$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/817/jxq46HDkVmMGSY0dvbyuCDvhpYA.roa File: jxq46HDkVmMGSY0dvbyuCDvhpYA.roa (raw, json) Hash identifier: /5zvm0sdisg7c66aDfoGeRaqdKsw3PvfkwsFA6T/fmo= Subject key identifier: 8F:1A:B8:E8:70:E4:56:63:06:49:8D:1D:BD:BC:AE:08:3B:E1:A5:80 Certificate issuer: /CN=2A711AA7DC60049B0B0D884897E015B1171F37B9 Certificate serial: 21A5 Authority key identifier: 2A:71:1A:A7:DC:60:04:9B:0B:0D:88:48:97:E0:15:B1:17:1F:37:B9 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/jxq46HDkVmMGSY0dvbyuCDvhpYA.roa Signing time: Fri 29 Aug 2025 09:05:32 +0000 ROA not before: Fri 29 Aug 2025 09:05:32 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 4811 IP address blocks: 113.31.176.0/20 maxlen: 20 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/KnEap9xgBJsLDYhIl-AVsRcfN7k.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/KnEap9xgBJsLDYhIl-AVsRcfN7k.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 08 Sep 2025 01:34:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8613 (0x21a5) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2A711AA7DC60049B0B0D884897E015B1171F37B9 Validity Not Before: Aug 29 09:05:32 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=8F1AB8E870E4566306498D1DBDBCAE083BE1A580 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:78:bb:a4:d3:bb:64:3b:1b:7f:e8:13:ab:c6: c4:67:fb:9c:7c:fe:44:aa:97:7b:36:d5:86:5e:33: e3:71:29:65:ca:ff:bf:00:fd:d5:b0:9c:1d:85:ad: 01:a1:ac:c8:8c:ad:41:71:47:89:03:2e:7a:c3:3e: 5c:4f:f3:e6:38:cc:e9:2e:f5:c2:6e:84:52:ce:6c: 94:a2:e6:b3:cd:eb:94:ea:9f:5a:f9:66:39:3d:d9: c9:d3:6e:63:e4:3f:9e:dc:a2:53:db:66:60:69:58: db:c4:3c:c3:6c:1a:b9:ff:88:c3:fa:bf:09:5b:46: 9a:6d:1c:35:58:d0:d4:8a:ae:92:fd:16:5a:23:30: ac:96:bd:d5:38:68:7d:7e:d0:50:0b:3e:70:be:c6: 6a:52:a8:98:51:b1:e8:2c:5f:0b:a4:bd:4e:bc:09: cd:73:b5:a3:32:1d:ae:47:09:c5:87:96:60:31:75: fb:1b:a8:02:18:5d:ec:4c:a6:7c:04:ee:be:d7:18: 86:65:24:70:7e:44:5a:bd:9e:db:98:5d:9d:60:79: fb:51:73:1f:2d:be:4e:8c:b5:e4:8a:11:b8:8b:2c: e1:5a:7f:dc:32:ac:f1:61:27:b3:e4:04:5e:6b:61: c3:9a:02:03:9d:b4:0c:f3:69:1e:75:ff:46:58:81: 82:39 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8F:1A:B8:E8:70:E4:56:63:06:49:8D:1D:BD:BC:AE:08:3B:E1:A5:80 X509v3 Authority Key Identifier: keyid:2A:71:1A:A7:DC:60:04:9B:0B:0D:88:48:97:E0:15:B1:17:1F:37:B9 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/KnEap9xgBJsLDYhIl-AVsRcfN7k.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/jxq46HDkVmMGSY0dvbyuCDvhpYA.