$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/654/X07282e9PCQuZlli4VdAPVxV6wY.roa File: X07282e9PCQuZlli4VdAPVxV6wY.roa (raw, json) Hash identifier: vVHKJZzyr+a3M5+snbxSBau9LwwkAYdYK0VD/veHhg8= Subject key identifier: 5F:4E:F6:F3:67:BD:3C:24:2E:66:59:62:E1:57:40:3D:5C:55:EB:06 Certificate issuer: /CN=FFADC8DD61366CD84D99521B638380E8B502E6E4 Certificate serial: 172E Authority key identifier: FF:AD:C8:DD:61:36:6C:D8:4D:99:52:1B:63:83:80:E8:B5:02:E6:E4 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/_63I3WE2bNhNmVIbY4OA6LUC5uQ.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/654/X07282e9PCQuZlli4VdAPVxV6wY.roa Signing time: Sat 13 Sep 2025 03:06:20 +0000 ROA not before: Sat 13 Sep 2025 03:06:20 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 63199 IP address blocks: 139.159.51.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/654/_63I3WE2bNhNmVIbY4OA6LUC5uQ.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/654/_63I3WE2bNhNmVIbY4OA6LUC5uQ.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/_63I3WE2bNhNmVIbY4OA6LUC5uQ.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 00:06:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5934 (0x172e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=FFADC8DD61366CD84D99521B638380E8B502E6E4 Validity Not Before: Sep 13 03:06:20 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=5F4EF6F367BD3C242E665962E157403D5C55EB06 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:14:43:2d:b7:99:8c:2a:7d:e2:65:32:14:6c: c4:02:df:36:78:c5:67:a7:fe:f4:64:76:af:37:f0: 2c:87:fa:08:7d:69:19:a4:f6:0b:5d:ba:2a:66:22: eb:46:f8:9e:01:31:cb:39:ce:4f:30:37:16:8b:e5: c0:e7:14:d8:57:25:98:91:c6:bc:c4:40:0a:a0:25: f9:06:f0:16:41:d8:fd:9f:30:48:2b:c4:f4:a2:7e: b7:a9:80:e8:74:bc:e1:f6:d2:59:54:be:91:0c:ae: 74:ac:22:98:af:6d:e1:4d:8e:da:51:1a:20:47:fc: 94:c8:c0:3e:bb:9f:6f:61:a2:c3:b2:c1:77:43:d5: f1:63:d1:92:7e:17:f7:9d:ae:bc:97:7e:f3:1c:9f: 83:dd:96:d3:be:e8:13:ac:21:4b:99:b5:7a:b7:41: e9:48:a3:ca:84:dd:aa:ae:d1:f4:07:e6:2a:71:18: 1e:0b:7b:b6:cf:1c:59:8b:79:a8:c8:bc:87:93:92: 1e:f1:e1:4b:91:ba:a6:da:07:7a:f2:58:c6:2b:e5: b1:f8:9c:46:6b:6c:51:b0:ba:13:a7:92:92:90:08: 65:7c:d6:31:da:ff:ff:5b:56:ec:67:e7:4f:f1:52: e2:f5:85:28:ea:60:df:9c:79:45:7f:c4:8b:d7:d3: 26:c7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5F:4E:F6:F3:67:BD:3C:24:2E:66:59:62:E1:57:40:3D:5C:55:EB:06 X509v3 Authority Key Identifier: keyid:FF:AD:C8:DD:61:36:6C:D8:4D:99:52:1B:63:83:80:E8:B5:02:E6:E4 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/654/_63I3WE2bNhNmVIbY4OA6LUC5uQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/_63I3WE2bNhNmVIbY4OA6LUC5uQ.