$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/817/xhFMUpnnO_95ZA7KboMCwTxrv78.roa File: xhFMUpnnO_95ZA7KboMCwTxrv78.roa (raw, json) Hash identifier: uLDqGfUy+cQ+SM6ViOT21Yr0RCC4nkJCWDsYh6VCF3I= Subject key identifier: C6:11:4C:52:99:E7:3B:FF:79:64:0E:CA:6E:83:02:C1:3C:6B:BF:BF Certificate issuer: /CN=2A711AA7DC60049B0B0D884897E015B1171F37B9 Certificate serial: 216C Authority key identifier: 2A:71:1A:A7:DC:60:04:9B:0B:0D:88:48:97:E0:15:B1:17:1F:37:B9 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/xhFMUpnnO_95ZA7KboMCwTxrv78.roa Signing time: Fri 29 Aug 2025 09:05:21 +0000 ROA not before: Fri 29 Aug 2025 09:05:21 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 4812 IP address blocks: 106.75.224.0/20 maxlen: 20 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/KnEap9xgBJsLDYhIl-AVsRcfN7k.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/KnEap9xgBJsLDYhIl-AVsRcfN7k.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 08 Sep 2025 16:34:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8556 (0x216c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2A711AA7DC60049B0B0D884897E015B1171F37B9 Validity Not Before: Aug 29 09:05:21 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=C6114C5299E73BFF79640ECA6E8302C13C6BBFBF Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9a:5f:74:3e:54:88:2a:06:e1:92:e9:6f:38:95: 4a:be:92:b8:ac:98:77:4c:36:3e:78:0d:4e:0f:91: de:46:1a:8d:cb:9b:c6:5b:24:f1:41:78:fa:7e:e6: 33:44:d3:f0:35:16:15:1a:1c:b7:6f:82:f9:1c:e8: 8f:40:c5:3b:28:79:30:24:bb:85:2c:3f:fb:88:9f: 37:cf:58:4f:4b:37:0f:6f:56:5b:73:f5:68:d6:a7: 33:23:03:dd:45:11:83:a9:58:6f:8c:4b:45:e0:22: 48:a5:d2:52:e9:af:06:14:77:0e:96:28:c8:43:17: ea:ec:08:0d:ac:1b:8e:e9:02:c4:56:ad:f0:b6:62: d5:ad:8b:02:0c:aa:c6:77:5e:06:14:09:a1:a0:ff: 85:d9:2c:39:62:b3:d8:f3:aa:ef:ac:a0:52:0f:b2: 1e:63:83:c2:09:83:b9:be:bf:16:06:e7:0f:b2:ca: 44:77:9f:04:64:62:07:21:93:f0:3c:95:08:79:c8: c5:d3:73:27:87:e0:1c:d3:b9:58:b0:fc:43:d3:7b: 8f:64:46:de:66:9a:5c:f3:f4:69:36:22:ab:a4:20: 3e:aa:cf:53:ef:2e:8c:d3:44:9f:ae:3e:fe:e1:aa: 59:5c:1f:d1:31:02:f4:93:54:d5:44:16:27:34:bb: 8f:91 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C6:11:4C:52:99:E7:3B:FF:79:64:0E:CA:6E:83:02:C1:3C:6B:BF:BF X509v3 Authority Key Identifier: keyid:2A:71:1A:A7:DC:60:04:9B:0B:0D:88:48:97:E0:15:B1:17:1F:37:B9 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/KnEap9xgBJsLDYhIl-AVsRcfN7k.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/xhFMUpnnO_95ZA7KboMCwTxrv78.