$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/817/BonlW2DmuoGASlWjk61_wGX5Xec.roa File: BonlW2DmuoGASlWjk61_wGX5Xec.roa (raw, json) Hash identifier: 6WzIV0IBoqMDzJqQRKyf7kvfahX8aBjwn0DeMWnr/+k= Subject key identifier: 06:89:E5:5B:60:E6:BA:81:80:4A:55:A3:93:AD:7F:C0:65:F9:5D:E7 Certificate issuer: /CN=2A711AA7DC60049B0B0D884897E015B1171F37B9 Certificate serial: 2179 Authority key identifier: 2A:71:1A:A7:DC:60:04:9B:0B:0D:88:48:97:E0:15:B1:17:1F:37:B9 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/BonlW2DmuoGASlWjk61_wGX5Xec.roa Signing time: Fri 29 Aug 2025 09:05:23 +0000 ROA not before: Fri 29 Aug 2025 09:05:23 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 23724 IP address blocks: 117.50.224.0/19 maxlen: 19 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/KnEap9xgBJsLDYhIl-AVsRcfN7k.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/KnEap9xgBJsLDYhIl-AVsRcfN7k.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 27 Oct 2025 01:05:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8569 (0x2179) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2A711AA7DC60049B0B0D884897E015B1171F37B9 Validity Not Before: Aug 29 09:05:23 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=0689E55B60E6BA81804A55A393AD7FC065F95DE7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:17:f9:36:eb:52:68:e4:d0:02:b1:2c:82:cd: 6f:4d:90:e7:c7:42:32:3b:c5:20:cb:c2:d8:92:e3: 18:20:ed:36:45:33:de:f5:46:12:31:8c:a2:f3:8b: 3c:23:f2:45:c6:44:57:ce:c8:8f:80:e7:31:d9:83: 09:7f:9c:37:34:a2:e2:73:16:bd:eb:93:81:2d:e0: ab:f8:be:b4:fe:38:17:de:47:2e:55:45:03:9b:f9: 1f:34:61:14:ae:0d:25:02:6b:a4:70:9f:ac:96:b1: 58:c1:ea:96:fb:da:19:78:a0:36:5b:e5:2f:0e:dd: 25:e8:da:65:52:7e:fc:0a:66:36:66:24:a6:5e:02: 7e:82:f1:63:dd:e4:8e:d1:da:91:57:68:13:20:37: cf:7c:d0:d9:b6:31:51:df:82:26:a6:58:52:65:c7: 2d:e0:3c:21:ff:a4:25:b2:31:0c:67:f6:c9:ef:aa: 40:81:a9:31:96:52:e5:6c:c8:e1:ca:a2:21:f3:70: 05:13:6d:9d:33:46:0d:8d:20:b2:b0:b1:8d:f4:71: e8:ec:ac:b6:78:04:e6:a7:ff:71:07:e4:12:7e:d9: 1c:04:b3:52:5d:d5:97:27:b5:fb:de:92:ed:57:a7: 01:39:fc:2a:67:eb:ae:d9:7b:6e:54:f3:bf:ab:3c: f2:21 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 06:89:E5:5B:60:E6:BA:81:80:4A:55:A3:93:AD:7F:C0:65:F9:5D:E7 X509v3 Authority Key Identifier: keyid:2A:71:1A:A7:DC:60:04:9B:0B:0D:88:48:97:E0:15:B1:17:1F:37:B9 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/KnEap9xgBJsLDYhIl-AVsRcfN7k.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/BonlW2DmuoGASlWjk61_wGX5Xec.