$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1232/rs7JMvcDcajurFnBGjrO6jI2JO8.roa File: rs7JMvcDcajurFnBGjrO6jI2JO8.roa (raw, json) Hash identifier: /Yx2jkiF2cM5k0YeqRn7pcdBQkUVKKoYrU8M6VjT1Kw= Subject key identifier: AE:CE:C9:32:F7:03:71:A8:EE:AC:59:C1:1A:3A:CE:EA:32:36:24:EF Certificate issuer: /CN=F1989B406901ADF8810B9DCDC4E0FC9E7E85EEB4 Certificate serial: 31 Authority key identifier: F1:98:9B:40:69:01:AD:F8:81:0B:9D:CD:C4:E0:FC:9E:7E:85:EE:B4 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/8ZibQGkBrfiBC53NxOD8nn6F7rQ.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1232/rs7JMvcDcajurFnBGjrO6jI2JO8.roa Signing time: Fri 22 Aug 2025 06:27:18 +0000 ROA not before: Fri 22 Aug 2025 06:27:18 +0000 ROA not after: Thu 20 Aug 2026 07:49:18 +0000 asID: 139137 IP address blocks: 45.120.241.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1232/8ZibQGkBrfiBC53NxOD8nn6F7rQ.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1232/8ZibQGkBrfiBC53NxOD8nn6F7rQ.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/8ZibQGkBrfiBC53NxOD8nn6F7rQ.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 04:03:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 49 (0x31) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=F1989B406901ADF8810B9DCDC4E0FC9E7E85EEB4 Validity Not Before: Aug 22 06:27:18 2025 GMT Not After : Aug 20 07:49:18 2026 GMT Subject: CN=AECEC932F70371A8EEAC59C11A3ACEEA323624EF Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:38:53:3f:d2:ff:07:2a:71:3d:70:4e:31:67: a9:2b:46:70:de:93:16:0c:60:52:4b:0d:4d:08:39: a1:32:62:b7:ba:5d:ba:db:1e:98:92:5d:bc:11:ac: 00:bb:9c:4d:ec:4f:e4:40:55:19:bb:26:97:e0:ba: 90:a3:dc:13:b8:54:1b:df:fe:21:56:bb:b1:e4:85: b8:a6:1f:28:6f:50:a2:01:6d:56:f2:fe:ba:b0:d1: e6:1d:12:b4:aa:f8:f7:b5:c7:be:e5:b6:ed:15:6c: 5e:9d:85:78:bb:96:34:02:be:d6:24:f0:5f:bb:ee: 53:87:3f:ad:ea:78:d6:e3:f9:84:cd:6c:59:5f:5a: 46:78:5b:7e:23:50:ee:85:30:b2:af:c3:36:73:89: 24:45:86:43:70:2f:5b:d9:b9:5f:8d:e9:5e:6c:df: ec:a3:be:34:59:31:c2:6b:12:8e:1a:c3:cc:15:fb: 05:93:e0:1e:50:c3:27:17:07:0e:51:11:3f:64:bd: d5:7b:ca:d6:cc:9c:5b:07:c7:ba:ac:2b:9f:46:90: 57:c0:7d:2a:37:6f:8e:d5:f6:d4:f9:a2:5c:b4:bb: 81:86:2c:81:04:f8:4c:1d:16:34:9c:85:fc:8c:3d: b2:9d:06:8b:3b:d0:4c:80:a8:c1:d7:7f:39:d1:f8: b0:0d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AE:CE:C9:32:F7:03:71:A8:EE:AC:59:C1:1A:3A:CE:EA:32:36:24:EF X509v3 Authority Key Identifier: keyid:F1:98:9B:40:69:01:AD:F8:81:0B:9D:CD:C4:E0:FC:9E:7E:85:EE:B4 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1232/8ZibQGkBrfiBC53NxOD8nn6F7rQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/8ZibQGkBrfiBC53NxOD8nn6F7rQ.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1232/rs7JMvcDcajurFnBGjrO6jI2JO8.