$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/187/Af3TYKyAmWG3f3wRT4FwONVWh0E.roa File: Af3TYKyAmWG3f3wRT4FwONVWh0E.roa (raw, json) Hash identifier: WIpuVfkuPz+LipchXzs38odxTKr63ACk4GOPFnDDDQY= Subject key identifier: 01:FD:D3:60:AC:80:99:61:B7:7F:7C:11:4F:81:70:38:D5:56:87:41 Certificate issuer: /CN=2E8C1DE19474035CBEA678054B6D94F5AFA53361 Certificate serial: 1CA9 Authority key identifier: 2E:8C:1D:E1:94:74:03:5C:BE:A6:78:05:4B:6D:94:F5:AF:A5:33:61 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Lowd4ZR0A1y-pngFS22U9a-lM2E.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/187/Af3TYKyAmWG3f3wRT4FwONVWh0E.roa Signing time: Wed 27 Aug 2025 06:17:41 +0000 ROA not before: Wed 27 Aug 2025 06:17:41 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 18118 IP address blocks: 120.45.0.0/16 maxlen: 16 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/187/Lowd4ZR0A1y-pngFS22U9a-lM2E.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/187/Lowd4ZR0A1y-pngFS22U9a-lM2E.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Lowd4ZR0A1y-pngFS22U9a-lM2E.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 21 Oct 2025 04:05:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7337 (0x1ca9) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2E8C1DE19474035CBEA678054B6D94F5AFA53361 Validity Not Before: Aug 27 06:17:41 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=01FDD360AC809961B77F7C114F817038D5568741 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:80:10:1a:48:28:9a:dd:87:53:7f:0a:fb:93: 91:f1:d2:08:1e:f8:b3:ec:a7:50:58:35:0d:5d:dc: bd:7c:aa:cd:86:a1:ca:85:84:86:ec:c9:d4:2e:a5: 76:c3:43:45:b1:7e:c3:17:2b:39:d2:45:d2:79:2f: 2c:0f:02:0e:16:eb:8f:72:a0:36:c8:ee:82:b4:8f: 6c:91:73:48:50:e4:50:bb:b4:d9:1d:69:70:82:da: 62:dd:fb:2c:d4:06:0e:4b:c8:e5:16:0d:6d:0d:9c: 7a:75:ed:b3:38:0c:1b:35:b5:03:8a:c7:4b:cb:cb: c2:5b:ab:2a:35:01:37:5b:db:e0:b6:6a:7f:0b:51: a7:1c:5b:6a:a5:57:8a:3e:9b:ce:37:c4:31:ca:1f: da:50:c8:9a:3d:cc:c8:3c:ef:41:88:8e:05:de:54: 88:3b:ce:f6:33:fc:4d:a3:f9:95:92:cc:44:05:d3: 62:cd:ba:fb:ca:4c:ed:50:a1:5a:08:43:30:4d:70: 34:60:5b:f6:ee:f3:21:a7:46:16:3d:a9:60:77:00: 44:5f:29:67:5e:08:cc:78:89:e4:c6:94:5f:b9:84: 21:12:67:ce:07:7f:8d:15:f3:a8:3c:a3:d1:c5:40: 0a:5a:d9:4d:06:18:d8:c8:f8:b7:ea:3f:02:65:dc: ad:25 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 01:FD:D3:60:AC:80:99:61:B7:7F:7C:11:4F:81:70:38:D5:56:87:41 X509v3 Authority Key Identifier: keyid:2E:8C:1D:E1:94:74:03:5C:BE:A6:78:05:4B:6D:94:F5:AF:A5:33:61 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/187/Lowd4ZR0A1y-pngFS22U9a-lM2E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Lowd4ZR0A1y-pngFS22U9a-lM2E.