$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/817/zP97lnHD_LfiaDv4gB8dEpovkqs.roa File: zP97lnHD_LfiaDv4gB8dEpovkqs.roa (raw, json) Hash identifier: v2Pi5/CQrCvCSZ7Jy/du0YAAPcafuUCxbd+Hl4pPqas= Subject key identifier: CC:FF:7B:96:71:C3:FC:B7:E2:68:3B:F8:80:1F:1D:12:9A:2F:92:AB Certificate issuer: /CN=2A711AA7DC60049B0B0D884897E015B1171F37B9 Certificate serial: 21A0 Authority key identifier: 2A:71:1A:A7:DC:60:04:9B:0B:0D:88:48:97:E0:15:B1:17:1F:37:B9 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/zP97lnHD_LfiaDv4gB8dEpovkqs.roa Signing time: Fri 29 Aug 2025 09:05:32 +0000 ROA not before: Fri 29 Aug 2025 09:05:32 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 4808 IP address blocks: 117.50.0.0/19 maxlen: 19 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/KnEap9xgBJsLDYhIl-AVsRcfN7k.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/KnEap9xgBJsLDYhIl-AVsRcfN7k.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 07 Sep 2025 05:34:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8608 (0x21a0) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2A711AA7DC60049B0B0D884897E015B1171F37B9 Validity Not Before: Aug 29 09:05:32 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=CCFF7B9671C3FCB7E2683BF8801F1D129A2F92AB Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:bf:28:26:b4:9f:52:f6:99:6a:68:40:65:e5: 0d:43:84:21:54:c7:b2:c8:77:d6:52:1a:0b:95:71: a2:e7:67:fa:3a:f9:45:b6:94:51:60:12:4a:52:20: be:ff:2e:47:f7:5b:61:3b:89:a3:83:94:cc:46:fe: 89:29:02:12:f1:5a:4b:2b:5e:06:f7:33:b5:40:e1: b5:a7:59:5b:ed:fc:c1:dd:30:dc:76:7f:0c:90:82: c1:5c:84:3f:51:b8:75:c9:7f:49:01:42:0e:77:30: 69:f3:7a:ba:39:53:a3:b7:97:4d:fa:9a:05:14:9b: 77:7b:b6:ca:00:06:18:31:d0:c6:db:a2:f3:09:60: 90:fb:09:80:6f:48:e5:eb:19:6c:74:ff:3b:63:d4: a0:19:90:c5:d4:cd:0c:e6:8b:fe:3c:f4:ff:9a:4c: 67:e5:7c:54:07:a0:3e:bf:d5:d7:27:80:87:c5:5e: ec:4b:46:95:0a:1d:bd:18:e8:42:22:81:67:2f:f5: 70:32:7a:4e:e5:df:74:54:7e:0e:6e:86:cf:c1:f1: 60:70:81:db:dc:eb:4b:68:ee:cb:79:7c:cd:47:41: a9:b6:62:da:f0:a8:77:48:fc:37:8c:24:26:42:b8: 23:ea:73:c7:66:ae:ea:88:a4:4c:cd:5e:23:16:14: b0:af Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CC:FF:7B:96:71:C3:FC:B7:E2:68:3B:F8:80:1F:1D:12:9A:2F:92:AB X509v3 Authority Key Identifier: keyid:2A:71:1A:A7:DC:60:04:9B:0B:0D:88:48:97:E0:15:B1:17:1F:37:B9 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/KnEap9xgBJsLDYhIl-AVsRcfN7k.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/zP97lnHD_LfiaDv4gB8dEpovkqs.