$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/817/Zrzv3yGaCy9q_KJWHTtDNL0M-h0.roa File: Zrzv3yGaCy9q_KJWHTtDNL0M-h0.roa (raw, json) Hash identifier: qDeSDtsbisXs+SITuiFb8CD9Ga7rESAokK067J15yuQ= Subject key identifier: 66:BC:EF:DF:21:9A:0B:2F:6A:FC:A2:56:1D:3B:43:34:BD:0C:FA:1D Certificate issuer: /CN=2A711AA7DC60049B0B0D884897E015B1171F37B9 Certificate serial: 216A Authority key identifier: 2A:71:1A:A7:DC:60:04:9B:0B:0D:88:48:97:E0:15:B1:17:1F:37:B9 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/Zrzv3yGaCy9q_KJWHTtDNL0M-h0.roa Signing time: Fri 29 Aug 2025 09:05:20 +0000 ROA not before: Fri 29 Aug 2025 09:05:20 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 17621 IP address blocks: 106.75.208.0/20 maxlen: 20 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/KnEap9xgBJsLDYhIl-AVsRcfN7k.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/KnEap9xgBJsLDYhIl-AVsRcfN7k.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 09 Sep 2025 06:34:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8554 (0x216a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2A711AA7DC60049B0B0D884897E015B1171F37B9 Validity Not Before: Aug 29 09:05:20 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=66BCEFDF219A0B2F6AFCA2561D3B4334BD0CFA1D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:9c:0d:97:38:42:93:8b:f7:af:91:0d:23:c8: f6:b9:d6:9a:47:90:33:40:a8:1c:99:d5:d7:85:bd: 8d:77:f6:78:87:cc:1c:e1:4f:7e:a2:70:0b:94:ec: 37:16:c4:27:cd:ee:6d:f1:ef:1d:00:15:5b:cc:95: 72:9a:9c:03:43:89:8b:4f:ba:a2:5a:60:30:a0:49: 5f:3a:08:dc:a6:41:6e:1e:ef:01:fc:c5:67:e0:0e: be:08:70:bf:d9:d0:00:6d:2f:0b:2e:79:aa:d2:95: bc:53:20:41:71:e1:a6:70:b3:dd:04:73:a1:35:29: 1e:5d:d6:e9:62:20:3a:b9:e6:ff:40:92:01:b5:c8: 06:34:fa:15:cd:ee:ec:ba:3e:97:f5:7b:96:02:ed: fd:24:63:8f:1c:27:cf:05:c0:fc:1a:e6:96:35:df: 06:56:55:39:76:d0:05:7b:6d:95:2c:7c:5b:68:86: 5c:e5:4e:45:ee:e7:2a:a4:3b:8f:00:a5:7b:f2:fd: f7:09:f2:c4:5a:87:91:69:35:d2:2f:65:eb:f8:ad: d3:ec:f4:af:ee:01:66:d2:22:6c:40:f2:85:1e:be: ad:43:be:d6:ba:36:2d:15:7a:97:02:9d:53:95:8d: b6:0d:e3:1d:c5:69:2d:ec:c0:4a:0b:0e:10:72:cf: 26:07 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 66:BC:EF:DF:21:9A:0B:2F:6A:FC:A2:56:1D:3B:43:34:BD:0C:FA:1D X509v3 Authority Key Identifier: keyid:2A:71:1A:A7:DC:60:04:9B:0B:0D:88:48:97:E0:15:B1:17:1F:37:B9 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/KnEap9xgBJsLDYhIl-AVsRcfN7k.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/Zrzv3yGaCy9q_KJWHTtDNL0M-h0.