$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/817/x8zsW6ITKtQUYnsEPPL6xi_BEQw.roa File: x8zsW6ITKtQUYnsEPPL6xi_BEQw.roa (raw, json) Hash identifier: 8M9+Npmxd9f1KDIqm2FHtBFwpqK68ureKVbUu1xFW5k= Subject key identifier: C7:CC:EC:5B:A2:13:2A:D4:14:62:7B:04:3C:F2:FA:C6:2F:C1:11:0C Certificate issuer: /CN=2A711AA7DC60049B0B0D884897E015B1171F37B9 Certificate serial: 2187 Authority key identifier: 2A:71:1A:A7:DC:60:04:9B:0B:0D:88:48:97:E0:15:B1:17:1F:37:B9 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/x8zsW6ITKtQUYnsEPPL6xi_BEQw.roa Signing time: Fri 29 Aug 2025 09:05:26 +0000 ROA not before: Fri 29 Aug 2025 09:05:26 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 4811 IP address blocks: 113.31.160.0/20 maxlen: 20 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/KnEap9xgBJsLDYhIl-AVsRcfN7k.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/KnEap9xgBJsLDYhIl-AVsRcfN7k.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 08 Sep 2025 01:34:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8583 (0x2187) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2A711AA7DC60049B0B0D884897E015B1171F37B9 Validity Not Before: Aug 29 09:05:26 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=C7CCEC5BA2132AD414627B043CF2FAC62FC1110C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e6:35:39:35:f7:18:00:93:73:57:0f:f7:7a:3c: d3:11:73:f5:5a:1a:93:14:c6:c8:41:8f:5d:e5:c7: 46:bc:fd:e1:a0:35:91:71:1c:e1:a7:9b:82:bd:7f: 22:b1:4b:8d:2e:97:71:91:a6:9b:04:7e:fd:13:9e: 98:9d:31:78:3f:80:48:8b:87:0c:ad:9d:4e:17:7b: 8a:6a:09:10:7b:f4:9d:b3:4b:99:0c:b4:a2:3c:dc: 9d:2e:63:bf:9a:b3:4b:56:d2:c5:b5:d9:f2:62:36: 62:79:a8:3b:6e:22:e3:fd:50:c4:3b:d6:3c:0f:2e: c7:21:4c:c1:e6:13:04:20:bf:0f:d3:81:17:dc:f0: 98:61:4d:28:d9:be:31:9f:7c:f7:82:45:54:6a:ad: 1c:0b:ed:78:cc:86:cc:e2:a4:ac:c1:c2:94:bc:fd: 12:27:8d:ad:3a:37:28:d3:fa:05:eb:1b:05:bc:64: 05:87:78:e1:77:b8:d2:b9:3d:3e:d5:cf:d0:fd:e7: bc:7b:d5:1f:e4:48:7f:c9:2c:91:4c:37:d2:62:dc: 13:01:1c:84:69:0f:2f:29:65:ea:8b:af:8d:d3:d7: 2c:23:39:47:33:62:2e:26:73:29:e5:2a:8b:c9:e9: d1:7a:ff:fc:ab:f7:9d:85:27:04:73:6c:33:28:2b: 60:59 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C7:CC:EC:5B:A2:13:2A:D4:14:62:7B:04:3C:F2:FA:C6:2F:C1:11:0C X509v3 Authority Key Identifier: keyid:2A:71:1A:A7:DC:60:04:9B:0B:0D:88:48:97:E0:15:B1:17:1F:37:B9 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/KnEap9xgBJsLDYhIl-AVsRcfN7k.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/x8zsW6ITKtQUYnsEPPL6xi_BEQw.