$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/817/_xnmGTz4A2-1V2H7354nd2Hn86A.roa File: _xnmGTz4A2-1V2H7354nd2Hn86A.roa (raw, json) Hash identifier: i0ko+E+pUeuoslxg1+CdW9sQwax+kLIonIuSELpWvv8= Subject key identifier: FF:19:E6:19:3C:F8:03:6F:B5:57:61:FB:DF:9E:27:77:61:E7:F3:A0 Certificate issuer: /CN=2A711AA7DC60049B0B0D884897E015B1171F37B9 Certificate serial: 217E Authority key identifier: 2A:71:1A:A7:DC:60:04:9B:0B:0D:88:48:97:E0:15:B1:17:1F:37:B9 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/_xnmGTz4A2-1V2H7354nd2Hn86A.roa Signing time: Fri 29 Aug 2025 09:05:24 +0000 ROA not before: Fri 29 Aug 2025 09:05:24 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 23724 IP address blocks: 117.50.128.0/19 maxlen: 19 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/KnEap9xgBJsLDYhIl-AVsRcfN7k.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/KnEap9xgBJsLDYhIl-AVsRcfN7k.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 08 Sep 2025 16:34:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8574 (0x217e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2A711AA7DC60049B0B0D884897E015B1171F37B9 Validity Not Before: Aug 29 09:05:24 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=FF19E6193CF8036FB55761FBDF9E277761E7F3A0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e7:4d:47:11:3b:49:6d:96:39:46:10:43:67:04: df:25:9e:86:93:fa:24:32:8c:2f:14:32:1f:65:d5: e9:2f:aa:d1:e1:03:77:13:91:07:59:52:50:97:a3: 46:60:3b:f7:80:93:cc:e0:d2:47:ea:88:cb:e3:a8: 24:3c:2b:19:db:fa:8c:c1:75:3d:b5:eb:52:45:88: fb:bb:71:61:0e:00:71:c0:e0:eb:f3:92:6d:b0:8f: 5f:a7:96:7d:46:b4:ca:26:07:1d:6c:6f:7c:84:d8: 54:9a:a9:c9:0a:b7:80:2c:9c:17:e6:ca:bf:1e:57: ca:d5:f8:69:c4:cc:2d:07:c7:79:37:e5:05:93:77: eb:40:7a:b2:0e:53:77:3a:24:93:6f:cc:a7:14:a7: e5:00:e0:58:20:6f:b5:06:8d:b6:b6:64:4b:48:4b: 10:db:a6:80:f5:90:38:97:f7:e2:ee:5f:87:9a:b6: c2:ca:9a:70:db:83:0d:2c:6b:ca:11:ce:2c:09:aa: e4:92:5e:74:e0:20:33:18:ba:b0:b0:a2:bf:2c:45: ab:cc:d8:66:b5:76:36:fb:de:ba:6c:9e:80:f3:69: db:97:da:61:79:c5:8d:88:29:0b:3f:32:78:63:dc: 53:ce:46:46:e3:75:ad:af:7a:cc:c8:bb:48:6b:6a: c0:41 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FF:19:E6:19:3C:F8:03:6F:B5:57:61:FB:DF:9E:27:77:61:E7:F3:A0 X509v3 Authority Key Identifier: keyid:2A:71:1A:A7:DC:60:04:9B:0B:0D:88:48:97:E0:15:B1:17:1F:37:B9 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/KnEap9xgBJsLDYhIl-AVsRcfN7k.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/_xnmGTz4A2-1V2H7354nd2Hn86A.