$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3282/vRMEkXhgMgYExHesqADIPCrhlMY.roa File: vRMEkXhgMgYExHesqADIPCrhlMY.roa (raw, json) Hash identifier: Qi9qPsWUwvCaipSHqdP/turP9n7D7ImvplBkZhPm8Ms= Subject key identifier: BD:13:04:91:78:60:32:06:04:C4:77:AC:A8:00:C8:3C:2A:E1:94:C6 Certificate issuer: /CN=4CA9EBB4D4C42C00C6D5AD5C70FB6B4576583177 Certificate serial: 01CE Authority key identifier: 4C:A9:EB:B4:D4:C4:2C:00:C6:D5:AD:5C:70:FB:6B:45:76:58:31:77 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/TKnrtNTELADG1a1ccPtrRXZYMXc.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3282/vRMEkXhgMgYExHesqADIPCrhlMY.roa Signing time: Thu 21 Aug 2025 17:19:07 +0000 ROA not before: Thu 21 Aug 2025 17:19:07 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 151261 IP address blocks: 45.113.16.0/23 maxlen: 32 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3282/TKnrtNTELADG1a1ccPtrRXZYMXc.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3282/TKnrtNTELADG1a1ccPtrRXZYMXc.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/TKnrtNTELADG1a1ccPtrRXZYMXc.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 23:00:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 462 (0x1ce) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4CA9EBB4D4C42C00C6D5AD5C70FB6B4576583177 Validity Not Before: Aug 21 17:19:07 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=BD1304917860320604C477ACA800C83C2AE194C6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:72:60:1b:0a:8c:a0:11:24:b0:36:84:b0:f2: 88:f1:3a:c3:d2:e8:32:2f:a1:c5:95:55:ab:10:cf: d2:83:14:da:d5:f8:29:e3:6d:9d:04:ed:38:7b:3b: d5:e8:82:f6:4b:db:5c:c4:a1:11:08:08:ee:ba:9a: 97:2a:de:9b:22:06:0e:d5:7e:50:b5:7a:ab:3d:3b: f9:97:22:a2:e8:72:f7:ab:99:c3:1a:ef:2a:04:01: 40:e1:61:e6:8c:49:b2:85:ca:77:d3:31:02:c3:fb: 8f:23:39:2a:6b:73:a2:3d:ac:21:23:ff:e9:19:01: c8:a1:b3:26:6c:2c:b5:6a:31:7b:06:fa:28:76:59: 82:87:29:9d:e4:f0:58:eb:07:f9:cb:8c:7b:81:bb: ab:e0:83:8d:dc:4d:86:64:96:be:2f:a5:15:fa:4e: 46:19:09:01:1e:b1:31:40:ff:2c:05:db:93:ad:5c: 66:67:a4:8e:f1:4e:d4:59:2e:fc:09:d8:07:61:5c: 19:02:f7:f8:e2:b5:d3:ea:b5:12:cd:df:30:bc:5b: 3a:8a:74:43:45:26:e5:ac:38:4d:42:f4:06:a5:54: ae:4e:34:7e:75:3d:d9:05:8d:be:ba:9e:00:88:9a: 7e:ba:b8:74:17:df:36:06:8d:b2:8c:94:a9:ba:b7: b6:fb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BD:13:04:91:78:60:32:06:04:C4:77:AC:A8:00:C8:3C:2A:E1:94:C6 X509v3 Authority Key Identifier: keyid:4C:A9:EB:B4:D4:C4:2C:00:C6:D5:AD:5C:70:FB:6B:45:76:58:31:77 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3282/TKnrtNTELADG1a1ccPtrRXZYMXc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/TKnrtNTELADG1a1ccPtrRXZYMXc.