$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/817/WSbD-4XRJgurfBQTxjsJ36ZB04I.roa File: WSbD-4XRJgurfBQTxjsJ36ZB04I.roa (raw, json) Hash identifier: TmaKJIOpHZ/W7Uv5yW0qamEuQXK/lsb6NNRY7QEhLcQ= Subject key identifier: 59:26:C3:FB:85:D1:26:0B:AB:7C:14:13:C6:3B:09:DF:A6:41:D3:82 Certificate issuer: /CN=2A711AA7DC60049B0B0D884897E015B1171F37B9 Certificate serial: 2186 Authority key identifier: 2A:71:1A:A7:DC:60:04:9B:0B:0D:88:48:97:E0:15:B1:17:1F:37:B9 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/WSbD-4XRJgurfBQTxjsJ36ZB04I.roa Signing time: Fri 29 Aug 2025 09:05:26 +0000 ROA not before: Fri 29 Aug 2025 09:05:26 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 58466 IP address blocks: 42.240.128.0/20 maxlen: 20 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/KnEap9xgBJsLDYhIl-AVsRcfN7k.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/KnEap9xgBJsLDYhIl-AVsRcfN7k.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 08 Sep 2025 16:34:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8582 (0x2186) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2A711AA7DC60049B0B0D884897E015B1171F37B9 Validity Not Before: Aug 29 09:05:26 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=5926C3FB85D1260BAB7C1413C63B09DFA641D382 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d3:21:e2:59:7f:7b:05:a6:cf:40:86:af:94:3b: 5d:7c:c6:9d:28:f2:84:f3:85:37:2b:2e:16:9e:e6: ba:08:6f:03:39:92:8f:24:81:68:bc:da:27:8b:a1: b3:ab:d5:a9:61:49:4e:dd:4e:05:16:f9:5b:e1:a9: 4b:b2:c2:18:b4:63:4d:cb:8b:c5:7e:d2:55:5b:51: fa:1a:9b:0b:d2:47:2d:4e:c0:97:6c:93:fe:3f:e0: 8d:05:fa:a9:14:ac:c7:0e:8b:61:34:cb:8d:dd:db: 88:d5:62:f3:8a:84:c7:01:ce:b9:2b:81:f0:df:25: 5a:ca:c9:af:11:2f:1b:25:cb:be:3a:6b:85:fc:6d: 39:42:a2:56:a6:f8:64:af:d9:22:4e:f1:53:65:4a: 96:db:99:4d:dc:c1:7c:54:67:b4:61:87:a3:b2:ea: ed:37:e3:06:b9:aa:1e:ac:e5:bd:f0:98:d3:b8:82: 91:d7:d8:86:f1:12:e9:f2:cb:e8:aa:0d:32:c9:0b: b6:ef:4f:99:b7:79:e9:bf:50:3b:3a:14:f9:c0:4a: 1f:db:40:3d:f9:8c:32:9c:a3:c1:4f:17:29:73:f5: 22:e4:e0:7e:af:64:93:9e:17:57:c6:12:03:07:04: 89:f0:71:70:4d:72:0a:69:08:a7:2b:a5:80:e9:6e: 40:31 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 59:26:C3:FB:85:D1:26:0B:AB:7C:14:13:C6:3B:09:DF:A6:41:D3:82 X509v3 Authority Key Identifier: keyid:2A:71:1A:A7:DC:60:04:9B:0B:0D:88:48:97:E0:15:B1:17:1F:37:B9 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/KnEap9xgBJsLDYhIl-AVsRcfN7k.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/WSbD-4XRJgurfBQTxjsJ36ZB04I.