$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1232/RISGmZBRDxVI_US1fcgMw7ZVBlQ.roa File: RISGmZBRDxVI_US1fcgMw7ZVBlQ.roa (raw, json) Hash identifier: wEra/f9aO4QpMOO8EU//8YRHkAV9tUCE8rvJMtaIUtg= Subject key identifier: 44:84:86:99:90:51:0F:15:48:FD:44:B5:7D:C8:0C:C3:B6:55:06:54 Certificate issuer: /CN=F1989B406901ADF8810B9DCDC4E0FC9E7E85EEB4 Certificate serial: 27 Authority key identifier: F1:98:9B:40:69:01:AD:F8:81:0B:9D:CD:C4:E0:FC:9E:7E:85:EE:B4 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/8ZibQGkBrfiBC53NxOD8nn6F7rQ.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1232/RISGmZBRDxVI_US1fcgMw7ZVBlQ.roa Signing time: Fri 22 Aug 2025 06:27:16 +0000 ROA not before: Fri 22 Aug 2025 06:27:16 +0000 ROA not after: Thu 20 Aug 2026 07:49:18 +0000 asID: 138457 IP address blocks: 45.120.240.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1232/8ZibQGkBrfiBC53NxOD8nn6F7rQ.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1232/8ZibQGkBrfiBC53NxOD8nn6F7rQ.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/8ZibQGkBrfiBC53NxOD8nn6F7rQ.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 04:03:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 39 (0x27) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=F1989B406901ADF8810B9DCDC4E0FC9E7E85EEB4 Validity Not Before: Aug 22 06:27:16 2025 GMT Not After : Aug 20 07:49:18 2026 GMT Subject: CN=4484869990510F1548FD44B57DC80CC3B6550654 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:f1:ff:21:08:bc:75:65:69:04:c8:ad:50:ef: c4:9f:cb:16:f5:8b:ce:2b:91:51:f5:74:74:8d:ed: 43:56:8e:c5:40:ac:d8:e0:ca:0f:d4:c5:82:2b:6e: ef:14:21:9c:10:40:8b:ad:1c:a0:86:d1:3f:35:03: e6:24:4e:85:59:76:c7:54:50:d6:29:92:4f:3d:47: 13:3d:74:b6:de:f6:c3:b7:c2:87:8c:c6:7e:ad:26: 7b:d1:55:27:b1:f0:98:19:fc:9f:d4:6a:a1:f1:06: 34:d6:df:bb:97:13:62:65:ee:9e:cd:ee:64:02:27: fe:87:1b:61:5c:6b:7c:67:c3:0c:c4:44:ce:56:3e: c9:43:2d:b8:44:d1:59:22:c4:22:db:d5:ed:3f:c5: d8:b2:fa:24:ac:69:bd:6c:1e:99:17:17:d6:f8:b4: 0a:04:92:82:ba:2b:a4:3e:3c:ed:9d:a3:60:93:5c: dd:b6:99:9b:8e:30:05:39:63:3c:a2:56:e6:d8:34: 04:27:ab:70:49:2f:05:28:9c:c2:64:f0:e3:7b:be: 0b:bb:77:66:58:8f:88:63:bf:84:6d:fd:b4:e2:e8: fe:07:f7:43:bf:12:e9:28:af:24:f7:e4:43:9b:a4: 09:88:58:f6:34:18:68:97:e5:a6:5a:6c:5f:80:62: d6:1b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 44:84:86:99:90:51:0F:15:48:FD:44:B5:7D:C8:0C:C3:B6:55:06:54 X509v3 Authority Key Identifier: keyid:F1:98:9B:40:69:01:AD:F8:81:0B:9D:CD:C4:E0:FC:9E:7E:85:EE:B4 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1232/8ZibQGkBrfiBC53NxOD8nn6F7rQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/8ZibQGkBrfiBC53NxOD8nn6F7rQ.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1232/RISGmZBRDxVI_US1fcgMw7ZVBlQ.