$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/756/i5k4dsu4Ee6y_1thTrrwOxxblkw.roa File: i5k4dsu4Ee6y_1thTrrwOxxblkw.roa (raw, json) Hash identifier: tVZ41ygxhW/2mUCfo20a5PYPTrIAl2k96+fse3GzsHw= Subject key identifier: 8B:99:38:76:CB:B8:11:EE:B2:FF:5B:61:4E:BA:F0:3B:1C:5B:96:4C Certificate issuer: /CN=591C5B03C97CE0FE3EC78E23C6856F792C20D404 Certificate serial: 176A Authority key identifier: 59:1C:5B:03:C9:7C:E0:FE:3E:C7:8E:23:C6:85:6F:79:2C:20:D4:04 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/WRxbA8l84P4-x44jxoVveSwg1AQ.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/756/i5k4dsu4Ee6y_1thTrrwOxxblkw.roa Signing time: Sat 13 Sep 2025 03:03:52 +0000 ROA not before: Sat 13 Sep 2025 03:03:52 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 63719 IP address blocks: 45.255.152.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/756/WRxbA8l84P4-x44jxoVveSwg1AQ.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/756/WRxbA8l84P4-x44jxoVveSwg1AQ.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/WRxbA8l84P4-x44jxoVveSwg1AQ.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 21 Oct 2025 13:35:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5994 (0x176a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=591C5B03C97CE0FE3EC78E23C6856F792C20D404 Validity Not Before: Sep 13 03:03:52 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=8B993876CBB811EEB2FF5B614EBAF03B1C5B964C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:91:c6:82:a9:98:a0:cf:e0:d0:ce:1a:64:38: a9:74:45:9c:b3:c7:33:79:a2:6d:01:90:7a:f7:cc: 94:ce:c8:f0:cd:35:55:5a:5c:27:4a:f4:ef:3d:de: 49:37:37:35:fc:78:45:54:76:4b:79:1f:72:34:24: 49:76:a9:85:0b:cb:c9:f4:23:04:98:a3:9b:d7:42: 10:08:cc:9f:b1:7b:fe:2f:7f:41:4c:64:59:10:88: c0:7d:8d:52:ca:ab:41:f5:e2:e1:27:8f:74:4f:53: 3e:64:87:08:8b:55:f8:b6:79:c5:34:0b:74:5c:d0: 5b:2f:7d:e3:e8:4d:54:48:ec:4f:b1:54:d2:a0:48: 40:c6:a3:de:88:c1:2b:c5:ce:0c:a6:97:eb:1a:34: 23:bb:37:83:75:52:31:5e:5a:24:6c:8f:4b:5e:f8: 88:82:8a:d1:3d:75:0f:f2:d4:b2:0a:e9:a5:d9:7a: 25:b9:f5:57:2e:3f:1f:4a:be:be:65:7a:09:ac:1a: 57:3a:67:5b:09:8e:cd:a8:50:4a:fc:1b:93:e1:6f: 33:47:bb:63:03:15:17:c9:15:ab:70:f0:75:f2:b8: 95:51:f1:80:ee:d1:cc:6c:4d:bd:91:4b:3e:ef:da: b8:f2:ef:8c:14:58:67:1e:b6:37:01:0e:38:2f:09: e7:25 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8B:99:38:76:CB:B8:11:EE:B2:FF:5B:61:4E:BA:F0:3B:1C:5B:96:4C X509v3 Authority Key Identifier: keyid:59:1C:5B:03:C9:7C:E0:FE:3E:C7:8E:23:C6:85:6F:79:2C:20:D4:04 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/756/WRxbA8l84P4-x44jxoVveSwg1AQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/WRxbA8l84P4-x44jxoVveSwg1AQ.