$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1232/r6EIAI8mHahB9BWh4d_dvVcNY64.roa File: r6EIAI8mHahB9BWh4d_dvVcNY64.roa (raw, json) Hash identifier: 2buRQdai7qJL3y3WPt7G6r6WKPPaLRMH8HP141W2wgk= Subject key identifier: AF:A1:08:00:8F:26:1D:A8:41:F4:15:A1:E1:DF:DD:BD:57:0D:63:AE Certificate issuer: /CN=F1989B406901ADF8810B9DCDC4E0FC9E7E85EEB4 Certificate serial: 2A Authority key identifier: F1:98:9B:40:69:01:AD:F8:81:0B:9D:CD:C4:E0:FC:9E:7E:85:EE:B4 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/8ZibQGkBrfiBC53NxOD8nn6F7rQ.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1232/r6EIAI8mHahB9BWh4d_dvVcNY64.roa Signing time: Fri 22 Aug 2025 06:27:17 +0000 ROA not before: Fri 22 Aug 2025 06:27:17 +0000 ROA not after: Thu 20 Aug 2026 07:49:18 +0000 asID: 139140 IP address blocks: 45.120.240.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1232/8ZibQGkBrfiBC53NxOD8nn6F7rQ.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1232/8ZibQGkBrfiBC53NxOD8nn6F7rQ.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/8ZibQGkBrfiBC53NxOD8nn6F7rQ.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 04:03:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 42 (0x2a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=F1989B406901ADF8810B9DCDC4E0FC9E7E85EEB4 Validity Not Before: Aug 22 06:27:17 2025 GMT Not After : Aug 20 07:49:18 2026 GMT Subject: CN=AFA108008F261DA841F415A1E1DFDDBD570D63AE Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d8:85:74:22:a1:fb:09:e1:a9:da:7a:6a:bb:e4: b4:a8:bb:f5:b1:df:a4:22:2d:fc:8e:7a:76:df:74: 34:dd:a8:ea:e1:d5:fe:7f:0f:4e:ef:a3:b9:bc:c7: e3:8b:bc:64:60:2c:0c:33:31:07:3c:4d:5e:4d:e4: 90:2c:2b:93:01:d4:91:9d:25:73:3c:5f:ed:d6:f2: cb:60:49:7c:a9:57:fe:58:2e:61:d7:65:3f:d6:83: bb:59:53:6c:3c:bb:7d:8e:f2:5f:aa:9e:b6:c2:63: 3e:88:6c:dd:7a:bb:10:04:12:4d:94:a0:97:dd:76: 4e:5f:b2:24:85:dd:86:ee:6a:d3:4e:a3:f6:a4:d6: dc:17:bb:3d:d7:2e:83:b1:a8:ac:59:1b:92:ce:14: 04:7a:2d:80:cc:77:3a:df:c0:24:f1:34:f9:a7:92: 31:ec:5f:48:db:d6:eb:b2:6e:70:73:5c:0e:33:56: 8c:5a:1c:20:ca:ce:95:df:62:9b:ee:f3:72:7d:d4: 10:e2:ba:cc:b7:b0:06:e9:f1:76:42:8b:5e:58:02: 95:81:43:7d:1b:a5:f7:5d:e8:d3:ea:41:70:94:61: ef:cd:b7:1e:65:ba:0c:2e:ca:c2:86:ca:ae:43:7e: 9a:93:42:e8:a5:6e:d2:01:59:84:32:41:34:0b:65: 8b:b9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AF:A1:08:00:8F:26:1D:A8:41:F4:15:A1:E1:DF:DD:BD:57:0D:63:AE X509v3 Authority Key Identifier: keyid:F1:98:9B:40:69:01:AD:F8:81:0B:9D:CD:C4:E0:FC:9E:7E:85:EE:B4 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1232/8ZibQGkBrfiBC53NxOD8nn6F7rQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/8ZibQGkBrfiBC53NxOD8nn6F7rQ.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1232/r6EIAI8mHahB9BWh4d_dvVcNY64.