$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/817/rifzzh7UyiNl9BDNh9NVhKggCpE.roa File: rifzzh7UyiNl9BDNh9NVhKggCpE.roa (raw, json) Hash identifier: CsMzmkvwGmtWLs1644c0xBa/T/6mHOCFugXatqKezdo= Subject key identifier: AE:27:F3:CE:1E:D4:CA:23:65:F4:10:CD:87:D3:55:84:A8:20:0A:91 Certificate issuer: /CN=2A711AA7DC60049B0B0D884897E015B1171F37B9 Certificate serial: 218B Authority key identifier: 2A:71:1A:A7:DC:60:04:9B:0B:0D:88:48:97:E0:15:B1:17:1F:37:B9 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/rifzzh7UyiNl9BDNh9NVhKggCpE.roa Signing time: Fri 29 Aug 2025 09:05:27 +0000 ROA not before: Fri 29 Aug 2025 09:05:27 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 23724 IP address blocks: 117.50.96.0/19 maxlen: 19 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/KnEap9xgBJsLDYhIl-AVsRcfN7k.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/KnEap9xgBJsLDYhIl-AVsRcfN7k.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 08 Sep 2025 16:34:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8587 (0x218b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2A711AA7DC60049B0B0D884897E015B1171F37B9 Validity Not Before: Aug 29 09:05:27 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=AE27F3CE1ED4CA2365F410CD87D35584A8200A91 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ec:8f:bc:3e:bf:f3:a5:93:42:5d:88:ff:1e:a2: 94:04:e5:7e:a5:26:dd:bf:4a:e3:42:9a:60:8b:5a: 23:cf:9f:cc:ee:0a:c9:78:ea:50:de:30:2b:92:78: 5b:e0:f3:ba:f3:f9:b6:be:f7:17:dc:2c:9a:99:f5: ba:82:68:07:e7:f1:7f:b9:4e:01:94:6e:3f:da:1f: cf:5c:5b:3a:34:71:82:78:46:b2:a8:f1:b2:55:a1: 70:84:8a:ea:ee:58:ea:e3:e4:84:40:ac:97:ab:33: 0d:6b:42:6f:a9:f1:b7:e1:52:a5:35:9b:1b:0d:a8: f3:b2:71:68:1c:fb:d7:f7:57:9f:1a:c1:45:65:20: 25:1a:75:3d:63:8b:fd:a4:c3:db:4c:10:c1:78:f7: 6e:dd:ed:b8:dd:30:e7:82:79:33:b0:e3:ca:0d:65: 49:cb:bd:7e:34:4c:56:35:25:76:45:54:24:07:99: 85:06:71:9e:76:cb:cd:e2:8f:b6:7a:a5:52:57:af: 75:c9:07:bd:b6:53:f5:01:37:d9:46:cf:d8:15:2a: a9:c4:26:4b:a8:40:79:5e:31:e3:af:ba:b1:1d:b3: 89:06:bd:c9:8b:2d:7b:20:90:51:0b:e6:71:51:e2: de:7a:94:17:13:a7:de:06:a8:ed:98:60:f7:54:c6: 89:89 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AE:27:F3:CE:1E:D4:CA:23:65:F4:10:CD:87:D3:55:84:A8:20:0A:91 X509v3 Authority Key Identifier: keyid:2A:71:1A:A7:DC:60:04:9B:0B:0D:88:48:97:E0:15:B1:17:1F:37:B9 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/KnEap9xgBJsLDYhIl-AVsRcfN7k.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/rifzzh7UyiNl9BDNh9NVhKggCpE.