$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/817/WWB6RHpleZ0_UYCbCfKhmWGJl2A.roa File: WWB6RHpleZ0_UYCbCfKhmWGJl2A.roa (raw, json) Hash identifier: MbJKTeoX/NPPN/zMgqNwF9eSBPfSD32oYyxdYO/N6FE= Subject key identifier: 59:60:7A:44:7A:65:79:9D:3F:51:80:9B:09:F2:A1:99:61:89:97:60 Certificate issuer: /CN=2A711AA7DC60049B0B0D884897E015B1171F37B9 Certificate serial: 21C8 Authority key identifier: 2A:71:1A:A7:DC:60:04:9B:0B:0D:88:48:97:E0:15:B1:17:1F:37:B9 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/WWB6RHpleZ0_UYCbCfKhmWGJl2A.roa Signing time: Wed 03 Sep 2025 08:02:01 +0000 ROA not before: Wed 03 Sep 2025 08:02:01 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 135377 IP address blocks: 42.240.253.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/KnEap9xgBJsLDYhIl-AVsRcfN7k.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/KnEap9xgBJsLDYhIl-AVsRcfN7k.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 05 Sep 2025 10:03:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8648 (0x21c8) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2A711AA7DC60049B0B0D884897E015B1171F37B9 Validity Not Before: Sep 3 08:02:01 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=59607A447A65799D3F51809B09F2A19961899760 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:ce:c8:e8:c6:69:e9:7d:b4:a3:c1:c7:ad:d9: 30:ae:0c:82:6f:eb:f4:23:d6:79:cb:3d:3d:2b:79: c4:e2:6e:d8:10:b3:b0:88:bc:9d:21:bb:57:b6:d3: b8:6e:78:69:88:33:c7:98:ac:e9:e3:f5:aa:ff:e9: 56:01:db:80:02:a4:f7:ce:c5:21:bf:cc:10:e2:b3: c6:4e:b4:74:ca:16:d8:db:5d:65:9f:45:8a:af:86: b9:56:d7:8f:bf:f4:30:ef:22:a3:8d:2e:eb:7c:b3: 05:de:80:7d:48:02:ac:35:99:47:64:3b:3d:75:12: d5:28:9d:5e:ed:13:6a:66:1e:8b:14:6d:f2:f7:1b: 17:9b:b4:07:3b:95:2f:06:3d:56:b1:27:29:55:97: bb:76:7f:35:ce:f8:86:08:fd:dd:55:78:db:1c:88: 60:7c:93:eb:1a:2d:4f:bf:d2:ab:ba:d3:b9:42:ba: b0:f3:b7:b8:9f:f6:ac:6c:56:cb:6d:c4:ce:4b:8d: 45:d7:91:3a:94:f4:8f:d6:7b:42:54:30:ac:89:42: d7:11:9a:3b:a1:69:e4:23:c1:c8:bf:57:0b:cf:b6: 37:b2:28:d4:43:0b:9e:21:4a:1c:4b:0d:8f:86:ef: a4:61:f8:67:df:85:de:10:10:a1:61:c5:05:a1:5e: 97:23 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 59:60:7A:44:7A:65:79:9D:3F:51:80:9B:09:F2:A1:99:61:89:97:60 X509v3 Authority Key Identifier: keyid:2A:71:1A:A7:DC:60:04:9B:0B:0D:88:48:97:E0:15:B1:17:1F:37:B9 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/KnEap9xgBJsLDYhIl-AVsRcfN7k.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/WWB6RHpleZ0_UYCbCfKhmWGJl2A.