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 117.50.224.0/19 Signature Algorithm: sha256WithRSAEncryption 55:76:cb:9f:ad:f4:7f:9e:29:43:f3:2f:91:42:4a:1f:0d:53: 3d:10:7b:aa:20:81:9b:15:96:a8:34:18:20:45:53:cc:57:b4: 51:bb:fb:6b:c1:f5:53:d5:46:a6:dc:5e:1f:17:0f:a0:b3:09: ea:08:b3:80:76:e3:81:9c:7b:c0:ee:3e:fd:e0:61:0c:d4:3b: ae:6b:15:ce:cd:2a:fe:e7:dd:c9:5a:be:2b:fd:5a:bd:bd:ca: f0:b5:29:bc:f9:a4:a2:a2:81:b9:cc:3b:74:d3:8b:32:01:d7: be:80:15:bc:4f:9f:5d:99:5b:7f:96:64:1f:00:d9:9f:31:44: cf:da:95:14:5d:b7:a0:26:03:76:52:84:08:b6:2b:1a:94:22: c5:2a:b7:8c:d9:45:1c:b9:68:30:11:4d:e5:60:92:40:b4:9a: a2:19:eb:39:06:75:51:27:a8:7a:9b:79:ed:08:54:df:e1:4a: 75:7d:29:14:da:fc:46:bd:18:ee:3d:08:71:cb:d2:e4:e5:dd: 5d:9e:d2:f1:15:90:59:f9:26:dd:45:98:75:45:c0:54:3a:21: e3:32:75:8b:48:cc:dd:3f:b1:20:d0:02:90:9e:9c:58:0c:9c: 96:80:0f:4c:ff:34:53:ee:c5:0c:71:0f:57:e0:da:ce:a9:32: bc:db:a3:8b -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICIXkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkE3 MTFBQTdEQzYwMDQ5QjBCMEQ4ODQ4OTdFMDE1QjExNzFGMzdCOTAeFw0yNTA4Mjkw OTA1MjNaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDA2ODlFNTVCNjBFNkJB ODE4MDRBNTVBMzkzQUQ3RkMwNjVGOTVERTcwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDJF/k261Jo5NACsSyCzW9NkOfHQjI7xSDLwtiS4xgg7TZFM971 RhIxjKLzizwj8kXGRFfOyI+A5zHZgwl/nDc0ouJzFr3rk4Et4Kv4vrT+OBfeRy5V RQOb+R80YRSuDSUCa6Rwn6yWsVjB6pb72hl4oDZb5S8O3SXo2mVSfvwKZjZmJKZe An6C8WPd5I7R2pFXaBMgN8980Nm2MVHfgiamWFJlxy3gPCH/pCWyMQxn9snvqkCB qTGWUuVsyOHKoiHzcAUTbZ0zRg2NILKwsY30cejsrLZ4BOan/3EH5BJ+2RwEs1Jd 1Zcntfveku1XpwE5/Cpn667Ze25U87+rPPIhAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUBonlW2DmuoGASlWjk61/wGX5XecwHwYDVR0jBBgwFoAUKnEap9xgBJsLDYhI l+AVsRcfN7kwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODE3 L0tuRWFwOXhnQkpzTERZaElsLUFWc1JjZk43ay5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvS25FYXA5eGdCSnNMRFloSWwtQVZzUmNmTjdrLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODE3L0JvbmxXMkRtdW9HQVNs V2prNjFfd0dYNVhlYy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAV1MuAwDQYJKoZIhvcNAQELBQADggEBAFV2y5+t9H+eKUPzL5FCSh8NUz0Qe6og gZsVlqg0GCBFU8xXtFG7+2vB9VPVRqbcXh8XD6CzCeoIs4B244Gce8DuPv3gYQzU O65rFc7NKv7n3claviv9Wr29yvC1Kbz5pKKigbnMO3TTizIB176AFbxPn12ZW3+W ZB8A2Z8xRM/alRRdt6AmA3ZShAi2KxqUIsUqt4zZRRy5aDARTeVgkkC0mqIZ6zkG dVEnqHqbee0IVN/hSnV9KRTa/Ea9GO49CHHL0uTl3V2e0vEVkFn5Jt1FmHVFwFQ6 IeMydYtIzN0/sSDQApCenFgMnJaAD0z/NFPuxQxxD1fg2s6pMrzbo4s= -----END CERTIFICATE-----Generated at Sun Oct 26 23:17:43 2025 by rpki-client