$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/817/grY1H1FGzSNmW_p_1U0K0oxr_3o.roa File: grY1H1FGzSNmW_p_1U0K0oxr_3o.roa (raw, json) Hash identifier: ql7occTbtovByRB1fBIYtr6ONJ24QqZo5yqwsbjC5PQ= Subject key identifier: 82:B6:35:1F:51:46:CD:23:66:5B:FA:7F:D5:4D:0A:D2:8C:6B:FF:7A Certificate issuer: /CN=2A711AA7DC60049B0B0D884897E015B1171F37B9 Certificate serial: 21AA Authority key identifier: 2A:71:1A:A7:DC:60:04:9B:0B:0D:88:48:97:E0:15:B1:17:1F:37:B9 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/grY1H1FGzSNmW_p_1U0K0oxr_3o.roa Signing time: Fri 29 Aug 2025 09:05:34 +0000 ROA not before: Fri 29 Aug 2025 09:05:34 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 4808 IP address blocks: 117.50.128.0/19 maxlen: 19 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/KnEap9xgBJsLDYhIl-AVsRcfN7k.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/KnEap9xgBJsLDYhIl-AVsRcfN7k.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 07 Sep 2025 05:34:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8618 (0x21aa) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2A711AA7DC60049B0B0D884897E015B1171F37B9 Validity Not Before: Aug 29 09:05:34 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=82B6351F5146CD23665BFA7FD54D0AD28C6BFF7A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:20:de:d6:44:86:98:09:2d:71:2d:6a:26:dd: 40:d2:08:71:e3:f4:ee:63:4a:af:9d:7a:62:23:cb: 74:f7:10:9d:38:55:21:66:30:bf:32:0e:1a:6b:a1: a1:5c:ff:05:41:27:af:dc:97:0e:41:0a:84:12:7f: bd:c9:64:b6:f2:82:d9:15:65:5b:2a:22:7c:47:d2: 16:00:15:18:b6:5e:aa:70:25:66:b8:ca:13:1d:81: b8:7b:26:25:8b:f4:a2:ee:c7:37:88:c3:c0:de:bf: c3:c5:77:d5:71:f2:d6:6a:e3:81:93:4c:e6:aa:c1: cc:fb:13:b1:bf:2c:66:54:53:32:b2:aa:f2:12:d8: 85:fb:38:0d:de:a0:fd:b5:00:6e:ad:c6:ef:2e:91: 25:8e:d8:f5:bb:dd:00:ba:15:51:3f:6a:c4:66:65: b6:c8:1f:71:a2:17:94:78:a6:e6:23:88:d4:33:3d: c8:7c:a1:f1:28:37:c2:b3:b0:ca:49:6e:ae:2b:03: bf:77:f3:9b:8f:41:da:b6:57:e5:05:8f:88:a0:1d: 75:8b:28:ba:17:f0:48:46:20:1c:c2:8d:a0:c9:4d: 5a:38:be:8c:cb:1b:78:0b:39:7f:ed:cf:a5:57:80: 9c:1a:62:e2:10:a3:ae:2f:0b:4c:c1:bd:43:77:8c: 6c:eb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 82:B6:35:1F:51:46:CD:23:66:5B:FA:7F:D5:4D:0A:D2:8C:6B:FF:7A X509v3 Authority Key Identifier: keyid:2A:71:1A:A7:DC:60:04:9B:0B:0D:88:48:97:E0:15:B1:17:1F:37:B9 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/KnEap9xgBJsLDYhIl-AVsRcfN7k.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/grY1H1FGzSNmW_p_1U0K0oxr_3o.