$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/817/q7gBrFplcFsOM0MeUVXQBWNzlFI.roa File: q7gBrFplcFsOM0MeUVXQBWNzlFI.roa (raw, json) Hash identifier: JA7orJxUHit2GOQh4anFAY6IqxbWQqxkBmTZVnDNfiM= Subject key identifier: AB:B8:01:AC:5A:65:70:5B:0E:33:43:1E:51:55:D0:05:63:73:94:52 Certificate issuer: /CN=2A711AA7DC60049B0B0D884897E015B1171F37B9 Certificate serial: 2175 Authority key identifier: 2A:71:1A:A7:DC:60:04:9B:0B:0D:88:48:97:E0:15:B1:17:1F:37:B9 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/q7gBrFplcFsOM0MeUVXQBWNzlFI.roa Signing time: Fri 29 Aug 2025 09:05:22 +0000 ROA not before: Fri 29 Aug 2025 09:05:22 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 23724 IP address blocks: 106.75.0.0/19 maxlen: 19 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/KnEap9xgBJsLDYhIl-AVsRcfN7k.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/KnEap9xgBJsLDYhIl-AVsRcfN7k.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 08 Sep 2025 16:34:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8565 (0x2175) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2A711AA7DC60049B0B0D884897E015B1171F37B9 Validity Not Before: Aug 29 09:05:22 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=ABB801AC5A65705B0E33431E5155D00563739452 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9a:c3:47:80:59:f8:10:cc:65:5e:67:4d:8a:7b: 23:4c:a8:d5:b9:cb:6a:c0:a0:46:a9:f7:ed:f5:70: 90:a6:ff:89:03:f2:20:11:09:a4:39:14:dd:21:cf: 3a:6a:ae:e8:9c:88:9c:97:31:82:06:bf:15:43:c5: 3c:18:71:f9:cd:a3:b9:36:27:f0:0b:7c:1b:30:6a: e0:15:97:5d:84:81:c2:cb:51:1b:cb:01:0c:a3:ca: 50:01:1c:09:89:b8:e3:d5:13:51:58:ad:d1:b1:d6: 1f:96:4d:ff:f1:aa:19:dc:8f:4b:77:36:67:e2:62: 7f:31:f1:96:28:a4:fb:91:fb:51:8f:aa:ea:a7:7b: 66:c3:23:66:1e:a1:69:c6:a5:1f:01:5e:ef:db:c8: b7:c0:c8:83:94:4b:b8:0e:da:02:83:7f:93:45:c5: 84:10:a0:d8:88:33:1b:c5:f3:72:f7:cd:2b:26:c5: f7:66:92:fb:ab:49:d0:f0:1a:f7:84:a3:42:50:20: f6:ff:4e:f0:8d:c6:5b:49:c8:8b:5b:de:95:8d:c4: 4e:fc:67:e4:eb:0c:7f:bf:67:4e:e6:09:fc:d3:0d: f8:16:e3:65:4f:46:4b:02:34:38:58:83:97:5f:74: 16:20:12:42:73:36:c5:7d:59:36:86:8e:a5:31:8c: c7:83 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AB:B8:01:AC:5A:65:70:5B:0E:33:43:1E:51:55:D0:05:63:73:94:52 X509v3 Authority Key Identifier: keyid:2A:71:1A:A7:DC:60:04:9B:0B:0D:88:48:97:E0:15:B1:17:1F:37:B9 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/KnEap9xgBJsLDYhIl-AVsRcfN7k.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/q7gBrFplcFsOM0MeUVXQBWNzlFI.