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/654/X07282e9PCQuZlli4VdAPVxV6wY.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 139.159.51.0/24 Signature Algorithm: sha256WithRSAEncryption 90:67:84:8b:82:29:0b:56:75:fa:9d:4f:e5:c2:d2:a4:37:e9: f3:f0:2c:99:e1:d2:04:d1:24:89:4e:3b:f7:61:22:45:4c:7a: 6d:c7:f4:70:eb:e7:1e:76:c5:bf:65:7d:13:5c:3d:69:bc:0f: 05:97:09:1e:ac:79:81:fd:4c:fd:e6:3c:31:a7:2c:1f:01:8d: 8f:c7:87:67:cf:07:d9:07:c6:15:6d:ac:75:db:b9:28:dc:03: 87:f2:75:c3:4b:ea:44:d8:7e:fe:db:24:a8:fa:ce:ac:98:a4: 03:33:0b:7d:00:0b:97:68:28:44:bd:1b:4a:1c:aa:4d:ba:58: 47:05:ca:ae:98:ce:46:9f:2a:fb:0c:36:3e:3e:d4:a9:e0:0b: a9:89:4e:5c:d5:57:ff:f4:5a:39:2d:53:7b:61:22:ba:23:6e: ac:45:a7:fe:59:13:63:60:a5:35:d5:77:e6:1b:d9:ca:13:49: a5:1a:a9:0d:ad:76:27:ca:9a:d1:10:63:77:ad:9c:30:28:dc: b8:58:c7:8e:22:a8:0b:37:02:bd:f1:6f:f9:fc:13:05:ae:2a: c7:e9:95:a4:78:9a:ed:52:28:3f:e2:0c:e1:72:3f:a4:26:01: ca:03:12:8c:cf:7c:53:ad:ac:35:84:83:f4:c4:75:d3:29:9a: 17:4d:bf:df -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICFy4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkZB REM4REQ2MTM2NkNEODREOTk1MjFCNjM4MzgwRThCNTAyRTZFNDAeFw0yNTA5MTMw MzA2MjBaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDVGNEVGNkYzNjdCRDND MjQyRTY2NTk2MkUxNTc0MDNENUM1NUVCMDYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDCFEMtt5mMKn3iZTIUbMQC3zZ4xWen/vRkdq838CyH+gh9aRmk 9gtduipmIutG+J4BMcs5zk8wNxaL5cDnFNhXJZiRxrzEQAqgJfkG8BZB2P2fMEgr xPSifrepgOh0vOH20llUvpEMrnSsIpivbeFNjtpRGiBH/JTIwD67n29hosOywXdD 1fFj0ZJ+F/edrryXfvMcn4PdltO+6BOsIUuZtXq3QelIo8qE3aqu0fQH5ipxGB4L e7bPHFmLeajIvIeTkh7x4UuRuqbaB3ryWMYr5bH4nEZrbFGwuhOnkpKQCGV81jHa //9bVuxn50/xUuL1hSjqYN+ceUV/xIvX0ybHAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUX07282e9PCQuZlli4VdAPVxV6wYwHwYDVR0jBBgwFoAU/63I3WE2bNhNmVIb Y4OA6LUC5uQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjU0 L182M0kzV0UyYk5oTm1WSWJZNE9BNkxVQzV1US5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvXzYzSTNXRTJiTmhObVZJYlk0T0E2TFVDNXVRLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjU0L1gwNzI4MmU5UENRdVps bGk0VmRBUFZ4VjZ3WS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BACLnzMwDQYJKoZIhvcNAQELBQADggEBAJBnhIuCKQtWdfqdT+XC0qQ36fPwLJnh 0gTRJIlOO/dhIkVMem3H9HDr5x52xb9lfRNcPWm8DwWXCR6seYH9TP3mPDGnLB8B jY/Hh2fPB9kHxhVtrHXbuSjcA4fydcNL6kTYfv7bJKj6zqyYpAMzC30AC5doKES9 G0ocqk26WEcFyq6YzkafKvsMNj4+1KngC6mJTlzVV//0WjktU3thIrojbqxFp/5Z E2NgpTXVd+Yb2coTSaUaqQ2tdifKmtEQY3etnDAo3LhYx44iqAs3Ar3xb/n8EwWu KsfplaR4mu1SKD/iDOFyP6QmAcoDEozPfFOtrDWEg/TEddMpmhdNv98= -----END CERTIFICATE-----Generated at Mon Oct 20 00:04:34 2025 by rpki-client