$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3262/cBNARw-UQ42OqYvEPRDwVd1k3mo.roa File: cBNARw-UQ42OqYvEPRDwVd1k3mo.roa (raw, json) Hash identifier: j8uip8ZuybIXLH0qteYdaLHXTVy/UR9DHUgwIUC/IcM= Subject key identifier: 70:13:40:47:0F:94:43:8D:8E:A9:8B:C4:3D:10:F0:55:DD:64:DE:6A Certificate issuer: /CN=170B7CA06F5735B7A40F97FF1F53BAE13348A93E Certificate serial: 0AFA Authority key identifier: 17:0B:7C:A0:6F:57:35:B7:A4:0F:97:FF:1F:53:BA:E1:33:48:A9:3E Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Fwt8oG9XNbekD5f_H1O64TNIqT4.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3262/cBNARw-UQ42OqYvEPRDwVd1k3mo.roa Signing time: Sun 17 Aug 2025 01:39:50 +0000 ROA not before: Sun 17 Aug 2025 01:39:50 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 37969 IP address blocks: 157.15.94.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3262/Fwt8oG9XNbekD5f_H1O64TNIqT4.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3262/Fwt8oG9XNbekD5f_H1O64TNIqT4.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Fwt8oG9XNbekD5f_H1O64TNIqT4.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 06:33:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2810 (0xafa) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=170B7CA06F5735B7A40F97FF1F53BAE13348A93E Validity Not Before: Aug 17 01:39:50 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=701340470F94438D8EA98BC43D10F055DD64DE6A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:8c:5a:e3:86:27:83:a8:be:2d:d0:7d:b9:5b: 25:dd:fa:7a:d1:6d:49:61:58:8e:f8:20:0e:b8:b3: ba:f1:04:4b:6d:76:1b:76:89:32:8b:36:32:ff:a2: db:6e:f2:79:10:ec:54:93:a1:dd:e8:6c:a7:66:d1: 2c:cb:89:ae:e1:d8:0b:4b:84:74:1b:e2:25:3b:42: 6f:71:17:bc:19:97:8c:c3:5a:d3:6a:db:70:80:0d: b0:09:14:78:4d:74:37:35:ba:2b:9f:5d:b6:63:5a: 2c:06:13:de:9c:84:97:5b:41:1e:b4:64:41:10:ed: 93:67:80:42:87:c8:18:bc:bf:d4:90:58:a5:33:3d: 38:9f:a1:9f:85:b8:ca:0b:b4:58:42:d5:c4:86:fd: a4:70:fb:18:71:f4:45:f8:fe:19:b7:73:a9:ec:16: e8:b0:1a:4f:b6:9d:fe:63:9a:4f:09:7e:ca:8b:21: 01:8e:59:72:3b:22:56:ca:b3:fa:a7:ce:70:f0:be: 44:f0:a4:5c:89:c5:02:9b:72:fd:fc:86:57:a9:8f: fa:a2:db:61:66:3b:9a:e8:a6:10:23:6a:13:58:83: 55:95:86:e7:57:25:d6:ba:a7:62:d7:35:64:b4:a0: 00:94:25:fa:af:5d:70:74:f6:38:66:44:69:6a:7c: b0:05 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 70:13:40:47:0F:94:43:8D:8E:A9:8B:C4:3D:10:F0:55:DD:64:DE:6A X509v3 Authority Key Identifier: keyid:17:0B:7C:A0:6F:57:35:B7:A4:0F:97:FF:1F:53:BA:E1:33:48:A9:3E X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3262/Fwt8oG9XNbekD5f_H1O64TNIqT4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Fwt8oG9XNbekD5f_H1O64TNIqT4.