$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1232/SKonrPBojz5mm60pyLWCpJ2wjg0.roa File: SKonrPBojz5mm60pyLWCpJ2wjg0.roa (raw, json) Hash identifier: THBIUJ7CyLzzfDtiwqROHw78OU7bZm7UbveZxfU0AZY= Subject key identifier: 48:AA:27:AC:F0:68:8F:3E:66:9B:AD:29:C8:B5:82:A4:9D:B0:8E:0D Certificate issuer: /CN=F1989B406901ADF8810B9DCDC4E0FC9E7E85EEB4 Certificate serial: 34 Authority key identifier: F1:98:9B:40:69:01:AD:F8:81:0B:9D:CD:C4:E0:FC:9E:7E:85:EE:B4 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/8ZibQGkBrfiBC53NxOD8nn6F7rQ.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1232/SKonrPBojz5mm60pyLWCpJ2wjg0.roa Signing time: Fri 22 Aug 2025 06:27:19 +0000 ROA not before: Fri 22 Aug 2025 06:27:18 +0000 ROA not after: Thu 20 Aug 2026 07:49:18 +0000 asID: 63582 IP address blocks: 45.120.240.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1232/8ZibQGkBrfiBC53NxOD8nn6F7rQ.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1232/8ZibQGkBrfiBC53NxOD8nn6F7rQ.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/8ZibQGkBrfiBC53NxOD8nn6F7rQ.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 04:03:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 52 (0x34) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=F1989B406901ADF8810B9DCDC4E0FC9E7E85EEB4 Validity Not Before: Aug 22 06:27:18 2025 GMT Not After : Aug 20 07:49:18 2026 GMT Subject: CN=48AA27ACF0688F3E669BAD29C8B582A49DB08E0D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ec:6a:ac:bc:d7:b7:ca:c2:73:5c:30:70:ce:b5: 86:d4:39:08:78:1e:54:46:b0:35:68:16:70:62:b6: a8:1a:75:64:ae:71:80:c4:c5:88:93:cf:4c:aa:2c: cd:09:98:7a:55:05:b2:22:b9:1a:2d:a9:db:d4:67: 28:84:93:43:99:04:6b:09:11:ae:a8:d3:48:1d:f6: 72:aa:9e:cb:bb:bc:25:77:b5:b3:a2:14:75:0a:25: 1b:30:a0:69:92:82:86:52:cb:35:31:85:e0:72:6a: 93:75:90:38:1e:ae:67:f3:6e:32:15:05:a0:fc:08: 49:0f:16:fa:e3:de:be:0a:05:a8:eb:d7:34:12:9e: 32:2e:f8:ce:a2:73:af:40:58:20:ca:de:78:d1:7c: b4:95:ef:2e:88:fc:81:ac:b8:cd:b5:ba:a7:c2:73: 2c:67:ea:a5:aa:b2:4f:85:5d:c8:70:a4:c3:2c:34: 38:ff:7f:61:3a:c3:64:62:86:ff:ab:48:a7:9d:48: 57:bb:65:c7:8d:8a:96:88:de:f1:95:94:a7:a1:86: 9f:c7:bf:28:3e:6a:eb:5c:6c:6f:67:4b:31:cf:86: 45:2b:53:27:aa:30:ef:00:f1:94:3b:e5:7e:d1:54: d3:ac:6d:d4:82:f9:f4:da:44:5c:39:dd:1a:10:f0: 8f:25 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 48:AA:27:AC:F0:68:8F:3E:66:9B:AD:29:C8:B5:82:A4:9D:B0:8E:0D X509v3 Authority Key Identifier: keyid:F1:98:9B:40:69:01:AD:F8:81:0B:9D:CD:C4:E0:FC:9E:7E:85:EE:B4 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1232/8ZibQGkBrfiBC53NxOD8nn6F7rQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/8ZibQGkBrfiBC53NxOD8nn6F7rQ.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1232/SKonrPBojz5mm60pyLWCpJ2wjg0.