$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3262/sPF6_F9osKxakoGzmunYcGaLMzo.roa File: sPF6_F9osKxakoGzmunYcGaLMzo.roa (raw, json) Hash identifier: 2fVT980VhrN0iW58uFjcPcRTECkPtI7dnRNC9lI9OI0= Subject key identifier: B0:F1:7A:FC:5F:68:B0:AC:5A:92:81:B3:9A:E9:D8:70:66:8B:33:3A Certificate issuer: /CN=170B7CA06F5735B7A40F97FF1F53BAE13348A93E Certificate serial: 0AFB Authority key identifier: 17:0B:7C:A0:6F:57:35:B7:A4:0F:97:FF:1F:53:BA:E1:33:48:A9:3E Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Fwt8oG9XNbekD5f_H1O64TNIqT4.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3262/sPF6_F9osKxakoGzmunYcGaLMzo.roa Signing time: Sun 17 Aug 2025 01:39:50 +0000 ROA not before: Sun 17 Aug 2025 01:39:50 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 37969 IP address blocks: 157.15.95.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3262/Fwt8oG9XNbekD5f_H1O64TNIqT4.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3262/Fwt8oG9XNbekD5f_H1O64TNIqT4.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Fwt8oG9XNbekD5f_H1O64TNIqT4.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 06:33:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2811 (0xafb) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=170B7CA06F5735B7A40F97FF1F53BAE13348A93E Validity Not Before: Aug 17 01:39:50 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=B0F17AFC5F68B0AC5A9281B39AE9D870668B333A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:a6:db:c6:f2:42:ed:2c:0d:07:d8:94:67:f3: dd:45:44:cf:88:e5:80:12:ec:d5:7b:eb:9f:2a:50: a2:47:45:83:5b:61:d4:9c:c0:a0:26:3a:2d:4c:bb: ad:7a:8e:d5:a2:7d:d1:b5:ba:ef:12:ac:86:e4:90: 02:a4:1a:47:1e:f5:d6:7f:6a:c7:7d:3f:65:b1:3d: f7:7a:c6:eb:46:d3:34:de:08:ea:86:0e:66:73:6e: 92:7a:b0:08:49:c1:74:f3:a9:52:96:c7:95:a4:ea: 5c:9b:7c:c7:f8:89:61:d4:69:1e:97:18:06:3f:21: 5e:2a:37:4f:3b:79:89:ae:6d:ce:8b:0f:b3:86:7a: 3d:57:a4:6c:8a:a9:cd:e8:a2:f7:d2:65:d3:0c:9e: 86:5e:67:f5:b9:b9:8f:1e:a7:67:79:0d:f0:07:4d: 9c:63:b6:c8:f6:ef:8f:c3:0e:b6:ad:cc:21:07:df: db:66:2b:5d:c3:bd:06:67:8f:df:7e:be:63:65:01: 7d:3c:35:5c:b0:15:fa:b0:f8:bf:cb:10:5a:af:00: 9f:f6:62:9a:e9:ad:e5:b2:3c:18:76:22:d1:91:c5: 7e:fe:06:86:ed:c9:5a:c2:8c:2a:5f:3c:da:c2:43: 41:cd:ca:6c:91:b3:64:30:6d:76:1d:82:67:c2:73: cb:69 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B0:F1:7A:FC:5F:68:B0:AC:5A:92:81:B3:9A:E9:D8:70:66:8B:33:3A X509v3 Authority Key Identifier: keyid:17:0B:7C:A0:6F:57:35:B7:A4:0F:97:FF:1F:53:BA:E1:33:48:A9:3E X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3262/Fwt8oG9XNbekD5f_H1O64TNIqT4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Fwt8oG9XNbekD5f_H1O64TNIqT4.