$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/817/_1ZDu01GuUnhDdgeGOzl127qgPo.roa File: _1ZDu01GuUnhDdgeGOzl127qgPo.roa (raw, json) Hash identifier: OA8GisohjbXG78kjf9xu5sbOt2TOSDhNqSaDWleglPk= Subject key identifier: FF:56:43:BB:4D:46:B9:49:E1:0D:D8:1E:18:EC:E5:D7:6E:EA:80:FA Certificate issuer: /CN=2A711AA7DC60049B0B0D884897E015B1171F37B9 Certificate serial: 219C Authority key identifier: 2A:71:1A:A7:DC:60:04:9B:0B:0D:88:48:97:E0:15:B1:17:1F:37:B9 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/_1ZDu01GuUnhDdgeGOzl127qgPo.roa Signing time: Fri 29 Aug 2025 09:05:31 +0000 ROA not before: Fri 29 Aug 2025 09:05:31 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 58466 IP address blocks: 42.240.160.0/20 maxlen: 20 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/KnEap9xgBJsLDYhIl-AVsRcfN7k.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/KnEap9xgBJsLDYhIl-AVsRcfN7k.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 27 Oct 2025 01:05:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8604 (0x219c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2A711AA7DC60049B0B0D884897E015B1171F37B9 Validity Not Before: Aug 29 09:05:31 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=FF5643BB4D46B949E10DD81E18ECE5D76EEA80FA Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:24:8e:31:0e:2f:a7:f1:29:ff:23:b3:72:89: 65:65:b4:e5:f1:af:40:c1:cf:23:2f:d5:05:b8:ed: 54:98:51:e5:16:1c:a5:c2:2a:41:bd:45:39:8c:e2: 3a:38:c0:01:4a:be:23:b6:ac:a6:05:f7:a0:ff:ba: 9c:a0:83:eb:c6:38:8c:ef:f2:ec:48:72:d2:81:0f: bc:21:7c:ca:76:64:24:61:d1:02:42:3a:62:62:1e: 79:a8:74:88:a4:76:01:bc:34:a5:06:fc:dc:eb:0a: 80:d3:24:c9:f9:09:00:6c:ec:9f:18:ce:e1:c0:b1: 32:36:33:dd:9e:a4:de:c3:57:a9:62:6e:86:be:0d: 19:68:77:d6:a5:bb:8c:0f:2c:bf:ea:72:ec:ae:d9: 2d:f3:f3:e0:9c:ad:19:1b:65:24:40:c9:74:57:81: 5d:1d:19:79:a2:6a:3f:da:d7:4c:e2:2e:2a:d1:2e: e3:7f:0c:26:54:56:21:3a:28:ab:f6:99:f5:1c:f9: 78:63:13:8d:8c:94:95:cc:59:51:5c:30:cb:59:02: 7b:eb:a5:fd:aa:39:67:89:d7:bc:97:5b:37:5e:76: 17:26:3f:e9:d5:5e:e4:f4:ab:45:d5:d0:ce:7b:36: c6:01:3a:ae:f3:a8:a3:02:59:c4:79:89:13:d2:ff: 8d:65 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FF:56:43:BB:4D:46:B9:49:E1:0D:D8:1E:18:EC:E5:D7:6E:EA:80:FA X509v3 Authority Key Identifier: keyid:2A:71:1A:A7:DC:60:04:9B:0B:0D:88:48:97:E0:15:B1:17:1F:37:B9 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/KnEap9xgBJsLDYhIl-AVsRcfN7k.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/_1ZDu01GuUnhDdgeGOzl127qgPo.