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 117.50.128.0/19 Signature Algorithm: sha256WithRSAEncryption 42:7d:17:4d:d3:33:ec:c8:b1:3c:5d:ca:b9:51:3c:1a:50:1c: 30:69:cb:f7:37:73:9c:3c:27:c0:8a:9f:08:58:3d:e7:19:79: 93:5d:9d:9c:d4:3f:9b:0f:df:3d:79:35:1a:50:8c:66:de:a9: 03:33:a1:8c:33:be:6d:91:74:07:cc:c8:8f:64:ed:0f:31:e3: 27:89:25:fa:97:47:6b:b8:d6:87:b4:c5:ae:00:c0:bd:5e:91: d7:4d:a7:38:c3:8c:14:3e:42:db:77:a5:eb:b8:58:2e:6e:2d: 7d:be:4d:50:ab:60:b3:1f:d8:05:92:51:25:ef:21:9a:2c:ec: eb:f5:ed:39:6f:b4:dc:53:ac:bd:02:e6:4d:ac:ec:03:5a:f7: 3e:e7:74:18:48:42:06:c2:67:0e:40:ec:41:cb:63:bc:4f:54: 84:6d:12:ac:64:2f:f9:e6:ec:45:0f:b2:28:dc:c7:12:d8:fe: 0f:ea:4e:f7:0a:77:08:b3:1b:83:cd:f5:ee:36:69:d8:3b:9a: af:75:22:f7:2c:00:b8:b6:8c:64:5f:4c:e4:01:ea:7c:18:04: 35:d7:e9:6f:b8:48:db:59:5b:6e:c2:f2:5d:0e:6d:b1:20:e6: 76:d1:ff:8e:42:0d:40:1b:19:4b:b5:47:b1:11:12:42:a0:d9: 82:a3:e3:f7 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICIX4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkE3 MTFBQTdEQzYwMDQ5QjBCMEQ4ODQ4OTdFMDE1QjExNzFGMzdCOTAeFw0yNTA4Mjkw OTA1MjRaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKEZGMTlFNjE5M0NGODAz NkZCNTU3NjFGQkRGOUUyNzc3NjFFN0YzQTAwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDnTUcRO0ltljlGEENnBN8lnoaT+iQyjC8UMh9l1ekvqtHhA3cT kQdZUlCXo0ZgO/eAk8zg0kfqiMvjqCQ8Kxnb+ozBdT2161JFiPu7cWEOAHHA4Ovz km2wj1+nln1GtMomBx1sb3yE2FSaqckKt4AsnBfmyr8eV8rV+GnEzC0Hx3k35QWT d+tAerIOU3c6JJNvzKcUp+UA4Fggb7UGjba2ZEtISxDbpoD1kDiX9+LuX4eatsLK mnDbgw0sa8oRziwJquSSXnTgIDMYurCwor8sRavM2Ga1djb73rpsnoDzaduX2mF5 xY2IKQs/Mnhj3FPORkbjda2veszIu0hrasBBAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQU/xnmGTz4A2+1V2H7354nd2Hn86AwHwYDVR0jBBgwFoAUKnEap9xgBJsLDYhI l+AVsRcfN7kwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODE3 L0tuRWFwOXhnQkpzTERZaElsLUFWc1JjZk43ay5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvS25FYXA5eGdCSnNMRFloSWwtQVZzUmNmTjdrLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODE3L194bm1HVHo0QTItMVYy SDczNTRuZDJIbjg2QS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAV1MoAwDQYJKoZIhvcNAQELBQADggEBAEJ9F03TM+zIsTxdyrlRPBpQHDBpy/c3 c5w8J8CKnwhYPecZeZNdnZzUP5sP3z15NRpQjGbeqQMzoYwzvm2RdAfMyI9k7Q8x 4yeJJfqXR2u41oe0xa4AwL1ekddNpzjDjBQ+Qtt3peu4WC5uLX2+TVCrYLMf2AWS USXvIZos7Ov17TlvtNxTrL0C5k2s7ANa9z7ndBhIQgbCZw5A7EHLY7xPVIRtEqxk L/nm7EUPsijcxxLY/g/qTvcKdwizG4PN9e42adg7mq91IvcsALi2jGRfTOQB6nwY BDXX6W+4SNtZW27C8l0ObbEg5nbR/45CDUAbGUu1R7EREkKg2YKj4/c= -----END CERTIFICATE-----Generated at Mon Sep 8 13:35:11 2025 by rpki-client