$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2716/4Ve99sZbI-3HCFl4Q-q_vbKXMkU.roa File: 4Ve99sZbI-3HCFl4Q-q_vbKXMkU.roa (raw, json) Hash identifier: kA3VeJAHa+0PgmcKvYy3EfzR68lJN/WoI0y8ajmiZuY= Subject key identifier: E1:57:BD:F6:C6:5B:23:ED:C7:08:59:78:43:EA:BF:BD:B2:97:32:45 Certificate issuer: /CN=39EE852FE138CDEDC5B42D11A34295D109AD4925 Certificate serial: 032B Authority key identifier: 39:EE:85:2F:E1:38:CD:ED:C5:B4:2D:11:A3:42:95:D1:09:AD:49:25 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Oe6FL-E4ze3FtC0Ro0KV0QmtSSU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2716/4Ve99sZbI-3HCFl4Q-q_vbKXMkU.roa Signing time: Thu 28 Aug 2025 10:34:18 +0000 ROA not before: Thu 28 Aug 2025 10:34:18 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 216047 IP address blocks: 45.248.89.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2716/Oe6FL-E4ze3FtC0Ro0KV0QmtSSU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2716/Oe6FL-E4ze3FtC0Ro0KV0QmtSSU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Oe6FL-E4ze3FtC0Ro0KV0QmtSSU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 07 Sep 2025 15:00:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 811 (0x32b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=39EE852FE138CDEDC5B42D11A34295D109AD4925 Validity Not Before: Aug 28 10:34:18 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=E157BDF6C65B23EDC708597843EABFBDB2973245 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f4:63:50:ce:18:eb:d2:77:7e:c3:d3:97:de:f6: fa:98:e3:9e:3f:9a:48:57:17:d1:44:f5:77:99:f2: f7:0d:a2:ff:4d:17:d9:ac:2c:f4:b0:f5:8c:9c:32: 0d:5d:03:b1:7c:c2:c3:5c:51:09:f4:ad:8a:43:82: f2:ee:71:b8:44:fa:a9:3a:74:f8:c6:de:39:11:50: 54:5b:2e:13:83:34:5c:4c:13:fb:98:37:9a:81:1d: d5:e6:76:99:e0:73:c2:d5:af:bf:32:ba:e3:f0:1f: 78:52:02:1b:71:86:71:39:3b:ce:59:20:47:64:dc: 7b:99:c5:6d:77:54:f3:5a:c5:40:9c:6a:1b:b5:43: 95:6e:cc:51:40:c0:94:42:61:0b:57:4a:34:fe:32: 84:95:7e:2e:f5:84:13:de:b7:3c:ed:12:34:e9:9b: 18:41:fc:31:1b:ba:e8:cd:ab:e0:6e:a2:77:cf:ab: 65:2a:ec:2b:a7:3b:c6:97:5e:bb:1b:9d:c3:2e:e7: 68:8e:65:78:ab:47:c9:18:08:05:a7:e9:39:df:01: 71:ea:43:51:69:ef:b0:25:99:0e:8d:c8:c9:d2:16: 64:ad:bd:87:e8:eb:cf:a2:7b:69:1f:70:86:ae:8e: 7d:b7:13:c3:af:56:d5:26:48:95:75:5d:4f:7a:b4: 76:ad Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E1:57:BD:F6:C6:5B:23:ED:C7:08:59:78:43:EA:BF:BD:B2:97:32:45 X509v3 Authority Key Identifier: keyid:39:EE:85:2F:E1:38:CD:ED:C5:B4:2D:11:A3:42:95:D1:09:AD:49:25 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2716/Oe6FL-E4ze3FtC0Ro0KV0QmtSSU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Oe6FL-E4ze3FtC0Ro0KV0QmtSSU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2716/4Ve99sZbI-3HCFl4Q-q_vbKXMkU.