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 45.120.241.0/24 Signature Algorithm: sha256WithRSAEncryption 05:59:0b:84:2b:0b:ba:29:29:85:5b:be:87:81:64:be:76:f6: 23:6c:4a:4e:b3:13:d9:62:a3:9f:e7:1e:7b:f5:e9:f1:3a:35: 3a:f2:7d:c0:5d:2e:0f:8d:b0:c7:23:c4:d2:02:0f:48:6b:0e: 12:9e:9d:f3:4c:43:39:7c:77:4c:b8:fe:c6:e8:cd:c6:76:fb: 53:9e:a7:c2:f2:84:3e:2e:09:b9:78:ce:01:67:60:03:ea:05: 63:dd:a7:a0:3c:d3:2e:b3:17:d8:3e:11:9e:54:dc:a0:24:da: 8e:93:0f:4b:26:b1:7c:c1:01:27:aa:19:c5:8e:ae:24:57:11: 59:c5:dd:78:a9:65:55:f7:1e:dd:a3:b7:22:74:a6:a9:0e:31: ec:c0:94:df:70:f8:05:ef:11:41:da:b2:8a:d1:e9:04:de:eb: a8:96:92:ee:99:3a:33:4f:6e:d0:8a:0b:13:ef:01:9a:c6:0f: 08:13:c3:dd:93:f9:d8:6c:f6:89:b9:e3:b3:b4:a8:26:c4:29: ff:7d:9b:43:e0:4a:f0:e6:60:20:db:55:92:c8:45:d4:44:80: 18:7d:91:f7:0e:ce:79:ac:7b:10:ba:3c:37:e6:b3:9e:f3:24: 6e:9a:82:09:13:f4:22:b6:9c:df:9d:c5:f9:7b:01:12:7b:63: 1c:9a:27:83 -----BEGIN CERTIFICATE----- MIIE1jCCA76gAwIBAgIBMTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhGMTk4 OUI0MDY5MDFBREY4ODEwQjlEQ0RDNEUwRkM5RTdFODVFRUI0MB4XDTI1MDgyMjA2 MjcxOFoXDTI2MDgyMDA3NDkxOFowMzExMC8GA1UEAxMoQUVDRUM5MzJGNzAzNzFB OEVFQUM1OUMxMUEzQUNFRUEzMjM2MjRFRjCCASIwDQYJKoZIhvcNAQEBBQADggEP ADCCAQoCggEBAK84Uz/S/wcqcT1wTjFnqStGcN6TFgxgUksNTQg5oTJit7pdutse mJJdvBGsALucTexP5EBVGbsml+C6kKPcE7hUG9/+IVa7seSFuKYfKG9QogFtVvL+ urDR5h0StKr497XHvuW27RVsXp2FeLuWNAK+1iTwX7vuU4c/rep41uP5hM1sWV9a RnhbfiNQ7oUwsq/DNnOJJEWGQ3AvW9m5X43pXmzf7KO+NFkxwmsSjhrDzBX7BZPg HlDDJxcHDlERP2S91XvK1sycWwfHuqwrn0aQV8B9KjdvjtX21PmiXLS7gYYsgQT4 TB0WNJyF/Iw9sp0GizvQTICowdd/OdH4sA0CAwEAAaOCAfMwggHvMB0GA1UdDgQW BBSuzsky9wNxqO6sWcEaOs7qMjYk7zAfBgNVHSMEGDAWgBTxmJtAaQGt+IELnc3E 4PyefoXutDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMF0GA1UdHwRWMFQwUqBQ oE6GTHJzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC8xMjMy LzhaaWJRR2tCcmZpQkM1M054T0Q4bm42RjdyUS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvOFppYlFHa0JyZmlCQzUzTnhPRDhubjZGN3JRLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZ0GCCsGAQUFBwELBIGQMIGNMFgGCCsGAQUFBzALhkxyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTIzMi9yczdKTXZjRGNhanVy Rm5CR2pyTzZqSTJKTzgucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25u aWMuY24vcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQALXjxMA0GCSqGSIb3DQEBCwUAA4IBAQAFWQuEKwu6KSmFW76HgWS+dvYjbEpO sxPZYqOf5x579enxOjU68n3AXS4PjbDHI8TSAg9Iaw4Snp3zTEM5fHdMuP7G6M3G dvtTnqfC8oQ+Lgm5eM4BZ2AD6gVj3aegPNMusxfYPhGeVNygJNqOkw9LJrF8wQEn qhnFjq4kVxFZxd14qWVV9x7do7cidKapDjHswJTfcPgF7xFB2rKK0ekE3uuolpLu mTozT27QigsT7wGaxg8IE8Pdk/nYbPaJueOztKgmxCn/fZtD4Erw5mAg21WSyEXU RIAYfZH3Ds55rHsQujw35rOe8yRumoIJE/QitpzfncX5ewESe2McmieD -----END CERTIFICATE-----Generated at Sun Aug 24 02:42:17 2025 by rpki-client