$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1232/NANs8G3KbQJcnMkw-wpYJpmust8.roa File: NANs8G3KbQJcnMkw-wpYJpmust8.roa (raw, json) Hash identifier: V4lHZdLDE1NfUK9AU5VwCeOT9amTEPyzm2DrbmsSk0c= Subject key identifier: 34:03:6C:F0:6D:CA:6D:02:5C:9C:C9:30:FB:0A:58:26:99:AE:B2:DF Certificate issuer: /CN=F1989B406901ADF8810B9DCDC4E0FC9E7E85EEB4 Certificate serial: 29 Authority key identifier: F1:98:9B:40:69:01:AD:F8:81:0B:9D:CD:C4:E0:FC:9E:7E:85:EE:B4 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/8ZibQGkBrfiBC53NxOD8nn6F7rQ.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1232/NANs8G3KbQJcnMkw-wpYJpmust8.roa Signing time: Fri 22 Aug 2025 06:27:17 +0000 ROA not before: Fri 22 Aug 2025 06:27:17 +0000 ROA not after: Thu 20 Aug 2026 07:49:18 +0000 asID: 138457 IP address blocks: 45.120.241.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1232/8ZibQGkBrfiBC53NxOD8nn6F7rQ.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1232/8ZibQGkBrfiBC53NxOD8nn6F7rQ.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/8ZibQGkBrfiBC53NxOD8nn6F7rQ.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 04:03:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 41 (0x29) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=F1989B406901ADF8810B9DCDC4E0FC9E7E85EEB4 Validity Not Before: Aug 22 06:27:17 2025 GMT Not After : Aug 20 07:49:18 2026 GMT Subject: CN=34036CF06DCA6D025C9CC930FB0A582699AEB2DF Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:8a:b0:33:73:35:35:c3:3a:97:d0:94:cd:cd: 2d:0f:d8:2c:b1:53:20:a7:70:98:23:1b:96:96:fc: e7:70:10:de:0c:59:b7:bb:2d:09:95:c6:fe:a7:e7: 60:6d:36:c0:c7:a4:a1:7b:48:0d:5f:e7:71:31:fb: f7:ab:bb:cf:c5:20:af:5b:5e:cc:c0:61:89:2d:bb: 08:9a:05:33:93:bc:76:d0:bb:0f:58:02:8d:9a:8d: 34:3d:06:9a:a7:49:09:61:99:31:02:e5:93:37:cf: a3:91:ff:1d:ff:ac:ba:36:a7:ae:4e:dc:07:75:67: 67:4d:f5:94:05:1b:86:cc:0c:09:5e:ae:e8:f9:bd: b4:42:16:a2:b9:c2:cc:6e:0c:02:a2:dd:06:be:3a: 84:f6:fe:23:f0:81:90:2c:05:3b:e9:60:29:92:75: 73:29:d2:d9:95:e3:bc:07:34:ca:56:c3:f6:15:7a: bf:50:f8:dd:90:e1:ab:48:82:37:7a:1d:0c:31:a3: 18:c1:a3:a5:d2:2e:83:70:fa:7c:2b:dc:02:89:de: 30:aa:ab:3a:d8:32:de:8d:57:d0:d1:15:9b:de:d7: dc:1a:38:04:a0:0d:e1:b3:74:f9:22:b5:44:cc:a2: 25:9b:df:06:5d:bc:83:ee:e7:cd:37:10:d7:29:0b: e7:29 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 34:03:6C:F0:6D:CA:6D:02:5C:9C:C9:30:FB:0A:58:26:99:AE:B2:DF X509v3 Authority Key Identifier: keyid:F1:98:9B:40:69:01:AD:F8:81:0B:9D:CD:C4:E0:FC:9E:7E:85:EE:B4 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1232/8ZibQGkBrfiBC53NxOD8nn6F7rQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/8ZibQGkBrfiBC53NxOD8nn6F7rQ.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1232/NANs8G3KbQJcnMkw-wpYJpmust8.