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 117.50.128.0/19 Signature Algorithm: sha256WithRSAEncryption 29:af:d5:2d:85:00:e2:71:7d:bf:7d:b3:24:da:56:e1:54:28: d3:63:c6:21:5c:3f:91:92:9a:3e:c1:a5:d1:0d:1e:58:59:f8: 33:aa:c1:c6:08:6f:43:3f:d9:95:68:20:d3:88:15:67:dd:5d: 94:c7:89:8c:bf:73:d7:a8:ac:96:65:23:3f:9d:bb:55:6b:84: 7e:29:45:00:f3:3a:1d:aa:fd:f2:00:c7:3b:09:98:61:97:4a: 8a:08:85:2d:c3:19:e4:5e:b0:dd:00:30:6b:77:4a:fe:17:54: 39:d0:ad:2c:db:64:1b:a0:e4:ea:a6:f4:4a:00:5a:75:95:2a: 99:af:83:73:f1:44:79:e2:5e:55:a3:eb:58:07:72:5a:9c:b7: 5e:2c:8d:cb:70:cb:ee:7b:c9:78:b0:83:c0:04:24:a7:a6:a9: 3e:28:5c:0e:cf:06:94:07:a2:d9:1c:48:76:a3:b8:f9:eb:c9: 0f:2e:5f:9a:53:a6:c2:31:e3:32:c3:ac:2f:c5:b2:b8:05:38: 72:18:55:fd:79:57:4d:60:5a:66:1a:f0:2c:db:56:04:04:60: 7e:40:96:27:44:af:0e:d5:aa:8a:9f:2a:95:18:e8:f4:65:d0: 54:6d:15:4b:6d:d3:07:10:23:94:0a:31:8f:3b:ca:3b:50:c5: b3:46:a7:ff -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICIaowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkE3 MTFBQTdEQzYwMDQ5QjBCMEQ4ODQ4OTdFMDE1QjExNzFGMzdCOTAeFw0yNTA4Mjkw OTA1MzRaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDgyQjYzNTFGNTE0NkNE MjM2NjVCRkE3RkQ1NEQwQUQyOEM2QkZGN0EwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDDIN7WRIaYCS1xLWom3UDSCHHj9O5jSq+demIjy3T3EJ04VSFm ML8yDhproaFc/wVBJ6/clw5BCoQSf73JZLbygtkVZVsqInxH0hYAFRi2XqpwJWa4 yhMdgbh7JiWL9KLuxzeIw8Dev8PFd9Vx8tZq44GTTOaqwcz7E7G/LGZUUzKyqvIS 2IX7OA3eoP21AG6txu8ukSWO2PW73QC6FVE/asRmZbbIH3GiF5R4puYjiNQzPch8 ofEoN8KzsMpJbq4rA79385uPQdq2V+UFj4igHXWLKLoX8EhGIBzCjaDJTVo4vozL G3gLOX/tz6VXgJwaYuIQo64vC0zBvUN3jGzrAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUgrY1H1FGzSNmW/p/1U0K0oxr/3owHwYDVR0jBBgwFoAUKnEap9xgBJsLDYhI l+AVsRcfN7kwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODE3 L0tuRWFwOXhnQkpzTERZaElsLUFWc1JjZk43ay5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvS25FYXA5eGdCSnNMRFloSWwtQVZzUmNmTjdrLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODE3L2dyWTFIMUZHelNObVdf cF8xVTBLMG94cl8zby5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAV1MoAwDQYJKoZIhvcNAQELBQADggEBACmv1S2FAOJxfb99syTaVuFUKNNjxiFc P5GSmj7BpdENHlhZ+DOqwcYIb0M/2ZVoINOIFWfdXZTHiYy/c9eorJZlIz+du1Vr hH4pRQDzOh2q/fIAxzsJmGGXSooIhS3DGeResN0AMGt3Sv4XVDnQrSzbZBug5Oqm 9EoAWnWVKpmvg3PxRHniXlWj61gHclqct14sjctwy+57yXiwg8AEJKemqT4oXA7P BpQHotkcSHajuPnryQ8uX5pTpsIx4zLDrC/FsrgFOHIYVf15V01gWmYa8CzbVgQE YH5AlidErw7VqoqfKpUY6PRl0FRtFUtt0wcQI5QKMY87yjtQxbNGp/8= -----END CERTIFICATE-----Generated at Sun Sep 7 03:31:48 2025 by rpki-client