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 106.75.0.0/19 Signature Algorithm: sha256WithRSAEncryption 3c:ab:27:e3:ee:dd:df:f2:64:57:dc:d2:24:f9:36:30:72:ff: fa:a5:bd:6f:2e:a7:48:1f:2b:da:41:a3:87:24:47:15:4d:37: 87:c2:93:a0:4a:f5:65:73:98:87:cf:71:19:a3:8b:45:8b:7a: 4f:d7:bc:a1:27:54:65:4f:14:c9:53:9a:8e:92:6e:58:c2:28: 1e:56:7b:b7:1b:a3:0f:50:93:cf:d8:29:33:da:f0:be:7c:cc: 3e:97:41:37:c5:f1:cf:34:14:19:0f:ea:34:a5:cb:44:b3:09: fb:0e:1b:38:db:2c:ab:a6:03:2c:08:73:78:cc:08:56:c4:b6: da:05:26:43:b1:0a:90:53:7e:2d:f1:cd:d5:0a:c8:2f:e8:bc: 31:1d:37:24:72:54:84:30:73:e4:b0:0c:f6:f4:e4:7f:88:e9: f7:53:61:d0:36:ff:b0:02:ed:d0:6d:c2:32:2f:ca:e4:3a:0e: d4:79:17:5a:4c:6a:ba:ef:04:0e:95:df:81:7a:40:1c:81:33: 5f:6d:bb:6e:23:63:83:cd:7d:2b:da:09:67:18:eb:b5:02:79: 60:15:44:36:89:39:ce:0b:45:6b:8a:02:b6:ea:0a:79:3a:68: 50:7d:8e:ea:85:f7:58:f6:be:e6:e0:64:b4:f1:f6:ed:d3:5c: bd:e3:2e:d1 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICIXUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkE3 MTFBQTdEQzYwMDQ5QjBCMEQ4ODQ4OTdFMDE1QjExNzFGMzdCOTAeFw0yNTA4Mjkw OTA1MjJaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKEFCQjgwMUFDNUE2NTcw NUIwRTMzNDMxRTUxNTVEMDA1NjM3Mzk0NTIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCaw0eAWfgQzGVeZ02KeyNMqNW5y2rAoEap9+31cJCm/4kD8iAR CaQ5FN0hzzpqruiciJyXMYIGvxVDxTwYcfnNo7k2J/ALfBswauAVl12EgcLLURvL AQyjylABHAmJuOPVE1FYrdGx1h+WTf/xqhncj0t3NmfiYn8x8ZYopPuR+1GPquqn e2bDI2YeoWnGpR8BXu/byLfAyIOUS7gO2gKDf5NFxYQQoNiIMxvF83L3zSsmxfdm kvurSdDwGveEo0JQIPb/TvCNxltJyItb3pWNxE78Z+TrDH+/Z07mCfzTDfgW42VP RksCNDhYg5dfdBYgEkJzNsV9WTaGjqUxjMeDAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUq7gBrFplcFsOM0MeUVXQBWNzlFIwHwYDVR0jBBgwFoAUKnEap9xgBJsLDYhI l+AVsRcfN7kwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODE3 L0tuRWFwOXhnQkpzTERZaElsLUFWc1JjZk43ay5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvS25FYXA5eGdCSnNMRFloSWwtQVZzUmNmTjdrLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODE3L3E3Z0JyRnBsY0ZzT00w TWVVVlhRQldOemxGSS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAVqSwAwDQYJKoZIhvcNAQELBQADggEBADyrJ+Pu3d/yZFfc0iT5NjBy//qlvW8u p0gfK9pBo4ckRxVNN4fCk6BK9WVzmIfPcRmji0WLek/XvKEnVGVPFMlTmo6SbljC KB5We7cbow9Qk8/YKTPa8L58zD6XQTfF8c80FBkP6jSly0SzCfsOGzjbLKumAywI c3jMCFbEttoFJkOxCpBTfi3xzdUKyC/ovDEdNyRyVIQwc+SwDPb05H+I6fdTYdA2 /7AC7dBtwjIvyuQ6DtR5F1pMarrvBA6V34F6QByBM19tu24jY4PNfSvaCWcY67UC eWAVRDaJOc4LRWuKArbqCnk6aFB9juqF91j2vubgZLTx9u3TXL3jLtE= -----END CERTIFICATE-----Generated at Mon Sep 8 13:35:13 2025 by rpki-client