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 106.75.224.0/20 Signature Algorithm: sha256WithRSAEncryption 44:0e:13:c6:dd:9c:a2:ae:95:b3:f1:a8:39:eb:92:ff:8a:42: dc:20:f9:14:be:f3:01:3a:c1:7a:00:70:ab:2f:7c:86:e1:bb: 8b:70:0d:7f:21:65:fa:e2:33:31:dc:33:ef:59:bc:19:2b:c2: 2d:db:9e:5d:88:c0:60:2e:78:03:88:49:20:dc:1f:00:e6:72: 34:f0:28:bf:19:67:68:98:17:bc:a2:df:e1:12:e4:6c:44:dd: 10:2a:57:b1:26:3b:14:29:b7:39:83:40:97:86:56:b9:72:53: 53:ca:11:4b:59:95:84:bc:fb:ed:b6:31:e6:2d:41:4b:c7:fa: 5c:fb:6e:6d:f9:15:d0:be:95:93:69:fb:08:d0:6b:09:85:9c: 38:bb:c7:eb:b8:f3:aa:40:9f:2a:4f:ba:da:ff:53:b6:a9:4e: 04:7d:17:bb:a4:22:af:c6:08:8a:22:2e:44:73:b8:61:e3:b6: 25:0d:29:1a:51:02:ea:a6:ac:09:5f:62:d1:27:c1:77:02:34: 1b:5e:50:03:04:a8:e0:bb:31:4b:38:5e:c7:c1:db:51:e4:76: 66:14:4b:fa:2b:fc:6c:24:24:7a:97:4d:1b:52:b2:d5:25:f4: 2e:4f:f4:e7:a6:af:f3:50:1b:80:ea:1a:27:9a:72:da:1d:0f: 9f:29:6f:cc -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICIWwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkE3 MTFBQTdEQzYwMDQ5QjBCMEQ4ODQ4OTdFMDE1QjExNzFGMzdCOTAeFw0yNTA4Mjkw OTA1MjFaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKEM2MTE0QzUyOTlFNzNC RkY3OTY0MEVDQTZFODMwMkMxM0M2QkJGQkYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCaX3Q+VIgqBuGS6W84lUq+krismHdMNj54DU4Pkd5GGo3Lm8Zb JPFBePp+5jNE0/A1FhUaHLdvgvkc6I9AxTsoeTAku4UsP/uInzfPWE9LNw9vVltz 9WjWpzMjA91FEYOpWG+MS0XgIkil0lLprwYUdw6WKMhDF+rsCA2sG47pAsRWrfC2 YtWtiwIMqsZ3XgYUCaGg/4XZLDlis9jzqu+soFIPsh5jg8IJg7m+vxYG5w+yykR3 nwRkYgchk/A8lQh5yMXTcyeH4BzTuViw/EPTe49kRt5mmlzz9Gk2IqukID6qz1Pv LozTRJ+uPv7hqllcH9ExAvSTVNVEFic0u4+RAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUxhFMUpnnO/95ZA7KboMCwTxrv78wHwYDVR0jBBgwFoAUKnEap9xgBJsLDYhI l+AVsRcfN7kwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODE3 L0tuRWFwOXhnQkpzTERZaElsLUFWc1JjZk43ay5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvS25FYXA5eGdCSnNMRFloSWwtQVZzUmNmTjdrLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODE3L3hoRk1VcG5uT185NVpB N0tib01Dd1R4cnY3OC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BARqS+AwDQYJKoZIhvcNAQELBQADggEBAEQOE8bdnKKulbPxqDnrkv+KQtwg+RS+ 8wE6wXoAcKsvfIbhu4twDX8hZfriMzHcM+9ZvBkrwi3bnl2IwGAueAOISSDcHwDm cjTwKL8ZZ2iYF7yi3+ES5GxE3RAqV7EmOxQptzmDQJeGVrlyU1PKEUtZlYS8++22 MeYtQUvH+lz7bm35FdC+lZNp+wjQawmFnDi7x+u486pAnypPutr/U7apTgR9F7uk Iq/GCIoiLkRzuGHjtiUNKRpRAuqmrAlfYtEnwXcCNBteUAMEqOC7MUs4XsfB21Hk dmYUS/or/GwkJHqXTRtSstUl9C5P9Oemr/NQG4DqGieactodD58pb8w= -----END CERTIFICATE-----Generated at Mon Sep 8 12:11:14 2025 by rpki-client