$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/817/dXIev-KJhPEzWeZY60qUw4OgK-g.roa File: dXIev-KJhPEzWeZY60qUw4OgK-g.roa (raw, json) Hash identifier: eCkdrjU8RZAc/lb8R4T1sMhXBSU8wfMx61nYdgXMmC4= Subject key identifier: 75:72:1E:BF:E2:89:84:F1:33:59:E6:58:EB:4A:94:C3:83:A0:2B:E8 Certificate issuer: /CN=2A711AA7DC60049B0B0D884897E015B1171F37B9 Certificate serial: 219E Authority key identifier: 2A:71:1A:A7:DC:60:04:9B:0B:0D:88:48:97:E0:15:B1:17:1F:37:B9 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/dXIev-KJhPEzWeZY60qUw4OgK-g.roa Signing time: Fri 29 Aug 2025 09:05:31 +0000 ROA not before: Fri 29 Aug 2025 09:05:31 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 23724 IP address blocks: 117.50.160.0/19 maxlen: 19 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/KnEap9xgBJsLDYhIl-AVsRcfN7k.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/KnEap9xgBJsLDYhIl-AVsRcfN7k.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 08 Sep 2025 16:34:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8606 (0x219e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2A711AA7DC60049B0B0D884897E015B1171F37B9 Validity Not Before: Aug 29 09:05:31 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=75721EBFE28984F13359E658EB4A94C383A02BE8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f8:6b:80:a4:21:03:c2:1c:a0:9f:f8:ff:f9:2f: 2d:6a:09:61:a8:92:72:81:ce:0f:43:45:42:0c:8f: 33:59:56:0a:14:a2:02:bf:68:a0:0b:16:57:00:47: 71:d5:2a:2f:5a:45:ad:f6:33:4d:27:97:81:67:e3: f4:7d:06:90:52:ec:4e:dd:45:d8:23:fa:07:ef:a3: 07:46:18:bb:7f:d0:e0:8a:78:42:de:0a:ca:e4:36: c2:55:8a:67:50:1f:95:97:87:d5:9a:0a:d3:ce:38: e1:25:9b:93:32:89:91:ce:6e:82:af:3b:02:3a:93: f1:58:b9:36:80:c7:08:b7:41:3e:d9:ff:77:6f:34: 1b:90:08:78:26:80:96:2c:49:75:5a:64:7a:27:94: 88:39:d2:66:73:4e:5c:f3:3a:64:cb:43:34:52:a1: 6e:a9:f1:e5:5b:9a:c3:2f:64:f5:88:b8:eb:63:f8: 6c:82:e0:ac:16:ff:00:d3:6f:5d:12:ae:69:6a:f5: 7f:4a:82:b2:95:e9:dd:36:f9:83:b3:fc:f1:78:78: 35:96:aa:12:0b:88:ba:fd:3d:0c:91:e3:f4:f7:66: e0:a3:6f:bb:5f:c4:85:27:ac:8e:b6:ef:b5:0b:ae: 16:45:e0:7d:0b:b0:56:3f:bc:19:51:c3:72:a2:6c: 0b:11 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 75:72:1E:BF:E2:89:84:F1:33:59:E6:58:EB:4A:94:C3:83:A0:2B:E8 X509v3 Authority Key Identifier: keyid:2A:71:1A:A7:DC:60:04:9B:0B:0D:88:48:97:E0:15:B1:17:1F:37:B9 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/KnEap9xgBJsLDYhIl-AVsRcfN7k.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/dXIev-KJhPEzWeZY60qUw4OgK-g.