$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/817/Hs8A5b3l5RkmagZgIjJC_KeYiPQ.roa File: Hs8A5b3l5RkmagZgIjJC_KeYiPQ.roa (raw, json) Hash identifier: TroAJfViR7U4iL6PW0wjjgrXCPcCppfIpLKC2a8T6pY= Subject key identifier: 1E:CF:00:E5:BD:E5:E5:19:26:6A:06:60:22:32:42:FC:A7:98:88:F4 Certificate issuer: /CN=2A711AA7DC60049B0B0D884897E015B1171F37B9 Certificate serial: 21AE Authority key identifier: 2A:71:1A:A7:DC:60:04:9B:0B:0D:88:48:97:E0:15:B1:17:1F:37:B9 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/Hs8A5b3l5RkmagZgIjJC_KeYiPQ.roa Signing time: Fri 29 Aug 2025 09:10:36 +0000 ROA not before: Fri 29 Aug 2025 09:10:36 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 135377 IP address blocks: 42.240.255.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/KnEap9xgBJsLDYhIl-AVsRcfN7k.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/KnEap9xgBJsLDYhIl-AVsRcfN7k.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 05 Sep 2025 10:03:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8622 (0x21ae) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2A711AA7DC60049B0B0D884897E015B1171F37B9 Validity Not Before: Aug 29 09:10:36 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=1ECF00E5BDE5E519266A0660223242FCA79888F4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:57:c1:70:b5:44:c2:87:4e:f6:10:b0:fe:45: dc:58:17:77:d6:6a:45:96:49:a1:6b:46:eb:df:0e: 89:8d:ff:c5:da:c0:bb:a3:32:42:73:f7:6a:6c:0d: 31:96:2d:ac:aa:91:dd:a7:2d:83:fd:cb:9f:5a:1a: 1a:e3:f5:2e:4b:07:93:34:25:a1:32:14:22:18:9b: 79:70:1f:2d:a5:dd:9f:a4:8f:ae:d6:62:b4:28:7f: 06:a5:d0:bc:59:14:dd:84:d4:5b:40:84:9c:5b:9a: 72:65:75:1f:4d:00:3e:e8:c4:0c:96:5d:25:11:35: 9a:86:0b:ce:f5:db:c7:6c:6f:e5:e1:85:72:81:22: f6:10:0d:99:c3:2a:03:a9:b6:3d:d3:50:f1:35:1a: 49:29:5e:f9:36:17:ad:2b:35:ea:2b:ca:1d:bb:fb: 58:6d:a0:93:38:4d:bd:c5:55:ac:02:49:94:0c:ec: 0a:96:be:9f:00:6c:53:fa:14:eb:5f:10:75:a0:e6: a5:5b:e2:c9:b5:5d:67:ee:77:2f:41:76:24:da:3c: 3e:db:6e:be:46:a6:fd:c5:c9:70:35:91:65:b7:e4: 14:47:63:73:3f:c9:b5:6c:ee:d3:e4:0d:72:11:73: 29:7e:46:8a:9e:93:3f:df:f0:a1:35:98:8a:11:7f: ba:43 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1E:CF:00:E5:BD:E5:E5:19:26:6A:06:60:22:32:42:FC:A7:98:88:F4 X509v3 Authority Key Identifier: keyid:2A:71:1A:A7:DC:60:04:9B:0B:0D:88:48:97:E0:15:B1:17:1F:37:B9 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/KnEap9xgBJsLDYhIl-AVsRcfN7k.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/Hs8A5b3l5RkmagZgIjJC_KeYiPQ.