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/756/i5k4dsu4Ee6y_1thTrrwOxxblkw.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 45.255.152.0/22 Signature Algorithm: sha256WithRSAEncryption ca:43:ef:b0:25:21:7c:cb:92:76:45:e4:23:bd:1f:ce:62:02: 20:08:b6:a3:ff:f7:99:79:48:63:4f:d1:10:f4:22:8a:4f:0e: bb:e1:51:a1:8a:81:f4:51:b3:b1:91:fc:bf:7e:9c:8f:fc:67: c4:06:8c:c2:08:21:a0:a8:e7:cb:c1:d7:57:97:67:b8:f1:93: c0:57:5f:92:88:93:af:e0:49:58:2c:ff:b1:6c:3b:f5:89:74: e3:ac:37:68:e2:00:2f:e4:a2:c1:8a:24:69:d8:20:f8:d6:5c: d4:0c:4e:c4:d9:56:05:79:e2:4e:6c:0b:1f:f4:14:49:a4:89: 24:e6:31:01:43:3c:7b:82:e1:df:c0:dc:18:1b:01:7b:ae:8e: 97:45:84:0e:f4:ce:72:96:5a:5c:47:53:1b:90:fa:54:a0:f9: ee:a4:65:c1:59:1a:87:dc:62:ad:b4:c4:af:86:84:b1:2e:77: 2e:6a:3b:03:db:8f:5b:2a:f0:ec:78:fb:38:39:a5:bc:1e:3b: 1a:21:0c:9d:4e:cf:18:e0:17:a8:5f:67:b1:e9:19:45:51:39: 52:00:89:de:a8:6e:d1:68:8a:6a:af:42:18:6c:c9:16:f5:13: 8d:4c:a1:3e:91:9a:0e:f5:d7:96:6d:96:11:f2:dd:cd:d1:f7: c6:b9:f8:00 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICF2owDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNTkx QzVCMDNDOTdDRTBGRTNFQzc4RTIzQzY4NTZGNzkyQzIwRDQwNDAeFw0yNTA5MTMw MzAzNTJaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDhCOTkzODc2Q0JCODEx RUVCMkZGNUI2MTRFQkFGMDNCMUM1Qjk2NEMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC7kcaCqZigz+DQzhpkOKl0RZyzxzN5om0BkHr3zJTOyPDNNVVa XCdK9O893kk3NzX8eEVUdkt5H3I0JEl2qYULy8n0IwSYo5vXQhAIzJ+xe/4vf0FM ZFkQiMB9jVLKq0H14uEnj3RPUz5khwiLVfi2ecU0C3Rc0FsvfePoTVRI7E+xVNKg SEDGo96IwSvFzgyml+saNCO7N4N1UjFeWiRsj0te+IiCitE9dQ/y1LIK6aXZeiW5 9VcuPx9Kvr5legmsGlc6Z1sJjs2oUEr8G5PhbzNHu2MDFRfJFatw8HXyuJVR8YDu 0cxsTb2RSz7v2rjy74wUWGcetjcBDjgvCeclAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUi5k4dsu4Ee6y/1thTrrwOxxblkwwHwYDVR0jBBgwFoAUWRxbA8l84P4+x44j xoVveSwg1AQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzU2 L1dSeGJBOGw4NFA0LXg0NGp4b1Z2ZVN3ZzFBUS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvV1J4YkE4bDg0UDQteDQ0anhvVnZlU3dnMUFRLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzU2L2k1azRkc3U0RWU2eV8x dGhUcnJ3T3h4Ymxrdy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAIt/5gwDQYJKoZIhvcNAQELBQADggEBAMpD77AlIXzLknZF5CO9H85iAiAItqP/ 95l5SGNP0RD0IopPDrvhUaGKgfRRs7GR/L9+nI/8Z8QGjMIIIaCo58vB11eXZ7jx k8BXX5KIk6/gSVgs/7FsO/WJdOOsN2jiAC/kosGKJGnYIPjWXNQMTsTZVgV54k5s Cx/0FEmkiSTmMQFDPHuC4d/A3BgbAXuujpdFhA70znKWWlxHUxuQ+lSg+e6kZcFZ GofcYq20xK+GhLEudy5qOwPbj1sq8Ox4+zg5pbweOxohDJ1OzxjgF6hfZ7HpGUVR OVIAid6obtFoimqvQhhsyRb1E41MoT6Rmg7115ZtlhHy3c3R98a5+AA= -----END CERTIFICATE-----Generated at Tue Oct 21 10:36:47 2025 by rpki-client