$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/817/guJ5dLBOPfT4eU5957Z7kA5g9lU.roa File: guJ5dLBOPfT4eU5957Z7kA5g9lU.roa (raw, json) Hash identifier: dernTcPGLSaLc9NNvY2hHFsW9TqsJtQekmifwQP5Sb0= Subject key identifier: 82:E2:79:74:B0:4E:3D:F4:F8:79:4E:7D:E7:B6:7B:90:0E:60:F6:55 Certificate issuer: /CN=2A711AA7DC60049B0B0D884897E015B1171F37B9 Certificate serial: 216B Authority key identifier: 2A:71:1A:A7:DC:60:04:9B:0B:0D:88:48:97:E0:15:B1:17:1F:37:B9 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/guJ5dLBOPfT4eU5957Z7kA5g9lU.roa Signing time: Fri 29 Aug 2025 09:05:20 +0000 ROA not before: Fri 29 Aug 2025 09:05:20 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 135377 IP address blocks: 106.75.194.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/KnEap9xgBJsLDYhIl-AVsRcfN7k.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/KnEap9xgBJsLDYhIl-AVsRcfN7k.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 05 Sep 2025 10:03:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8555 (0x216b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2A711AA7DC60049B0B0D884897E015B1171F37B9 Validity Not Before: Aug 29 09:05:20 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=82E27974B04E3DF4F8794E7DE7B67B900E60F655 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:df:a2:a9:94:95:12:11:4c:68:f0:ea:89:c0:19: dc:6b:fd:86:95:6b:56:ba:d0:ee:13:da:2f:44:23: 82:b3:e0:3a:31:6f:f9:f5:66:45:de:d2:9a:52:75: ca:37:38:16:b1:d9:37:42:4e:03:41:e4:27:93:a0: ee:4d:da:35:d8:2a:65:53:a7:c2:f1:a8:e8:89:82: 93:3f:0b:c2:8a:ae:ac:33:e4:16:56:3c:9b:3d:5b: 36:91:25:63:34:0e:05:92:b1:33:f7:d4:45:f5:5f: a8:0d:f0:d0:a7:77:7b:01:e0:cd:62:25:f4:e7:19: 3f:75:65:38:14:09:09:4d:1e:b7:f9:36:ef:a9:fa: a6:3a:86:f3:6a:89:da:3e:a1:9a:3f:bf:3d:f5:73: 18:5f:5b:cf:c5:54:02:ae:35:aa:d6:2e:97:09:73: 46:f9:40:42:ac:32:b3:25:4e:62:5a:b1:d6:ea:8e: 24:4f:9d:2f:44:a4:ff:81:5c:02:68:50:24:28:47: f5:78:20:3c:c7:be:ec:91:a8:69:16:d6:d0:c3:b3: 46:2f:fe:9f:e8:c4:8b:e2:4d:a8:b5:a0:39:57:30: 56:e4:d0:14:1b:44:e0:83:1e:3c:7b:ab:e9:92:91: af:b2:1f:86:4f:cf:bc:b5:a3:7e:91:aa:3e:ee:66: d1:75 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 82:E2:79:74:B0:4E:3D:F4:F8:79:4E:7D:E7:B6:7B:90:0E:60:F6:55 X509v3 Authority Key Identifier: keyid:2A:71:1A:A7:DC:60:04:9B:0B:0D:88:48:97:E0:15:B1:17:1F:37:B9 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/KnEap9xgBJsLDYhIl-AVsRcfN7k.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/guJ5dLBOPfT4eU5957Z7kA5g9lU.