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 117.50.0.0/19 Signature Algorithm: sha256WithRSAEncryption aa:48:db:b5:55:9a:3c:73:c5:d7:24:b7:8b:31:36:ba:80:52: 2a:db:86:6b:1c:6b:d3:a7:bd:fa:cc:f6:56:9e:76:2f:3d:ba: 34:92:c7:dc:34:93:27:42:37:1a:9e:89:99:0c:3e:00:ec:f8: 6f:0c:ee:07:cc:aa:4d:0d:75:c9:1a:05:9d:1b:90:4f:3e:2f: fc:33:58:c2:1b:8c:70:3e:7d:b6:cd:16:82:67:b4:b3:d3:fa: 10:21:05:22:50:07:23:ca:38:17:3a:15:7b:49:ff:5d:ee:88: 7d:7f:69:12:aa:53:cd:f1:64:3c:60:79:76:a0:4a:42:af:db: 24:db:8b:97:63:cf:f6:8e:91:e4:58:ce:4b:76:d7:6e:ad:4d: 1b:8b:21:65:f7:ca:bc:ef:07:9c:87:f9:00:cb:24:33:12:56: ef:04:f8:9e:d5:71:f4:12:ca:4b:f3:66:25:cc:bf:74:5e:22: d8:da:54:b2:07:c7:23:f9:3d:51:6c:5f:83:dd:97:65:82:9a: 28:95:98:34:61:a9:f8:7f:fc:f3:3e:5f:46:8b:bd:a4:08:62: 46:46:60:df:25:a5:de:87:4e:69:dc:72:06:ce:1e:7d:60:1c: 80:3f:24:af:ff:14:f0:86:7d:25:7a:10:3f:96:bb:52:75:fd: be:07:43:7c -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICIaAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkE3 MTFBQTdEQzYwMDQ5QjBCMEQ4ODQ4OTdFMDE1QjExNzFGMzdCOTAeFw0yNTA4Mjkw OTA1MzJaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKENDRkY3Qjk2NzFDM0ZD QjdFMjY4M0JGODgwMUYxRDEyOUEyRjkyQUIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDQvygmtJ9S9plqaEBl5Q1DhCFUx7LId9ZSGguVcaLnZ/o6+UW2 lFFgEkpSIL7/Lkf3W2E7iaODlMxG/okpAhLxWksrXgb3M7VA4bWnWVvt/MHdMNx2 fwyQgsFchD9RuHXJf0kBQg53MGnzero5U6O3l036mgUUm3d7tsoABhgx0MbbovMJ YJD7CYBvSOXrGWx0/ztj1KAZkMXUzQzmi/489P+aTGflfFQHoD6/1dcngIfFXuxL RpUKHb0Y6EIigWcv9XAyek7l33RUfg5uhs/B8WBwgdvc60to7st5fM1HQam2Ytrw qHdI/DeMJCZCuCPqc8dmruqIpEzNXiMWFLCvAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUzP97lnHD/LfiaDv4gB8dEpovkqswHwYDVR0jBBgwFoAUKnEap9xgBJsLDYhI l+AVsRcfN7kwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODE3 L0tuRWFwOXhnQkpzTERZaElsLUFWc1JjZk43ay5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvS25FYXA5eGdCSnNMRFloSWwtQVZzUmNmTjdrLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODE3L3pQOTdsbkhEX0xmaWFE djRnQjhkRXBvdmtxcy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAV1MgAwDQYJKoZIhvcNAQELBQADggEBAKpI27VVmjxzxdckt4sxNrqAUirbhmsc a9OnvfrM9laedi89ujSSx9w0kydCNxqeiZkMPgDs+G8M7gfMqk0NdckaBZ0bkE8+ L/wzWMIbjHA+fbbNFoJntLPT+hAhBSJQByPKOBc6FXtJ/13uiH1/aRKqU83xZDxg eXagSkKv2yTbi5djz/aOkeRYzkt2126tTRuLIWX3yrzvB5yH+QDLJDMSVu8E+J7V cfQSykvzZiXMv3ReItjaVLIHxyP5PVFsX4Pdl2WCmiiVmDRhqfh//PM+X0aLvaQI YkZGYN8lpd6HTmnccgbOHn1gHIA/JK//FPCGfSV6ED+Wu1J1/b4HQ3w= -----END CERTIFICATE-----Generated at Sun Sep 7 03:31:35 2025 by rpki-client