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 42.240.255.0/24 Signature Algorithm: sha256WithRSAEncryption 0a:0f:d1:57:fd:ec:ca:e7:cd:c0:ac:31:aa:e2:f0:57:b5:1b: cc:0f:fd:1e:f7:2c:b9:aa:0b:df:b1:67:21:e6:ab:a3:86:46: 4c:be:55:6e:c4:99:87:fc:3e:1c:50:d4:4a:0e:1f:1f:71:2e: 0c:79:bf:8a:db:c8:53:e5:69:65:fb:12:95:a0:74:81:3e:7f: 0c:c7:01:11:6e:88:71:4a:f6:30:df:49:57:d4:b4:47:04:e9: ec:16:12:b1:69:2a:05:12:25:aa:89:15:75:87:52:5b:b4:b4: 46:f1:10:ef:47:43:5d:d2:5a:36:1f:5a:71:33:e6:e9:39:5d: c2:d2:e8:f7:d5:dc:20:49:5c:7c:54:0d:2e:a0:01:f7:a1:55: d5:67:73:bf:cc:22:53:35:c0:75:82:90:84:4a:b2:e5:cf:74: 33:2b:d2:0e:04:bb:e4:16:4c:e3:6f:aa:06:cf:1c:f0:a5:dc: e6:7c:5f:95:0d:12:0b:3e:09:5d:73:ce:75:1f:26:28:8a:48: 1b:22:d8:b1:d6:3b:69:a8:57:7c:9d:51:90:ba:87:b6:d5:e4: 3c:e0:5d:82:b3:cc:09:61:55:cf:ca:d9:80:67:f6:a0:3f:67: ac:44:3b:40:b1:29:8d:2b:a3:7d:6c:a7:d6:16:48:de:0a:9d: 7c:3c:fd:69 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICIa4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkE3 MTFBQTdEQzYwMDQ5QjBCMEQ4ODQ4OTdFMDE1QjExNzFGMzdCOTAeFw0yNTA4Mjkw OTEwMzZaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDFFQ0YwMEU1QkRFNUU1 MTkyNjZBMDY2MDIyMzI0MkZDQTc5ODg4RjQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDGV8FwtUTCh072ELD+RdxYF3fWakWWSaFrRuvfDomN/8XawLuj MkJz92psDTGWLayqkd2nLYP9y59aGhrj9S5LB5M0JaEyFCIYm3lwHy2l3Z+kj67W YrQofwal0LxZFN2E1FtAhJxbmnJldR9NAD7oxAyWXSURNZqGC87128dsb+XhhXKB IvYQDZnDKgOptj3TUPE1GkkpXvk2F60rNeoryh27+1htoJM4Tb3FVawCSZQM7AqW vp8AbFP6FOtfEHWg5qVb4sm1XWfudy9BdiTaPD7bbr5Gpv3FyXA1kWW35BRHY3M/ ybVs7tPkDXIRcyl+Roqekz/f8KE1mIoRf7pDAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUHs8A5b3l5RkmagZgIjJC/KeYiPQwHwYDVR0jBBgwFoAUKnEap9xgBJsLDYhI l+AVsRcfN7kwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODE3 L0tuRWFwOXhnQkpzTERZaElsLUFWc1JjZk43ay5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvS25FYXA5eGdCSnNMRFloSWwtQVZzUmNmTjdrLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODE3L0hzOEE1YjNsNVJrbWFn WmdJakpDX0tlWWlQUS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAAq8P8wDQYJKoZIhvcNAQELBQADggEBAAoP0Vf97MrnzcCsMari8Fe1G8wP/R73 LLmqC9+xZyHmq6OGRky+VW7EmYf8PhxQ1EoOHx9xLgx5v4rbyFPlaWX7EpWgdIE+ fwzHARFuiHFK9jDfSVfUtEcE6ewWErFpKgUSJaqJFXWHUlu0tEbxEO9HQ13SWjYf WnEz5uk5XcLS6PfV3CBJXHxUDS6gAfehVdVnc7/MIlM1wHWCkIRKsuXPdDMr0g4E u+QWTONvqgbPHPCl3OZ8X5UNEgs+CV1zznUfJiiKSBsi2LHWO2moV3ydUZC6h7bV 5DzgXYKzzAlhVc/K2YBn9qA/Z6xEO0CxKY0ro31sp9YWSN4KnXw8/Wk= -----END CERTIFICATE-----Generated at Fri Sep 5 09:12:52 2025 by rpki-client