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3262/cBNARw-UQ42OqYvEPRDwVd1k3mo.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 157.15.94.0/24 Signature Algorithm: sha256WithRSAEncryption b6:63:4e:dd:b9:cc:41:5e:ff:52:78:8e:88:16:f9:0c:93:9f: bb:54:4f:ef:8f:af:94:20:bb:b1:6f:3e:06:23:d7:45:20:fb: cf:37:ba:7f:3f:68:2e:cd:71:63:62:f8:0b:85:e7:b4:79:43: c3:b3:fd:e6:e5:f9:18:ef:33:f6:65:74:98:63:77:9c:f8:0a: 7e:40:d3:ff:61:e8:6f:c1:7c:e3:a0:14:05:54:81:a6:3a:10: 4f:20:14:26:27:a8:38:2b:91:c1:9a:1b:53:3c:33:98:41:5e: e4:76:96:96:75:92:eb:6f:bb:74:37:8a:dc:b9:8f:bd:f7:6f: 5a:50:57:e3:1d:0d:0f:9b:14:25:d6:2b:fe:9d:38:16:8a:a6: c9:44:16:90:19:f5:ea:56:80:d8:32:e9:1a:bb:e7:f9:cc:16: d0:85:c4:44:f0:31:71:e5:9d:8b:af:41:f1:94:50:fb:a3:21: d7:ee:2f:8a:f6:3a:a2:67:7c:4a:e1:a2:dc:9a:24:67:fa:cf: 3d:de:b0:9b:85:ce:b1:2b:4b:8f:af:ae:bf:50:ba:c6:58:0f: 30:9b:06:ff:6c:cd:6b:bd:af:b9:5b:ad:52:87:25:3b:32:e1: ef:b4:c1:1b:71:74:ae:9c:df:ea:d2:3b:a3:de:ce:d0:6a:36: 86:dd:21:80 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICCvowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMTcw QjdDQTA2RjU3MzVCN0E0MEY5N0ZGMUY1M0JBRTEzMzQ4QTkzRTAeFw0yNTA4MTcw MTM5NTBaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDcwMTM0MDQ3MEY5NDQz OEQ4RUE5OEJDNDNEMTBGMDU1REQ2NERFNkEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDLjFrjhieDqL4t0H25WyXd+nrRbUlhWI74IA64s7rxBEttdht2 iTKLNjL/ottu8nkQ7FSTod3obKdm0SzLia7h2AtLhHQb4iU7Qm9xF7wZl4zDWtNq 23CADbAJFHhNdDc1uiufXbZjWiwGE96chJdbQR60ZEEQ7ZNngEKHyBi8v9SQWKUz PTifoZ+FuMoLtFhC1cSG/aRw+xhx9EX4/hm3c6nsFuiwGk+2nf5jmk8JfsqLIQGO WXI7IlbKs/qnznDwvkTwpFyJxQKbcv38hlepj/qi22FmO5rophAjahNYg1WVhudX Jda6p2LXNWS0oACUJfqvXXB09jhmRGlqfLAFAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUcBNARw+UQ42OqYvEPRDwVd1k3mowHwYDVR0jBBgwFoAUFwt8oG9XNbekD5f/ H1O64TNIqT4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzI2 Mi9Gd3Q4b0c5WE5iZWtENWZfSDFPNjRUTklxVDQuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0Z3dDhvRzlYTmJla0Q1Zl9IMU82NFROSXFUNC5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMyNjIvY0JOQVJ3LVVRNDJP cVl2RVBSRHdWZDFrM21vLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAJ0PXjANBgkqhkiG9w0BAQsFAAOCAQEAtmNO3bnMQV7/UniOiBb5DJOfu1RP 74+vlCC7sW8+BiPXRSD7zze6fz9oLs1xY2L4C4XntHlDw7P95uX5GO8z9mV0mGN3 nPgKfkDT/2Hob8F846AUBVSBpjoQTyAUJieoOCuRwZobUzwzmEFe5HaWlnWS62+7 dDeK3LmPvfdvWlBX4x0ND5sUJdYr/p04FoqmyUQWkBn16laA2DLpGrvn+cwW0IXE RPAxceWdi69B8ZRQ+6Mh1+4vivY6omd8SuGi3JokZ/rPPd6wm4XOsStLj6+uv1C6 xlgPMJsG/2zNa72vuVutUoclOzLh77TBG3F0rpzf6tI7o97O0Go2ht0hgA== -----END CERTIFICATE-----Generated at Sun Aug 24 06:24:52 2025 by rpki-client