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 42.240.160.0/20 Signature Algorithm: sha256WithRSAEncryption 78:35:81:80:d9:7f:c4:e2:43:43:aa:bc:5d:1d:cf:36:0c:1c: 46:10:f3:14:f8:35:37:dc:81:cd:a5:18:1e:d5:b4:eb:05:85: f8:85:98:96:cb:35:f6:f1:21:1e:48:97:79:9e:50:96:b1:a2: 2c:11:44:59:0a:7a:d8:41:81:b8:06:ac:8f:e5:dc:5b:07:4e: aa:17:4b:86:2d:a7:46:bc:59:ac:03:df:10:08:e9:b3:1c:9b: 4e:7b:91:f7:d0:21:9a:ae:54:0a:99:2c:ed:56:72:a8:2d:cc: 2a:40:ac:3d:56:d8:8b:c0:c9:45:76:ee:a9:a5:19:50:9c:f6: 2f:95:f3:16:28:1a:a7:bc:d0:81:d3:af:d7:6f:16:d6:e6:3b: 58:19:6a:91:85:0d:6b:94:5c:20:b8:86:3d:5f:a5:7e:ab:48: 97:4e:fe:31:dc:d1:ec:38:e4:1c:99:f7:95:61:7a:cf:2d:6b: 27:eb:92:59:7d:0c:10:21:33:9b:f5:10:ca:c1:f4:d6:7a:66: 45:45:d1:b0:14:15:20:10:28:fb:30:7a:ff:f6:b9:80:a9:31: bf:a4:43:cd:8f:a3:78:58:bf:e2:ff:3e:67:9b:aa:0d:55:1f: 5f:1b:dc:e5:56:be:25:5f:95:53:7c:c4:86:0e:fc:92:00:80: b3:21:db:df -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICIZwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkE3 MTFBQTdEQzYwMDQ5QjBCMEQ4ODQ4OTdFMDE1QjExNzFGMzdCOTAeFw0yNTA4Mjkw OTA1MzFaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKEZGNTY0M0JCNEQ0NkI5 NDlFMTBERDgxRTE4RUNFNUQ3NkVFQTgwRkEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC1JI4xDi+n8Sn/I7NyiWVltOXxr0DBzyMv1QW47VSYUeUWHKXC KkG9RTmM4jo4wAFKviO2rKYF96D/upygg+vGOIzv8uxIctKBD7whfMp2ZCRh0QJC OmJiHnmodIikdgG8NKUG/NzrCoDTJMn5CQBs7J8YzuHAsTI2M92epN7DV6liboa+ DRlod9alu4wPLL/qcuyu2S3z8+CcrRkbZSRAyXRXgV0dGXmiaj/a10ziLirRLuN/ DCZUViE6KKv2mfUc+XhjE42MlJXMWVFcMMtZAnvrpf2qOWeJ17yXWzdedhcmP+nV XuT0q0XV0M57NsYBOq7zqKMCWcR5iRPS/41lAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQU/1ZDu01GuUnhDdgeGOzl127qgPowHwYDVR0jBBgwFoAUKnEap9xgBJsLDYhI l+AVsRcfN7kwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODE3 L0tuRWFwOXhnQkpzTERZaElsLUFWc1JjZk43ay5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvS25FYXA5eGdCSnNMRFloSWwtQVZzUmNmTjdrLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODE3L18xWkR1MDFHdVVuaERk Z2VHT3psMTI3cWdQby5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAQq8KAwDQYJKoZIhvcNAQELBQADggEBAHg1gYDZf8TiQ0OqvF0dzzYMHEYQ8xT4 NTfcgc2lGB7VtOsFhfiFmJbLNfbxIR5Il3meUJaxoiwRRFkKethBgbgGrI/l3FsH TqoXS4Ytp0a8WawD3xAI6bMcm057kffQIZquVAqZLO1WcqgtzCpArD1W2IvAyUV2 7qmlGVCc9i+V8xYoGqe80IHTr9dvFtbmO1gZapGFDWuUXCC4hj1fpX6rSJdO/jHc 0ew45ByZ95Vhes8tayfrkll9DBAhM5v1EMrB9NZ6ZkVF0bAUFSAQKPswev/2uYCp Mb+kQ82Po3hYv+L/Pmebqg1VH18b3OVWviVflVN8xIYO/JIAgLMh298= -----END CERTIFICATE-----Generated at Sun Oct 26 23:17:39 2025 by rpki-client