$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2716/P4q4xa3_pOTVyV5RPy7zvtn56CE.roa File: P4q4xa3_pOTVyV5RPy7zvtn56CE.roa (raw, json) Hash identifier: xAnsclySNCTLhvNzKpIB6krTEHl9F86w9kR41BSpeCw= Subject key identifier: 3F:8A:B8:C5:AD:FF:A4:E4:D5:C9:5E:51:3F:2E:F3:BE:D9:F9:E8:21 Certificate issuer: /CN=39EE852FE138CDEDC5B42D11A34295D109AD4925 Certificate serial: 032A Authority key identifier: 39:EE:85:2F:E1:38:CD:ED:C5:B4:2D:11:A3:42:95:D1:09:AD:49:25 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Oe6FL-E4ze3FtC0Ro0KV0QmtSSU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2716/P4q4xa3_pOTVyV5RPy7zvtn56CE.roa Signing time: Thu 28 Aug 2025 10:34:18 +0000 ROA not before: Thu 28 Aug 2025 10:34:18 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 216047 IP address blocks: 45.248.90.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2716/Oe6FL-E4ze3FtC0Ro0KV0QmtSSU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2716/Oe6FL-E4ze3FtC0Ro0KV0QmtSSU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Oe6FL-E4ze3FtC0Ro0KV0QmtSSU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 07 Sep 2025 15:00:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 810 (0x32a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=39EE852FE138CDEDC5B42D11A34295D109AD4925 Validity Not Before: Aug 28 10:34:18 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=3F8AB8C5ADFFA4E4D5C95E513F2EF3BED9F9E821 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:72:77:21:53:a3:5a:93:d5:eb:e4:3a:68:87: 13:49:e5:1a:17:b2:52:27:cd:f5:68:6f:8c:dd:40: 77:12:05:48:34:48:48:23:57:5f:23:37:e7:6e:76: bb:48:e7:bf:13:a9:8d:28:39:e7:3e:f0:a3:05:be: 2b:f9:81:e1:51:1e:a7:52:3c:05:a4:6d:c6:83:cb: aa:93:53:96:7d:9d:34:5f:1f:02:f0:e8:d9:4d:e5: 12:8c:8b:33:88:22:da:ac:32:56:6c:7f:da:9b:0d: 98:b1:25:5d:62:8f:6f:5e:f4:3c:f0:5e:ee:39:d4: 03:15:6e:cc:ec:3e:92:46:04:ef:d2:dc:d6:dd:29: cc:3e:a0:44:a8:78:1f:66:ee:b4:e3:4a:19:6a:56: 2a:5b:1d:28:84:9b:fd:75:15:e3:21:b5:fe:c2:90: 24:fd:9d:38:a5:ff:c4:ce:ff:a1:6b:e5:83:b0:d7: 8a:d6:47:e9:9a:49:fb:39:ef:72:4a:65:00:4c:49: 01:aa:7e:a8:f4:90:49:2c:5c:cb:96:85:37:6c:2c: 17:ea:b3:51:73:79:22:36:33:41:80:bb:7e:62:a6: 98:c0:39:76:ab:31:25:d2:35:17:bc:a0:80:73:04: c8:5f:e3:79:4b:b6:8f:c2:f8:e1:ca:08:bf:b5:d2: de:ed Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3F:8A:B8:C5:AD:FF:A4:E4:D5:C9:5E:51:3F:2E:F3:BE:D9:F9:E8:21 X509v3 Authority Key Identifier: keyid:39:EE:85:2F:E1:38:CD:ED:C5:B4:2D:11:A3:42:95:D1:09:AD:49:25 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2716/Oe6FL-E4ze3FtC0Ro0KV0QmtSSU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Oe6FL-E4ze3FtC0Ro0KV0QmtSSU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2716/P4q4xa3_pOTVyV5RPy7zvtn56CE.