$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/817/U1rw5nrUhwAKnBQvZSOyyhbsYWs.roa File: U1rw5nrUhwAKnBQvZSOyyhbsYWs.roa (raw, json) Hash identifier: C6W5TAVOGdvp1OY6SfvGd/2ixHecNnRM4LGzvOzgL7k= Subject key identifier: 53:5A:F0:E6:7A:D4:87:00:0A:9C:14:2F:65:23:B2:CA:16:EC:61:6B Certificate issuer: /CN=2A711AA7DC60049B0B0D884897E015B1171F37B9 Certificate serial: 2173 Authority key identifier: 2A:71:1A:A7:DC:60:04:9B:0B:0D:88:48:97:E0:15:B1:17:1F:37:B9 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/U1rw5nrUhwAKnBQvZSOyyhbsYWs.roa Signing time: Fri 29 Aug 2025 09:05:22 +0000 ROA not before: Fri 29 Aug 2025 09:05:22 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 136958 IP address blocks: 42.240.144.0/20 maxlen: 20 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/KnEap9xgBJsLDYhIl-AVsRcfN7k.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/KnEap9xgBJsLDYhIl-AVsRcfN7k.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 09 Sep 2025 11:06:22 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8563 (0x2173) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2A711AA7DC60049B0B0D884897E015B1171F37B9 Validity Not Before: Aug 29 09:05:22 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=535AF0E67AD487000A9C142F6523B2CA16EC616B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:1e:75:14:66:ff:2c:8c:65:20:f0:8d:16:57: 35:e8:b7:34:66:8f:62:a4:8c:00:e8:2a:3c:9c:79: cb:6c:7e:67:13:dd:08:c8:e9:79:28:34:53:e6:49: 3e:2e:89:5f:88:e5:e8:78:72:35:82:ba:eb:47:11: ce:ca:7b:3f:ca:7d:88:b5:40:4d:f1:9c:c8:9d:00: 41:12:fe:99:52:17:26:ec:aa:65:65:31:15:90:47: 90:c3:d8:69:dd:be:0f:75:70:69:40:a1:4e:1c:17: 65:e0:95:22:af:7e:5a:c6:25:81:42:c7:89:59:e9: 51:35:10:e8:3a:d3:c4:70:93:13:d5:08:36:7a:1a: 8a:52:dc:aa:81:64:e6:98:06:e5:ba:3b:bc:b4:ca: fa:20:b1:23:6b:66:17:99:30:8d:4b:4b:39:c2:97: db:2f:31:48:27:a2:89:f7:a7:be:73:a8:d8:6e:f4: 3a:4a:85:16:06:5a:0e:bf:5c:ed:d0:2b:e3:21:cf: db:26:f0:9f:88:d7:f5:20:e8:4c:c7:2d:82:9a:00: 31:d2:69:c8:df:af:90:8a:ed:42:64:b5:53:7e:d5: 05:2c:18:29:f3:dd:91:6d:ca:7a:9b:68:d8:f2:f0: 64:8d:64:5c:99:62:37:1f:18:19:1e:62:f7:c0:46: f6:3f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 53:5A:F0:E6:7A:D4:87:00:0A:9C:14:2F:65:23:B2:CA:16:EC:61:6B X509v3 Authority Key Identifier: keyid:2A:71:1A:A7:DC:60:04:9B:0B:0D:88:48:97:E0:15:B1:17:1F:37:B9 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/KnEap9xgBJsLDYhIl-AVsRcfN7k.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/U1rw5nrUhwAKnBQvZSOyyhbsYWs.