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 42.240.253.0/24 Signature Algorithm: sha256WithRSAEncryption 87:d7:9f:1a:c3:18:b6:ab:73:70:49:fe:f2:34:29:0c:0a:df: 26:72:3f:2d:af:86:a0:05:0e:07:a0:15:a7:22:aa:0f:f5:52: 86:23:7b:9d:8a:57:39:ce:c4:87:61:d1:5d:60:15:83:a4:18: bc:4e:41:2a:fc:b7:da:de:fa:a4:28:c7:71:ee:03:47:ba:90: d5:15:c4:c7:56:da:83:78:6d:85:67:ad:70:22:b6:f9:3f:b6: 49:2d:26:49:d3:44:87:a7:da:3f:dd:96:5e:2f:83:d6:ea:ef: 47:bb:95:c9:09:d4:dc:19:66:53:75:2f:ba:f2:87:c3:61:60: 73:45:f7:a5:27:2c:65:c5:10:8d:4d:4f:f3:b5:42:a7:81:44: 78:bd:ee:c1:8c:d0:47:6d:9c:39:33:03:0b:79:8b:58:30:dd: 0a:17:7d:7f:5c:12:c2:e3:9e:bc:16:5e:f6:9f:19:90:ba:29: 6f:06:b0:e5:a0:66:b0:ad:10:a3:38:c3:cc:f0:a7:46:20:a4: ef:aa:69:ef:83:67:d2:a7:ba:df:92:7e:94:4b:d2:3a:a5:5a: 56:5b:0f:7e:29:76:20:c6:0b:14:5e:a4:d2:9d:c0:17:39:5c: 39:a2:41:a9:e9:d5:31:10:ef:f1:82:06:23:31:a2:c9:fe:e4: f9:cd:51:8c -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICIcgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkE3 MTFBQTdEQzYwMDQ5QjBCMEQ4ODQ4OTdFMDE1QjExNzFGMzdCOTAeFw0yNTA5MDMw ODAyMDFaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDU5NjA3QTQ0N0E2NTc5 OUQzRjUxODA5QjA5RjJBMTk5NjE4OTk3NjAwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCzzsjoxmnpfbSjwcet2TCuDIJv6/Qj1nnLPT0recTibtgQs7CI vJ0hu1e207hueGmIM8eYrOnj9ar/6VYB24ACpPfOxSG/zBDis8ZOtHTKFtjbXWWf RYqvhrlW14+/9DDvIqONLut8swXegH1IAqw1mUdkOz11EtUonV7tE2pmHosUbfL3 GxebtAc7lS8GPVaxJylVl7t2fzXO+IYI/d1VeNsciGB8k+saLU+/0qu607lCurDz t7if9qxsVsttxM5LjUXXkTqU9I/We0JUMKyJQtcRmjuhaeQjwci/VwvPtjeyKNRD C54hShxLDY+G76Rh+Gffhd4QEKFhxQWhXpcjAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUWWB6RHpleZ0/UYCbCfKhmWGJl2AwHwYDVR0jBBgwFoAUKnEap9xgBJsLDYhI l+AVsRcfN7kwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODE3 L0tuRWFwOXhnQkpzTERZaElsLUFWc1JjZk43ay5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvS25FYXA5eGdCSnNMRFloSWwtQVZzUmNmTjdrLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODE3L1dXQjZSSHBsZVowX1VZ Q2JDZktobVdHSmwyQS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAAq8P0wDQYJKoZIhvcNAQELBQADggEBAIfXnxrDGLarc3BJ/vI0KQwK3yZyPy2v hqAFDgegFaciqg/1UoYje52KVznOxIdh0V1gFYOkGLxOQSr8t9re+qQox3HuA0e6 kNUVxMdW2oN4bYVnrXAitvk/tkktJknTRIen2j/dll4vg9bq70e7lckJ1NwZZlN1 L7ryh8NhYHNF96UnLGXFEI1NT/O1QqeBRHi97sGM0EdtnDkzAwt5i1gw3QoXfX9c EsLjnrwWXvafGZC6KW8GsOWgZrCtEKM4w8zwp0YgpO+qae+DZ9Knut+SfpRL0jql WlZbD34pdiDGCxRepNKdwBc5XDmiQanp1TEQ7/GCBiMxosn+5PnNUYw= -----END CERTIFICATE-----Generated at Fri Sep 5 09:04:02 2025 by rpki-client