$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1232/KQ8t_W_UJWAUpSoCtQXrpoRoI6g.roa File: KQ8t_W_UJWAUpSoCtQXrpoRoI6g.roa (raw, json) Hash identifier: 1SGM87iwNSweY3WITIX91dyXALk8XFbsJzqkyCg0Be8= Subject key identifier: 29:0F:2D:FD:6F:D4:25:60:14:A5:2A:02:B5:05:EB:A6:84:68:23:A8 Certificate issuer: /CN=F1989B406901ADF8810B9DCDC4E0FC9E7E85EEB4 Certificate serial: 22 Authority key identifier: F1:98:9B:40:69:01:AD:F8:81:0B:9D:CD:C4:E0:FC:9E:7E:85:EE:B4 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/8ZibQGkBrfiBC53NxOD8nn6F7rQ.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1232/KQ8t_W_UJWAUpSoCtQXrpoRoI6g.roa Signing time: Fri 22 Aug 2025 06:27:16 +0000 ROA not before: Fri 22 Aug 2025 06:27:16 +0000 ROA not after: Thu 20 Aug 2026 07:49:18 +0000 asID: 63583 IP address blocks: 45.120.240.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1232/8ZibQGkBrfiBC53NxOD8nn6F7rQ.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1232/8ZibQGkBrfiBC53NxOD8nn6F7rQ.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/8ZibQGkBrfiBC53NxOD8nn6F7rQ.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 04:03:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 34 (0x22) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=F1989B406901ADF8810B9DCDC4E0FC9E7E85EEB4 Validity Not Before: Aug 22 06:27:16 2025 GMT Not After : Aug 20 07:49:18 2026 GMT Subject: CN=290F2DFD6FD4256014A52A02B505EBA6846823A8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d1:78:9f:5b:ef:ea:79:4b:b3:99:fa:95:03:d3: e8:83:91:ac:c6:e8:63:76:66:dc:4e:6c:2e:6e:11: b5:8c:ec:a3:3e:fd:83:09:a6:f7:9f:2e:a8:1f:e5: 38:91:5c:07:e1:f3:9f:00:fb:01:84:f6:29:72:1c: b0:54:08:ba:d6:0d:c2:15:49:3c:d8:c5:02:c1:e3: 55:ac:f5:54:06:2a:bc:fd:62:f9:05:cb:d4:43:06: f5:ea:8d:56:28:59:b3:94:51:aa:e2:e9:41:66:f5: c7:95:08:af:04:96:83:25:91:68:5c:e1:92:ad:e0: c2:42:b0:50:a1:72:94:4d:54:37:a4:10:86:e9:68: 53:62:c9:35:b2:1c:de:b7:68:13:2d:16:31:98:d1: 12:2b:78:39:3b:b5:d0:79:cd:93:31:e0:93:60:25: 83:4a:94:0f:4a:c1:16:18:48:81:66:97:be:e4:87: 65:45:00:16:ba:54:f1:ae:30:fe:f8:29:e7:fd:05: f2:7e:d9:8e:1d:01:41:8c:c7:0e:1e:50:55:9d:35: 11:6f:a0:66:a2:eb:95:bc:55:06:38:25:6c:07:8c: 6a:2f:f7:2b:c2:a3:54:5f:40:fb:37:64:2d:e0:6e: ef:db:c3:22:62:49:53:36:40:c1:81:04:8c:b9:e6: a8:d1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 29:0F:2D:FD:6F:D4:25:60:14:A5:2A:02:B5:05:EB:A6:84:68:23:A8 X509v3 Authority Key Identifier: keyid:F1:98:9B:40:69:01:AD:F8:81:0B:9D:CD:C4:E0:FC:9E:7E:85:EE:B4 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1232/8ZibQGkBrfiBC53NxOD8nn6F7rQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/8ZibQGkBrfiBC53NxOD8nn6F7rQ.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1232/KQ8t_W_UJWAUpSoCtQXrpoRoI6g.