$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/817/wmzML9TLWG3H4Ljndea4N0fSgnk.roa File: wmzML9TLWG3H4Ljndea4N0fSgnk.roa (raw, json) Hash identifier: TkwE4wiY6kqceoyTE6bYmS80YZRoHrvDVLQXYlVIdVw= Subject key identifier: C2:6C:CC:2F:D4:CB:58:6D:C7:E0:B8:E7:75:E6:B8:37:47:D2:82:79 Certificate issuer: /CN=2A711AA7DC60049B0B0D884897E015B1171F37B9 Certificate serial: 21A4 Authority key identifier: 2A:71:1A:A7:DC:60:04:9B:0B:0D:88:48:97:E0:15:B1:17:1F:37:B9 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/wmzML9TLWG3H4Ljndea4N0fSgnk.roa Signing time: Fri 29 Aug 2025 09:05:32 +0000 ROA not before: Fri 29 Aug 2025 09:05:32 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 135377 IP address blocks: 106.75.198.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/KnEap9xgBJsLDYhIl-AVsRcfN7k.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/KnEap9xgBJsLDYhIl-AVsRcfN7k.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 27 Oct 2025 01:05:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8612 (0x21a4) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2A711AA7DC60049B0B0D884897E015B1171F37B9 Validity Not Before: Aug 29 09:05:32 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=C26CCC2FD4CB586DC7E0B8E775E6B83747D28279 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:f8:74:27:c8:4e:a5:a4:74:e9:cb:d4:38:0b: 4c:45:45:56:ba:79:36:eb:f3:af:5a:5f:6a:88:12: 4c:79:5e:9e:d0:34:74:63:cb:32:aa:23:25:82:76: 77:6f:74:40:38:d9:f6:28:b9:a7:62:e2:fa:07:16: 46:e8:ac:5c:15:ce:a2:d9:20:92:cf:c2:61:97:55: b5:76:3e:1b:33:fd:5b:bf:f6:55:5f:48:44:1c:e4: d2:5f:68:53:59:22:79:50:7d:e4:c4:0a:82:49:0f: 6e:e2:a4:48:fb:f3:15:52:18:1d:51:a5:41:d6:6c: 1a:44:26:00:9c:ee:4d:2f:c3:7f:91:65:bd:2d:be: 1a:bb:b1:cd:bf:72:22:2e:c7:b8:23:44:9d:a8:0e: d1:21:9c:d6:56:af:3e:d4:d6:64:ce:94:0b:bb:9f: c4:76:b1:14:7f:7c:3e:b6:10:a8:b1:c4:e9:08:01: 72:d2:91:ac:4d:6e:8f:3d:e5:8b:db:46:58:bd:90: 05:42:97:ed:dc:0d:c1:99:b3:d4:13:7f:15:8b:c3: 7f:3d:f3:4b:63:2a:ca:93:d9:3d:24:39:55:a1:2b: 78:d6:7a:4e:25:ba:d6:9c:aa:c0:3e:6a:fd:93:b7: 1d:d9:22:40:52:1d:e9:d7:0d:0e:60:80:58:06:07: 4c:7f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C2:6C:CC:2F:D4:CB:58:6D:C7:E0:B8:E7:75:E6:B8:37:47:D2:82:79 X509v3 Authority Key Identifier: keyid:2A:71:1A:A7:DC:60:04:9B:0B:0D:88:48:97:E0:15:B1:17:1F:37:B9 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/KnEap9xgBJsLDYhIl-AVsRcfN7k.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/wmzML9TLWG3H4Ljndea4N0fSgnk.