$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1232/z1M-L42rUlLVJL_levQPoYbB_K4.roa File: z1M-L42rUlLVJL_levQPoYbB_K4.roa (raw, json) Hash identifier: iPoTe+6OQzHOJjA6iEgRz5ON/CycR+nwlSaltLRWBb4= Subject key identifier: CF:53:3E:2F:8D:AB:52:52:D5:24:BF:E5:7A:F4:0F:A1:86:C1:FC:AE Certificate issuer: /CN=F1989B406901ADF8810B9DCDC4E0FC9E7E85EEB4 Certificate serial: 40 Authority key identifier: F1:98:9B:40:69:01:AD:F8:81:0B:9D:CD:C4:E0:FC:9E:7E:85:EE:B4 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/8ZibQGkBrfiBC53NxOD8nn6F7rQ.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1232/z1M-L42rUlLVJL_levQPoYbB_K4.roa Signing time: Fri 22 Aug 2025 06:30:22 +0000 ROA not before: Fri 22 Aug 2025 06:30:22 +0000 ROA not after: Thu 20 Aug 2026 07:49:18 +0000 asID: 139137 IP address blocks: 45.120.243.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1232/8ZibQGkBrfiBC53NxOD8nn6F7rQ.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1232/8ZibQGkBrfiBC53NxOD8nn6F7rQ.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/8ZibQGkBrfiBC53NxOD8nn6F7rQ.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 04:03:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 64 (0x40) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=F1989B406901ADF8810B9DCDC4E0FC9E7E85EEB4 Validity Not Before: Aug 22 06:30:22 2025 GMT Not After : Aug 20 07:49:18 2026 GMT Subject: CN=CF533E2F8DAB5252D524BFE57AF40FA186C1FCAE Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:99:a6:94:01:e0:bc:54:d6:01:3e:e4:30:c4:8c: d5:f5:4c:65:36:60:dd:ca:28:b6:2a:ff:5d:ed:4c: a2:4f:0b:a4:09:19:1b:f7:c1:fe:bd:2f:58:a1:86: bb:30:36:78:db:dc:2a:43:59:e5:82:60:7a:50:60: 84:90:a3:a2:95:b2:38:04:49:30:14:03:44:dc:13: da:fe:f4:d2:dc:3c:b6:f5:82:4e:60:1c:9d:c9:5d: 26:88:22:97:7f:9c:5a:61:06:50:42:62:bf:02:67: 2a:b1:f4:b2:c4:f4:72:e4:85:5d:63:5b:c1:11:f2: 92:e7:b4:f8:79:09:dd:87:a9:a0:24:32:d3:ac:c2: 8f:01:9c:f6:b8:59:a6:47:f0:4c:98:87:fd:64:22: ee:5f:43:16:aa:f4:8b:21:fb:1e:17:52:76:03:d4: 30:dc:a3:2b:3e:f4:31:c1:91:bd:d5:d0:9b:15:aa: 86:c0:93:71:54:76:c6:34:f3:81:bc:c7:f0:74:fb: e4:99:f9:2c:4b:59:8f:c4:37:12:fb:34:61:62:e1: c6:4c:e0:f7:2d:c0:c9:aa:2f:e4:a9:56:c1:f1:86: 0a:f1:95:1e:00:fb:f7:f9:4c:b2:c8:85:c8:02:b0: 97:dc:f7:a6:5f:13:7b:01:d9:ee:88:56:54:43:04: 9f:a5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CF:53:3E:2F:8D:AB:52:52:D5:24:BF:E5:7A:F4:0F:A1:86:C1:FC:AE X509v3 Authority Key Identifier: keyid:F1:98:9B:40:69:01:AD:F8:81:0B:9D:CD:C4:E0:FC:9E:7E:85:EE:B4 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1232/8ZibQGkBrfiBC53NxOD8nn6F7rQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/8ZibQGkBrfiBC53NxOD8nn6F7rQ.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1232/z1M-L42rUlLVJL_levQPoYbB_K4.