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 106.75.194.0/24 Signature Algorithm: sha256WithRSAEncryption 0c:62:5e:4a:6a:32:a2:af:ea:11:fb:40:ae:f8:f6:52:be:4d: 45:8b:4e:3d:a2:5b:e5:ce:c6:ae:d3:b6:9c:33:08:7b:c9:31: db:61:36:7b:59:26:18:15:81:1a:c9:fc:e8:5b:de:3d:cb:d8: e0:37:8e:3b:68:f3:65:ee:5b:cb:ef:29:1d:a2:83:74:df:ef: 92:00:78:a7:a0:54:22:95:54:d4:37:e9:bc:e2:03:b7:aa:50: 31:6f:fc:d0:ba:a2:41:ca:7d:7d:36:4a:e1:ab:9b:0e:19:10: b7:f6:02:cb:24:2b:3b:e9:bf:12:54:7e:50:ec:9f:8b:5f:27: dd:86:16:be:8c:3f:b4:cc:3e:a9:ff:fd:70:73:4e:37:1d:51: bd:cc:11:8b:6a:3c:45:63:d4:56:67:1a:06:64:f7:ba:ef:b0: 86:37:2e:fe:9f:9f:94:2a:1f:0b:f7:a5:e8:a4:c6:8d:0e:8a: 94:8d:65:ba:7e:80:10:11:9b:79:55:e8:c9:ed:eb:fc:45:d7: ee:bd:05:23:ce:a6:9c:6f:6e:83:2d:33:3c:d5:20:bf:2f:6f: 9e:09:63:8a:81:6d:27:89:8a:c5:51:cf:cf:71:2b:69:a0:65: cb:74:02:10:a2:af:6d:86:cc:52:36:c9:66:c5:e6:ef:2b:35: 52:b1:1d:30 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICIWswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkE3 MTFBQTdEQzYwMDQ5QjBCMEQ4ODQ4OTdFMDE1QjExNzFGMzdCOTAeFw0yNTA4Mjkw OTA1MjBaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDgyRTI3OTc0QjA0RTNE RjRGODc5NEU3REU3QjY3QjkwMEU2MEY2NTUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDfoqmUlRIRTGjw6onAGdxr/YaVa1a60O4T2i9EI4Kz4Doxb/n1 ZkXe0ppSdco3OBax2TdCTgNB5CeToO5N2jXYKmVTp8LxqOiJgpM/C8KKrqwz5BZW PJs9WzaRJWM0DgWSsTP31EX1X6gN8NCnd3sB4M1iJfTnGT91ZTgUCQlNHrf5Nu+p +qY6hvNqido+oZo/vz31cxhfW8/FVAKuNarWLpcJc0b5QEKsMrMlTmJasdbqjiRP nS9EpP+BXAJoUCQoR/V4IDzHvuyRqGkW1tDDs0Yv/p/oxIviTai1oDlXMFbk0BQb ROCDHjx7q+mSka+yH4ZPz7y1o36Rqj7uZtF1AgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUguJ5dLBOPfT4eU5957Z7kA5g9lUwHwYDVR0jBBgwFoAUKnEap9xgBJsLDYhI l+AVsRcfN7kwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODE3 L0tuRWFwOXhnQkpzTERZaElsLUFWc1JjZk43ay5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvS25FYXA5eGdCSnNMRFloSWwtQVZzUmNmTjdrLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODE3L2d1SjVkTEJPUGZUNGVV NTk1N1o3a0E1ZzlsVS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BABqS8IwDQYJKoZIhvcNAQELBQADggEBAAxiXkpqMqKv6hH7QK749lK+TUWLTj2i W+XOxq7TtpwzCHvJMdthNntZJhgVgRrJ/Ohb3j3L2OA3jjto82XuW8vvKR2ig3Tf 75IAeKegVCKVVNQ36bziA7eqUDFv/NC6okHKfX02SuGrmw4ZELf2AsskKzvpvxJU flDsn4tfJ92GFr6MP7TMPqn//XBzTjcdUb3MEYtqPEVj1FZnGgZk97rvsIY3Lv6f n5QqHwv3peikxo0OipSNZbp+gBARm3lV6Mnt6/xF1+69BSPOppxvboMtMzzVIL8v b54JY4qBbSeJisVRz89xK2mgZct0AhCir22GzFI2yWbF5u8rNVKxHTA= -----END CERTIFICATE-----Generated at Fri Sep 5 09:11:10 2025 by rpki-client