$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/817/yV1evHjNeGmrnMNx-yImomNdTNc.roa File: yV1evHjNeGmrnMNx-yImomNdTNc.roa (raw, json) Hash identifier: 5aedBqvpuzxfCdvT3/2+B64ofcEXLBwTM9cw0RrJo4w= Subject key identifier: C9:5D:5E:BC:78:CD:78:69:AB:9C:C3:71:FB:22:26:A2:63:5D:4C:D7 Certificate issuer: /CN=2A711AA7DC60049B0B0D884897E015B1171F37B9 Certificate serial: 2189 Authority key identifier: 2A:71:1A:A7:DC:60:04:9B:0B:0D:88:48:97:E0:15:B1:17:1F:37:B9 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/yV1evHjNeGmrnMNx-yImomNdTNc.roa Signing time: Fri 29 Aug 2025 09:05:27 +0000 ROA not before: Fri 29 Aug 2025 09:05:27 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 23724 IP address blocks: 106.75.32.0/19 maxlen: 19 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/KnEap9xgBJsLDYhIl-AVsRcfN7k.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/KnEap9xgBJsLDYhIl-AVsRcfN7k.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 08 Sep 2025 16:34:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8585 (0x2189) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2A711AA7DC60049B0B0D884897E015B1171F37B9 Validity Not Before: Aug 29 09:05:27 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=C95D5EBC78CD7869AB9CC371FB2226A2635D4CD7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:07:ae:44:22:98:23:16:1b:42:c5:59:01:22: 28:7c:40:e5:95:7d:8a:c3:15:65:eb:bc:09:3c:53: 35:fd:fb:53:e7:18:c1:b6:1f:f1:3c:80:ce:05:ab: 7e:74:c3:4a:aa:62:ad:84:63:41:84:9d:d6:05:4d: de:8c:b4:07:33:03:49:f7:75:1f:33:1e:41:67:b9: cb:39:84:52:93:e2:32:75:3f:61:3c:ff:e9:1c:da: 55:e6:9e:50:57:b4:95:91:00:dd:c1:5a:e5:a3:fb: 7f:b7:44:45:a9:26:01:94:cf:ee:c4:eb:f9:b5:3f: ac:0d:3d:3e:a3:3a:40:51:b2:36:5f:fd:65:8e:b6: 81:38:36:c8:cb:5b:af:bd:e4:e3:8e:86:54:38:94: 5c:48:b6:c0:1a:42:6a:7e:e7:23:2a:38:94:7b:61: c7:9e:0f:56:c2:d5:36:7b:9c:f4:0b:58:90:92:4d: fa:9d:b9:21:0e:a3:d7:8d:4c:4d:72:ad:6a:df:5e: f3:bd:11:6c:57:82:5d:9f:fb:05:0e:47:27:c9:93: 7a:89:a3:28:a0:f5:8c:ec:5f:2b:18:65:28:c6:21: ae:57:20:86:71:54:61:c8:d3:98:d3:8e:a9:04:0e: c0:8a:c1:f7:79:f4:fb:96:99:0a:5e:35:3b:98:ad: 26:7b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C9:5D:5E:BC:78:CD:78:69:AB:9C:C3:71:FB:22:26:A2:63:5D:4C:D7 X509v3 Authority Key Identifier: keyid:2A:71:1A:A7:DC:60:04:9B:0B:0D:88:48:97:E0:15:B1:17:1F:37:B9 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/KnEap9xgBJsLDYhIl-AVsRcfN7k.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/yV1evHjNeGmrnMNx-yImomNdTNc.