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 113.31.176.0/20 Signature Algorithm: sha256WithRSAEncryption 65:dd:f2:75:78:04:b7:46:ae:fd:ab:8c:87:1d:ef:32:9a:58: 86:ee:c4:d9:fb:ad:cd:07:a2:a1:f0:5d:a6:a4:45:fe:74:26: a9:3f:e1:f3:3b:74:5b:dc:fd:81:0e:09:15:28:e2:6f:52:58: 2c:aa:5e:46:26:df:9e:e4:53:de:23:34:63:08:75:ba:29:48: 6d:f3:25:31:ec:22:05:97:3b:4a:3c:9c:96:d1:7d:7f:cb:e7: 43:dd:9b:a8:e4:0a:25:be:8f:d0:31:27:4c:b2:8c:49:58:5e: 36:e6:3b:bd:58:57:7d:0f:f7:f1:28:e1:28:8d:43:a3:14:7f: 46:ef:72:f6:97:1f:65:85:10:f8:48:2c:8d:0c:0a:de:cb:b5: 1f:d4:f1:f8:f3:84:69:b6:35:6a:4d:25:4f:02:40:1d:e0:7a: 93:d5:1f:ca:cb:d1:64:a4:78:e9:84:d5:89:73:40:75:be:d3: 29:a7:b5:42:6d:4d:86:69:7d:3c:57:06:b4:19:f8:f7:97:ef: 7d:60:89:20:86:56:70:bc:72:bf:ef:31:f4:5b:1a:90:2f:0b: 7c:45:02:f6:10:73:4e:78:f4:82:53:0c:4f:c5:97:54:b3:7c: ab:24:55:c2:5e:df:f9:b2:c0:44:59:b5:c6:95:ba:2e:92:6c: 1e:6a:71:c2 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICIaUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkE3 MTFBQTdEQzYwMDQ5QjBCMEQ4ODQ4OTdFMDE1QjExNzFGMzdCOTAeFw0yNTA4Mjkw OTA1MzJaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDhGMUFCOEU4NzBFNDU2 NjMwNjQ5OEQxREJEQkNBRTA4M0JFMUE1ODAwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC6eLuk07tkOxt/6BOrxsRn+5x8/kSql3s21YZeM+NxKWXK/78A /dWwnB2FrQGhrMiMrUFxR4kDLnrDPlxP8+Y4zOku9cJuhFLObJSi5rPN65Tqn1r5 Zjk92cnTbmPkP57colPbZmBpWNvEPMNsGrn/iMP6vwlbRpptHDVY0NSKrpL9Floj MKyWvdU4aH1+0FALPnC+xmpSqJhRsegsXwukvU68Cc1ztaMyHa5HCcWHlmAxdfsb qAIYXexMpnwE7r7XGIZlJHB+RFq9ntuYXZ1geftRcx8tvk6MteSKEbiLLOFaf9wy rPFhJ7PkBF5rYcOaAgOdtAzzaR51/0ZYgYI5AgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUjxq46HDkVmMGSY0dvbyuCDvhpYAwHwYDVR0jBBgwFoAUKnEap9xgBJsLDYhI l+AVsRcfN7kwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODE3 L0tuRWFwOXhnQkpzTERZaElsLUFWc1JjZk43ay5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvS25FYXA5eGdCSnNMRFloSWwtQVZzUmNmTjdrLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODE3L2p4cTQ2SERrVm1NR1NZ MGR2Ynl1Q0R2aHBZQS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BARxH7AwDQYJKoZIhvcNAQELBQADggEBAGXd8nV4BLdGrv2rjIcd7zKaWIbuxNn7 rc0HoqHwXaakRf50Jqk/4fM7dFvc/YEOCRUo4m9SWCyqXkYm357kU94jNGMIdbop SG3zJTHsIgWXO0o8nJbRfX/L50Pdm6jkCiW+j9AxJ0yyjElYXjbmO71YV30P9/Eo 4SiNQ6MUf0bvcvaXH2WFEPhILI0MCt7LtR/U8fjzhGm2NWpNJU8CQB3gepPVH8rL 0WSkeOmE1YlzQHW+0ymntUJtTYZpfTxXBrQZ+PeX731giSCGVnC8cr/vMfRbGpAv C3xFAvYQc0549IJTDE/Fl1SzfKskVcJe3/mywERZtcaVui6SbB5qccI= -----END CERTIFICATE-----Generated at Sun Sep 7 22:24:04 2025 by rpki-client