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 45.248.90.0/24 Signature Algorithm: sha256WithRSAEncryption c9:ae:35:d4:da:44:c5:17:0e:42:7d:6f:07:cb:d7:33:f6:be: be:3a:d3:1d:9c:d5:f1:82:5a:42:dd:3f:66:4e:35:71:8f:e5: fc:ed:96:d0:d9:5e:76:ce:82:bf:1e:52:71:9e:b5:3f:03:96: ca:65:71:2b:d7:ed:08:51:6c:7e:e9:5f:d5:6c:05:45:c2:ec: a9:c3:6b:cc:6c:39:58:df:19:4b:31:a6:da:ba:14:fa:ff:74: bc:47:db:03:fe:85:8d:62:d7:05:e9:89:43:80:62:ca:e4:d0: 93:f0:1b:59:a0:a4:0b:bb:ba:98:62:70:fc:51:db:91:42:70: 46:d7:9c:e8:06:a4:e8:9c:43:dc:be:6a:92:99:35:4d:1d:38: b4:5f:5e:5e:8b:4d:fe:65:ef:12:81:0d:88:05:ff:f5:4e:d6: 30:fc:24:6a:c5:5e:e2:7d:d3:86:b4:0a:62:5e:a3:b6:e0:31: 07:30:0c:d3:72:ee:bc:2f:21:74:25:4d:28:ce:e5:a0:f0:59: 0a:76:ef:ca:f6:db:fb:84:47:1b:e0:92:8a:8c:3a:ad:75:9e: 83:69:a4:6d:7a:20:0f:e3:97:31:a7:11:c8:3e:2e:ce:f7:0c: 30:69:55:90:c7:af:c6:e3:1f:69:46:f6:1e:0f:0f:c2:b1:18: 86:8c:08:7e -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICAyowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzlF RTg1MkZFMTM4Q0RFREM1QjQyRDExQTM0Mjk1RDEwOUFENDkyNTAeFw0yNTA4Mjgx MDM0MThaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDNGOEFCOEM1QURGRkE0 RTRENUM5NUU1MTNGMkVGM0JFRDlGOUU4MjEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDIcnchU6Nak9Xr5DpohxNJ5RoXslInzfVob4zdQHcSBUg0SEgj V18jN+dudrtI578TqY0oOec+8KMFviv5geFRHqdSPAWkbcaDy6qTU5Z9nTRfHwLw 6NlN5RKMizOIItqsMlZsf9qbDZixJV1ij29e9DzwXu451AMVbszsPpJGBO/S3Nbd Kcw+oESoeB9m7rTjShlqVipbHSiEm/11FeMhtf7CkCT9nTil/8TO/6Fr5YOw14rW R+maSfs573JKZQBMSQGqfqj0kEksXMuWhTdsLBfqs1FzeSI2M0GAu35ippjAOXar MSXSNRe8oIBzBMhf43lLto/C+OHKCL+10t7tAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUP4q4xa3/pOTVyV5RPy7zvtn56CEwHwYDVR0jBBgwFoAUOe6FL+E4ze3FtC0R o0KV0QmtSSUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjcx Ni9PZTZGTC1FNHplM0Z0QzBSbzBLVjBRbXRTU1UuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL09lNkZMLUU0emUzRnRDMFJvMEtWMFFtdFNTVS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI3MTYvUDRxNHhhM19wT1RW eVY1UlB5N3p2dG41NkNFLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAC34WjANBgkqhkiG9w0BAQsFAAOCAQEAya411NpExRcOQn1vB8vXM/a+vjrT HZzV8YJaQt0/Zk41cY/l/O2W0Nleds6Cvx5ScZ61PwOWymVxK9ftCFFsfulf1WwF RcLsqcNrzGw5WN8ZSzGm2roU+v90vEfbA/6FjWLXBemJQ4BiyuTQk/AbWaCkC7u6 mGJw/FHbkUJwRtec6Aak6JxD3L5qkpk1TR04tF9eXotN/mXvEoENiAX/9U7WMPwk asVe4n3ThrQKYl6jtuAxBzAM03LuvC8hdCVNKM7loPBZCnbvyvbb+4RHG+CSiow6 rXWeg2mkbXogD+OXMacRyD4uzvcMMGlVkMevxuMfaUb2Hg8PwrEYhowIfg== -----END CERTIFICATE-----Generated at Sun Sep 7 10:54:41 2025 by rpki-client