$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/817/jVcd9TAdG00gAXt_bkdcmRzrhuk.roa File: jVcd9TAdG00gAXt_bkdcmRzrhuk.roa (raw, json) Hash identifier: K5wllzqEO38K/zrjSrQVmq/02dbxVHJsjpphpx8oaYQ= Subject key identifier: 8D:57:1D:F5:30:1D:1B:4D:20:01:7B:7F:6E:47:5C:99:1C:EB:86:E9 Certificate issuer: /CN=2A711AA7DC60049B0B0D884897E015B1171F37B9 Certificate serial: 216E Authority key identifier: 2A:71:1A:A7:DC:60:04:9B:0B:0D:88:48:97:E0:15:B1:17:1F:37:B9 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/jVcd9TAdG00gAXt_bkdcmRzrhuk.roa Signing time: Fri 29 Aug 2025 09:05:21 +0000 ROA not before: Fri 29 Aug 2025 09:05:21 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 135377 IP address blocks: 106.75.197.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/KnEap9xgBJsLDYhIl-AVsRcfN7k.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/KnEap9xgBJsLDYhIl-AVsRcfN7k.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 05 Sep 2025 10:03:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8558 (0x216e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2A711AA7DC60049B0B0D884897E015B1171F37B9 Validity Not Before: Aug 29 09:05:21 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=8D571DF5301D1B4D20017B7F6E475C991CEB86E9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:e5:c5:6e:92:80:74:db:81:5e:a6:26:59:5a: 96:ba:94:89:78:a5:bc:1e:a1:94:83:2e:08:cc:16: 13:fe:66:27:1b:12:0e:41:c4:1e:35:d3:8a:bb:85: 9c:9b:7a:26:6f:87:80:2a:4f:d9:e5:94:ce:9e:8c: f8:d7:0d:3d:d3:12:dd:8e:10:31:5c:09:1f:5f:85: 4d:ec:cc:c2:86:e6:52:22:c0:c0:74:12:6d:30:4d: cf:53:50:a9:5f:37:71:50:6b:9d:20:a2:15:dd:02: a7:08:90:7c:ae:51:0c:88:ca:d0:a7:48:dc:4f:d9: af:24:ef:15:49:a5:56:1d:00:a6:7d:9a:40:b7:c1: 09:ea:44:84:de:7f:f8:31:11:86:ea:4f:2e:ef:80: 74:1c:62:a7:a3:3d:de:9d:6f:4b:4e:f1:fc:9b:4f: a3:cd:43:ec:43:4b:b3:65:36:8d:50:1d:c2:93:77: cf:2d:dc:d2:18:76:13:1d:a9:d4:f3:dc:b2:f9:8c: 1d:09:3c:28:3f:94:84:25:83:27:ca:d9:62:41:b5: df:b8:02:98:da:8b:1c:73:9d:a4:64:b4:31:87:9b: 70:ad:7d:55:2f:30:96:ff:8c:6e:4d:64:6c:f6:0b: 33:e6:9a:a4:89:83:fe:65:df:44:40:65:55:f1:19: ad:11 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8D:57:1D:F5:30:1D:1B:4D:20:01:7B:7F:6E:47:5C:99:1C:EB:86:E9 X509v3 Authority Key Identifier: keyid:2A:71:1A:A7:DC:60:04:9B:0B:0D:88:48:97:E0:15:B1:17:1F:37:B9 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/KnEap9xgBJsLDYhIl-AVsRcfN7k.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/jVcd9TAdG00gAXt_bkdcmRzrhuk.