$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/817/i7PVe7wDHjX_sc6kfNJdflWO24U.roa File: i7PVe7wDHjX_sc6kfNJdflWO24U.roa (raw, json) Hash identifier: LJfd9t6qRYiBk+Gl53vqy5tnpKaviABZi5h5WZqrZlU= Subject key identifier: 8B:B3:D5:7B:BC:03:1E:35:FF:B1:CE:A4:7C:D2:5D:7E:55:8E:DB:85 Certificate issuer: /CN=2A711AA7DC60049B0B0D884897E015B1171F37B9 Certificate serial: 21A2 Authority key identifier: 2A:71:1A:A7:DC:60:04:9B:0B:0D:88:48:97:E0:15:B1:17:1F:37:B9 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/i7PVe7wDHjX_sc6kfNJdflWO24U.roa Signing time: Fri 29 Aug 2025 09:05:32 +0000 ROA not before: Fri 29 Aug 2025 09:05:32 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 58466 IP address blocks: 106.75.160.0/20 maxlen: 20 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/KnEap9xgBJsLDYhIl-AVsRcfN7k.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/KnEap9xgBJsLDYhIl-AVsRcfN7k.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 08 Sep 2025 16:34:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8610 (0x21a2) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2A711AA7DC60049B0B0D884897E015B1171F37B9 Validity Not Before: Aug 29 09:05:32 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=8BB3D57BBC031E35FFB1CEA47CD25D7E558EDB85 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:51:be:35:73:78:a5:78:19:7e:a6:f1:39:99: 84:a1:fa:fb:6c:d3:6c:05:05:c8:14:05:a0:58:ca: 38:4a:f9:a2:b7:f4:78:a9:28:4d:4f:fa:4a:8c:b5: e6:a7:6c:b0:a4:2e:c5:18:3a:7a:0a:c7:98:be:ce: ef:e7:6d:0b:8f:28:db:4e:74:bf:83:21:6d:3a:7b: 90:7b:5d:1e:6b:06:2a:ce:02:ca:29:59:ff:3f:d5: 90:e7:19:e9:53:63:37:27:e0:fa:e0:a7:c0:50:d7: 4f:d7:3a:9c:d1:cb:0b:05:d2:8b:53:eb:1b:ef:87: 9d:4d:a9:a8:29:90:f4:0a:2b:cc:82:56:35:96:bf: 6f:e7:80:88:0c:6c:13:db:7b:1b:88:b6:9b:cc:1c: 94:3c:7c:65:d9:98:35:85:70:0a:bc:d2:61:48:5c: 5b:5e:1b:d8:b5:b7:a6:6d:e1:69:1a:44:96:88:59: 9f:92:bd:c8:07:c2:ac:ea:5d:d7:1c:04:62:47:55: 79:b0:06:a7:01:5e:b5:b1:b5:92:7c:7b:59:b2:e5: 5b:1d:cb:26:8e:12:74:d9:f6:58:11:c5:9d:ff:9d: 38:c0:22:f6:9a:4e:8b:af:f1:3f:b3:ed:f8:ed:09: 33:f3:3c:be:16:bd:a0:1d:9e:f3:36:c0:c6:25:be: 4f:f5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8B:B3:D5:7B:BC:03:1E:35:FF:B1:CE:A4:7C:D2:5D:7E:55:8E:DB:85 X509v3 Authority Key Identifier: keyid:2A:71:1A:A7:DC:60:04:9B:0B:0D:88:48:97:E0:15:B1:17:1F:37:B9 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/KnEap9xgBJsLDYhIl-AVsRcfN7k.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/i7PVe7wDHjX_sc6kfNJdflWO24U.