$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3262/0oav85JUPVbcRg0L4DBh9-aWIkI.roa File: 0oav85JUPVbcRg0L4DBh9-aWIkI.roa (raw, json) Hash identifier: +bAFfnirgbQCM5lHsyL67/7prlu6d5krVtD2rNfWezU= Subject key identifier: D2:86:AF:F3:92:54:3D:56:DC:46:0D:0B:E0:30:61:F7:E6:96:22:42 Certificate issuer: /CN=170B7CA06F5735B7A40F97FF1F53BAE13348A93E Certificate serial: 0AEF Authority key identifier: 17:0B:7C:A0:6F:57:35:B7:A4:0F:97:FF:1F:53:BA:E1:33:48:A9:3E Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Fwt8oG9XNbekD5f_H1O64TNIqT4.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3262/0oav85JUPVbcRg0L4DBh9-aWIkI.roa Signing time: Fri 15 Aug 2025 01:17:18 +0000 ROA not before: Fri 15 Aug 2025 01:17:18 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 37969 IP address blocks: 157.15.94.0/23 maxlen: 23 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3262/Fwt8oG9XNbekD5f_H1O64TNIqT4.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3262/Fwt8oG9XNbekD5f_H1O64TNIqT4.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Fwt8oG9XNbekD5f_H1O64TNIqT4.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 06:33:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2799 (0xaef) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=170B7CA06F5735B7A40F97FF1F53BAE13348A93E Validity Not Before: Aug 15 01:17:18 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=D286AFF392543D56DC460D0BE03061F7E6962242 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:aa:14:92:ea:3a:7e:b2:1c:72:f6:d7:0b:28: c9:97:b3:24:75:b7:66:c8:55:43:19:56:3e:9c:16: c2:f3:fc:9c:58:c5:e8:01:76:e8:6d:3e:19:ae:71: 92:f5:50:ab:57:11:84:f0:8d:5b:6e:31:3e:c5:06: 00:79:16:4f:0d:80:82:95:93:72:12:7e:18:c3:04: 82:e7:23:69:d7:b6:8a:fc:9e:68:de:96:53:da:cc: 58:ff:db:90:1d:49:4f:d7:2c:78:13:4a:03:c9:ee: 25:e3:16:7d:58:d2:3e:06:ee:c9:77:5e:0d:91:64: 54:17:fd:91:20:21:d3:02:66:08:19:b5:e1:21:55: f2:91:b6:6b:4e:d8:71:15:14:9b:71:5e:af:6e:fc: 2f:b4:e4:86:50:df:4f:05:1b:9d:02:fb:df:d5:cc: 17:5c:8b:99:b8:e8:1b:65:4e:cc:fd:cb:10:e2:a1: 1f:10:20:bb:06:ee:04:97:39:8c:e7:8f:48:9c:ed: 08:17:42:d7:79:73:87:5a:e1:00:22:33:60:a0:ff: 3e:f5:c7:f9:34:82:07:ff:03:29:3c:30:b0:bb:69: 44:c3:62:3f:9c:48:09:37:d6:f6:84:b8:9f:eb:08: 88:7f:cf:08:a8:76:e4:29:30:b5:a6:d4:4c:d4:3e: a3:5f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D2:86:AF:F3:92:54:3D:56:DC:46:0D:0B:E0:30:61:F7:E6:96:22:42 X509v3 Authority Key Identifier: keyid:17:0B:7C:A0:6F:57:35:B7:A4:0F:97:FF:1F:53:BA:E1:33:48:A9:3E X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3262/Fwt8oG9XNbekD5f_H1O64TNIqT4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Fwt8oG9XNbekD5f_H1O64TNIqT4.