$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1411/nr_7UtplurSwHg7bMbK6TeWDZ2c.roa File: nr_7UtplurSwHg7bMbK6TeWDZ2c.roa (raw, json) Hash identifier: j16nDLqiEhN3Ic9pJwYo5tGhSW/JkKi3gHJcXlE/CeQ= Subject key identifier: 9E:BF:FB:52:DA:65:BA:B4:B0:1E:0E:DB:31:B2:BA:4D:E5:83:67:67 Certificate issuer: /CN=4911CB6D544B3B6905532964C8E1A472BDCBC267 Certificate serial: 24EA Authority key identifier: 49:11:CB:6D:54:4B:3B:69:05:53:29:64:C8:E1:A4:72:BD:CB:C2:67 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/SRHLbVRLO2kFUylkyOGkcr3Lwmc.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/nr_7UtplurSwHg7bMbK6TeWDZ2c.roa Signing time: Sat 13 Sep 2025 03:08:49 +0000 ROA not before: Sat 13 Sep 2025 03:08:49 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 834 IP address blocks: 223.29.252.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/SRHLbVRLO2kFUylkyOGkcr3Lwmc.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/SRHLbVRLO2kFUylkyOGkcr3Lwmc.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/SRHLbVRLO2kFUylkyOGkcr3Lwmc.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 18 Sep 2025 10:06:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 9450 (0x24ea) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4911CB6D544B3B6905532964C8E1A472BDCBC267 Validity Not Before: Sep 13 03:08:49 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=9EBFFB52DA65BAB4B01E0EDB31B2BA4DE5836767 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:0b:c5:ae:61:2a:bb:42:d2:34:45:58:72:92: 9e:65:f8:5a:4b:a9:57:f1:cc:96:97:1c:d1:72:3a: e5:d3:a9:ad:4b:2e:9f:22:1c:0b:9e:41:ba:e0:56: 1f:95:1e:33:e1:fd:a0:b0:6a:07:0a:ba:b1:f5:8d: 97:b0:3f:fa:9c:6c:66:57:c0:ee:f1:29:35:9f:40: 29:83:25:3c:c7:8c:53:fa:7d:88:1e:bf:39:45:aa: 28:ec:23:fb:79:b1:cf:60:c5:39:06:1f:b5:95:f3: 14:6e:7f:ae:fd:ea:c5:4d:57:8e:b0:de:b1:a7:2b: d3:92:23:96:e4:e7:85:47:60:f1:73:e4:7c:53:5f: 11:e7:e8:ed:74:66:26:39:60:80:dd:cb:a9:bf:55: 34:7e:90:31:78:47:c7:a5:dd:46:c7:2a:5e:4d:64: d2:03:d6:4b:fd:8d:fa:52:4b:c4:d9:07:0d:11:3b: e3:2a:4f:79:a3:3b:eb:76:82:f6:51:b5:4a:77:d4: 74:1f:10:1b:0d:43:bc:ef:a3:b5:51:28:86:4d:e2: 21:da:11:d9:c7:1e:b2:85:9a:ba:f8:17:fc:dc:c6: 8f:b9:e8:7f:d6:80:22:28:c6:bd:5d:73:08:02:c2: 3a:13:e7:d5:eb:67:64:c7:6f:df:30:10:d8:fe:62: 16:4f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9E:BF:FB:52:DA:65:BA:B4:B0:1E:0E:DB:31:B2:BA:4D:E5:83:67:67 X509v3 Authority Key Identifier: keyid:49:11:CB:6D:54:4B:3B:69:05:53:29:64:C8:E1:A4:72:BD:CB:C2:67 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/SRHLbVRLO2kFUylkyOGkcr3Lwmc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/SRHLbVRLO2kFUylkyOGkcr3Lwmc.