$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2927/dTvljnE8RaQon284MBGb3Pze_DA.roa File: dTvljnE8RaQon284MBGb3Pze_DA.roa (raw, json) Hash identifier: rOC1jntUoYQjRXyheD/+ucwXVMndIoLBOPirat2mn5s= Subject key identifier: 75:3B:E5:8E:71:3C:45:A4:28:9F:6F:38:30:11:9B:DC:FC:DE:FC:30 Certificate issuer: /CN=73D211D5B210E3B196054DB71892D8E38A4E09EF Certificate serial: 09 Authority key identifier: 73:D2:11:D5:B2:10:E3:B1:96:05:4D:B7:18:92:D8:E3:8A:4E:09:EF Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/c9IR1bIQ47GWBU23GJLY44pOCe8.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2927/dTvljnE8RaQon284MBGb3Pze_DA.roa Signing time: Wed 25 Jun 2025 02:40:32 +0000 ROA not before: Wed 25 Jun 2025 02:40:32 +0000 ROA not after: Thu 25 Jun 2026 02:35:12 +0000 asID: 131574 IP address blocks: 43.227.8.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2927/c9IR1bIQ47GWBU23GJLY44pOCe8.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2927/c9IR1bIQ47GWBU23GJLY44pOCe8.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/c9IR1bIQ47GWBU23GJLY44pOCe8.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 04 Jul 2025 22:44:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 9 (0x9) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=73D211D5B210E3B196054DB71892D8E38A4E09EF Validity Not Before: Jun 25 02:40:32 2025 GMT Not After : Jun 25 02:35:12 2026 GMT Subject: CN=753BE58E713C45A4289F6F3830119BDCFCDEFC30 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:12:6c:98:d0:17:bc:16:c5:d2:54:41:dd:fb: 2c:bf:6f:2b:86:0d:c4:72:93:f4:f5:2b:bd:ba:8f: 4f:43:dd:a8:24:bb:55:38:fb:d7:3f:ac:5e:1f:40: 0d:eb:fa:33:10:b2:52:fc:65:19:64:f3:43:b4:63: d3:e0:33:00:85:33:3c:4b:86:39:3d:fe:b7:a4:76: 5d:70:4b:b9:03:fd:b2:31:66:5b:0a:d1:65:be:35: a2:3d:eb:4a:ea:ad:54:49:72:88:ae:43:cd:90:73: 44:02:67:9a:47:55:55:e5:af:6a:25:23:c4:db:f4: 3a:c1:c5:48:a0:07:a0:a1:9d:af:2e:bd:29:91:22: f2:58:1b:d5:16:9a:c5:7a:16:93:e0:d3:2f:dd:06: 49:1a:41:73:c1:c1:a4:1e:28:a9:93:25:76:7c:f8: bb:c8:92:0b:f0:59:7d:08:dc:a3:49:6e:5e:2b:4c: 4f:2e:62:73:d0:71:75:c5:83:56:ca:19:0f:c3:88: ea:36:d7:e9:50:bb:bc:42:fe:eb:bf:44:ef:6b:ed: 22:a1:e6:4b:a1:3b:f4:c9:8e:2d:91:ea:ff:d0:e5: 14:01:6f:59:b3:e8:0e:28:18:36:72:12:0d:71:05: e4:0e:36:f9:60:b7:20:e2:3a:be:af:06:f8:18:9d: 12:81 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 75:3B:E5:8E:71:3C:45:A4:28:9F:6F:38:30:11:9B:DC:FC:DE:FC:30 X509v3 Authority Key Identifier: keyid:73:D2:11:D5:B2:10:E3:B1:96:05:4D:B7:18:92:D8:E3:8A:4E:09:EF X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2927/c9IR1bIQ47GWBU23GJLY44pOCe8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/c9IR1bIQ47GWBU23GJLY44pOCe8.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2927/dTvljnE8RaQon284MBGb3Pze_DA.