$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/817/ubwbceyoA1HVN6i3JvTnfg2flKk.roa File: ubwbceyoA1HVN6i3JvTnfg2flKk.roa (raw, json) Hash identifier: efqVmrLNb84IhKN+PKunuQC2Vrd7Mr8AxZwUKf+FzOM= Subject key identifier: B9:BC:1B:71:EC:A8:03:51:D5:37:A8:B7:26:F4:E7:7E:0D:9F:94:A9 Certificate issuer: /CN=2A711AA7DC60049B0B0D884897E015B1171F37B9 Certificate serial: 218A Authority key identifier: 2A:71:1A:A7:DC:60:04:9B:0B:0D:88:48:97:E0:15:B1:17:1F:37:B9 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/ubwbceyoA1HVN6i3JvTnfg2flKk.roa Signing time: Fri 29 Aug 2025 09:05:27 +0000 ROA not before: Fri 29 Aug 2025 09:05:27 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 59077 IP address blocks: 106.75.176.0/20 maxlen: 20 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/KnEap9xgBJsLDYhIl-AVsRcfN7k.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/KnEap9xgBJsLDYhIl-AVsRcfN7k.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 09 Sep 2025 11:06:22 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8586 (0x218a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2A711AA7DC60049B0B0D884897E015B1171F37B9 Validity Not Before: Aug 29 09:05:27 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=B9BC1B71ECA80351D537A8B726F4E77E0D9F94A9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:7d:e1:55:1d:7d:0f:de:7c:d6:2d:48:22:2d: 6f:0f:8d:70:0a:68:26:d3:85:e9:46:fc:6a:a5:8d: ff:b7:89:31:43:91:d6:7c:e8:ff:ac:9f:38:3a:58: 66:a2:f7:35:0e:13:81:4b:a6:47:8a:45:17:7f:87: 3c:c4:5d:78:2e:9d:2d:c8:18:34:23:1f:bb:c5:a1: 4b:35:a9:2a:f7:2d:df:1c:62:e8:84:56:79:54:a8: cb:0f:31:d1:b7:c3:43:94:f3:d1:2a:47:e2:fb:c2: fb:83:a5:70:e4:8c:59:63:9c:6d:f4:c4:0a:08:ac: 22:94:01:e8:7f:15:3a:e9:d2:52:3d:ff:8b:80:25: b8:05:c8:c6:95:9a:ef:f1:c1:e1:26:77:0f:b3:26: fd:27:e8:e5:25:41:48:aa:28:a1:82:bf:75:d8:8d: 9f:67:03:60:6e:5b:ba:c9:3b:53:81:77:3d:67:c2: 61:f3:fb:eb:6c:e3:be:3c:24:50:3e:14:9d:ea:29: aa:cc:c9:b7:7f:87:c0:7b:dc:c0:9b:c4:46:24:77: 4f:a7:ca:a2:d1:3b:13:9a:9d:72:85:42:8a:36:a5: 74:60:42:d3:5c:7e:e1:67:aa:c1:17:1b:e7:a5:05: dd:61:82:0d:ce:b3:de:b6:90:3d:57:2b:cd:35:d7: 58:9b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B9:BC:1B:71:EC:A8:03:51:D5:37:A8:B7:26:F4:E7:7E:0D:9F:94:A9 X509v3 Authority Key Identifier: keyid:2A:71:1A:A7:DC:60:04:9B:0B:0D:88:48:97:E0:15:B1:17:1F:37:B9 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/KnEap9xgBJsLDYhIl-AVsRcfN7k.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/ubwbceyoA1HVN6i3JvTnfg2flKk.