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 45.120.240.0/24 Signature Algorithm: sha256WithRSAEncryption 1a:07:36:b7:1a:47:33:a8:7c:9e:d0:61:91:ea:23:58:21:9e: bb:de:02:d4:29:21:bb:67:18:e9:8d:8b:06:c9:81:66:e6:2a: 64:01:4d:ec:64:fb:c0:63:6d:d4:b9:c7:8c:7b:6e:b8:00:e7: 71:3b:a8:6f:bd:7e:01:72:1f:f1:43:43:58:80:e4:d3:02:4f: 37:bb:30:ff:19:6d:8b:fa:2f:1c:0c:0f:62:3f:fc:8f:3f:cb: 88:b7:1b:64:6e:fb:21:ae:6a:33:fd:1e:8a:e4:fa:d5:7b:2f: b6:6b:d8:9f:00:f6:6e:b2:79:55:55:45:35:44:d6:72:23:34: d0:19:f0:51:25:8a:94:b9:53:72:26:b4:c8:3f:e6:ef:88:bd: 41:3f:f6:4f:ca:d8:f6:36:01:27:95:76:f8:2a:99:68:a7:8a: d7:db:59:75:ac:55:f6:ed:82:f7:36:f0:f5:83:66:bc:78:43: 20:48:3c:76:14:88:b7:a4:0b:b1:dd:5c:c9:33:6a:6a:ce:7b: a5:9b:4d:08:90:d9:e4:e8:23:dd:84:db:ac:22:ce:7f:fd:13: fe:a4:13:d4:98:7e:bf:f6:f5:a5:f5:8e:ac:13:1a:11:5f:63: f6:3e:74:9f:41:34:51:c6:e9:f3:34:5d:bc:91:55:f7:91:34: f4:41:cd:2c -----BEGIN CERTIFICATE----- MIIE1jCCA76gAwIBAgIBJzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhGMTk4 OUI0MDY5MDFBREY4ODEwQjlEQ0RDNEUwRkM5RTdFODVFRUI0MB4XDTI1MDgyMjA2 MjcxNloXDTI2MDgyMDA3NDkxOFowMzExMC8GA1UEAxMoNDQ4NDg2OTk5MDUxMEYx NTQ4RkQ0NEI1N0RDODBDQzNCNjU1MDY1NDCCASIwDQYJKoZIhvcNAQEBBQADggEP ADCCAQoCggEBAKbx/yEIvHVlaQTIrVDvxJ/LFvWLziuRUfV0dI3tQ1aOxUCs2ODK D9TFgitu7xQhnBBAi60coIbRPzUD5iROhVl2x1RQ1imSTz1HEz10tt72w7fCh4zG fq0me9FVJ7HwmBn8n9RqofEGNNbfu5cTYmXuns3uZAIn/ocbYVxrfGfDDMREzlY+ yUMtuETRWSLEItvV7T/F2LL6JKxpvWwemRcX1vi0CgSSgrorpD487Z2jYJNc3baZ m44wBTljPKJW5tg0BCercEkvBSicwmTw43u+C7t3ZliPiGO/hG39tOLo/gf3Q78S 6SivJPfkQ5ukCYhY9jQYaJflplpsX4Bi1hsCAwEAAaOCAfMwggHvMB0GA1UdDgQW BBREhIaZkFEPFUj9RLV9yAzDtlUGVDAfBgNVHSMEGDAWgBTxmJtAaQGt+IELnc3E 4PyefoXutDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMF0GA1UdHwRWMFQwUqBQ oE6GTHJzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC8xMjMy LzhaaWJRR2tCcmZpQkM1M054T0Q4bm42RjdyUS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvOFppYlFHa0JyZmlCQzUzTnhPRDhubjZGN3JRLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZ0GCCsGAQUFBwELBIGQMIGNMFgGCCsGAQUFBzALhkxyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTIzMi9SSVNHbVpCUkR4Vklf VVMxZmNnTXc3WlZCbFEucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25u aWMuY24vcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQALXjwMA0GCSqGSIb3DQEBCwUAA4IBAQAaBza3GkczqHye0GGR6iNYIZ673gLU KSG7ZxjpjYsGyYFm5ipkAU3sZPvAY23UuceMe264AOdxO6hvvX4Bch/xQ0NYgOTT Ak83uzD/GW2L+i8cDA9iP/yPP8uItxtkbvshrmoz/R6K5PrVey+2a9ifAPZusnlV VUU1RNZyIzTQGfBRJYqUuVNyJrTIP+bviL1BP/ZPytj2NgEnlXb4Kplop4rX21l1 rFX27YL3NvD1g2a8eEMgSDx2FIi3pAux3VzJM2pqznulm00IkNnk6CPdhNusIs5/ /RP+pBPUmH6/9vWl9Y6sExoRX2P2PnSfQTRRxunzNF28kVX3kTT0Qc0s -----END CERTIFICATE-----Generated at Sun Aug 24 02:39:12 2025 by rpki-client