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3262/sPF6_F9osKxakoGzmunYcGaLMzo.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 157.15.95.0/24 Signature Algorithm: sha256WithRSAEncryption 0a:7f:b7:c3:68:b8:6f:d0:1e:c1:c5:ce:42:24:a3:14:bb:56: b0:99:d3:d7:e5:85:94:cb:1e:35:85:b5:95:98:a5:b5:34:8f: f9:e3:6b:15:95:1e:3e:f9:8b:db:2c:b8:a2:b1:84:45:5f:0e: 98:dc:4f:55:3c:e1:4b:1b:23:8e:61:e6:0d:50:c5:ff:aa:9a: 2e:7f:21:c1:ba:5b:c1:a8:8f:dc:12:d3:32:5c:b4:be:15:4a: 57:ca:5b:fb:27:74:2b:6a:74:b3:13:15:25:53:da:54:36:8a: 14:6a:4b:8e:20:22:a6:2e:e4:f1:0b:a5:4e:5d:c6:b6:63:89: ec:70:0d:83:90:81:ed:a9:f3:06:d0:f4:ae:f4:52:11:84:28: d4:6d:2a:f4:73:86:89:e3:ac:95:b7:5a:68:1c:e9:7a:dd:ce: b4:a5:ef:94:4e:10:5f:41:86:8c:fd:f2:93:4a:cf:e0:2e:64: 95:df:68:4e:b5:9f:60:e4:53:3d:5c:a1:98:f7:e6:50:01:3f: e1:9f:44:0b:7c:e7:10:2d:41:fa:e7:b2:da:06:40:0c:de:0a: a6:72:f1:63:7d:48:66:0c:7c:df:51:01:c3:30:3e:a0:ec:26: e5:a7:0c:9f:e7:62:df:e2:fc:8f:66:ea:cc:65:c8:57:e2:32: 54:b1:8d:08 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICCvswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMTcw QjdDQTA2RjU3MzVCN0E0MEY5N0ZGMUY1M0JBRTEzMzQ4QTkzRTAeFw0yNTA4MTcw MTM5NTBaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKEIwRjE3QUZDNUY2OEIw QUM1QTkyODFCMzlBRTlEODcwNjY4QjMzM0EwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCqptvG8kLtLA0H2JRn891FRM+I5YAS7NV7658qUKJHRYNbYdSc wKAmOi1Mu616jtWifdG1uu8SrIbkkAKkGkce9dZ/asd9P2WxPfd6xutG0zTeCOqG DmZzbpJ6sAhJwXTzqVKWx5Wk6lybfMf4iWHUaR6XGAY/IV4qN087eYmubc6LD7OG ej1XpGyKqc3oovfSZdMMnoZeZ/W5uY8ep2d5DfAHTZxjtsj274/DDratzCEH39tm K13DvQZnj99+vmNlAX08NVywFfqw+L/LEFqvAJ/2YprpreWyPBh2ItGRxX7+Bobt yVrCjCpfPNrCQ0HNymyRs2QwbXYdgmfCc8tpAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUsPF6/F9osKxakoGzmunYcGaLMzowHwYDVR0jBBgwFoAUFwt8oG9XNbekD5f/ H1O64TNIqT4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzI2 Mi9Gd3Q4b0c5WE5iZWtENWZfSDFPNjRUTklxVDQuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0Z3dDhvRzlYTmJla0Q1Zl9IMU82NFROSXFUNC5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMyNjIvc1BGNl9GOW9zS3hh a29Hem11blljR2FMTXpvLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAJ0PXzANBgkqhkiG9w0BAQsFAAOCAQEACn+3w2i4b9AewcXOQiSjFLtWsJnT 1+WFlMseNYW1lZiltTSP+eNrFZUePvmL2yy4orGERV8OmNxPVTzhSxsjjmHmDVDF /6qaLn8hwbpbwaiP3BLTMly0vhVKV8pb+yd0K2p0sxMVJVPaVDaKFGpLjiAipi7k 8QulTl3GtmOJ7HANg5CB7anzBtD0rvRSEYQo1G0q9HOGieOslbdaaBzpet3OtKXv lE4QX0GGjP3yk0rP4C5kld9oTrWfYORTPVyhmPfmUAE/4Z9EC3znEC1B+uey2gZA DN4KpnLxY31IZgx831EBwzA+oOwm5acMn+di3+L8j2bqzGXIV+IyVLGNCA== -----END CERTIFICATE-----Generated at Sun Aug 24 04:49:47 2025 by rpki-client