$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/817/jKAo1Cbh3jpkrOpe7FL4pHpMeto.roa File: jKAo1Cbh3jpkrOpe7FL4pHpMeto.roa (raw, json) Hash identifier: 3UiKBESWQlVeLIidDDb7MBRvjGbpij0xzPzMurCBCWs= Subject key identifier: 8C:A0:28:D4:26:E1:DE:3A:64:AC:EA:5E:EC:52:F8:A4:7A:4C:7A:DA Certificate issuer: /CN=2A711AA7DC60049B0B0D884897E015B1171F37B9 Certificate serial: 2184 Authority key identifier: 2A:71:1A:A7:DC:60:04:9B:0B:0D:88:48:97:E0:15:B1:17:1F:37:B9 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/jKAo1Cbh3jpkrOpe7FL4pHpMeto.roa Signing time: Fri 29 Aug 2025 09:05:26 +0000 ROA not before: Fri 29 Aug 2025 09:05:26 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 58466 IP address blocks: 106.75.144.0/20 maxlen: 20 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/KnEap9xgBJsLDYhIl-AVsRcfN7k.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/KnEap9xgBJsLDYhIl-AVsRcfN7k.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 08 Sep 2025 16:34:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8580 (0x2184) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2A711AA7DC60049B0B0D884897E015B1171F37B9 Validity Not Before: Aug 29 09:05:26 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=8CA028D426E1DE3A64ACEA5EEC52F8A47A4C7ADA Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a2:a5:55:c5:c7:69:ee:5a:dc:ad:73:6b:cd:a9: 2d:56:52:4c:f3:b0:ba:c0:db:96:d0:70:30:7e:bd: 85:2e:18:be:8f:0e:49:6c:50:9d:90:e8:e0:66:63: 48:ef:0e:ca:b4:b0:eb:1d:9b:4a:37:cd:2c:4f:b3: 92:37:f3:c1:91:49:4c:9c:fa:e5:8f:d8:02:d0:b5: 44:17:7a:be:f2:32:8e:53:3f:e9:96:b3:a4:2f:65: 44:5f:18:45:41:13:46:b5:c5:1a:63:bf:28:e3:1c: 67:b3:3f:fe:81:6a:2a:ed:32:b2:33:4f:24:59:88: 6a:f6:ad:d6:3b:94:3a:90:6c:71:6a:46:b6:89:9b: 4e:16:a4:6c:eb:2b:0c:e4:d5:b5:a3:dd:89:cc:cb: cf:c9:5f:53:0b:62:de:00:71:de:49:36:59:2d:70: 0e:da:06:3a:65:47:d0:c5:b1:42:a4:6b:a7:92:0f: 86:ee:db:91:ef:99:a2:9e:4f:e9:59:31:0d:40:7a: 7a:e4:e6:8c:61:96:b0:3e:ff:93:7b:c2:10:70:29: 51:24:cf:f5:ca:f0:a0:b2:0e:1c:d2:8d:7d:b6:41: d5:3c:a2:75:cd:e9:18:16:17:00:d9:50:09:c5:5a: 31:b3:44:ab:bc:48:09:6a:e5:ef:17:a7:f5:0e:bb: 5b:df Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8C:A0:28:D4:26:E1:DE:3A:64:AC:EA:5E:EC:52:F8:A4:7A:4C:7A:DA X509v3 Authority Key Identifier: keyid:2A:71:1A:A7:DC:60:04:9B:0B:0D:88:48:97:E0:15:B1:17:1F:37:B9 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/KnEap9xgBJsLDYhIl-AVsRcfN7k.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/jKAo1Cbh3jpkrOpe7FL4pHpMeto.