:e3:53:b1: b2:01:c8:58:1b:e1:b3:0a:95:fe:62:e4:2f:b0:e7: a2:80:6b:51:19:b2:6a:0b:21:e5:fd:08:9a:ca:fc: fc:04:4c:0b:23:a6:5e:24:e9:09:ed:b6:46:a9:11: 31:3e:4a:9d:78:38:d1:1b:42:a6:c3:bb:5f:9f:9c: cd:0a:bd:9f:17:45:b3:8b:14:7b:f9:65:e7:25:c1: 3d:b6:84:1a:a4:f1:81:8c:96:c7:29:29:d2:d1:f9: 6a:1c:c1:6b:97:27:2e:73:bb:22:10:ea:6a:98:ea: 61:93 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4D:A2:59:EC:FC:C6:36:9D:71:1B:02:0E:88:9E:E2:22:38:C5:40:01 X509v3 Authority Key Identifier: keyid:2A:71:1A:A7:DC:60:04:9B:0B:0D:88:48:97:E0:15:B1:17:1F:37:B9 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/KnEap9xgBJsLDYhIl-AVsRcfN7k.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/TaJZ7PzGNp1xGwIOiJ7iIjjFQAE.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 117.50.0.0/19 Signature Algorithm: sha256WithRSAEncryption 2b:a5:07:23:92:f4:b2:92:a8:3a:b1:39:d3:bf:18:84:69:80: 89:7a:37:06:22:a4:62:e6:68:80:54:ca:9b:c0:a6:ee:b2:af: 92:9d:f6:18:9f:66:59:b4:a7:2d:77:07:f4:86:17:8f:ab:58: f9:eb:f1:79:4b:0e:56:30:6f:61:ae:b1:a6:5d:ba:b0:c9:89: 1a:a0:f0:a2:1c:ec:fe:1c:16:29:6a:01:f1:53:8f:14:11:1e: ee:4f:a5:e9:68:62:98:b3:ae:1a:14:25:d8:98:65:b4:05:05: 6c:7f:0d:b4:61:ec:88:dc:87:ed:c8:d1:11:f8:5e:59:35:73: 60:fa:8b:d4:7b:ca:00:03:f0:9b:b4:d7:a5:fc:eb:c7:50:38: 79:3f:54:e2:c1:15:2f:08:36:3f:a1:9f:8d:88:af:62:92:b5: fd:3b:1b:27:bf:f8:a9:7f:62:bc:69:57:00:c2:21:2d:7e:e8: 53:d7:aa:2d:80:d5:6f:4b:b2:b7:e1:05:d9:07:a3:9c:1f:14: eb:73:29:14:7b:9d:02:c9:45:7f:60:00:69:a1:bc:94:3e:0a: 65:68:17:eb:2d:b0:66:3f:a8:eb:50:d2:c9:45:b0:a9:15:25: f0:b6:fe:6d:00:a8:6d:7b:e8:71:91:1e:f0:fe:df:e1:b7:d9: 1d:5d:e9:fa -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICIX8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkE3 MTFBQTdEQzYwMDQ5QjBCMEQ4ODQ4OTdFMDE1QjExNzFGMzdCOTAeFw0yNTA4Mjkw OTA1MjVaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDREQTI1OUVDRkNDNjM2 OUQ3MTFCMDIwRTg4OUVFMjIyMzhDNTQwMDEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQClgX0cQUD/l5x5yR21YKo8OfG4hhBHIhBIoe3uOXzgreEbFj5l NA2gH1Nnu/880q+0y0r8Prgnaxy4rnZS27mGhzQQxJ7Qby6DW8DE4HNADZPLRa3w i6sKO08Z7DPOxYSw/26+aAzzEotMN/H9OiiL8iG+6DiKTHUm/VO3uBI8BfWyW2SV bcbjLVAblq3bWMuSR+NTsbIByFgb4bMKlf5i5C+w56KAa1EZsmoLIeX9CJrK/PwE TAsjpl4k6QnttkapETE+Sp14ONEbQqbDu1+fnM0KvZ8XRbOLFHv5ZeclwT22hBqk 8YGMlscpKdLR+WocwWuXJy5zuyIQ6mqY6mGTAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUTaJZ7PzGNp1xGwIOiJ7iIjjFQAEwHwYDVR0jBBgwFoAUKnEap9xgBJsLDYhI l+AVsRcfN7kwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODE3 L0tuRWFwOXhnQkpzTERZaElsLUFWc1JjZk43ay5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvS25FYXA5eGdCSnNMRFloSWwtQVZzUmNmTjdrLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODE3L1RhSlo3UHpHTnAxeEd3 SU9pSjdpSWpqRlFBRS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAV1MgAwDQYJKoZIhvcNAQELBQADggEBACulByOS9LKSqDqxOdO/GIRpgIl6NwYi pGLmaIBUypvApu6yr5Kd9hifZlm0py13B/SGF4+rWPnr8XlLDlYwb2GusaZdurDJ iRqg8KIc7P4cFilqAfFTjxQRHu5PpeloYpizrhoUJdiYZbQFBWx/DbRh7Ijch+3I 0RH4Xlk1c2D6i9R7ygAD8Ju016X868dQOHk/VOLBFS8INj+hn42Ir2KStf07Gye/ +Kl/YrxpVwDCIS1+6FPXqi2A1W9LsrfhBdkHo5wfFOtzKRR7nQLJRX9gAGmhvJQ+ CmVoF+stsGY/qOtQ0slFsKkVJfC2/m0AqG176HGRHvD+3+G32R1d6fo= -----END CERTIFICATE-----Generated at Sun Oct 26 23:17:44 2025 by rpki-client