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 106.75.32.0/19 Signature Algorithm: sha256WithRSAEncryption 5e:1d:c1:8d:42:39:a2:84:0a:0e:02:ff:c2:cf:f0:13:72:b5: 46:7e:65:66:4e:a8:30:be:95:cd:bf:a4:e7:9e:ae:18:91:79: 0b:b0:de:75:0a:89:2e:87:f4:4c:a4:ac:62:11:90:a1:ac:b5: 30:e3:05:98:57:69:09:41:16:74:6f:5a:b8:2a:8d:a7:88:2a: f2:79:bb:d0:14:b9:c9:6b:b4:80:00:27:a2:d3:50:03:0a:51: 90:4b:0a:2c:87:1f:9f:d0:73:6c:1c:5b:32:e6:33:5e:55:78: 5f:87:1d:86:ba:1c:8c:02:55:51:e8:24:09:47:be:52:b5:18: 6a:1f:48:6f:4b:d4:f6:ad:72:92:72:6c:56:f6:d8:34:b9:0f: 4b:2a:bc:e3:8f:43:fa:19:2b:26:8d:8a:0b:e4:4a:46:58:58: f6:96:c2:52:55:cd:7b:f3:14:35:78:0a:92:9e:63:60:19:8d: 06:83:10:9d:8a:40:3d:de:4a:a4:e4:96:98:18:e0:63:1f:b0: 15:c0:bc:08:31:c7:a4:92:13:64:52:11:12:bf:73:96:00:de: 6d:42:e7:dd:73:71:84:a8:f8:21:bc:2c:b3:fb:eb:9e:ef:1d: 77:ec:00:5a:66:11:9a:0f:8f:f4:20:df:ce:64:d3:05:f9:ef: de:56:02:ca -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICIYkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkE3 MTFBQTdEQzYwMDQ5QjBCMEQ4ODQ4OTdFMDE1QjExNzFGMzdCOTAeFw0yNTA4Mjkw OTA1MjdaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKEM5NUQ1RUJDNzhDRDc4 NjlBQjlDQzM3MUZCMjIyNkEyNjM1RDRDRDcwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDDB65EIpgjFhtCxVkBIih8QOWVfYrDFWXrvAk8UzX9+1PnGMG2 H/E8gM4Fq350w0qqYq2EY0GEndYFTd6MtAczA0n3dR8zHkFnucs5hFKT4jJ1P2E8 /+kc2lXmnlBXtJWRAN3BWuWj+3+3REWpJgGUz+7E6/m1P6wNPT6jOkBRsjZf/WWO toE4NsjLW6+95OOOhlQ4lFxItsAaQmp+5yMqOJR7YceeD1bC1TZ7nPQLWJCSTfqd uSEOo9eNTE1yrWrfXvO9EWxXgl2f+wUORyfJk3qJoyig9YzsXysYZSjGIa5XIIZx VGHI05jTjqkEDsCKwfd59PuWmQpeNTuYrSZ7AgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUyV1evHjNeGmrnMNx+yImomNdTNcwHwYDVR0jBBgwFoAUKnEap9xgBJsLDYhI l+AVsRcfN7kwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODE3 L0tuRWFwOXhnQkpzTERZaElsLUFWc1JjZk43ay5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvS25FYXA5eGdCSnNMRFloSWwtQVZzUmNmTjdrLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODE3L3lWMWV2SGpOZUdtcm5N TngteUltb21OZFROYy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAVqSyAwDQYJKoZIhvcNAQELBQADggEBAF4dwY1COaKECg4C/8LP8BNytUZ+ZWZO qDC+lc2/pOeerhiReQuw3nUKiS6H9EykrGIRkKGstTDjBZhXaQlBFnRvWrgqjaeI KvJ5u9AUuclrtIAAJ6LTUAMKUZBLCiyHH5/Qc2wcWzLmM15VeF+HHYa6HIwCVVHo JAlHvlK1GGofSG9L1PatcpJybFb22DS5D0sqvOOPQ/oZKyaNigvkSkZYWPaWwlJV zXvzFDV4CpKeY2AZjQaDEJ2KQD3eSqTklpgY4GMfsBXAvAgxx6SSE2RSERK/c5YA 3m1C591zcYSo+CG8LLP7657vHXfsAFpmEZoPj/Qg385k0wX5795WAso= -----END CERTIFICATE-----Generated at Mon Sep 8 13:35:15 2025 by rpki-client