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 42.240.144.0/20 Signature Algorithm: sha256WithRSAEncryption 0d:81:bf:27:a6:9a:e7:22:c6:14:3f:21:64:c0:0e:ee:9d:5c: 64:42:35:8b:38:c3:45:cf:d4:e4:0c:c1:e5:cf:91:55:e9:92: 3f:1f:0c:e2:c2:22:5a:cb:77:4c:24:08:61:f3:6b:04:e8:db: 93:5c:67:e4:6c:d4:d8:28:df:c1:9d:57:15:b3:f4:c9:91:68: 95:cc:bc:ce:19:8d:14:a5:2c:8c:78:cf:e4:cc:1e:03:22:6f: 0e:1b:b0:39:97:97:8f:c8:4f:3f:c7:b8:ef:ba:d7:af:b1:9f: 7c:92:99:e2:08:59:bf:40:ce:ec:d6:7f:1c:a0:ea:0f:34:bf: 04:cd:b6:72:c4:ee:0b:a7:bf:fb:ff:be:16:8b:58:57:9f:68: 49:10:d8:e8:d1:2d:40:25:f9:af:ba:a6:3e:d7:9b:27:a4:b5: 44:73:50:01:59:cd:9f:4d:53:76:38:44:2a:ab:2a:2c:06:97: f8:b7:3d:dc:dd:ab:44:de:e5:b5:ea:c2:50:7e:f1:79:33:61: 31:60:c9:ee:56:f9:ec:e2:de:38:54:0e:05:bf:47:c1:32:f9: 9b:be:6d:25:e5:0f:58:50:d8:ab:5d:eb:0d:04:37:16:d7:65: c5:d4:dc:be:d9:36:f4:dc:8b:6d:32:fd:fd:25:57:06:50:fd: 5e:97:a4:84 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICIXMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkE3 MTFBQTdEQzYwMDQ5QjBCMEQ4ODQ4OTdFMDE1QjExNzFGMzdCOTAeFw0yNTA4Mjkw OTA1MjJaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDUzNUFGMEU2N0FENDg3 MDAwQTlDMTQyRjY1MjNCMkNBMTZFQzYxNkIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDQHnUUZv8sjGUg8I0WVzXotzRmj2KkjADoKjycectsfmcT3QjI 6XkoNFPmST4uiV+I5eh4cjWCuutHEc7Kez/KfYi1QE3xnMidAEES/plSFybsqmVl MRWQR5DD2Gndvg91cGlAoU4cF2XglSKvflrGJYFCx4lZ6VE1EOg608RwkxPVCDZ6 GopS3KqBZOaYBuW6O7y0yvogsSNrZheZMI1LSznCl9svMUgnoon3p75zqNhu9DpK hRYGWg6/XO3QK+Mhz9sm8J+I1/Ug6EzHLYKaADHSacjfr5CK7UJktVN+1QUsGCnz 3ZFtynqbaNjy8GSNZFyZYjcfGBkeYvfARvY/AgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUU1rw5nrUhwAKnBQvZSOyyhbsYWswHwYDVR0jBBgwFoAUKnEap9xgBJsLDYhI l+AVsRcfN7kwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODE3 L0tuRWFwOXhnQkpzTERZaElsLUFWc1JjZk43ay5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvS25FYXA5eGdCSnNMRFloSWwtQVZzUmNmTjdrLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODE3L1Uxcnc1bnJVaHdBS25C UXZaU095eWhic1lXcy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAQq8JAwDQYJKoZIhvcNAQELBQADggEBAA2BvyemmucixhQ/IWTADu6dXGRCNYs4 w0XP1OQMweXPkVXpkj8fDOLCIlrLd0wkCGHzawTo25NcZ+Rs1Ngo38GdVxWz9MmR aJXMvM4ZjRSlLIx4z+TMHgMibw4bsDmXl4/ITz/HuO+616+xn3ySmeIIWb9AzuzW fxyg6g80vwTNtnLE7gunv/v/vhaLWFefaEkQ2OjRLUAl+a+6pj7XmyektURzUAFZ zZ9NU3Y4RCqrKiwGl/i3Pdzdq0Te5bXqwlB+8XkzYTFgye5W+ezi3jhUDgW/R8Ey +Zu+bSXlD1hQ2Ktd6w0ENxbXZcXU3L7ZNvTci20y/f0lVwZQ/V6XpIQ= -----END CERTIFICATE-----Generated at Tue Sep 9 10:44:20 2025 by rpki-client