$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1232/Wa2CPWhxASCji04RjFx6YQsMiQo.roa File: Wa2CPWhxASCji04RjFx6YQsMiQo.roa (raw, json) Hash identifier: CtHf5iPxGT1VdsoUzQI1qqRuF97hH++y5zbEX5C94Z8= Subject key identifier: 59:AD:82:3D:68:71:01:20:A3:8B:4E:11:8C:5C:7A:61:0B:0C:89:0A Certificate issuer: /CN=F1989B406901ADF8810B9DCDC4E0FC9E7E85EEB4 Certificate serial: 33 Authority key identifier: F1:98:9B:40:69:01:AD:F8:81:0B:9D:CD:C4:E0:FC:9E:7E:85:EE:B4 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/8ZibQGkBrfiBC53NxOD8nn6F7rQ.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1232/Wa2CPWhxASCji04RjFx6YQsMiQo.roa Signing time: Fri 22 Aug 2025 06:27:18 +0000 ROA not before: Fri 22 Aug 2025 06:27:18 +0000 ROA not after: Thu 20 Aug 2026 07:49:18 +0000 asID: 139140 IP address blocks: 45.120.242.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1232/8ZibQGkBrfiBC53NxOD8nn6F7rQ.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1232/8ZibQGkBrfiBC53NxOD8nn6F7rQ.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/8ZibQGkBrfiBC53NxOD8nn6F7rQ.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 04:03:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 51 (0x33) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=F1989B406901ADF8810B9DCDC4E0FC9E7E85EEB4 Validity Not Before: Aug 22 06:27:18 2025 GMT Not After : Aug 20 07:49:18 2026 GMT Subject: CN=59AD823D68710120A38B4E118C5C7A610B0C890A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:e6:c1:0d:3f:78:d0:60:38:34:6f:02:53:0d: 95:f4:5b:e0:9d:b5:62:e7:66:1d:2c:27:7d:a5:6e: 1f:c5:91:b9:59:06:12:83:38:4d:fa:e2:6c:89:e4: 9f:61:3b:56:05:17:dc:13:85:6b:48:fd:6a:30:3f: 0c:23:37:b9:0b:88:ee:62:cf:e8:4f:03:06:7e:0c: ce:8d:23:9a:2e:d5:b2:a1:e9:e8:8b:02:ac:e1:95: 11:10:a3:99:ba:e5:e9:d9:e1:57:40:aa:58:a8:6e: fe:be:bb:00:74:ea:66:06:93:76:19:79:df:21:db: cb:3c:13:94:1e:ac:b5:9a:06:a0:b2:30:35:48:89: 25:6c:82:10:b0:00:18:bc:26:0b:f1:07:16:c4:9b: 5f:5c:94:0f:b2:ba:0a:af:30:4a:e5:dd:bd:36:cd: 56:ee:7c:db:f0:cf:e1:e5:88:cc:98:63:b3:99:b6: 11:9a:d4:ad:b2:e6:ab:77:f8:d6:a1:68:75:72:d8: 60:3a:f0:fc:54:27:eb:db:17:46:66:d4:b0:64:b6: 75:af:8a:05:ea:dd:66:ef:ce:89:4a:1d:a5:05:4d: ca:8c:87:3c:2b:33:2d:d6:79:3e:11:c9:0c:b1:79: 31:fb:01:cd:eb:34:6a:4f:55:43:dc:89:30:7e:8d: a8:9b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 59:AD:82:3D:68:71:01:20:A3:8B:4E:11:8C:5C:7A:61:0B:0C:89:0A X509v3 Authority Key Identifier: keyid:F1:98:9B:40:69:01:AD:F8:81:0B:9D:CD:C4:E0:FC:9E:7E:85:EE:B4 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1232/8ZibQGkBrfiBC53NxOD8nn6F7rQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/8ZibQGkBrfiBC53NxOD8nn6F7rQ.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1232/Wa2CPWhxASCji04RjFx6YQsMiQo.