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3282/vRMEkXhgMgYExHesqADIPCrhlMY.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 45.113.16.0/23 Signature Algorithm: sha256WithRSAEncryption a0:8b:44:f9:d8:0f:3c:b4:1d:17:4a:03:ac:ea:1e:a2:90:63: 07:9d:4f:bb:97:5a:b7:8e:2f:4c:7a:07:78:6e:d3:19:50:05: 52:d7:83:dc:c1:b7:ac:d2:20:b6:0f:dc:a9:bc:fb:8b:5d:9b: bf:a1:da:95:38:e2:18:61:19:1c:18:cc:77:e7:13:2c:7c:86: 5d:68:4c:dc:9c:cc:09:bf:53:f1:33:27:31:7e:ec:a0:33:b2: 78:7d:59:08:a7:00:93:94:73:c0:c2:f3:82:e2:97:e3:ed:ad: e7:24:3b:53:e0:9a:9b:98:c2:9e:23:27:70:50:57:cc:d5:3d: 78:7d:7f:4f:cf:4f:73:f9:e2:67:b6:1f:59:0b:7d:54:41:ff: 2c:1f:6a:8b:c6:e4:b5:bd:1f:b4:98:f2:7e:14:ac:22:33:a6: 68:26:98:36:01:3c:98:78:d2:d3:03:7c:03:88:84:91:83:2b: 68:0f:43:5f:f1:7a:07:cc:80:da:25:29:15:e7:9e:46:a7:99: 68:88:57:0d:3c:0f:c8:b0:fc:48:78:47:41:26:35:0b:9f:57: 86:48:1a:f8:c7:75:5c:50:c2:ca:3f:88:11:75:e4:a1:aa:1f: bd:3f:2d:e3:b7:47:44:16:34:e5:fe:25:f7:5a:43:55:b8:fd: bb:93:cc:d2 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICAc4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNENB OUVCQjRENEM0MkMwMEM2RDVBRDVDNzBGQjZCNDU3NjU4MzE3NzAeFw0yNTA4MjEx NzE5MDdaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKEJEMTMwNDkxNzg2MDMy MDYwNEM0NzdBQ0E4MDBDODNDMkFFMTk0QzYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC+cmAbCoygESSwNoSw8ojxOsPS6DIvocWVVasQz9KDFNrV+Cnj bZ0E7Th7O9XogvZL21zEoREICO66mpcq3psiBg7VflC1eqs9O/mXIqLocvermcMa 7yoEAUDhYeaMSbKFynfTMQLD+48jOSprc6I9rCEj/+kZAcihsyZsLLVqMXsG+ih2 WYKHKZ3k8FjrB/nLjHuBu6vgg43cTYZklr4vpRX6TkYZCQEesTFA/ywF25OtXGZn pI7xTtRZLvwJ2AdhXBkC9/jitdPqtRLN3zC8WzqKdENFJuWsOE1C9AalVK5ONH51 PdkFjb66ngCImn66uHQX3zYGjbKMlKm6t7b7AgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUvRMEkXhgMgYExHesqADIPCrhlMYwHwYDVR0jBBgwFoAUTKnrtNTELADG1a1c cPtrRXZYMXcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzI4 Mi9US25ydE5URUxBREcxYTFjY1B0clJYWllNWGMuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL1RLbnJ0TlRFTEFERzFhMWNjUHRyUlhaWU1YYy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMyODIvdlJNRWtYaGdNZ1lF eEhlc3FBRElQQ3JobE1ZLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAS1xEDANBgkqhkiG9w0BAQsFAAOCAQEAoItE+dgPPLQdF0oDrOoeopBjB51P u5dat44vTHoHeG7TGVAFUteD3MG3rNIgtg/cqbz7i12bv6HalTjiGGEZHBjMd+cT LHyGXWhM3JzMCb9T8TMnMX7soDOyeH1ZCKcAk5RzwMLzguKX4+2t5yQ7U+Cam5jC niMncFBXzNU9eH1/T89Pc/niZ7YfWQt9VEH/LB9qi8bktb0ftJjyfhSsIjOmaCaY NgE8mHjS0wN8A4iEkYMraA9DX/F6B8yA2iUpFeeeRqeZaIhXDTwPyLD8SHhHQSY1 C59Xhkga+Md1XFDCyj+IEXXkoaofvT8t47dHRBY05f4l91pDVbj9u5PM0g== -----END CERTIFICATE-----Generated at Mon Oct 20 19:47:50 2025 by rpki-client