$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/817/u7wlD6K8-nhxvWQe6_8Cyd1OjAk.roa File: u7wlD6K8-nhxvWQe6_8Cyd1OjAk.roa (raw, json) Hash identifier: irbKGcZLklo6BxCOemxlsXg3gy+zuaSao9wi/qc3Fz0= Subject key identifier: BB:BC:25:0F:A2:BC:FA:78:71:BD:64:1E:EB:FF:02:C9:DD:4E:8C:09 Certificate issuer: /CN=2A711AA7DC60049B0B0D884897E015B1171F37B9 Certificate serial: 2181 Authority key identifier: 2A:71:1A:A7:DC:60:04:9B:0B:0D:88:48:97:E0:15:B1:17:1F:37:B9 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/u7wlD6K8-nhxvWQe6_8Cyd1OjAk.roa Signing time: Fri 29 Aug 2025 09:05:25 +0000 ROA not before: Fri 29 Aug 2025 09:05:25 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 17621 IP address blocks: 106.75.224.0/20 maxlen: 20 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/KnEap9xgBJsLDYhIl-AVsRcfN7k.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/KnEap9xgBJsLDYhIl-AVsRcfN7k.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 09 Sep 2025 06:34:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8577 (0x2181) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2A711AA7DC60049B0B0D884897E015B1171F37B9 Validity Not Before: Aug 29 09:05:25 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=BBBC250FA2BCFA7871BD641EEBFF02C9DD4E8C09 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:8b:4e:1d:57:60:3f:0c:30:75:56:7f:f7:d3: 7c:f6:78:4c:95:7f:dd:d1:c6:9b:65:73:d3:e8:7d: a2:1f:24:29:22:56:c0:53:99:63:22:7b:5c:92:a1: e7:02:43:f2:f1:83:18:7f:29:65:a7:af:19:fa:88: b4:ad:71:16:db:94:33:a4:b2:61:b0:0b:d2:63:be: e7:58:e0:1e:a3:61:59:a3:c4:35:55:f5:c1:48:2d: 56:27:c2:f6:ca:70:d3:7e:e7:43:f5:4b:c1:9f:e0: 05:61:b9:75:5f:9e:1f:37:49:41:e8:e4:44:b3:6a: ad:0d:2f:46:25:33:4f:94:3a:17:ed:06:00:ea:44: ed:b2:65:f6:21:b1:cf:f1:04:2f:7f:39:d7:77:39: 10:88:f7:3f:d5:9f:05:8f:19:62:a9:5f:bf:c9:bf: c0:8b:fd:bc:fe:66:57:01:d3:59:d3:1a:57:34:5f: e0:eb:ab:a1:c8:f8:2e:52:a6:ba:06:e0:d1:eb:de: fd:70:38:9b:8c:b1:fa:1f:e0:86:57:41:6d:bc:85: 80:b2:62:38:a9:d0:84:34:68:ce:5a:da:5f:20:ce: 6b:ce:7d:e2:a7:36:e9:44:ed:0e:30:16:c1:ac:9a: 1f:91:a8:de:11:0e:a5:c8:5f:51:67:c2:c4:f8:32: 2a:fd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BB:BC:25:0F:A2:BC:FA:78:71:BD:64:1E:EB:FF:02:C9:DD:4E:8C:09 X509v3 Authority Key Identifier: keyid:2A:71:1A:A7:DC:60:04:9B:0B:0D:88:48:97:E0:15:B1:17:1F:37:B9 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/KnEap9xgBJsLDYhIl-AVsRcfN7k.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/u7wlD6K8-nhxvWQe6_8Cyd1OjAk.