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 106.75.144.0/20 Signature Algorithm: sha256WithRSAEncryption 30:ee:8b:7d:19:e8:05:32:92:f4:17:07:0d:f4:13:68:c3:14: d3:97:fb:a3:2f:46:db:6c:ef:a8:10:58:46:05:d4:7e:b5:f8: bb:22:f0:8b:14:a1:31:79:51:21:d2:5f:cd:d3:f6:b3:f1:6a: 42:16:26:7f:67:e3:f9:3c:2a:ee:78:35:81:38:3b:a8:fa:51: 83:96:d2:37:6b:3c:6e:e9:e6:c5:9e:ea:41:5e:89:61:b3:4b: b9:23:0e:52:48:41:44:ac:7f:38:6f:cf:0c:50:4e:a6:89:5e: 1a:81:b5:3b:2d:ba:55:37:42:d4:6a:a6:7a:d0:2e:cf:de:95: 00:03:e4:b0:a8:39:cd:45:e0:ed:0d:b8:e2:80:0a:d4:7e:bd: 51:3b:94:ab:7f:bc:56:3c:0e:fe:8a:11:65:69:da:b1:2b:a1: f0:30:da:36:25:5e:1d:d5:2a:3b:35:a4:36:20:5c:c3:6e:1a: 06:07:c7:0d:00:ca:07:7f:bf:eb:01:20:3a:0f:56:7c:89:04: bd:50:f3:c1:b1:df:71:36:20:80:5b:78:65:ce:30:a4:cd:2d: 6f:2a:d1:20:43:d7:6e:8c:21:e7:48:be:84:92:b9:3d:af:0e: c5:eb:66:1e:95:30:a3:08:82:ce:97:35:cf:fb:16:b9:cb:eb: 52:9e:20:76 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICIYQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkE3 MTFBQTdEQzYwMDQ5QjBCMEQ4ODQ4OTdFMDE1QjExNzFGMzdCOTAeFw0yNTA4Mjkw OTA1MjZaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDhDQTAyOEQ0MjZFMURF M0E2NEFDRUE1RUVDNTJGOEE0N0E0QzdBREEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCipVXFx2nuWtytc2vNqS1WUkzzsLrA25bQcDB+vYUuGL6PDkls UJ2Q6OBmY0jvDsq0sOsdm0o3zSxPs5I388GRSUyc+uWP2ALQtUQXer7yMo5TP+mW s6QvZURfGEVBE0a1xRpjvyjjHGezP/6BairtMrIzTyRZiGr2rdY7lDqQbHFqRraJ m04WpGzrKwzk1bWj3YnMy8/JX1MLYt4Acd5JNlktcA7aBjplR9DFsUKka6eSD4bu 25HvmaKeT+lZMQ1Aenrk5oxhlrA+/5N7whBwKVEkz/XK8KCyDhzSjX22QdU8onXN 6RgWFwDZUAnFWjGzRKu8SAlq5e8Xp/UOu1vfAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUjKAo1Cbh3jpkrOpe7FL4pHpMetowHwYDVR0jBBgwFoAUKnEap9xgBJsLDYhI l+AVsRcfN7kwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODE3 L0tuRWFwOXhnQkpzTERZaElsLUFWc1JjZk43ay5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvS25FYXA5eGdCSnNMRFloSWwtQVZzUmNmTjdrLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODE3L2pLQW8xQ2JoM2pwa3JP cGU3Rkw0cEhwTWV0by5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BARqS5AwDQYJKoZIhvcNAQELBQADggEBADDui30Z6AUykvQXBw30E2jDFNOX+6Mv Rtts76gQWEYF1H61+Lsi8IsUoTF5USHSX83T9rPxakIWJn9n4/k8Ku54NYE4O6j6 UYOW0jdrPG7p5sWe6kFeiWGzS7kjDlJIQUSsfzhvzwxQTqaJXhqBtTstulU3QtRq pnrQLs/elQAD5LCoOc1F4O0NuOKACtR+vVE7lKt/vFY8Dv6KEWVp2rErofAw2jYl Xh3VKjs1pDYgXMNuGgYHxw0Aygd/v+sBIDoPVnyJBL1Q88Gx33E2IIBbeGXOMKTN LW8q0SBD126MIedIvoSSuT2vDsXrZh6VMKMIgs6XNc/7FrnL61KeIHY= -----END CERTIFICATE-----Generated at Mon Sep 8 13:35:14 2025 by rpki-client