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 106.75.197.0/24 Signature Algorithm: sha256WithRSAEncryption 6e:ef:c3:43:41:66:63:c1:f3:33:6d:83:5f:f3:f3:41:1c:a8: 54:3a:cf:ef:1b:5f:78:b1:0f:05:ab:9e:17:5e:a0:95:a7:1c: e8:1d:60:45:92:89:0e:51:67:f3:be:c0:6b:96:b2:54:25:95: 70:1b:43:8e:1c:58:c2:49:b5:84:9b:82:4b:ac:eb:fd:dd:b6: f3:3a:7a:6c:1f:e7:0e:f3:67:1f:2b:35:50:fd:8c:a7:1f:b3: 1c:eb:ea:00:44:88:e8:aa:ee:92:c5:ed:97:97:0d:9e:42:07: 80:c4:3e:0f:e9:2d:6f:12:87:8e:65:12:bd:05:98:d5:70:5a: cf:b2:d9:bd:e6:4a:3a:b2:f1:7f:90:99:92:fb:ea:b2:3c:1d: 3f:71:41:64:34:92:b0:a9:47:b5:ee:ef:c3:c0:e4:83:fa:c3: 06:ce:17:73:48:6b:9b:a6:d2:ce:52:7b:2c:ea:ac:49:31:76: 03:fa:22:f0:ef:96:61:62:ac:7d:65:36:2e:bc:c7:b4:d7:d6: d3:05:ae:58:ac:2c:96:12:67:c8:b6:03:78:bb:6b:a8:03:a6: 9e:e0:0c:f3:f5:a6:53:62:6e:59:46:fa:af:85:c2:67:e9:bf: 44:f0:16:d5:c4:fe:d7:25:4e:ae:2d:11:37:9b:b3:5c:78:f4: 72:c2:2f:eb -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICIW4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkE3 MTFBQTdEQzYwMDQ5QjBCMEQ4ODQ4OTdFMDE1QjExNzFGMzdCOTAeFw0yNTA4Mjkw OTA1MjFaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDhENTcxREY1MzAxRDFC NEQyMDAxN0I3RjZFNDc1Qzk5MUNFQjg2RTkwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCr5cVukoB024FepiZZWpa6lIl4pbweoZSDLgjMFhP+ZicbEg5B xB4104q7hZybeiZvh4AqT9nllM6ejPjXDT3TEt2OEDFcCR9fhU3szMKG5lIiwMB0 Em0wTc9TUKlfN3FQa50gohXdAqcIkHyuUQyIytCnSNxP2a8k7xVJpVYdAKZ9mkC3 wQnqRITef/gxEYbqTy7vgHQcYqejPd6db0tO8fybT6PNQ+xDS7NlNo1QHcKTd88t 3NIYdhMdqdTz3LL5jB0JPCg/lIQlgyfK2WJBtd+4ApjaixxznaRktDGHm3CtfVUv MJb/jG5NZGz2CzPmmqSJg/5l30RAZVXxGa0RAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUjVcd9TAdG00gAXt/bkdcmRzrhukwHwYDVR0jBBgwFoAUKnEap9xgBJsLDYhI l+AVsRcfN7kwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODE3 L0tuRWFwOXhnQkpzTERZaElsLUFWc1JjZk43ay5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvS25FYXA5eGdCSnNMRFloSWwtQVZzUmNmTjdrLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODE3L2pWY2Q5VEFkRzAwZ0FY dF9ia2RjbVJ6cmh1ay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BABqS8UwDQYJKoZIhvcNAQELBQADggEBAG7vw0NBZmPB8zNtg1/z80EcqFQ6z+8b X3ixDwWrnhdeoJWnHOgdYEWSiQ5RZ/O+wGuWslQllXAbQ44cWMJJtYSbgkus6/3d tvM6emwf5w7zZx8rNVD9jKcfsxzr6gBEiOiq7pLF7ZeXDZ5CB4DEPg/pLW8Sh45l Er0FmNVwWs+y2b3mSjqy8X+QmZL76rI8HT9xQWQ0krCpR7Xu78PA5IP6wwbOF3NI a5um0s5SeyzqrEkxdgP6IvDvlmFirH1lNi68x7TX1tMFrlisLJYSZ8i2A3i7a6gD pp7gDPP1plNibllG+q+Fwmfpv0TwFtXE/tclTq4tETebs1x49HLCL+s= -----END CERTIFICATE-----Generated at Fri Sep 5 09:08:36 2025 by rpki-client