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 106.75.208.0/20 Signature Algorithm: sha256WithRSAEncryption 75:3e:2d:37:af:c2:ef:d2:60:dc:bd:a2:83:65:08:da:9a:f8: 1e:a7:90:15:71:20:b3:71:76:da:00:25:a2:b8:e5:61:76:2c: e8:11:0c:e6:76:9b:0b:c3:b4:4f:7e:3a:59:f0:a6:82:25:70: d2:fb:28:f5:ea:4c:01:74:e8:4b:ed:c8:b2:1c:5b:01:73:fc: bd:5f:bc:18:0d:23:1a:b9:f5:0a:ff:69:b6:d6:10:33:79:5b: f8:ea:7f:50:81:15:63:02:cb:d9:41:c0:ab:c2:0f:12:d4:80: 60:40:d9:8a:d0:66:58:e8:14:d7:c7:27:d6:94:4c:c7:56:b8: 77:46:df:8a:19:98:de:3c:fc:ea:70:fd:a7:8c:aa:de:c3:65: c4:75:7c:0b:d5:b1:7b:d5:72:f9:fc:8c:5e:07:a7:03:47:a5: 98:3c:d8:b6:54:9d:27:1d:20:9b:33:f9:64:fd:a9:c6:8d:fa: 9b:1b:14:60:20:aa:5d:c3:ab:29:7e:72:54:89:ba:5b:1d:8e: 1a:ed:2d:9f:bf:d0:eb:08:b4:13:b2:90:1a:98:07:37:28:5b: 52:25:78:3a:99:95:32:b4:30:7f:26:7b:df:d3:26:65:53:22: 33:24:41:1b:41:8e:88:47:57:8f:f8:75:82:a7:24:97:7d:df: b9:4a:e8:da -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICIWowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkE3 MTFBQTdEQzYwMDQ5QjBCMEQ4ODQ4OTdFMDE1QjExNzFGMzdCOTAeFw0yNTA4Mjkw OTA1MjBaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDY2QkNFRkRGMjE5QTBC MkY2QUZDQTI1NjFEM0I0MzM0QkQwQ0ZBMUQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDQnA2XOEKTi/evkQ0jyPa51ppHkDNAqByZ1deFvY139niHzBzh T36icAuU7DcWxCfN7m3x7x0AFVvMlXKanANDiYtPuqJaYDCgSV86CNymQW4e7wH8 xWfgDr4IcL/Z0ABtLwsuearSlbxTIEFx4aZws90Ec6E1KR5d1uliIDq55v9AkgG1 yAY0+hXN7uy6Ppf1e5YC7f0kY48cJ88FwPwa5pY13wZWVTl20AV7bZUsfFtohlzl TkXu5yqkO48ApXvy/fcJ8sRah5FpNdIvZev4rdPs9K/uAWbSImxA8oUevq1Dvta6 Ni0VepcCnVOVjbYN4x3FaS3swEoLDhByzyYHAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUZrzv3yGaCy9q/KJWHTtDNL0M+h0wHwYDVR0jBBgwFoAUKnEap9xgBJsLDYhI l+AVsRcfN7kwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODE3 L0tuRWFwOXhnQkpzTERZaElsLUFWc1JjZk43ay5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvS25FYXA5eGdCSnNMRFloSWwtQVZzUmNmTjdrLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODE3L1pyenYzeUdhQ3k5cV9L SldIVHRETkwwTS1oMC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BARqS9AwDQYJKoZIhvcNAQELBQADggEBAHU+LTevwu/SYNy9ooNlCNqa+B6nkBVx ILNxdtoAJaK45WF2LOgRDOZ2mwvDtE9+OlnwpoIlcNL7KPXqTAF06EvtyLIcWwFz /L1fvBgNIxq59Qr/abbWEDN5W/jqf1CBFWMCy9lBwKvCDxLUgGBA2YrQZljoFNfH J9aUTMdWuHdG34oZmN48/Opw/aeMqt7DZcR1fAvVsXvVcvn8jF4HpwNHpZg82LZU nScdIJsz+WT9qcaN+psbFGAgql3Dqyl+clSJulsdjhrtLZ+/0OsItBOykBqYBzco W1IleDqZlTK0MH8me9/TJmVTIjMkQRtBjohHV4/4dYKnJJd937lK6No= -----END CERTIFICATE-----Generated at Tue Sep 9 04:05:30 2025 by rpki-client