$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/187/S4wFMhuxShBISoepIMT7J0pKx3k.roa File: S4wFMhuxShBISoepIMT7J0pKx3k.roa (raw, json) Hash identifier: U7UiWrQkJelvyopRtRqGDW0g4Pu1C0z06V7voETr1Pc= Subject key identifier: 4B:8C:05:32:1B:B1:4A:10:48:4A:87:A9:20:C4:FB:27:4A:4A:C7:79 Certificate issuer: /CN=2E8C1DE19474035CBEA678054B6D94F5AFA53361 Certificate serial: 1CA7 Authority key identifier: 2E:8C:1D:E1:94:74:03:5C:BE:A6:78:05:4B:6D:94:F5:AF:A5:33:61 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Lowd4ZR0A1y-pngFS22U9a-lM2E.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/187/S4wFMhuxShBISoepIMT7J0pKx3k.roa Signing time: Wed 27 Aug 2025 06:17:41 +0000 ROA not before: Wed 27 Aug 2025 06:17:41 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 4847 IP address blocks: 120.45.0.0/16 maxlen: 16 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/187/Lowd4ZR0A1y-pngFS22U9a-lM2E.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/187/Lowd4ZR0A1y-pngFS22U9a-lM2E.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Lowd4ZR0A1y-pngFS22U9a-lM2E.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 06 Sep 2025 15:34:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7335 (0x1ca7) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2E8C1DE19474035CBEA678054B6D94F5AFA53361 Validity Not Before: Aug 27 06:17:41 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=4B8C05321BB14A10484A87A920C4FB274A4AC779 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:a6:c8:8a:53:1c:6c:ac:63:f6:b5:67:80:cb: 3b:a7:19:7b:fa:1b:ca:6b:7a:b8:33:38:cd:83:67: 6a:2f:e4:21:14:1e:c9:38:5d:97:2c:87:0f:5e:b0: 8c:0d:37:35:34:09:5b:8e:bb:73:e9:ea:a7:de:b7: 52:85:a9:ff:fb:95:dd:4f:68:80:57:a1:0e:88:2c: 82:c7:7d:0b:47:9f:71:e7:1f:47:89:41:a5:72:ec: ff:dc:19:43:05:f3:99:08:17:94:22:ab:cb:f1:73: fd:5c:3c:06:3a:88:70:3c:55:b1:cd:26:58:24:4d: eb:63:c3:8b:ac:ca:76:46:83:50:cb:5e:a9:b7:aa: 04:cd:f5:f3:b9:51:ea:45:00:fe:47:ae:f3:0f:fe: b5:82:bf:86:96:8d:da:b1:9a:a0:91:71:a1:cb:3f: ae:d3:b3:84:3a:27:03:13:29:f2:f7:c9:3f:a3:3c: 66:80:96:38:db:94:e3:12:07:7b:64:1e:82:8b:91: c2:8d:51:43:e7:70:75:d1:73:32:e0:37:98:0f:dd: 8d:8f:04:2b:55:dd:1f:9e:62:3f:94:5c:7a:46:bb: f3:f3:15:fa:e4:59:e0:db:f1:ce:8d:7a:86:fd:c5: 59:4f:b4:68:1c:92:27:b0:ea:9f:57:07:83:55:56: c6:1f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4B:8C:05:32:1B:B1:4A:10:48:4A:87:A9:20:C4:FB:27:4A:4A:C7:79 X509v3 Authority Key Identifier: keyid:2E:8C:1D:E1:94:74:03:5C:BE:A6:78:05:4B:6D:94:F5:AF:A5:33:61 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/187/Lowd4ZR0A1y-pngFS22U9a-lM2E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Lowd4ZR0A1y-pngFS22U9a-lM2E.