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 45.120.240.0/24 Signature Algorithm: sha256WithRSAEncryption 62:93:29:a5:39:23:69:9a:74:0c:01:6b:30:cd:84:ca:4a:e2: 6d:93:93:59:ea:ed:6e:74:90:b1:cd:75:79:37:ff:1f:04:6a: 9e:eb:de:38:14:b9:4d:20:35:74:72:4d:75:17:47:a9:8f:8c: 85:c9:f4:30:76:e4:fb:e4:bf:ff:d2:3f:16:61:c7:21:ba:76: b1:1b:05:30:60:62:06:17:99:b3:33:71:78:46:65:6b:98:5c: a8:c9:97:48:15:a7:cd:e7:c4:1c:91:15:d4:b1:3b:c4:c9:4c: 69:8d:28:29:f9:25:3f:67:55:26:96:23:03:c7:8c:f0:3b:13: 29:8c:1b:55:32:d0:4b:46:d1:d5:88:8c:ba:ea:db:c3:fd:e5: b5:da:6e:86:77:91:12:1d:f4:a7:46:e8:69:a8:3c:fd:fa:dc: 41:56:5a:fa:7e:a7:1e:b1:c2:2a:6b:11:48:6b:ff:cb:60:79: 8c:d3:1a:e2:b7:fb:a2:2b:57:9f:fe:98:d2:f3:06:9e:20:66: ad:7c:6e:9c:0f:8f:0c:3f:d5:d0:cf:fa:14:38:09:4e:55:ad: df:8d:dd:46:71:21:18:7e:fe:d2:db:18:3d:71:72:78:ee:cd: 09:63:3e:f8:c7:25:96:7c:e4:53:35:eb:92:6a:33:61:bf:c9: ba:ab:76:82 -----BEGIN CERTIFICATE----- MIIE1jCCA76gAwIBAgIBKjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhGMTk4 OUI0MDY5MDFBREY4ODEwQjlEQ0RDNEUwRkM5RTdFODVFRUI0MB4XDTI1MDgyMjA2 MjcxN1oXDTI2MDgyMDA3NDkxOFowMzExMC8GA1UEAxMoQUZBMTA4MDA4RjI2MURB ODQxRjQxNUExRTFERkREQkQ1NzBENjNBRTCCASIwDQYJKoZIhvcNAQEBBQADggEP ADCCAQoCggEBANiFdCKh+wnhqdp6arvktKi79bHfpCIt/I56dt90NN2o6uHV/n8P Tu+jubzH44u8ZGAsDDMxBzxNXk3kkCwrkwHUkZ0lczxf7dbyy2BJfKlX/lguYddl P9aDu1lTbDy7fY7yX6qetsJjPohs3Xq7EAQSTZSgl912Tl+yJIXdhu5q006j9qTW 3Be7Pdcug7GorFkbks4UBHotgMx3Ot/AJPE0+aeSMexfSNvW67JucHNcDjNWjFoc IMrOld9im+7zcn3UEOK6zLewBunxdkKLXlgClYFDfRul913o0+pBcJRh7823HmW6 DC7KwobKrkN+mpNC6KVu0gFZhDJBNAtli7kCAwEAAaOCAfMwggHvMB0GA1UdDgQW BBSvoQgAjyYdqEH0FaHh3929Vw1jrjAfBgNVHSMEGDAWgBTxmJtAaQGt+IELnc3E 4PyefoXutDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMF0GA1UdHwRWMFQwUqBQ oE6GTHJzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC8xMjMy LzhaaWJRR2tCcmZpQkM1M054T0Q4bm42RjdyUS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvOFppYlFHa0JyZmlCQzUzTnhPRDhubjZGN3JRLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZ0GCCsGAQUFBwELBIGQMIGNMFgGCCsGAQUFBzALhkxyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTIzMi9yNkVJQUk4bUhhaEI5 QldoNGRfZHZWY05ZNjQucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25u aWMuY24vcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQALXjwMA0GCSqGSIb3DQEBCwUAA4IBAQBikymlOSNpmnQMAWswzYTKSuJtk5NZ 6u1udJCxzXV5N/8fBGqe6944FLlNIDV0ck11F0epj4yFyfQwduT75L//0j8WYcch unaxGwUwYGIGF5mzM3F4RmVrmFyoyZdIFafN58QckRXUsTvEyUxpjSgp+SU/Z1Um liMDx4zwOxMpjBtVMtBLRtHViIy66tvD/eW12m6Gd5ESHfSnRuhpqDz9+txBVlr6 fqcescIqaxFIa//LYHmM0xrit/uiK1ef/pjS8waeIGatfG6cD48MP9XQz/oUOAlO Va3fjd1GcSEYfv7S2xg9cXJ47s0JYz74xyWWfORTNeuSajNhv8m6q3aC -----END CERTIFICATE-----Generated at Sun Aug 24 02:40:10 2025 by rpki-client