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 45.120.240.0/24 Signature Algorithm: sha256WithRSAEncryption 18:94:4f:46:2d:9e:70:55:ce:9c:c0:b2:0d:0c:11:45:b5:8b: 7f:ba:a1:31:d2:dc:3d:07:48:63:b1:09:57:4a:b7:f7:73:db: 86:d3:43:fa:f0:a8:f3:06:9f:2d:f3:3f:0e:5d:dd:f8:f7:86: 67:fb:cd:8a:d6:07:ad:fb:60:42:4d:77:3a:c9:ff:6e:e0:bf: f0:a9:50:c3:02:48:cf:10:60:4c:34:93:dd:50:63:1a:74:5f: c8:81:f8:fd:21:9b:bc:35:18:5f:7b:93:fe:24:18:39:41:a5: 1b:7a:47:b2:a5:4c:e5:e3:07:5e:5f:d5:c5:1e:32:a7:22:44: 40:3e:39:90:d4:e1:30:8e:7e:e8:5c:ed:22:c7:81:8d:dd:52: 29:ce:11:7b:79:61:df:e4:1a:1b:6b:e9:da:eb:6f:62:16:3f: 0b:1f:af:f7:73:05:d0:88:a1:fc:90:e7:67:47:e0:c3:41:78: 2e:27:74:17:2b:16:4f:73:d3:3f:33:f3:79:e8:90:c3:77:7d: 06:3f:22:4f:0a:2f:bc:67:d0:8e:4a:f7:cd:8b:a9:10:aa:8b: ca:94:72:82:af:fa:8a:a7:4e:fb:55:3c:8d:5c:30:94:f0:ec: bf:6d:46:77:c2:3c:69:f1:64:66:f9:a2:c1:46:cf:21:6f:2d: ef:52:64:09 -----BEGIN CERTIFICATE----- MIIE1jCCA76gAwIBAgIBIjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhGMTk4 OUI0MDY5MDFBREY4ODEwQjlEQ0RDNEUwRkM5RTdFODVFRUI0MB4XDTI1MDgyMjA2 MjcxNloXDTI2MDgyMDA3NDkxOFowMzExMC8GA1UEAxMoMjkwRjJERkQ2RkQ0MjU2 MDE0QTUyQTAyQjUwNUVCQTY4NDY4MjNBODCCASIwDQYJKoZIhvcNAQEBBQADggEP ADCCAQoCggEBANF4n1vv6nlLs5n6lQPT6IORrMboY3Zm3E5sLm4RtYzsoz79gwmm 958uqB/lOJFcB+HznwD7AYT2KXIcsFQIutYNwhVJPNjFAsHjVaz1VAYqvP1i+QXL 1EMG9eqNVihZs5RRquLpQWb1x5UIrwSWgyWRaFzhkq3gwkKwUKFylE1UN6QQhulo U2LJNbIc3rdoEy0WMZjREit4OTu10HnNkzHgk2Alg0qUD0rBFhhIgWaXvuSHZUUA FrpU8a4w/vgp5/0F8n7Zjh0BQYzHDh5QVZ01EW+gZqLrlbxVBjglbAeMai/3K8Kj VF9A+zdkLeBu79vDImJJUzZAwYEEjLnmqNECAwEAAaOCAfMwggHvMB0GA1UdDgQW BBQpDy39b9QlYBSlKgK1BeumhGgjqDAfBgNVHSMEGDAWgBTxmJtAaQGt+IELnc3E 4PyefoXutDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMF0GA1UdHwRWMFQwUqBQ oE6GTHJzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC8xMjMy LzhaaWJRR2tCcmZpQkM1M054T0Q4bm42RjdyUS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvOFppYlFHa0JyZmlCQzUzTnhPRDhubjZGN3JRLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZ0GCCsGAQUFBwELBIGQMIGNMFgGCCsGAQUFBzALhkxyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTIzMi9LUTh0X1dfVUpXQVVw U29DdFFYcnBvUm9JNmcucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25u aWMuY24vcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQALXjwMA0GCSqGSIb3DQEBCwUAA4IBAQAYlE9GLZ5wVc6cwLINDBFFtYt/uqEx 0tw9B0hjsQlXSrf3c9uG00P68KjzBp8t8z8OXd3494Zn+82K1get+2BCTXc6yf9u 4L/wqVDDAkjPEGBMNJPdUGMadF/Igfj9IZu8NRhfe5P+JBg5QaUbekeypUzl4wde X9XFHjKnIkRAPjmQ1OEwjn7oXO0ix4GN3VIpzhF7eWHf5Boba+na629iFj8LH6/3 cwXQiKH8kOdnR+DDQXguJ3QXKxZPc9M/M/N56JDDd30GPyJPCi+8Z9COSvfNi6kQ qovKlHKCr/qKp077VTyNXDCU8Oy/bUZ3wjxp8WRm+aLBRs8hby3vUmQJ -----END CERTIFICATE-----Generated at Sun Aug 24 02:44:16 2025 by rpki-client