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/187/Af3TYKyAmWG3f3wRT4FwONVWh0E.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 120.45.0.0/16 Signature Algorithm: sha256WithRSAEncryption 30:87:41:17:ff:0a:ac:cd:c4:61:49:72:f7:21:f7:29:fa:3c: 8a:fa:58:b2:e0:ab:61:c3:50:ba:b3:5e:a0:36:8a:be:75:4e: c4:39:53:86:26:e2:c5:9f:1f:1c:1b:a7:e9:be:91:b3:3d:b9: 01:44:4c:e6:27:f4:ef:e7:59:83:c6:42:d1:83:58:ac:48:15: af:f3:5e:20:fd:af:d9:bf:57:1e:7a:67:64:40:70:71:f3:7f: 11:8e:e3:3c:4c:70:ea:20:09:86:02:87:7d:21:ba:93:64:4d: 3f:b4:20:e5:55:84:f0:7f:9a:ed:1e:79:76:a9:36:6e:05:68: cd:94:a4:85:1f:03:6d:22:af:cc:a9:cd:7c:68:d0:df:2c:f5: 1c:8c:da:ae:08:ac:f4:48:51:88:f8:82:ec:b9:37:b4:7a:f5: e4:76:ee:74:6a:0f:97:0f:cd:7c:b5:de:3d:07:27:48:fb:65: 4a:49:d8:48:b6:e5:b5:d7:d7:83:47:cb:40:84:e5:5b:66:4f: 5e:08:0d:0b:6d:2d:59:7f:68:8a:97:78:b9:5a:b9:3e:04:0b: 9b:6b:14:d7:7e:62:1e:31:3f:85:5b:00:1b:96:a2:a9:bf:f4: f8:18:cd:f9:1e:05:15:4a:a5:46:01:8c:ea:d9:a0:6b:96:51: 2e:f1:ec:ec -----BEGIN CERTIFICATE----- MIIE1DCCA7ygAwIBAgICHKkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkU4 QzFERTE5NDc0MDM1Q0JFQTY3ODA1NEI2RDk0RjVBRkE1MzM2MTAeFw0yNTA4Mjcw NjE3NDFaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDAxRkREMzYwQUM4MDk5 NjFCNzdGN0MxMTRGODE3MDM4RDU1Njg3NDEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC3gBAaSCia3YdTfwr7k5Hx0gge+LPsp1BYNQ1d3L18qs2GocqF hIbsydQupXbDQ0WxfsMXKznSRdJ5LywPAg4W649yoDbI7oK0j2yRc0hQ5FC7tNkd aXCC2mLd+yzUBg5LyOUWDW0NnHp17bM4DBs1tQOKx0vLy8Jbqyo1ATdb2+C2an8L UaccW2qlV4o+m843xDHKH9pQyJo9zMg870GIjgXeVIg7zvYz/E2j+ZWSzEQF02LN uvvKTO1QoVoIQzBNcDRgW/bu8yGnRhY9qWB3AERfKWdeCMx4ieTGlF+5hCESZ84H f40V86g8o9HFQApa2U0GGNjI+LfqPwJl3K0lAgMBAAGjggHwMIIB7DAdBgNVHQ4E FgQUAf3TYKyAmWG3f3wRT4FwONVWh0EwHwYDVR0jBBgwFoAULowd4ZR0A1y+pngF S22U9a+lM2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTg3 L0xvd2Q0WlIwQTF5LXBuZ0ZTMjJVOWEtbE0yRS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvTG93ZDRaUjBBMXktcG5nRlMyMlU5YS1sTTJFLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTg3L0FmM1RZS3lBbVdHM2Yz d1JUNEZ3T05WV2gwRS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD AwB4LTANBgkqhkiG9w0BAQsFAAOCAQEAMIdBF/8KrM3EYUly9yH3Kfo8ivpYsuCr YcNQurNeoDaKvnVOxDlThibixZ8fHBun6b6Rsz25AURM5if07+dZg8ZC0YNYrEgV r/NeIP2v2b9XHnpnZEBwcfN/EY7jPExw6iAJhgKHfSG6k2RNP7Qg5VWE8H+a7R55 dqk2bgVozZSkhR8DbSKvzKnNfGjQ3yz1HIzargis9EhRiPiC7Lk3tHr15HbudGoP lw/NfLXePQcnSPtlSknYSLbltdfXg0fLQITlW2ZPXggNC20tWX9oipd4uVq5PgQL m2sU135iHjE/hVsAG5aiqb/0+BjN+R4FFUqlRgGM6tmga5ZRLvHs7A== -----END CERTIFICATE-----Generated at Tue Oct 21 02:19:29 2025 by rpki-client