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 45.120.241.0/24 Signature Algorithm: sha256WithRSAEncryption 29:dc:9b:b3:78:a5:33:13:d0:59:fb:49:f5:8f:a4:85:78:bb: f9:b3:29:64:26:7f:a6:de:3c:90:a5:2b:f3:a9:e3:d3:b7:44: 54:6a:6a:a3:bd:4c:01:cb:20:ff:96:59:13:57:6e:89:5a:56: 59:b7:8f:65:6c:c5:37:dc:cb:86:07:0e:23:06:92:50:8e:13: 60:6f:e5:23:0d:27:5f:63:ef:20:19:27:0d:75:41:55:06:79: 8f:6a:67:00:41:de:96:e3:51:36:ea:9c:ef:4d:ed:05:4d:14: ed:85:02:8c:75:1e:dc:51:ad:83:76:ca:80:6a:05:b1:e6:b3: 22:9b:13:f7:8e:32:c5:96:e5:a7:84:46:d4:ef:bc:d7:c7:e3: 4b:c4:55:8b:ab:7b:8b:fb:3d:43:4b:2b:94:05:f3:7c:42:ea: cf:9c:16:2a:c7:98:3b:76:5d:c7:46:cd:f8:fd:68:ec:50:3a: 04:41:aa:83:e2:29:c4:e4:9e:51:a7:9c:fa:8a:ab:d5:c3:15: 36:a6:89:d7:24:16:a2:c5:3c:04:a0:7b:e7:30:c1:16:5d:0f: 93:94:ac:13:78:a3:11:c5:66:53:45:b0:f4:8f:c7:12:3f:8f: 1d:01:95:25:06:b6:8f:37:85:50:c4:a3:a1:13:c1:c6:7d:65: 55:68:22:1e -----BEGIN CERTIFICATE----- MIIE1jCCA76gAwIBAgIBKTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhGMTk4 OUI0MDY5MDFBREY4ODEwQjlEQ0RDNEUwRkM5RTdFODVFRUI0MB4XDTI1MDgyMjA2 MjcxN1oXDTI2MDgyMDA3NDkxOFowMzExMC8GA1UEAxMoMzQwMzZDRjA2RENBNkQw MjVDOUNDOTMwRkIwQTU4MjY5OUFFQjJERjCCASIwDQYJKoZIhvcNAQEBBQADggEP ADCCAQoCggEBALmKsDNzNTXDOpfQlM3NLQ/YLLFTIKdwmCMblpb853AQ3gxZt7st CZXG/qfnYG02wMekoXtIDV/ncTH796u7z8Ugr1tezMBhiS27CJoFM5O8dtC7D1gC jZqNND0GmqdJCWGZMQLlkzfPo5H/Hf+sujanrk7cB3VnZ031lAUbhswMCV6u6Pm9 tEIWornCzG4MAqLdBr46hPb+I/CBkCwFO+lgKZJ1cynS2ZXjvAc0ylbD9hV6v1D4 3ZDhq0iCN3odDDGjGMGjpdIug3D6fCvcAoneMKqrOtgy3o1X0NEVm97X3Bo4BKAN 4bN0+SK1RMyiJZvfBl28g+7nzTcQ1ykL5ykCAwEAAaOCAfMwggHvMB0GA1UdDgQW BBQ0A2zwbcptAlycyTD7Clgmma6y3zAfBgNVHSMEGDAWgBTxmJtAaQGt+IELnc3E 4PyefoXutDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMF0GA1UdHwRWMFQwUqBQ oE6GTHJzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC8xMjMy LzhaaWJRR2tCcmZpQkM1M054T0Q4bm42RjdyUS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvOFppYlFHa0JyZmlCQzUzTnhPRDhubjZGN3JRLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZ0GCCsGAQUFBwELBIGQMIGNMFgGCCsGAQUFBzALhkxyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTIzMi9OQU5zOEczS2JRSmNu TWt3LXdwWUpwbXVzdDgucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25u aWMuY24vcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQALXjxMA0GCSqGSIb3DQEBCwUAA4IBAQAp3JuzeKUzE9BZ+0n1j6SFeLv5sylk Jn+m3jyQpSvzqePTt0RUamqjvUwByyD/llkTV26JWlZZt49lbMU33MuGBw4jBpJQ jhNgb+UjDSdfY+8gGScNdUFVBnmPamcAQd6W41E26pzvTe0FTRTthQKMdR7cUa2D dsqAagWx5rMimxP3jjLFluWnhEbU77zXx+NLxFWLq3uL+z1DSyuUBfN8QurPnBYq x5g7dl3HRs34/WjsUDoEQaqD4inE5J5Rp5z6iqvVwxU2ponXJBaixTwEoHvnMMEW XQ+TlKwTeKMRxWZTRbD0j8cSP48dAZUlBraPN4VQxKOhE8HGfWVVaCIe -----END CERTIFICATE-----Generated at Sun Aug 24 02:40:57 2025 by rpki-client