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 117.50.160.0/19 Signature Algorithm: sha256WithRSAEncryption a9:22:2c:d9:0f:ed:96:a2:a0:e8:16:10:a5:42:2d:fc:7f:9b: e9:6f:83:b4:b7:11:39:10:8d:8b:7c:4b:1e:35:3f:ab:9a:b1: 71:c7:a6:e9:ea:76:72:50:0a:20:69:37:eb:bd:ad:ad:90:69: ec:1e:ac:c7:96:d5:6b:52:91:89:7d:37:17:0d:55:ac:8b:4b: 30:c9:3d:18:b9:e2:54:b7:90:7b:07:c1:b2:78:cf:aa:60:cc: f4:79:f8:b1:b1:82:da:ae:15:e3:9f:9b:7a:73:c6:cf:b9:ba: 9a:17:ab:fe:e0:99:8f:80:c2:ac:e6:e4:f2:6c:8c:78:28:96: 18:c1:90:4d:55:75:25:ac:b9:0c:cb:55:a1:ec:2f:fa:50:f4: 70:1f:c8:3a:78:2e:41:62:93:4d:84:72:47:eb:ac:e5:e5:97: a6:12:89:c2:d1:05:17:fd:d6:62:9f:8e:55:98:ea:fe:1b:41: 0e:92:56:2b:2a:bf:99:dc:b8:74:34:19:bd:53:bf:d1:76:bc: 94:a1:71:0d:b8:dc:6e:d5:2c:40:e7:b4:0d:f1:d1:08:8e:3a: d0:53:f5:0f:dd:fd:90:1d:f9:e6:b3:78:54:69:38:00:f0:61: 78:30:07:83:d6:14:fa:b9:e8:f8:37:e6:cc:ec:d0:1c:75:d3: 6f:c5:25:73 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICIZ4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkE3 MTFBQTdEQzYwMDQ5QjBCMEQ4ODQ4OTdFMDE1QjExNzFGMzdCOTAeFw0yNTA4Mjkw OTA1MzFaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDc1NzIxRUJGRTI4OTg0 RjEzMzU5RTY1OEVCNEE5NEMzODNBMDJCRTgwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQD4a4CkIQPCHKCf+P/5Ly1qCWGoknKBzg9DRUIMjzNZVgoUogK/ aKALFlcAR3HVKi9aRa32M00nl4Fn4/R9BpBS7E7dRdgj+gfvowdGGLt/0OCKeELe CsrkNsJVimdQH5WXh9WaCtPOOOElm5MyiZHOboKvOwI6k/FYuTaAxwi3QT7Z/3dv NBuQCHgmgJYsSXVaZHonlIg50mZzTlzzOmTLQzRSoW6p8eVbmsMvZPWIuOtj+GyC 4KwW/wDTb10Srmlq9X9KgrKV6d02+YOz/PF4eDWWqhILiLr9PQyR4/T3ZuCjb7tf xIUnrI6277ULrhZF4H0LsFY/vBlRw3KibAsRAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUdXIev+KJhPEzWeZY60qUw4OgK+gwHwYDVR0jBBgwFoAUKnEap9xgBJsLDYhI l+AVsRcfN7kwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODE3 L0tuRWFwOXhnQkpzTERZaElsLUFWc1JjZk43ay5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvS25FYXA5eGdCSnNMRFloSWwtQVZzUmNmTjdrLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODE3L2RYSWV2LUtKaFBFeldl Wlk2MHFVdzRPZ0stZy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAV1MqAwDQYJKoZIhvcNAQELBQADggEBAKkiLNkP7ZaioOgWEKVCLfx/m+lvg7S3 ETkQjYt8Sx41P6uasXHHpunqdnJQCiBpN+u9ra2QaewerMeW1WtSkYl9NxcNVayL SzDJPRi54lS3kHsHwbJ4z6pgzPR5+LGxgtquFeOfm3pzxs+5upoXq/7gmY+Awqzm 5PJsjHgolhjBkE1VdSWsuQzLVaHsL/pQ9HAfyDp4LkFik02EckfrrOXll6YSicLR BRf91mKfjlWY6v4bQQ6SVisqv5ncuHQ0Gb1Tv9F2vJShcQ243G7VLEDntA3x0QiO OtBT9Q/d/ZAd+eazeFRpOADwYXgwB4PWFPq56Pg35szs0Bx102/FJXM= -----END CERTIFICATE-----Generated at Mon Sep 8 13:35:11 2025 by rpki-client