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 106.75.198.0/24 Signature Algorithm: sha256WithRSAEncryption 77:94:b9:80:16:6b:00:43:06:dd:2f:2d:3c:7c:c2:bf:06:ed: 66:67:a8:69:0e:87:13:97:73:66:3f:98:88:c7:cf:c3:40:1f: a1:6c:ed:e8:b8:7c:8b:79:52:35:46:23:05:d6:24:f9:a2:ae: ba:46:b7:b9:62:9f:8e:4d:f6:61:c7:ab:69:9b:de:56:10:a1: 53:b3:bf:d5:b2:60:00:d1:58:c7:e2:b0:e1:72:76:84:6d:e0: cd:50:fa:ae:73:ee:39:5e:9f:ce:3a:2d:5b:c6:4c:db:72:86: 26:34:37:6f:a5:94:71:eb:81:b0:8d:c6:a3:b7:b9:e7:c2:b3: 40:8b:ab:7c:fc:46:d5:4d:df:84:13:54:7f:a4:bd:28:e1:3b: d7:cb:99:42:2d:80:ab:e1:b2:39:5c:4f:3c:ad:fb:4b:f9:0c: 77:38:bc:79:25:e4:cb:d6:24:8c:d1:36:2b:40:5d:3b:19:40: b8:99:eb:ff:fb:cb:a8:4f:bb:81:79:02:4a:82:61:72:7d:2f: e1:e4:b6:18:d6:ea:71:83:6e:3c:98:c0:56:46:97:e0:93:8b: 4b:71:19:d8:51:7c:00:6c:36:21:c1:c3:8e:28:61:8a:d5:55: 61:f5:66:09:05:84:40:9d:14:b3:81:48:e2:70:3c:fa:86:bb: 4c:91:ff:28 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICIaQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkE3 MTFBQTdEQzYwMDQ5QjBCMEQ4ODQ4OTdFMDE1QjExNzFGMzdCOTAeFw0yNTA4Mjkw OTA1MzJaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKEMyNkNDQzJGRDRDQjU4 NkRDN0UwQjhFNzc1RTZCODM3NDdEMjgyNzkwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDO+HQnyE6lpHTpy9Q4C0xFRVa6eTbr869aX2qIEkx5Xp7QNHRj yzKqIyWCdndvdEA42fYouadi4voHFkborFwVzqLZIJLPwmGXVbV2Phsz/Vu/9lVf SEQc5NJfaFNZInlQfeTECoJJD27ipEj78xVSGB1RpUHWbBpEJgCc7k0vw3+RZb0t vhq7sc2/ciIux7gjRJ2oDtEhnNZWrz7U1mTOlAu7n8R2sRR/fD62EKixxOkIAXLS kaxNbo895YvbRli9kAVCl+3cDcGZs9QTfxWLw38980tjKsqT2T0kOVWhK3jWek4l utacqsA+av2Ttx3ZIkBSHenXDQ5ggFgGB0x/AgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUwmzML9TLWG3H4Ljndea4N0fSgnkwHwYDVR0jBBgwFoAUKnEap9xgBJsLDYhI l+AVsRcfN7kwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODE3 L0tuRWFwOXhnQkpzTERZaElsLUFWc1JjZk43ay5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvS25FYXA5eGdCSnNMRFloSWwtQVZzUmNmTjdrLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODE3L3dtek1MOVRMV0czSDRM am5kZWE0TjBmU2duay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BABqS8YwDQYJKoZIhvcNAQELBQADggEBAHeUuYAWawBDBt0vLTx8wr8G7WZnqGkO hxOXc2Y/mIjHz8NAH6Fs7ei4fIt5UjVGIwXWJPmirrpGt7lin45N9mHHq2mb3lYQ oVOzv9WyYADRWMfisOFydoRt4M1Q+q5z7jlen846LVvGTNtyhiY0N2+llHHrgbCN xqO3uefCs0CLq3z8RtVN34QTVH+kvSjhO9fLmUItgKvhsjlcTzyt+0v5DHc4vHkl 5MvWJIzRNitAXTsZQLiZ6//7y6hPu4F5AkqCYXJ9L+HkthjW6nGDbjyYwFZGl+CT i0txGdhRfABsNiHBw44oYYrVVWH1ZgkFhECdFLOBSOJwPPqGu0yR/yg= -----END CERTIFICATE-----Generated at Sun Oct 26 23:18:36 2025 by rpki-client