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 45.120.243.0/24 Signature Algorithm: sha256WithRSAEncryption 0b:35:92:0f:16:0c:f8:59:22:3e:2a:8f:75:3f:b8:67:d4:0a: 40:4c:55:e4:1d:81:a2:3c:2c:09:c2:28:2c:ef:3d:14:8a:8a: ab:fb:58:4e:cd:f9:85:ca:16:3c:90:f6:f3:16:ed:ec:91:6b: c3:a6:b2:0b:1f:79:23:51:16:d8:6e:2c:7c:9f:22:74:5a:d6: 86:d4:13:f9:d9:b5:a4:04:53:b6:9f:57:64:7f:1f:da:2e:f5: 46:59:26:eb:0d:9b:83:74:73:52:d2:5f:bc:e3:b7:41:5c:b3: 37:4d:d7:6e:bc:35:2c:23:88:ec:6d:f7:3e:1c:a8:c3:4c:e7: 39:39:2a:87:5c:ab:3d:34:af:50:60:24:b1:48:fa:7f:13:b4: 2d:a0:05:07:5a:9f:31:f3:32:b7:72:31:c7:f9:8d:54:fe:b7: 90:75:8f:5a:e7:d8:44:72:ce:c8:78:df:40:10:da:df:e9:26: 58:f7:ff:25:7e:bf:fc:64:55:36:d9:6a:32:38:ef:5b:de:48: b4:75:68:a7:35:3a:c1:74:c4:3f:43:53:37:58:95:34:07:f7: 59:39:e7:a9:62:27:54:2e:11:54:9b:f3:11:0b:74:ab:42:2b: 03:35:62:69:b4:34:ea:36:66:40:84:71:29:3d:e5:b7:19:ea: 6c:88:f1:ca -----BEGIN CERTIFICATE----- MIIE1jCCA76gAwIBAgIBQDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhGMTk4 OUI0MDY5MDFBREY4ODEwQjlEQ0RDNEUwRkM5RTdFODVFRUI0MB4XDTI1MDgyMjA2 MzAyMloXDTI2MDgyMDA3NDkxOFowMzExMC8GA1UEAxMoQ0Y1MzNFMkY4REFCNTI1 MkQ1MjRCRkU1N0FGNDBGQTE4NkMxRkNBRTCCASIwDQYJKoZIhvcNAQEBBQADggEP ADCCAQoCggEBAJmmlAHgvFTWAT7kMMSM1fVMZTZg3cootir/Xe1Mok8LpAkZG/fB /r0vWKGGuzA2eNvcKkNZ5YJgelBghJCjopWyOARJMBQDRNwT2v700tw8tvWCTmAc ncldJogil3+cWmEGUEJivwJnKrH0ssT0cuSFXWNbwRHykue0+HkJ3YepoCQy06zC jwGc9rhZpkfwTJiH/WQi7l9DFqr0iyH7HhdSdgPUMNyjKz70McGRvdXQmxWqhsCT cVR2xjTzgbzH8HT75Jn5LEtZj8Q3Evs0YWLhxkzg9y3Ayaov5KlWwfGGCvGVHgD7 9/lMssiFyAKwl9z3pl8TewHZ7ohWVEMEn6UCAwEAAaOCAfMwggHvMB0GA1UdDgQW BBTPUz4vjatSUtUkv+V69A+hhsH8rjAfBgNVHSMEGDAWgBTxmJtAaQGt+IELnc3E 4PyefoXutDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMF0GA1UdHwRWMFQwUqBQ oE6GTHJzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC8xMjMy LzhaaWJRR2tCcmZpQkM1M054T0Q4bm42RjdyUS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvOFppYlFHa0JyZmlCQzUzTnhPRDhubjZGN3JRLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZ0GCCsGAQUFBwELBIGQMIGNMFgGCCsGAQUFBzALhkxyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTIzMi96MU0tTDQyclVsTFZK TF9sZXZRUG9ZYkJfSzQucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25u aWMuY24vcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQALXjzMA0GCSqGSIb3DQEBCwUAA4IBAQALNZIPFgz4WSI+Ko91P7hn1ApATFXk HYGiPCwJwigs7z0Uioqr+1hOzfmFyhY8kPbzFu3skWvDprILH3kjURbYbix8nyJ0 WtaG1BP52bWkBFO2n1dkfx/aLvVGWSbrDZuDdHNS0l+847dBXLM3TdduvDUsI4js bfc+HKjDTOc5OSqHXKs9NK9QYCSxSPp/E7QtoAUHWp8x8zK3cjHH+Y1U/reQdY9a 59hEcs7IeN9AENrf6SZY9/8lfr/8ZFU22WoyOO9b3ki0dWinNTrBdMQ/Q1M3WJU0 B/dZOeepYidULhFUm/MRC3SrQisDNWJptDTqNmZAhHEpPeW3GepsiPHK -----END CERTIFICATE-----Generated at Sun Aug 24 02:42:54 2025 by rpki-client