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 106.75.224.0/20 Signature Algorithm: sha256WithRSAEncryption b5:1b:e6:74:da:2b:ad:9f:05:8d:09:28:1d:6c:07:44:98:5c: 1b:4e:d2:c8:09:14:71:2f:2b:01:87:3d:c3:68:41:75:d5:b7: 30:5f:e4:03:8c:f2:4c:3a:0b:77:ed:0e:06:13:0c:78:7e:66: 17:bf:47:2e:ee:59:a3:0a:35:58:b5:18:9c:df:35:cf:b6:ac: 59:ef:a7:0f:33:9d:39:50:92:2d:62:12:68:d4:38:f9:b1:d7: 18:2e:0f:02:d9:47:75:01:b6:53:4d:10:0d:43:71:08:ed:1f: b3:ec:2d:a0:10:65:bf:99:77:3d:88:ce:f0:d9:13:7a:8b:f1: 07:9f:59:9f:2e:0d:dd:91:92:19:b5:5b:a9:6e:de:a1:2f:c0: f1:3d:0f:28:75:b6:4a:7f:74:bf:1e:bb:1e:0d:a3:c4:13:99: c0:ee:01:b2:88:60:79:b9:79:f3:42:a7:3b:07:00:72:2d:88: e8:9e:4c:d0:4d:75:e9:46:e1:ff:ff:54:9b:cd:4d:8c:be:98: ff:d1:31:c9:bb:53:4b:76:10:f5:ec:16:1a:1c:f5:6c:b4:24: 47:82:c7:2f:75:56:27:0f:4c:9b:7d:cc:8b:ca:2f:2b:9c:a0: 8d:57:81:ee:12:c7:71:bd:03:53:3c:cc:00:a5:01:90:1e:3c: f2:fe:2f:e5 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICIYEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkE3 MTFBQTdEQzYwMDQ5QjBCMEQ4ODQ4OTdFMDE1QjExNzFGMzdCOTAeFw0yNTA4Mjkw OTA1MjVaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKEJCQkMyNTBGQTJCQ0ZB Nzg3MUJENjQxRUVCRkYwMkM5REQ0RThDMDkwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC+i04dV2A/DDB1Vn/303z2eEyVf93Rxptlc9PofaIfJCkiVsBT mWMie1ySoecCQ/Lxgxh/KWWnrxn6iLStcRbblDOksmGwC9JjvudY4B6jYVmjxDVV 9cFILVYnwvbKcNN+50P1S8Gf4AVhuXVfnh83SUHo5ESzaq0NL0YlM0+UOhftBgDq RO2yZfYhsc/xBC9/Odd3ORCI9z/VnwWPGWKpX7/Jv8CL/bz+ZlcB01nTGlc0X+Dr q6HI+C5SproG4NHr3v1wOJuMsfof4IZXQW28hYCyYjip0IQ0aM5a2l8gzmvOfeKn NulE7Q4wFsGsmh+RqN4RDqXIX1FnwsT4Mir9AgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUu7wlD6K8+nhxvWQe6/8Cyd1OjAkwHwYDVR0jBBgwFoAUKnEap9xgBJsLDYhI l+AVsRcfN7kwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODE3 L0tuRWFwOXhnQkpzTERZaElsLUFWc1JjZk43ay5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvS25FYXA5eGdCSnNMRFloSWwtQVZzUmNmTjdrLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODE3L3U3d2xENks4LW5oeHZX UWU2XzhDeWQxT2pBay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BARqS+AwDQYJKoZIhvcNAQELBQADggEBALUb5nTaK62fBY0JKB1sB0SYXBtO0sgJ FHEvKwGHPcNoQXXVtzBf5AOM8kw6C3ftDgYTDHh+Zhe/Ry7uWaMKNVi1GJzfNc+2 rFnvpw8znTlQki1iEmjUOPmx1xguDwLZR3UBtlNNEA1DcQjtH7PsLaAQZb+Zdz2I zvDZE3qL8QefWZ8uDd2Rkhm1W6lu3qEvwPE9Dyh1tkp/dL8eux4No8QTmcDuAbKI YHm5efNCpzsHAHItiOieTNBNdelG4f//VJvNTYy+mP/RMcm7U0t2EPXsFhoc9Wy0 JEeCxy91VicPTJt9zIvKLyucoI1Xge4Sx3G9A1M8zAClAZAePPL+L+U= -----END CERTIFICATE-----Generated at Tue Sep 9 04:05:02 2025 by rpki-client