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 45.120.242.0/24 Signature Algorithm: sha256WithRSAEncryption 73:9d:7d:a9:47:3a:aa:17:81:1e:8f:39:0e:a8:00:51:18:a3: f9:70:da:e0:52:94:13:dc:d9:1c:8f:e0:d6:f6:e4:5b:84:6f: 6c:43:d5:d9:0b:d5:d0:13:fe:b4:ca:92:b4:f4:fe:ef:29:a4: 71:47:32:ed:43:aa:56:6f:b5:d0:8b:17:0b:83:1a:32:b9:a9: 2f:95:b6:a6:ca:a4:d6:26:8c:a9:e7:ab:26:14:bb:5c:5c:42: 6e:05:8a:f6:12:45:0f:9b:ec:0b:4a:1e:01:9a:8e:74:30:00: 23:3b:85:56:5f:9e:2f:d5:5d:83:be:f3:be:28:6e:2d:a5:a7: 09:30:20:e7:c9:97:3c:71:ad:6e:e6:9d:58:2f:ca:9c:3f:b2: 73:8b:4d:30:14:8e:52:36:47:ad:7f:e2:0c:02:4d:f4:43:f8: 28:d9:3f:e5:b3:c5:68:a9:69:30:82:eb:f3:25:94:fe:34:87: bd:4e:8f:25:93:6d:14:0d:1d:3d:45:95:11:12:70:36:7d:0f: 36:af:da:a0:cd:cd:e9:ab:bf:ac:c9:1e:2f:e6:83:19:9e:42: d5:fa:52:48:90:91:48:27:e1:d1:dc:28:85:49:25:e3:de:ae: 92:76:bf:11:b2:cc:60:77:f5:fb:8a:c9:41:2d:e6:10:17:91: 25:c8:0e:62 -----BEGIN CERTIFICATE----- MIIE1jCCA76gAwIBAgIBMzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhGMTk4 OUI0MDY5MDFBREY4ODEwQjlEQ0RDNEUwRkM5RTdFODVFRUI0MB4XDTI1MDgyMjA2 MjcxOFoXDTI2MDgyMDA3NDkxOFowMzExMC8GA1UEAxMoNTlBRDgyM0Q2ODcxMDEy MEEzOEI0RTExOEM1QzdBNjEwQjBDODkwQTCCASIwDQYJKoZIhvcNAQEBBQADggEP ADCCAQoCggEBALTmwQ0/eNBgODRvAlMNlfRb4J21YudmHSwnfaVuH8WRuVkGEoM4 TfribInkn2E7VgUX3BOFa0j9ajA/DCM3uQuI7mLP6E8DBn4Mzo0jmi7VsqHp6IsC rOGVERCjmbrl6dnhV0CqWKhu/r67AHTqZgaTdhl53yHbyzwTlB6stZoGoLIwNUiJ JWyCELAAGLwmC/EHFsSbX1yUD7K6Cq8wSuXdvTbNVu582/DP4eWIzJhjs5m2EZrU rbLmq3f41qFodXLYYDrw/FQn69sXRmbUsGS2da+KBerdZu/OiUodpQVNyoyHPCsz LdZ5PhHJDLF5MfsBzes0ak9VQ9yJMH6NqJsCAwEAAaOCAfMwggHvMB0GA1UdDgQW BBRZrYI9aHEBIKOLThGMXHphCwyJCjAfBgNVHSMEGDAWgBTxmJtAaQGt+IELnc3E 4PyefoXutDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMF0GA1UdHwRWMFQwUqBQ oE6GTHJzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC8xMjMy LzhaaWJRR2tCcmZpQkM1M054T0Q4bm42RjdyUS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvOFppYlFHa0JyZmlCQzUzTnhPRDhubjZGN3JRLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZ0GCCsGAQUFBwELBIGQMIGNMFgGCCsGAQUFBzALhkxyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTIzMi9XYTJDUFdoeEFTQ2pp MDRSakZ4NllRc01pUW8ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25u aWMuY24vcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQALXjyMA0GCSqGSIb3DQEBCwUAA4IBAQBznX2pRzqqF4EejzkOqABRGKP5cNrg UpQT3Nkcj+DW9uRbhG9sQ9XZC9XQE/60ypK09P7vKaRxRzLtQ6pWb7XQixcLgxoy uakvlbamyqTWJoyp56smFLtcXEJuBYr2EkUPm+wLSh4Bmo50MAAjO4VWX54v1V2D vvO+KG4tpacJMCDnyZc8ca1u5p1YL8qcP7Jzi00wFI5SNketf+IMAk30Q/go2T/l s8VoqWkwguvzJZT+NIe9To8lk20UDR09RZUREnA2fQ82r9qgzc3pq7+syR4v5oMZ nkLV+lJIkJFIJ+HR3CiFSSXj3q6Sdr8Rssxgd/X7islBLeYQF5ElyA5i -----END CERTIFICATE-----Generated at Sun Aug 24 02:40:56 2025 by rpki-client