$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2927/gQErA5MB_7h7AxGFEG_GkVWZuys.roa File: gQErA5MB_7h7AxGFEG_GkVWZuys.roa (raw, json) Hash identifier: crx71MUM6CDetZbao3ZxwpQsri4Flgng7CvbadpjmzM= Subject key identifier: 81:01:2B:03:93:01:FF:B8:7B:03:11:85:10:6F:C6:91:55:99:BB:2B Certificate issuer: /CN=73D211D5B210E3B196054DB71892D8E38A4E09EF Certificate serial: 07 Authority key identifier: 73:D2:11:D5:B2:10:E3:B1:96:05:4D:B7:18:92:D8:E3:8A:4E:09:EF Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/c9IR1bIQ47GWBU23GJLY44pOCe8.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2927/gQErA5MB_7h7AxGFEG_GkVWZuys.roa Signing time: Wed 25 Jun 2025 02:40:31 +0000 ROA not before: Wed 25 Jun 2025 02:40:31 +0000 ROA not after: Thu 25 Jun 2026 02:35:12 +0000 asID: 131574 IP address blocks: 43.249.168.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2927/c9IR1bIQ47GWBU23GJLY44pOCe8.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2927/c9IR1bIQ47GWBU23GJLY44pOCe8.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/c9IR1bIQ47GWBU23GJLY44pOCe8.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 04 Jul 2025 13:18:22 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7 (0x7) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=73D211D5B210E3B196054DB71892D8E38A4E09EF Validity Not Before: Jun 25 02:40:31 2025 GMT Not After : Jun 25 02:35:12 2026 GMT Subject: CN=81012B039301FFB87B031185106FC6915599BB2B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d9:37:ec:ff:dd:29:e4:5a:86:32:05:4a:fd:18: 2d:78:21:7e:67:2a:bf:d6:2e:1a:88:3f:8e:e1:5a: d7:83:3c:52:89:18:be:2f:54:3c:29:ce:e4:48:eb: 47:9d:89:0b:b6:02:45:70:ba:cf:a1:3c:ed:a5:d8: b8:2c:1b:2a:da:4d:34:69:ce:1c:46:c5:6e:e3:56: 17:49:ec:18:ab:6a:ce:e9:71:e8:db:3f:29:79:73: 38:1e:78:ee:49:fa:a8:80:f9:10:25:b4:e9:16:c0: a5:df:fd:64:63:cf:b6:4b:c1:b5:c9:66:90:91:80: 5c:f5:f1:29:ec:4a:0a:3f:c9:6f:e3:bf:6a:07:07: d7:53:b5:21:92:25:87:c3:7c:3f:ba:3e:ac:30:aa: 25:46:ab:37:83:c7:b4:fe:74:1f:14:81:60:18:a0: c8:d9:18:3f:27:c6:71:22:ac:6b:d2:fc:d4:fd:5d: 31:19:ff:18:e2:11:35:7a:92:fb:d1:81:9f:dd:de: 67:f0:71:9f:29:a1:e7:31:35:87:05:08:0b:c2:c5: ec:e2:8b:55:cd:43:99:6a:8e:95:49:7c:62:e1:5b: 34:63:b1:62:7a:f9:97:c9:d3:b1:d0:e3:81:03:19: 17:56:af:a9:d0:ac:9b:cb:16:62:d9:d3:19:ff:e3: d6:e5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 81:01:2B:03:93:01:FF:B8:7B:03:11:85:10:6F:C6:91:55:99:BB:2B X509v3 Authority Key Identifier: keyid:73:D2:11:D5:B2:10:E3:B1:96:05:4D:B7:18:92:D8:E3:8A:4E:09:EF X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2927/c9IR1bIQ47GWBU23GJLY44pOCe8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/c9IR1bIQ47GWBU23GJLY44pOCe8.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2927/gQErA5MB_7h7AxGFEG_GkVWZuys.