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 117.50.96.0/19 Signature Algorithm: sha256WithRSAEncryption 2e:56:59:7b:d3:5a:83:ee:6c:7c:fe:ae:8f:73:d1:d8:47:3b: 90:2c:ce:f1:97:4f:db:c2:5b:3b:65:b6:82:44:cb:ba:ff:54: b5:06:68:4b:06:42:ff:cd:c1:e0:b7:7f:c1:3e:65:6b:ac:9e: 76:f9:d2:a2:16:30:8e:ca:26:6f:da:35:cb:e6:8c:34:58:4c: 39:af:e2:ac:17:83:94:61:47:cf:1b:34:fa:f7:df:17:e5:c2: 84:bc:ff:0e:ac:9f:75:18:5d:7a:67:91:73:78:8b:94:2b:b5: 8f:21:f3:07:3c:4e:96:41:1f:9b:a0:9e:f8:3d:e8:b0:14:af: 23:06:a3:68:7e:9d:b3:77:19:c9:1c:38:b8:b6:54:85:c7:6b: ad:83:3f:a0:0f:83:f4:26:4c:d1:da:21:d5:d4:e0:29:57:27: f3:93:a9:b9:c8:c6:41:79:19:aa:3c:a6:86:5e:b6:42:2e:a8: 22:a5:6c:c9:26:d6:73:c8:9c:39:f5:63:3a:1f:06:0a:f7:4b: 9e:01:ea:62:01:82:2a:2e:c4:7c:40:e7:55:67:5a:51:2f:a1: 3d:fb:6a:2f:e3:2c:68:2f:99:62:56:64:86:bf:f8:0e:f7:5e: ad:ad:5a:f0:dd:fb:c9:0d:d0:8d:96:64:70:0e:44:4e:c8:1d: 6a:0d:21:a6 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICIYswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkE3 MTFBQTdEQzYwMDQ5QjBCMEQ4ODQ4OTdFMDE1QjExNzFGMzdCOTAeFw0yNTA4Mjkw OTA1MjdaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKEFFMjdGM0NFMUVENENB MjM2NUY0MTBDRDg3RDM1NTg0QTgyMDBBOTEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDsj7w+v/Olk0JdiP8eopQE5X6lJt2/SuNCmmCLWiPPn8zuCsl4 6lDeMCuSeFvg87rz+ba+9xfcLJqZ9bqCaAfn8X+5TgGUbj/aH89cWzo0cYJ4RrKo 8bJVoXCEiuruWOrj5IRArJerMw1rQm+p8bfhUqU1mxsNqPOycWgc+9f3V58awUVl ICUadT1ji/2kw9tMEMF4927d7bjdMOeCeTOw48oNZUnLvX40TFY1JXZFVCQHmYUG cZ52y83ij7Z6pVJXr3XJB722U/UBN9lGz9gVKqnEJkuoQHleMeOvurEds4kGvcmL LXsgkFEL5nFR4t56lBcTp94GqO2YYPdUxomJAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUrifzzh7UyiNl9BDNh9NVhKggCpEwHwYDVR0jBBgwFoAUKnEap9xgBJsLDYhI l+AVsRcfN7kwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODE3 L0tuRWFwOXhnQkpzTERZaElsLUFWc1JjZk43ay5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvS25FYXA5eGdCSnNMRFloSWwtQVZzUmNmTjdrLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODE3L3JpZnp6aDdVeWlObDlC RE5oOU5WaEtnZ0NwRS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAV1MmAwDQYJKoZIhvcNAQELBQADggEBAC5WWXvTWoPubHz+ro9z0dhHO5AszvGX T9vCWztltoJEy7r/VLUGaEsGQv/NweC3f8E+ZWusnnb50qIWMI7KJm/aNcvmjDRY TDmv4qwXg5RhR88bNPr33xflwoS8/w6sn3UYXXpnkXN4i5QrtY8h8wc8TpZBH5ug nvg96LAUryMGo2h+nbN3GckcOLi2VIXHa62DP6APg/QmTNHaIdXU4ClXJ/OTqbnI xkF5Gao8poZetkIuqCKlbMkm1nPInDn1YzofBgr3S54B6mIBgiouxHxA51VnWlEv oT37ai/jLGgvmWJWZIa/+A73Xq2tWvDd+8kN0I2WZHAORE7IHWoNIaY= -----END CERTIFICATE-----Generated at Mon Sep 8 13:35:09 2025 by rpki-client