$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1232/vCLoKcrRRVeh_3KQispkenNd9io.roa File: vCLoKcrRRVeh_3KQispkenNd9io.roa (raw, json) Hash identifier: 7b+HeY55iCWQhGCfVKNsLSxDWZ32iXtUppallkrEjF8= Subject key identifier: BC:22:E8:29:CA:D1:45:57:A1:FF:72:90:8A:CA:64:7A:73:5D:F6:2A Certificate issuer: /CN=F1989B406901ADF8810B9DCDC4E0FC9E7E85EEB4 Certificate serial: 2F Authority key identifier: F1:98:9B:40:69:01:AD:F8:81:0B:9D:CD:C4:E0:FC:9E:7E:85:EE:B4 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/8ZibQGkBrfiBC53NxOD8nn6F7rQ.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1232/vCLoKcrRRVeh_3KQispkenNd9io.roa Signing time: Fri 22 Aug 2025 06:27:18 +0000 ROA not before: Fri 22 Aug 2025 06:27:18 +0000 ROA not after: Thu 20 Aug 2026 07:49:18 +0000 asID: 138457 IP address blocks: 45.120.242.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1232/8ZibQGkBrfiBC53NxOD8nn6F7rQ.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1232/8ZibQGkBrfiBC53NxOD8nn6F7rQ.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/8ZibQGkBrfiBC53NxOD8nn6F7rQ.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 23:00:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 47 (0x2f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=F1989B406901ADF8810B9DCDC4E0FC9E7E85EEB4 Validity Not Before: Aug 22 06:27:18 2025 GMT Not After : Aug 20 07:49:18 2026 GMT Subject: CN=BC22E829CAD14557A1FF72908ACA647A735DF62A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:51:d1:83:0e:9e:4f:9e:6f:cc:3c:45:89:43: 89:eb:f2:dc:4f:68:e6:24:c7:df:36:16:29:ac:ae: fa:1e:fd:32:49:02:2e:e4:43:d0:e1:3e:4f:1d:8d: 3d:d7:b6:54:27:c8:df:a3:d0:c8:e7:7e:8f:ac:4e: 06:db:a4:c5:d3:e1:9d:7f:be:ea:fe:06:56:a0:6e: 8c:38:a0:94:fe:ca:98:24:2c:62:df:d1:9d:54:52: 1e:f7:ae:38:59:3d:46:69:58:24:3e:94:5c:85:53: 9a:be:fa:52:4d:7e:8f:34:e4:d6:9c:5f:a8:f8:d1: 3e:0f:91:90:75:da:d7:bf:8c:aa:7c:cf:bd:a5:7e: 73:21:81:27:a2:3d:b1:ae:01:d1:35:f1:56:03:98: d9:97:78:e5:39:18:ed:21:7c:2e:e8:64:c1:c9:0b: 4a:75:e4:30:40:58:1f:92:9a:12:33:0f:a3:76:c1: 2a:48:b4:ab:63:e9:54:6b:54:6e:99:f7:43:33:b5: 3c:a8:dd:66:4b:ce:07:de:1e:d3:78:cb:69:02:92: 4b:de:f7:d7:8e:e9:9d:93:30:34:d5:95:86:32:d6: 20:70:e8:fb:b8:ac:19:dd:96:30:57:11:2b:bf:08: e8:51:62:89:c8:96:4e:90:87:64:83:a5:a5:6c:a7: 45:d7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BC:22:E8:29:CA:D1:45:57:A1:FF:72:90:8A:CA:64:7A:73:5D:F6:2A X509v3 Authority Key Identifier: keyid:F1:98:9B:40:69:01:AD:F8:81:0B:9D:CD:C4:E0:FC:9E:7E:85:EE:B4 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1232/8ZibQGkBrfiBC53NxOD8nn6F7rQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/8ZibQGkBrfiBC53NxOD8nn6F7rQ.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1232/vCLoKcrRRVeh_3KQispkenNd9io.