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 43.249.168.0/22 Signature Algorithm: sha256WithRSAEncryption a0:97:27:00:e9:2c:4b:9f:f0:cd:11:e6:37:b8:e5:8a:91:6c: ea:cb:9b:da:52:82:cd:33:23:71:c6:ee:2d:fe:9c:dc:3a:b8: 05:0e:f2:bf:63:b9:ac:1a:38:32:17:6a:4a:c3:6c:62:23:8f: 93:68:b0:6a:62:44:27:d9:25:58:f3:8c:bd:1e:cb:f1:ed:63: 9f:b1:c4:32:8f:ba:3d:69:d1:20:19:36:d8:d1:94:6d:4f:02: d8:ed:46:20:50:28:54:8d:72:29:07:2b:ff:4a:3e:28:eb:c1: 25:49:99:d1:93:a0:47:c0:79:50:2e:6a:a3:4d:60:02:de:3a: c7:49:5b:21:36:f2:75:1b:8e:51:8d:4c:4d:93:39:a2:ac:74: be:8f:33:2f:38:2d:31:79:2c:48:2a:e5:48:35:34:2e:44:8d: b3:0d:ce:fb:c0:09:57:ce:dc:de:3e:43:84:89:f6:22:f5:68: 0c:65:56:fc:42:a9:d2:54:e9:83:e5:79:c4:8b:aa:fc:1e:32: d8:26:82:4e:b0:43:be:4e:64:de:ac:da:59:1a:94:15:00:74: 79:d2:72:7e:09:5f:ff:e6:0d:3b:a2:e4:d7:96:96:f0:89:9a: 39:c9:73:ee:19:a0:ba:4f:9d:bd:7f:09:6c:5a:76:e4:82:4f: a6:1c:a5:2a -----BEGIN CERTIFICATE----- MIIE1jCCA76gAwIBAgIBBzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3M0Qy MTFENUIyMTBFM0IxOTYwNTREQjcxODkyRDhFMzhBNEUwOUVGMB4XDTI1MDYyNTAy NDAzMVoXDTI2MDYyNTAyMzUxMlowMzExMC8GA1UEAxMoODEwMTJCMDM5MzAxRkZC ODdCMDMxMTg1MTA2RkM2OTE1NTk5QkIyQjCCASIwDQYJKoZIhvcNAQEBBQADggEP ADCCAQoCggEBANk37P/dKeRahjIFSv0YLXghfmcqv9YuGog/juFa14M8UokYvi9U PCnO5EjrR52JC7YCRXC6z6E87aXYuCwbKtpNNGnOHEbFbuNWF0nsGKtqzulx6Ns/ KXlzOB547kn6qID5ECW06RbApd/9ZGPPtkvBtclmkJGAXPXxKexKCj/Jb+O/agcH 11O1IZIlh8N8P7o+rDCqJUarN4PHtP50HxSBYBigyNkYPyfGcSKsa9L81P1dMRn/ GOIRNXqS+9GBn93eZ/Bxnymh5zE1hwUIC8LF7OKLVc1DmWqOlUl8YuFbNGOxYnr5 l8nTsdDjgQMZF1avqdCsm8sWYtnTGf/j1uUCAwEAAaOCAfMwggHvMB0GA1UdDgQW BBSBASsDkwH/uHsDEYUQb8aRVZm7KzAfBgNVHSMEGDAWgBRz0hHVshDjsZYFTbcY ktjjik4J7zAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMF0GA1UdHwRWMFQwUqBQ oE6GTHJzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC8yOTI3 L2M5SVIxYklRNDdHV0JVMjNHSkxZNDRwT0NlOC5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvYzlJUjFiSVE0N0dXQlUyM0dKTFk0NHBPQ2U4LmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZ0GCCsGAQUFBwELBIGQMIGNMFgGCCsGAQUFBzALhkxyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjkyNy9nUUVyQTVNQl83aDdB eEdGRUdfR2tWV1p1eXMucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25u aWMuY24vcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQCK/moMA0GCSqGSIb3DQEBCwUAA4IBAQCglycA6SxLn/DNEeY3uOWKkWzqy5va UoLNMyNxxu4t/pzcOrgFDvK/Y7msGjgyF2pKw2xiI4+TaLBqYkQn2SVY84y9Hsvx 7WOfscQyj7o9adEgGTbY0ZRtTwLY7UYgUChUjXIpByv/Sj4o68ElSZnRk6BHwHlQ LmqjTWAC3jrHSVshNvJ1G45RjUxNkzmirHS+jzMvOC0xeSxIKuVINTQuRI2zDc77 wAlXztzePkOEifYi9WgMZVb8QqnSVOmD5XnEi6r8HjLYJoJOsEO+TmTerNpZGpQV AHR50nJ+CV//5g07ouTXlpbwiZo5yXPuGaC6T529fwlsWnbkgk+mHKUq -----END CERTIFICATE-----Generated at Fri Jul 4 12:01:00 2025 by rpki-client