$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3168/BseVa9QjAVj15Cj_AaDcISs_-vs.roa File: BseVa9QjAVj15Cj_AaDcISs_-vs.roa (raw, json) Hash identifier: 4cYl4Tj+p6e2dMFKS1RLmXgZKSFhDy4zmuGeQd2e+S8= Subject key identifier: 06:C7:95:6B:D4:23:01:58:F5:E4:28:FF:01:A0:DC:21:2B:3F:FA:FB Certificate issuer: /CN=240987F40A6030CDFA33DED1EEE7CF4DC7C30094 Certificate serial: 164B Authority key identifier: 24:09:87:F4:0A:60:30:CD:FA:33:DE:D1:EE:E7:CF:4D:C7:C3:00:94 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/JAmH9ApgMM36M97R7ufPTcfDAJQ.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3168/BseVa9QjAVj15Cj_AaDcISs_-vs.roa Signing time: Mon 08 Sep 2025 09:24:01 +0000 ROA not before: Mon 08 Sep 2025 09:24:01 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 209242 IP address blocks: 42.201.8.0/21 maxlen: 21 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3168/JAmH9ApgMM36M97R7ufPTcfDAJQ.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3168/JAmH9ApgMM36M97R7ufPTcfDAJQ.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/JAmH9ApgMM36M97R7ufPTcfDAJQ.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 18 Sep 2025 03:04:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5707 (0x164b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=240987F40A6030CDFA33DED1EEE7CF4DC7C30094 Validity Not Before: Sep 8 09:24:01 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=06C7956BD4230158F5E428FF01A0DC212B3FFAFB Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:55:c1:8a:95:a1:f9:60:5f:0d:5d:9d:a5:7c: 7e:16:e7:e7:4a:e6:1d:65:5c:e8:a7:fd:f1:07:f2: 01:bc:73:e6:f1:7a:06:e7:08:80:28:ba:c5:fb:67: 0d:bd:cd:63:c9:4d:9f:27:25:2b:9d:72:d1:c6:87: 6c:84:77:01:6b:82:b0:64:b7:8f:a7:7a:2a:d4:20: 3c:18:9b:54:26:a2:3a:2d:32:20:12:8b:98:28:02: 5b:45:0b:8b:36:68:62:c2:73:21:bf:83:50:d0:5f: 17:5a:b7:8d:16:18:9d:c3:36:6e:4d:29:18:2b:0a: 46:39:a5:3d:18:c2:c6:ff:49:13:b6:7a:78:83:68: 76:6b:08:49:ee:d8:7f:31:ed:90:0e:b2:4b:7e:f3: 9a:1a:96:2f:d3:f8:fa:c0:32:95:80:e7:cc:15:1c: 1e:46:d7:60:cc:a9:26:2f:e8:db:9e:1d:50:73:26: 34:de:a4:f2:83:5f:5f:2f:41:a8:af:3f:9a:10:e9: 1a:ef:b4:2d:f9:7b:46:47:9d:19:7d:12:60:e6:8e: 6b:c8:d4:88:6c:b0:99:65:ec:de:0c:d1:77:1a:06: ee:51:f5:21:fc:0c:5d:03:e8:1c:d7:0b:a4:a0:a9: d4:98:6e:b7:49:6e:80:ac:67:5b:93:3e:ed:b4:4b: b0:65 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 06:C7:95:6B:D4:23:01:58:F5:E4:28:FF:01:A0:DC:21:2B:3F:FA:FB X509v3 Authority Key Identifier: keyid:24:09:87:F4:0A:60:30:CD:FA:33:DE:D1:EE:E7:CF:4D:C7:C3:00:94 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3168/JAmH9ApgMM36M97R7ufPTcfDAJQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/JAmH9ApgMM36M97R7ufPTcfDAJQ.