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 45.248.89.0/24 Signature Algorithm: sha256WithRSAEncryption 7e:11:71:0e:07:b2:bc:48:b5:9c:a2:fd:14:0c:fd:dc:a3:87: c6:67:12:4c:94:20:5e:0e:59:ae:7e:3c:d0:3b:76:19:38:6d: e8:45:0a:0a:f0:82:79:2b:1a:89:44:43:2c:8b:f9:40:62:42: 79:79:8c:75:ce:64:ed:0b:09:3f:43:a9:0f:10:d0:1c:e2:38: 45:91:9c:a2:ab:9d:df:fa:7d:39:f7:68:ef:6a:2e:32:c0:05: 98:a2:19:9f:c0:82:ff:48:07:c0:3f:03:67:ab:6b:49:43:c6: 8a:0f:9c:5e:cb:29:47:5b:a0:b8:e9:7d:a9:6b:87:a7:3b:f4: b1:53:96:9c:ba:0b:c0:68:85:34:c1:e8:b2:10:88:5b:d1:e0: 5a:46:bd:a7:6c:91:55:e2:63:cb:b3:df:87:94:a9:e9:e9:40: 62:f7:d7:c2:1c:54:9f:33:70:8c:a2:98:b4:2b:ef:82:41:22: f9:0a:19:cf:ef:6c:8f:83:02:63:99:09:66:9e:ee:49:f7:f9: 55:fb:0e:1a:d5:11:88:1c:e8:5c:bf:a7:c8:e4:71:55:c0:b2: 3a:e8:91:f0:ed:20:33:5a:1a:7b:6e:ec:68:3a:ac:ff:6d:26: 8c:67:c3:b6:21:54:04:35:5e:65:72:57:9e:56:32:4e:1e:f9: 00:ca:2b:ad -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICAyswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzlF RTg1MkZFMTM4Q0RFREM1QjQyRDExQTM0Mjk1RDEwOUFENDkyNTAeFw0yNTA4Mjgx MDM0MThaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKEUxNTdCREY2QzY1QjIz RURDNzA4NTk3ODQzRUFCRkJEQjI5NzMyNDUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQD0Y1DOGOvSd37D05fe9vqY454/mkhXF9FE9XeZ8vcNov9NF9ms LPSw9YycMg1dA7F8wsNcUQn0rYpDgvLucbhE+qk6dPjG3jkRUFRbLhODNFxME/uY N5qBHdXmdpngc8LVr78yuuPwH3hSAhtxhnE5O85ZIEdk3HuZxW13VPNaxUCcahu1 Q5VuzFFAwJRCYQtXSjT+MoSVfi71hBPetzztEjTpmxhB/DEbuujNq+BuonfPq2Uq 7CunO8aXXrsbncMu52iOZXirR8kYCAWn6TnfAXHqQ1Fp77AlmQ6NyMnSFmStvYfo 68+ie2kfcIaujn23E8OvVtUmSJV1XU96tHatAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQU4Ve99sZbI+3HCFl4Q+q/vbKXMkUwHwYDVR0jBBgwFoAUOe6FL+E4ze3FtC0R o0KV0QmtSSUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjcx Ni9PZTZGTC1FNHplM0Z0QzBSbzBLVjBRbXRTU1UuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL09lNkZMLUU0emUzRnRDMFJvMEtWMFFtdFNTVS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI3MTYvNFZlOTlzWmJJLTNI Q0ZsNFEtcV92YktYTWtVLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAC34WTANBgkqhkiG9w0BAQsFAAOCAQEAfhFxDgeyvEi1nKL9FAz93KOHxmcS TJQgXg5Zrn480Dt2GTht6EUKCvCCeSsaiURDLIv5QGJCeXmMdc5k7QsJP0OpDxDQ HOI4RZGcoqud3/p9Ofdo72ouMsAFmKIZn8CC/0gHwD8DZ6trSUPGig+cXsspR1ug uOl9qWuHpzv0sVOWnLoLwGiFNMHoshCIW9HgWka9p2yRVeJjy7Pfh5Sp6elAYvfX whxUnzNwjKKYtCvvgkEi+QoZz+9sj4MCY5kJZp7uSff5VfsOGtURiBzoXL+nyORx VcCyOuiR8O0gM1oae27saDqs/20mjGfDtiFUBDVeZXJXnlYyTh75AMorrQ== -----END CERTIFICATE-----Generated at Sun Sep 7 10:52:59 2025 by rpki-client