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 42.240.128.0/20 Signature Algorithm: sha256WithRSAEncryption 0d:45:69:e6:b4:83:e3:cc:66:a8:47:a5:fc:03:55:0a:40:03: a2:bc:e8:37:40:3f:7e:89:7f:e2:ae:2a:09:c5:03:77:88:82: 95:22:35:4b:0b:f3:08:23:2e:39:32:59:df:f7:5f:48:dd:e8: 36:8c:50:d4:54:1b:48:7f:94:15:5d:f0:0f:de:ac:23:3f:0f: a2:e7:07:21:7c:5a:aa:cc:ef:af:2c:3a:3a:9e:8f:51:1f:81: d7:0f:b5:b5:b7:92:1a:98:63:50:13:74:a0:71:17:5f:37:f5: 46:f6:42:01:84:75:8b:f8:14:cd:85:f9:c2:78:8a:20:3a:11: f4:f3:81:ac:46:8b:65:75:9b:5a:68:ca:ef:d8:a7:ab:52:23: 3e:c6:a9:b4:8e:06:4d:47:63:1f:d3:b9:97:42:c5:b0:12:af: df:6c:f0:0b:ee:04:17:e2:d2:9b:07:36:7c:33:70:45:91:3e: 94:7c:d1:2e:ab:cc:83:57:ad:12:75:47:2d:ed:d9:ff:3e:30: 0a:bc:72:66:1e:5b:3e:55:1e:81:90:3d:c3:1f:0d:34:75:21: 0c:9c:18:e0:0e:24:af:9e:04:64:fa:ce:a3:eb:fc:6a:36:46: f3:9c:49:f4:80:c7:cb:d3:5a:aa:ab:88:19:77:fa:85:d4:eb: c2:98:06:c8 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICIYYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkE3 MTFBQTdEQzYwMDQ5QjBCMEQ4ODQ4OTdFMDE1QjExNzFGMzdCOTAeFw0yNTA4Mjkw OTA1MjZaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDU5MjZDM0ZCODVEMTI2 MEJBQjdDMTQxM0M2M0IwOURGQTY0MUQzODIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDTIeJZf3sFps9Ahq+UO118xp0o8oTzhTcrLhae5roIbwM5ko8k gWi82ieLobOr1alhSU7dTgUW+VvhqUuywhi0Y03Li8V+0lVbUfoamwvSRy1OwJds k/4/4I0F+qkUrMcOi2E0y43d24jVYvOKhMcBzrkrgfDfJVrKya8RLxsly746a4X8 bTlColam+GSv2SJO8VNlSpbbmU3cwXxUZ7Rhh6Oy6u034wa5qh6s5b3wmNO4gpHX 2IbxEunyy+iqDTLJC7bvT5m3eem/UDs6FPnASh/bQD35jDKco8FPFylz9SLk4H6v ZJOeF1fGEgMHBInwcXBNcgppCKcrpYDpbkAxAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUWSbD+4XRJgurfBQTxjsJ36ZB04IwHwYDVR0jBBgwFoAUKnEap9xgBJsLDYhI l+AVsRcfN7kwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODE3 L0tuRWFwOXhnQkpzTERZaElsLUFWc1JjZk43ay5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvS25FYXA5eGdCSnNMRFloSWwtQVZzUmNmTjdrLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODE3L1dTYkQtNFhSSmd1cmZC UVR4anNKMzZaQjA0SS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAQq8IAwDQYJKoZIhvcNAQELBQADggEBAA1Faea0g+PMZqhHpfwDVQpAA6K86DdA P36Jf+KuKgnFA3eIgpUiNUsL8wgjLjkyWd/3X0jd6DaMUNRUG0h/lBVd8A/erCM/ D6LnByF8WqrM768sOjqej1EfgdcPtbW3khqYY1ATdKBxF1839Ub2QgGEdYv4FM2F +cJ4iiA6EfTzgaxGi2V1m1poyu/Yp6tSIz7GqbSOBk1HYx/TuZdCxbASr99s8Avu BBfi0psHNnwzcEWRPpR80S6rzINXrRJ1Ry3t2f8+MAq8cmYeWz5VHoGQPcMfDTR1 IQycGOAOJK+eBGT6zqPr/Go2RvOcSfSAx8vTWqqriBl3+oXU68KYBsg= -----END CERTIFICATE-----Generated at Mon Sep 8 13:35:17 2025 by rpki-client