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 45.120.240.0/24 Signature Algorithm: sha256WithRSAEncryption 49:3a:98:6d:09:e1:53:a7:1c:6b:e2:20:02:37:b6:ce:17:e1: 08:42:88:aa:6d:7b:2f:68:54:b8:15:b9:41:a8:39:49:be:a5: fb:7c:4c:95:b8:07:0d:b3:5b:8c:6f:71:e9:70:c9:3b:60:f0: f6:d4:a8:cd:00:8a:f2:11:94:59:fa:ad:06:9f:43:78:2d:aa: 89:a6:3d:bb:20:19:7f:f0:48:4a:13:a2:77:47:c8:a2:3b:6e: e7:77:b9:a0:bd:29:c2:24:ba:57:56:a7:37:f1:19:46:d4:21: c7:f9:55:ea:36:28:63:91:d3:41:ed:ed:1c:b4:c2:fd:5e:ff: 89:33:8e:d2:19:ed:1e:c6:1c:70:ce:bf:c1:18:a2:6f:4c:b7: 59:94:74:03:6f:f7:45:36:f8:d9:b8:f5:67:3f:2c:10:d4:44: ab:bf:9f:8e:6c:d2:0b:a3:f8:10:ed:fe:2f:f3:a3:d2:38:0f: 42:62:61:87:5b:b7:b7:23:68:2b:5b:9c:b9:3e:6f:4a:7e:67: 58:e6:5b:32:d9:8b:61:11:50:20:db:41:ce:4f:ac:af:5b:48: 21:e1:b2:14:3f:2c:58:38:94:3d:4f:a6:c3:38:c1:9b:57:f6: e9:bd:57:dc:ef:be:28:5e:1b:25:f6:f9:b4:f9:f4:56:3e:ef: 2c:3c:37:54 -----BEGIN CERTIFICATE----- MIIE1jCCA76gAwIBAgIBNDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhGMTk4 OUI0MDY5MDFBREY4ODEwQjlEQ0RDNEUwRkM5RTdFODVFRUI0MB4XDTI1MDgyMjA2 MjcxOFoXDTI2MDgyMDA3NDkxOFowMzExMC8GA1UEAxMoNDhBQTI3QUNGMDY4OEYz RTY2OUJBRDI5QzhCNTgyQTQ5REIwOEUwRDCCASIwDQYJKoZIhvcNAQEBBQADggEP ADCCAQoCggEBAOxqrLzXt8rCc1wwcM61htQ5CHgeVEawNWgWcGK2qBp1ZK5xgMTF iJPPTKoszQmYelUFsiK5Gi2p29RnKISTQ5kEawkRrqjTSB32cqqey7u8JXe1s6IU dQolGzCgaZKChlLLNTGF4HJqk3WQOB6uZ/NuMhUFoPwISQ8W+uPevgoFqOvXNBKe Mi74zqJzr0BYIMreeNF8tJXvLoj8gay4zbW6p8JzLGfqpaqyT4VdyHCkwyw0OP9/ YTrDZGKG/6tIp51IV7tlx42Kloje8ZWUp6GGn8e/KD5q61xsb2dLMc+GRStTJ6ow 7wDxlDvlftFU06xt1IL59NpEXDndGhDwjyUCAwEAAaOCAfMwggHvMB0GA1UdDgQW BBRIqies8GiPPmabrSnItYKknbCODTAfBgNVHSMEGDAWgBTxmJtAaQGt+IELnc3E 4PyefoXutDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMF0GA1UdHwRWMFQwUqBQ oE6GTHJzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC8xMjMy LzhaaWJRR2tCcmZpQkM1M054T0Q4bm42RjdyUS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvOFppYlFHa0JyZmlCQzUzTnhPRDhubjZGN3JRLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZ0GCCsGAQUFBwELBIGQMIGNMFgGCCsGAQUFBzALhkxyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTIzMi9TS29uclBCb2p6NW1t NjBweUxXQ3BKMndqZzAucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25u aWMuY24vcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQALXjwMA0GCSqGSIb3DQEBCwUAA4IBAQBJOphtCeFTpxxr4iACN7bOF+EIQoiq bXsvaFS4FblBqDlJvqX7fEyVuAcNs1uMb3HpcMk7YPD21KjNAIryEZRZ+q0Gn0N4 LaqJpj27IBl/8EhKE6J3R8iiO27nd7mgvSnCJLpXVqc38RlG1CHH+VXqNihjkdNB 7e0ctML9Xv+JM47SGe0exhxwzr/BGKJvTLdZlHQDb/dFNvjZuPVnPywQ1ESrv5+O bNILo/gQ7f4v86PSOA9CYmGHW7e3I2grW5y5Pm9KfmdY5lsy2YthEVAg20HOT6yv W0gh4bIUPyxYOJQ9T6bDOMGbV/bpvVfc774oXhsl9vm0+fRWPu8sPDdU -----END CERTIFICATE-----Generated at Sun Aug 24 02:41:41 2025 by rpki-client