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 43.227.8.0/22 Signature Algorithm: sha256WithRSAEncryption 17:58:7d:28:5e:6b:ad:7e:78:51:48:58:e7:93:3e:eb:f3:51: 32:20:ab:b0:bb:b9:0e:a2:c2:a8:52:26:f1:00:66:40:54:08: b4:76:d2:b5:0c:3c:78:3d:d9:29:b2:b3:59:7a:9a:b9:fd:b0: 4c:82:55:a0:10:ff:6f:5e:0f:db:22:4d:55:da:15:4f:63:c4: d9:e4:2a:4c:64:df:68:36:cd:e4:1a:fd:ce:f7:45:5d:d3:1f: 61:bd:9e:55:31:a1:94:46:7b:d0:db:f8:a3:32:7d:c5:96:05: 0a:96:a9:66:1b:21:bb:69:f4:d0:b6:49:c2:8b:b6:49:2c:33: 4a:7e:a0:d5:1d:2c:ee:19:e9:b0:cb:45:61:7f:f2:a5:7e:e8: 9d:74:e9:00:85:97:18:0c:7e:e5:80:dd:17:65:56:32:a9:46: 41:84:9b:e7:2c:ca:f0:ca:e3:d0:9c:a3:50:93:66:a0:d0:72: c6:b9:b2:c5:ef:8b:cb:6e:7c:75:a4:57:c9:52:7c:f8:8c:7f: 1f:d8:1a:c0:5c:8f:f0:12:c3:cc:74:b1:e5:a4:65:1f:e2:f2: 6d:c3:aa:fe:74:f1:2b:f3:32:c9:7e:39:7b:92:f3:29:de:ad: bd:82:20:26:23:49:ea:50:42:50:42:d5:ed:cd:13:7c:c5:20: a2:a7:8b:2c -----BEGIN CERTIFICATE----- MIIE1jCCA76gAwIBAgIBCTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3M0Qy MTFENUIyMTBFM0IxOTYwNTREQjcxODkyRDhFMzhBNEUwOUVGMB4XDTI1MDYyNTAy NDAzMloXDTI2MDYyNTAyMzUxMlowMzExMC8GA1UEAxMoNzUzQkU1OEU3MTNDNDVB NDI4OUY2RjM4MzAxMTlCRENGQ0RFRkMzMDCCASIwDQYJKoZIhvcNAQEBBQADggEP ADCCAQoCggEBALwSbJjQF7wWxdJUQd37LL9vK4YNxHKT9PUrvbqPT0PdqCS7VTj7 1z+sXh9ADev6MxCyUvxlGWTzQ7Rj0+AzAIUzPEuGOT3+t6R2XXBLuQP9sjFmWwrR Zb41oj3rSuqtVElyiK5DzZBzRAJnmkdVVeWvaiUjxNv0OsHFSKAHoKGdry69KZEi 8lgb1RaaxXoWk+DTL90GSRpBc8HBpB4oqZMldnz4u8iSC/BZfQjco0luXitMTy5i c9BxdcWDVsoZD8OI6jbX6VC7vEL+679E72vtIqHmS6E79MmOLZHq/9DlFAFvWbPo DigYNnISDXEF5A42+WC3IOI6vq8G+BidEoECAwEAAaOCAfMwggHvMB0GA1UdDgQW BBR1O+WOcTxFpCifbzgwEZvc/N78MDAfBgNVHSMEGDAWgBRz0hHVshDjsZYFTbcY ktjjik4J7zAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMF0GA1UdHwRWMFQwUqBQ oE6GTHJzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC8yOTI3 L2M5SVIxYklRNDdHV0JVMjNHSkxZNDRwT0NlOC5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvYzlJUjFiSVE0N0dXQlUyM0dKTFk0NHBPQ2U4LmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZ0GCCsGAQUFBwELBIGQMIGNMFgGCCsGAQUFBzALhkxyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjkyNy9kVHZsam5FOFJhUW9u Mjg0TUJHYjNQemVfREEucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25u aWMuY24vcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQCK+MIMA0GCSqGSIb3DQEBCwUAA4IBAQAXWH0oXmutfnhRSFjnkz7r81EyIKuw u7kOosKoUibxAGZAVAi0dtK1DDx4PdkpsrNZepq5/bBMglWgEP9vXg/bIk1V2hVP Y8TZ5CpMZN9oNs3kGv3O90Vd0x9hvZ5VMaGURnvQ2/ijMn3FlgUKlqlmGyG7afTQ tknCi7ZJLDNKfqDVHSzuGemwy0Vhf/KlfuiddOkAhZcYDH7lgN0XZVYyqUZBhJvn LMrwyuPQnKNQk2ag0HLGubLF74vLbnx1pFfJUnz4jH8f2BrAXI/wEsPMdLHlpGUf 4vJtw6r+dPEr8zLJfjl7kvMp3q29giAmI0nqUEJQQtXtzRN8xSCip4ss -----END CERTIFICATE-----Generated at Fri Jul 4 19:09:27 2025 by rpki-client