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 106.75.160.0/20 Signature Algorithm: sha256WithRSAEncryption 57:de:39:56:bf:ae:ee:7f:55:0e:36:83:3a:9f:fe:12:79:56: f4:1e:24:4f:52:bc:23:2c:29:43:8f:01:df:2c:b6:ac:5d:80: 07:8c:99:8e:b5:91:03:a1:a3:9b:92:84:8a:b0:73:e6:fd:92: 20:8a:8a:86:b4:06:85:9a:bf:91:21:e5:e9:b9:f4:48:1c:14: 2f:aa:1c:2b:1c:81:c8:36:e3:bf:f0:73:43:20:16:00:ac:72: bc:46:13:2f:89:e3:f2:99:38:73:2d:d1:d7:72:fc:1c:c0:e7: 0c:06:cc:cc:f3:08:3c:08:ac:91:14:ea:82:1a:16:de:a2:b2: 37:1e:6d:9d:a7:c9:36:39:df:72:db:81:5d:c0:fe:e8:a2:43: c7:47:97:e3:8a:61:28:e9:bb:5c:27:74:7b:47:ff:9b:9d:13: ec:06:52:02:63:62:a1:26:08:5e:bd:4a:a0:9b:01:6d:58:f4: f6:d3:c7:5f:64:90:40:16:2c:d4:80:52:76:65:28:c4:79:4a: 0f:34:61:d8:f9:63:fe:9e:36:35:77:83:f9:16:07:74:fd:f7: 37:72:56:7f:0d:64:cb:40:37:2d:93:3d:b4:6e:8f:7a:b4:6a: c6:f5:1d:a4:68:5c:5b:7f:da:e7:f5:54:0b:f9:57:5c:40:4e: 2d:4a:39:a0 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICIaIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkE3 MTFBQTdEQzYwMDQ5QjBCMEQ4ODQ4OTdFMDE1QjExNzFGMzdCOTAeFw0yNTA4Mjkw OTA1MzJaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDhCQjNENTdCQkMwMzFF MzVGRkIxQ0VBNDdDRDI1RDdFNTU4RURCODUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDOUb41c3ileBl+pvE5mYSh+vts02wFBcgUBaBYyjhK+aK39Hip KE1P+kqMteanbLCkLsUYOnoKx5i+zu/nbQuPKNtOdL+DIW06e5B7XR5rBirOAsop Wf8/1ZDnGelTYzcn4Prgp8BQ10/XOpzRywsF0otT6xvvh51NqagpkPQKK8yCVjWW v2/ngIgMbBPbexuItpvMHJQ8fGXZmDWFcAq80mFIXFteG9i1t6Zt4WkaRJaIWZ+S vcgHwqzqXdccBGJHVXmwBqcBXrWxtZJ8e1my5VsdyyaOEnTZ9lgRxZ3/nTjAIvaa Touv8T+z7fjtCTPzPL4WvaAdnvM2wMYlvk/1AgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUi7PVe7wDHjX/sc6kfNJdflWO24UwHwYDVR0jBBgwFoAUKnEap9xgBJsLDYhI l+AVsRcfN7kwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODE3 L0tuRWFwOXhnQkpzTERZaElsLUFWc1JjZk43ay5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvS25FYXA5eGdCSnNMRFloSWwtQVZzUmNmTjdrLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODE3L2k3UFZlN3dESGpYX3Nj NmtmTkpkZmxXTzI0VS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BARqS6AwDQYJKoZIhvcNAQELBQADggEBAFfeOVa/ru5/VQ42gzqf/hJ5VvQeJE9S vCMsKUOPAd8stqxdgAeMmY61kQOho5uShIqwc+b9kiCKioa0BoWav5Eh5em59Egc FC+qHCscgcg247/wc0MgFgCscrxGEy+J4/KZOHMt0ddy/BzA5wwGzMzzCDwIrJEU 6oIaFt6isjcebZ2nyTY533LbgV3A/uiiQ8dHl+OKYSjpu1wndHtH/5udE+wGUgJj YqEmCF69SqCbAW1Y9PbTx19kkEAWLNSAUnZlKMR5Sg80Ydj5Y/6eNjV3g/kWB3T9 9zdyVn8NZMtANy2TPbRuj3q0asb1HaRoXFt/2uf1VAv5V1xATi1KOaA= -----END CERTIFICATE-----Generated at Mon Sep 8 13:35:12 2025 by rpki-client