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3262/0oav85JUPVbcRg0L4DBh9-aWIkI.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 157.15.94.0/23 Signature Algorithm: sha256WithRSAEncryption aa:1b:3d:fa:5c:83:1c:27:d9:72:ef:d5:0e:dd:8a:10:da:88: 5b:e8:8d:ae:1d:a2:e4:ae:88:54:10:04:90:31:e9:7e:98:29: 94:7e:ad:2d:07:ba:b8:a5:5e:2a:6a:c8:6a:6c:91:c0:ef:a2: b1:a8:1f:9b:35:f3:d8:3d:e1:87:af:f4:38:52:09:b7:49:9a: 67:48:db:c5:bc:9c:c8:b9:3d:df:23:db:48:58:56:d0:ff:53: 83:68:9c:9c:d1:d2:e2:94:4d:74:23:5b:bc:de:68:48:a3:8c: d5:2f:d6:a4:7c:c8:6d:d2:fc:17:4b:58:c3:74:97:ba:6e:06: ec:87:86:09:ce:b0:04:0e:43:57:8c:d1:5b:04:d4:49:78:69: bb:40:65:c8:f1:03:ca:75:e9:cb:55:62:c8:bc:70:e1:a7:c3: 58:0c:dd:14:35:4f:c7:ed:3c:9a:fa:19:c0:50:96:a0:4d:30: c5:5b:7a:43:7c:5a:8e:de:6e:1f:db:c4:42:d5:01:94:46:b0: 26:c3:8b:ab:07:01:b7:ab:18:9a:0c:fd:b2:e9:e5:99:89:c7: 96:33:6a:0b:2e:e8:12:fe:69:17:74:a1:c5:8d:1c:42:a9:d6: c9:4f:e3:41:c9:36:c5:99:90:f5:13:3b:1c:24:40:c8:c0:bf: 5e:bb:2d:a4 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICCu8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMTcw QjdDQTA2RjU3MzVCN0E0MEY5N0ZGMUY1M0JBRTEzMzQ4QTkzRTAeFw0yNTA4MTUw MTE3MThaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKEQyODZBRkYzOTI1NDNE NTZEQzQ2MEQwQkUwMzA2MUY3RTY5NjIyNDIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCxqhSS6jp+shxy9tcLKMmXsyR1t2bIVUMZVj6cFsLz/JxYxegB duhtPhmucZL1UKtXEYTwjVtuMT7FBgB5Fk8NgIKVk3ISfhjDBILnI2nXtor8nmje llPazFj/25AdSU/XLHgTSgPJ7iXjFn1Y0j4G7sl3Xg2RZFQX/ZEgIdMCZggZteEh VfKRtmtO2HEVFJtxXq9u/C+05IZQ308FG50C+9/VzBdci5m46BtlTsz9yxDioR8Q ILsG7gSXOYznj0ic7QgXQtd5c4da4QAiM2Cg/z71x/k0ggf/Ayk8MLC7aUTDYj+c SAk31vaEuJ/rCIh/zwioduQpMLWm1EzUPqNfAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQU0oav85JUPVbcRg0L4DBh9+aWIkIwHwYDVR0jBBgwFoAUFwt8oG9XNbekD5f/ H1O64TNIqT4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzI2 Mi9Gd3Q4b0c5WE5iZWtENWZfSDFPNjRUTklxVDQuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0Z3dDhvRzlYTmJla0Q1Zl9IMU82NFROSXFUNC5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMyNjIvMG9hdjg1SlVQVmJj UmcwTDREQmg5LWFXSWtJLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAZ0PXjANBgkqhkiG9w0BAQsFAAOCAQEAqhs9+lyDHCfZcu/VDt2KENqIW+iN rh2i5K6IVBAEkDHpfpgplH6tLQe6uKVeKmrIamyRwO+isagfmzXz2D3hh6/0OFIJ t0maZ0jbxbycyLk93yPbSFhW0P9Tg2icnNHS4pRNdCNbvN5oSKOM1S/WpHzIbdL8 F0tYw3SXum4G7IeGCc6wBA5DV4zRWwTUSXhpu0BlyPEDynXpy1ViyLxw4afDWAzd FDVPx+08mvoZwFCWoE0wxVt6Q3xajt5uH9vEQtUBlEawJsOLqwcBt6sYmgz9sunl mYnHljNqCy7oEv5pF3ShxY0cQqnWyU/jQck2xZmQ9RM7HCRAyMC/XrstpA== -----END CERTIFICATE-----Generated at Sun Aug 24 04:42:42 2025 by rpki-client