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 45.120.242.0/24 Signature Algorithm: sha256WithRSAEncryption 2b:cc:31:64:91:95:30:b5:3e:36:cf:e4:2e:c0:3f:2b:55:f8: 4d:a0:c3:61:f1:d5:ae:b4:a2:77:ed:62:09:51:60:ab:b9:e1: e1:ec:97:4b:e8:41:48:29:d2:f7:04:83:99:a4:5e:f9:3e:96: b0:55:df:d2:d1:b3:4b:74:06:18:42:ae:30:6b:43:da:a5:2b: 60:92:73:f9:74:5f:29:a5:9f:80:3b:eb:b0:e0:6d:76:83:9a: fb:15:e5:12:47:18:6d:fe:03:d6:88:45:6c:b8:30:23:f6:63: f7:3e:ac:7b:8f:be:23:3b:d4:ff:3d:2a:58:bc:60:9c:d6:26: c2:7f:58:8d:79:c3:cb:44:82:aa:2a:a7:1e:6f:21:91:60:47: 29:6c:33:d8:4b:3e:82:90:c6:94:00:65:7b:08:a4:4b:79:35: e5:7a:69:36:ff:41:35:2f:f6:8e:06:23:33:59:de:6e:ec:f0: 44:03:47:b9:88:01:97:a6:e8:5a:ae:ac:34:8a:d0:54:e3:89: 73:78:48:3c:3b:30:44:da:15:8f:ae:2e:c7:05:a5:aa:97:8b: e5:be:b0:82:65:e0:a5:22:7b:4a:10:25:dc:c5:fc:d2:a7:b8: 1f:27:cf:07:e5:5f:cc:e0:83:e9:67:50:44:d5:71:99:b6:34: 06:7a:fd:bc -----BEGIN CERTIFICATE----- MIIE1jCCA76gAwIBAgIBLzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhGMTk4 OUI0MDY5MDFBREY4ODEwQjlEQ0RDNEUwRkM5RTdFODVFRUI0MB4XDTI1MDgyMjA2 MjcxOFoXDTI2MDgyMDA3NDkxOFowMzExMC8GA1UEAxMoQkMyMkU4MjlDQUQxNDU1 N0ExRkY3MjkwOEFDQTY0N0E3MzVERjYyQTCCASIwDQYJKoZIhvcNAQEBBQADggEP ADCCAQoCggEBAMRR0YMOnk+eb8w8RYlDievy3E9o5iTH3zYWKayu+h79MkkCLuRD 0OE+Tx2NPde2VCfI36PQyOd+j6xOBtukxdPhnX++6v4GVqBujDiglP7KmCQsYt/R nVRSHveuOFk9RmlYJD6UXIVTmr76Uk1+jzTk1pxfqPjRPg+RkHXa17+MqnzPvaV+ cyGBJ6I9sa4B0TXxVgOY2Zd45TkY7SF8LuhkwckLSnXkMEBYH5KaEjMPo3bBKki0 q2PpVGtUbpn3QzO1PKjdZkvOB94e03jLaQKSS973147pnZMwNNWVhjLWIHDo+7is Gd2WMFcRK78I6FFiiciWTpCHZIOlpWynRdcCAwEAAaOCAfMwggHvMB0GA1UdDgQW BBS8IugpytFFV6H/cpCKymR6c132KjAfBgNVHSMEGDAWgBTxmJtAaQGt+IELnc3E 4PyefoXutDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMF0GA1UdHwRWMFQwUqBQ oE6GTHJzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC8xMjMy LzhaaWJRR2tCcmZpQkM1M054T0Q4bm42RjdyUS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvOFppYlFHa0JyZmlCQzUzTnhPRDhubjZGN3JRLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZ0GCCsGAQUFBwELBIGQMIGNMFgGCCsGAQUFBzALhkxyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTIzMi92Q0xvS2NyUlJWZWhf M0tRaXNwa2VuTmQ5aW8ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25u aWMuY24vcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQALXjyMA0GCSqGSIb3DQEBCwUAA4IBAQArzDFkkZUwtT42z+QuwD8rVfhNoMNh 8dWutKJ37WIJUWCrueHh7JdL6EFIKdL3BIOZpF75PpawVd/S0bNLdAYYQq4wa0Pa pStgknP5dF8ppZ+AO+uw4G12g5r7FeUSRxht/gPWiEVsuDAj9mP3Pqx7j74jO9T/ PSpYvGCc1ibCf1iNecPLRIKqKqcebyGRYEcpbDPYSz6CkMaUAGV7CKRLeTXlemk2 /0E1L/aOBiMzWd5u7PBEA0e5iAGXpuharqw0itBU44lzeEg8OzBE2hWPri7HBaWq l4vlvrCCZeClIntKECXcxfzSp7gfJ88H5V/M4IPpZ1BE1XGZtjQGev28 -----END CERTIFICATE-----Generated at Mon Oct 20 21:42:33 2025 by rpki-client