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 106.75.176.0/20 Signature Algorithm: sha256WithRSAEncryption 3e:8e:9f:29:a5:75:72:90:28:89:dc:d0:e1:fe:dc:c8:04:6f: f7:16:ed:ad:00:56:5c:e5:9a:b2:d7:47:b8:1b:57:b7:d8:59: 5b:26:3b:f6:64:84:da:f5:c8:b2:23:71:50:08:8d:a8:3d:be: 1b:c8:8b:88:74:69:fe:d2:d1:92:f5:54:3a:79:b0:92:c8:71: 0f:13:21:c8:3b:53:21:8c:f5:20:ba:dc:d3:5c:a8:10:49:75: b1:d2:3c:d6:47:95:2f:97:f0:7b:88:12:b9:b5:02:07:e3:17: d9:c9:e6:fa:7c:93:59:09:f6:fb:ec:70:5e:14:a9:78:ba:be: 84:02:b4:96:70:38:7b:8a:32:58:12:43:81:5b:7a:2e:34:37: f2:c5:33:c2:94:ed:b3:93:f3:66:0d:1e:da:aa:6b:ec:e8:fa: b2:17:5c:82:53:c4:ec:04:32:ec:94:a8:71:91:72:b8:5f:7d: 36:84:37:61:c4:c4:fb:4e:32:f7:ac:be:c5:b0:5e:50:65:78: 92:c3:59:4a:6f:d3:18:ba:83:ca:df:ae:e8:10:c4:be:14:98: a1:dc:57:b4:35:a4:f8:48:6c:7b:3a:44:4b:f2:e5:6c:5e:a5: 5d:8d:00:47:3c:4c:79:6e:e5:86:49:e2:14:05:6b:ce:af:cb: 57:76:96:3e -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICIYowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkE3 MTFBQTdEQzYwMDQ5QjBCMEQ4ODQ4OTdFMDE1QjExNzFGMzdCOTAeFw0yNTA4Mjkw OTA1MjdaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKEI5QkMxQjcxRUNBODAz NTFENTM3QThCNzI2RjRFNzdFMEQ5Rjk0QTkwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC8feFVHX0P3nzWLUgiLW8PjXAKaCbThelG/Gqljf+3iTFDkdZ8 6P+snzg6WGai9zUOE4FLpkeKRRd/hzzEXXgunS3IGDQjH7vFoUs1qSr3Ld8cYuiE VnlUqMsPMdG3w0OU89EqR+L7wvuDpXDkjFljnG30xAoIrCKUAeh/FTrp0lI9/4uA JbgFyMaVmu/xweEmdw+zJv0n6OUlQUiqKKGCv3XYjZ9nA2BuW7rJO1OBdz1nwmHz ++ts4748JFA+FJ3qKarMybd/h8B73MCbxEYkd0+nyqLROxOanXKFQoo2pXRgQtNc fuFnqsEXG+elBd1hgg3Os962kD1XK80111ibAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUubwbceyoA1HVN6i3JvTnfg2flKkwHwYDVR0jBBgwFoAUKnEap9xgBJsLDYhI l+AVsRcfN7kwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODE3 L0tuRWFwOXhnQkpzTERZaElsLUFWc1JjZk43ay5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvS25FYXA5eGdCSnNMRFloSWwtQVZzUmNmTjdrLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODE3L3Vid2JjZXlvQTFIVk42 aTNKdlRuZmcyZmxLay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BARqS7AwDQYJKoZIhvcNAQELBQADggEBAD6OnymldXKQKInc0OH+3MgEb/cW7a0A VlzlmrLXR7gbV7fYWVsmO/ZkhNr1yLIjcVAIjag9vhvIi4h0af7S0ZL1VDp5sJLI cQ8TIcg7UyGM9SC63NNcqBBJdbHSPNZHlS+X8HuIErm1AgfjF9nJ5vp8k1kJ9vvs cF4UqXi6voQCtJZwOHuKMlgSQ4Fbei40N/LFM8KU7bOT82YNHtqqa+zo+rIXXIJT xOwEMuyUqHGRcrhffTaEN2HExPtOMvesvsWwXlBleJLDWUpv0xi6g8rfrugQxL4U mKHcV7Q1pPhIbHs6REvy5WxepV2NAEc8THlu5YZJ4hQFa86vy1d2lj4= -----END CERTIFICATE-----Generated at Tue Sep 9 10:39:56 2025 by rpki-client