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 113.31.160.0/20 Signature Algorithm: sha256WithRSAEncryption 58:9f:06:1a:9e:19:54:72:c0:8e:4c:3d:fc:61:ee:b1:89:a4: 9a:a5:ca:10:c8:e6:40:60:0c:e0:9e:7c:bc:59:8a:ef:60:e7: 16:ae:c4:a7:6e:4f:4c:26:6b:fb:9d:48:27:01:01:1a:44:67: 29:54:dc:bf:16:a4:4a:0d:e2:61:bd:3f:f4:70:c2:5f:06:eb: 6e:42:da:db:a3:ba:d6:a7:f1:9a:30:98:f4:31:11:20:ad:8e: 2b:17:3c:82:58:ea:9a:c7:71:59:80:f8:69:6e:d8:ce:b4:1e: 1d:ff:44:62:1e:80:aa:d8:f1:13:46:51:c3:4d:75:b5:ad:93: 6f:47:da:11:c6:cd:91:ad:ec:b9:c2:bc:eb:6e:ae:6f:eb:4d: e4:8f:09:e9:d0:72:db:16:06:cb:28:9c:1f:50:c9:66:3b:db: 77:65:b7:62:2e:f6:92:b7:4b:27:3c:fb:00:6e:92:3a:d2:1c: 76:01:58:f0:20:6a:94:92:34:51:9f:65:9b:24:ff:da:07:ae: 0b:fa:37:99:e6:34:cb:fe:b5:3d:8b:89:d0:ee:1e:78:6b:19: 42:fe:2e:85:6d:b9:da:b6:34:d3:1e:2a:45:61:0f:18:5d:4e: 68:65:3a:ab:53:fd:bc:47:51:98:40:5f:9c:8c:11:b0:ab:1b: 7b:3c:f9:65 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICIYcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkE3 MTFBQTdEQzYwMDQ5QjBCMEQ4ODQ4OTdFMDE1QjExNzFGMzdCOTAeFw0yNTA4Mjkw OTA1MjZaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKEM3Q0NFQzVCQTIxMzJB RDQxNDYyN0IwNDNDRjJGQUM2MkZDMTExMEMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDmNTk19xgAk3NXD/d6PNMRc/VaGpMUxshBj13lx0a8/eGgNZFx HOGnm4K9fyKxS40ul3GRppsEfv0TnpidMXg/gEiLhwytnU4Xe4pqCRB79J2zS5kM tKI83J0uY7+as0tW0sW12fJiNmJ5qDtuIuP9UMQ71jwPLschTMHmEwQgvw/TgRfc 8JhhTSjZvjGffPeCRVRqrRwL7XjMhszipKzBwpS8/RInja06NyjT+gXrGwW8ZAWH eOF3uNK5PT7Vz9D957x71R/kSH/JLJFMN9Ji3BMBHIRpDy8pZeqLr43T1ywjOUcz Yi4mcynlKovJ6dF6//yr952FJwRzbDMoK2BZAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUx8zsW6ITKtQUYnsEPPL6xi/BEQwwHwYDVR0jBBgwFoAUKnEap9xgBJsLDYhI l+AVsRcfN7kwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODE3 L0tuRWFwOXhnQkpzTERZaElsLUFWc1JjZk43ay5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvS25FYXA5eGdCSnNMRFloSWwtQVZzUmNmTjdrLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODE3L3g4enNXNklUS3RRVVlu c0VQUEw2eGlfQkVRdy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BARxH6AwDQYJKoZIhvcNAQELBQADggEBAFifBhqeGVRywI5MPfxh7rGJpJqlyhDI 5kBgDOCefLxZiu9g5xauxKduT0wma/udSCcBARpEZylU3L8WpEoN4mG9P/Rwwl8G 625C2tujutan8ZowmPQxESCtjisXPIJY6prHcVmA+Glu2M60Hh3/RGIegKrY8RNG UcNNdbWtk29H2hHGzZGt7LnCvOturm/rTeSPCenQctsWBssonB9QyWY723dlt2Iu 9pK3Syc8+wBukjrSHHYBWPAgapSSNFGfZZsk/9oHrgv6N5nmNMv+tT2LidDuHnhr GUL+LoVtudq2NNMeKkVhDxhdTmhlOqtT/bxHUZhAX5yMEbCrG3s8+WU= -----END CERTIFICATE-----Generated at Sun Sep 7 22:24:17 2025 by rpki-client