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3168/BseVa9QjAVj15Cj_AaDcISs_-vs.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 42.201.8.0/21 Signature Algorithm: sha256WithRSAEncryption 2b:42:1a:57:c2:44:32:6b:00:c6:16:48:be:a7:a8:7e:f1:10: d5:5b:8d:c8:c6:6b:81:79:91:a0:f5:6c:a1:7b:56:1c:ea:f9: bf:2f:6a:97:9d:ac:2b:89:03:96:c6:40:50:79:f1:1d:bb:43: 08:95:49:22:aa:32:63:a5:ed:cb:5a:f0:b6:75:cd:76:16:ef: 1b:ab:7d:2a:9a:0b:16:fc:64:5f:53:f5:55:52:08:5e:c1:60: 6c:d3:db:d8:8a:e4:aa:7d:55:41:62:9f:36:5e:6b:a1:b2:9e: e4:94:3c:48:44:cc:13:c6:21:81:60:44:9b:d2:90:a7:dc:0f: 95:03:4a:b3:f5:b4:49:7f:83:67:77:20:17:5d:4e:70:2b:23: 87:2b:a1:a9:76:48:c5:20:c3:dc:73:9d:9a:a5:3b:f1:41:d0: c4:28:3d:52:54:9c:34:a1:77:43:d0:f0:69:7f:68:06:1b:d1: a3:4a:2e:42:62:e4:d1:a1:07:97:7e:da:10:95:50:eb:9d:3b: 15:a7:57:a3:41:44:b0:88:ab:c7:5a:8e:8d:ab:3e:d4:60:e2: 90:ee:db:8e:99:93:78:2a:2a:66:95:79:a8:2d:b5:d4:45:da: fa:ae:f1:b1:9f:7b:93:6c:9c:fe:10:5c:d6:b5:58:ae:b8:50: be:40:ba:1d -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICFkswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMjQw OTg3RjQwQTYwMzBDREZBMzNERUQxRUVFN0NGNERDN0MzMDA5NDAeFw0yNTA5MDgw OTI0MDFaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDA2Qzc5NTZCRDQyMzAx NThGNUU0MjhGRjAxQTBEQzIxMkIzRkZBRkIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCvVcGKlaH5YF8NXZ2lfH4W5+dK5h1lXOin/fEH8gG8c+bxegbn CIAousX7Zw29zWPJTZ8nJSudctHGh2yEdwFrgrBkt4+neirUIDwYm1QmojotMiAS i5goAltFC4s2aGLCcyG/g1DQXxdat40WGJ3DNm5NKRgrCkY5pT0Ywsb/SRO2eniD aHZrCEnu2H8x7ZAOskt+85oali/T+PrAMpWA58wVHB5G12DMqSYv6NueHVBzJjTe pPKDX18vQaivP5oQ6RrvtC35e0ZHnRl9EmDmjmvI1IhssJll7N4M0XcaBu5R9SH8 DF0D6BzXC6SgqdSYbrdJboCsZ1uTPu20S7BlAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUBseVa9QjAVj15Cj/AaDcISs/+vswHwYDVR0jBBgwFoAUJAmH9ApgMM36M97R 7ufPTcfDAJQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzE2 OC9KQW1IOUFwZ01NMzZNOTdSN3VmUFRjZkRBSlEuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0pBbUg5QXBnTU0zNk05N1I3dWZQVGNmREFKUS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMxNjgvQnNlVmE5UWpBVmox NUNqX0FhRGNJU3NfLXZzLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAyrJCDANBgkqhkiG9w0BAQsFAAOCAQEAK0IaV8JEMmsAxhZIvqeofvEQ1VuN yMZrgXmRoPVsoXtWHOr5vy9ql52sK4kDlsZAUHnxHbtDCJVJIqoyY6Xty1rwtnXN dhbvG6t9KpoLFvxkX1P1VVIIXsFgbNPb2Irkqn1VQWKfNl5robKe5JQ8SETME8Yh gWBEm9KQp9wPlQNKs/W0SX+DZ3cgF11OcCsjhyuhqXZIxSDD3HOdmqU78UHQxCg9 UlScNKF3Q9DwaX9oBhvRo0ouQmLk0aEHl37aEJVQ6507FadXo0FEsIirx1qOjas+ 1GDikO7bjpmTeCoqZpV5qC211EXa+q7xsZ97k2yc/hBc1rVYrrhQvkC6HQ== -----END CERTIFICATE-----Generated at Thu Sep 18 02:08:39 2025 by rpki-client