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/187/S4wFMhuxShBISoepIMT7J0pKx3k.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 120.45.0.0/16 Signature Algorithm: sha256WithRSAEncryption 07:e2:f3:3a:0d:a2:b9:1f:e7:14:14:0d:32:53:cc:1f:e6:de: 7d:41:ee:bf:cb:3e:d8:d7:35:4e:c9:61:cf:3b:70:98:0f:1a: bc:be:27:ca:84:ae:17:c9:50:3b:7a:8d:a4:3b:19:2d:c1:73: 6e:db:f6:d6:fc:c1:9e:d1:35:31:be:e3:ee:74:8d:89:64:ed: bb:c4:12:68:04:6c:1f:4b:2a:ae:26:d7:cd:6b:d0:fe:f3:f3: 8d:ca:cc:52:6b:18:aa:bd:2e:11:5b:ac:6f:a9:b3:60:fe:48: aa:b1:bb:86:bb:9e:6d:aa:54:85:91:8f:c6:d1:6c:7e:5a:90: 18:93:32:5d:09:25:b2:4e:a3:8d:98:ef:80:4e:04:47:97:45: 6e:13:07:2e:10:66:36:49:87:d3:22:41:8a:09:60:57:4e:98: c2:e0:19:77:cf:e8:fb:65:5d:60:22:8f:15:9f:2f:60:83:4f: 64:3a:63:4c:9f:63:2e:2a:3c:d6:4a:29:39:e7:3c:6b:71:f8: cf:76:4c:de:89:ed:16:24:30:64:ed:aa:c9:07:6a:de:21:6e: 37:9a:80:29:5c:71:cd:8e:41:fd:34:5c:30:be:05:ef:8e:52: 25:49:7c:4a:4d:e4:16:a6:01:e5:75:c1:c8:c1:27:bb:f9:a4: d1:64:bb:f5 -----BEGIN CERTIFICATE----- MIIE1DCCA7ygAwIBAgICHKcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkU4 QzFERTE5NDc0MDM1Q0JFQTY3ODA1NEI2RDk0RjVBRkE1MzM2MTAeFw0yNTA4Mjcw NjE3NDFaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDRCOEMwNTMyMUJCMTRB MTA0ODRBODdBOTIwQzRGQjI3NEE0QUM3NzkwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCxpsiKUxxsrGP2tWeAyzunGXv6G8prergzOM2DZ2ov5CEUHsk4 XZcshw9esIwNNzU0CVuOu3Pp6qfet1KFqf/7ld1PaIBXoQ6ILILHfQtHn3HnH0eJ QaVy7P/cGUMF85kIF5Qiq8vxc/1cPAY6iHA8VbHNJlgkTetjw4usynZGg1DLXqm3 qgTN9fO5UepFAP5HrvMP/rWCv4aWjdqxmqCRcaHLP67Ts4Q6JwMTKfL3yT+jPGaA ljjblOMSB3tkHoKLkcKNUUPncHXRczLgN5gP3Y2PBCtV3R+eYj+UXHpGu/PzFfrk WeDb8c6Neob9xVlPtGgckiew6p9XB4NVVsYfAgMBAAGjggHwMIIB7DAdBgNVHQ4E FgQUS4wFMhuxShBISoepIMT7J0pKx3kwHwYDVR0jBBgwFoAULowd4ZR0A1y+pngF S22U9a+lM2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTg3 L0xvd2Q0WlIwQTF5LXBuZ0ZTMjJVOWEtbE0yRS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvTG93ZDRaUjBBMXktcG5nRlMyMlU5YS1sTTJFLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTg3L1M0d0ZNaHV4U2hCSVNv ZXBJTVQ3SjBwS3gzay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD AwB4LTANBgkqhkiG9w0BAQsFAAOCAQEAB+LzOg2iuR/nFBQNMlPMH+befUHuv8s+ 2Nc1TslhzztwmA8avL4nyoSuF8lQO3qNpDsZLcFzbtv21vzBntE1Mb7j7nSNiWTt u8QSaARsH0sqribXzWvQ/vPzjcrMUmsYqr0uEVusb6mzYP5IqrG7hruebapUhZGP xtFsflqQGJMyXQklsk6jjZjvgE4ER5dFbhMHLhBmNkmH0yJBiglgV06YwuAZd8/o +2VdYCKPFZ8vYINPZDpjTJ9jLio81kopOec8a3H4z3ZM3ontFiQwZO2qyQdq3iFu N5qAKVxxzY5B/TRcML4F745SJUl8Sk3kFqYB5XXByMEnu/mk0WS79Q== -----END CERTIFICATE-----Generated at Sat Sep 6 13:23:12 2025 by rpki-client