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/nr_7UtplurSwHg7bMbK6TeWDZ2c.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 223.29.252.0/24 Signature Algorithm: sha256WithRSAEncryption a8:34:65:28:6f:8f:3b:a6:32:e4:27:dc:f3:b6:ca:23:2a:98: c9:d8:ab:d8:40:e9:1b:33:00:62:c6:d4:d9:9b:65:8f:4e:61: 15:54:59:57:cc:98:24:63:7b:d1:31:ed:ad:fd:9f:a8:98:52: bb:a6:f0:7f:df:70:b5:fd:ef:18:d0:3d:dc:a2:b0:44:a2:3a: f7:75:ec:d1:d9:20:62:14:94:ec:26:1f:32:fe:f4:9b:f6:07: 49:d6:69:48:16:85:ab:99:4d:f2:bb:d6:06:33:ec:d9:ef:7c: ec:3c:ec:23:2a:ce:42:10:db:c7:f0:09:c1:dd:62:94:48:58: 67:7c:3e:92:ad:23:55:a6:62:a4:41:dc:59:29:4e:6f:03:f8: 56:73:6d:3b:52:2a:09:46:65:ef:0c:97:5b:aa:6f:0a:3f:c6: af:c0:bb:5d:c7:e2:50:16:8f:c5:2b:d2:8d:03:d9:50:1f:9f: 4e:ac:19:b6:0f:ee:03:3a:ab:f0:ab:5d:bc:b6:fa:7a:45:5a: 13:42:f1:b7:b6:2b:6d:9e:67:76:d4:1a:2f:e3:c1:05:ef:9b: 29:24:28:f0:b3:26:3c:dd:0f:c9:4f:c6:4a:03:87:69:39:1f: b8:1e:d6:b2:01:55:fa:dc:14:c3:3d:59:b4:b9:8f:4a:2c:b1: ad:ab:b0:db -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICJOowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDkx MUNCNkQ1NDRCM0I2OTA1NTMyOTY0QzhFMUE0NzJCRENCQzI2NzAeFw0yNTA5MTMw MzA4NDlaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDlFQkZGQjUyREE2NUJB QjRCMDFFMEVEQjMxQjJCQTRERTU4MzY3NjcwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDGC8WuYSq7QtI0RVhykp5l+FpLqVfxzJaXHNFyOuXTqa1LLp8i HAueQbrgVh+VHjPh/aCwagcKurH1jZewP/qcbGZXwO7xKTWfQCmDJTzHjFP6fYge vzlFqijsI/t5sc9gxTkGH7WV8xRuf6796sVNV46w3rGnK9OSI5bk54VHYPFz5HxT XxHn6O10ZiY5YIDdy6m/VTR+kDF4R8el3UbHKl5NZNID1kv9jfpSS8TZBw0RO+Mq T3mjO+t2gvZRtUp31HQfEBsNQ7zvo7VRKIZN4iHaEdnHHrKFmrr4F/zcxo+56H/W gCIoxr1dcwgCwjoT59XrZ2THb98wENj+YhZPAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUnr/7UtplurSwHg7bMbK6TeWDZ2cwHwYDVR0jBBgwFoAUSRHLbVRLO2kFUylk yOGkcr3LwmcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTQx MS9TUkhMYlZSTE8ya0ZVeWxreU9Ha2NyM0x3bWMuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL1NSSExiVlJMTzJrRlV5bGt5T0drY3IzTHdtYy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzE0MTEvbnJfN1V0cGx1clN3 SGc3Yk1iSzZUZVdEWjJjLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAN8d/DANBgkqhkiG9w0BAQsFAAOCAQEAqDRlKG+PO6Yy5Cfc87bKIyqYydir 2EDpGzMAYsbU2Ztlj05hFVRZV8yYJGN70THtrf2fqJhSu6bwf99wtf3vGNA93KKw RKI693Xs0dkgYhSU7CYfMv70m/YHSdZpSBaFq5lN8rvWBjPs2e987DzsIyrOQhDb x/AJwd1ilEhYZ3w+kq0jVaZipEHcWSlObwP4VnNtO1IqCUZl7wyXW6pvCj/Gr8C7 XcfiUBaPxSvSjQPZUB+fTqwZtg/uAzqr8KtdvLb6ekVaE0Lxt7YrbZ5ndtQaL+PB Be+bKSQo8LMmPN0PyU/GSgOHaTkfuB7WsgFV+twUwz1ZtLmPSiyxrauw2w== -----END CERTIFICATE-----Generated at Thu Sep 18 09:29:07 2025 by rpki-client