$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2564/nsp1rCOyDgJcD6k5-03F0QZ3Gm0.roa File: nsp1rCOyDgJcD6k5-03F0QZ3Gm0.roa (raw, json) Hash identifier: VhCcjfeCfFFgpxPE8AvWfMfxwpMmlFBb5Au0JqK9qQE= Subject key identifier: 9E:CA:75:AC:23:B2:0E:02:5C:0F:A9:39:FB:4D:C5:D1:06:77:1A:6D Certificate issuer: /CN=6A21A11AAC4EAE0A630659B31A230B08D6B58177 Certificate serial: 2078 Authority key identifier: 6A:21:A1:1A:AC:4E:AE:0A:63:06:59:B3:1A:23:0B:08:D6:B5:81:77 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/aiGhGqxOrgpjBlmzGiMLCNa1gXc.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2564/nsp1rCOyDgJcD6k5-03F0QZ3Gm0.roa Signing time: Sat 13 Sep 2025 03:10:26 +0000 ROA not before: Sat 13 Sep 2025 03:10:26 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 398704 IP address blocks: 103.98.164.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2564/aiGhGqxOrgpjBlmzGiMLCNa1gXc.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2564/aiGhGqxOrgpjBlmzGiMLCNa1gXc.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/aiGhGqxOrgpjBlmzGiMLCNa1gXc.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 18 Sep 2025 03:07:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8312 (0x2078) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6A21A11AAC4EAE0A630659B31A230B08D6B58177 Validity Not Before: Sep 13 03:10:26 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=9ECA75AC23B20E025C0FA939FB4DC5D106771A6D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:9e:d7:76:f6:00:85:6b:39:37:58:1a:32:26: d5:18:25:48:1d:fa:5e:91:39:16:b1:a9:e1:0a:ef: 6e:c7:89:6b:2e:6e:43:1a:50:c1:6b:c1:c8:e3:ca: f3:42:ea:23:dc:df:d3:ec:87:7d:c0:3f:5b:21:d1: a6:e5:ab:e6:20:bc:17:3a:ae:27:bd:6c:4e:97:4b: 50:aa:e4:8e:e8:e0:d6:3c:fb:3a:88:46:9b:55:76: 5d:57:70:45:62:30:6d:8d:86:56:54:d4:86:53:66: 02:39:49:ed:3c:e3:b4:84:4c:de:d5:66:60:24:8f: 99:32:68:80:54:80:f5:3b:3a:be:c5:a2:a0:c6:2a: 04:cd:bd:60:85:1b:ec:7c:39:9c:b8:51:ee:4a:bf: d7:33:e5:1c:e9:14:bc:fc:e9:1c:94:9f:a5:68:60: 25:23:2a:8b:82:58:bf:67:52:e9:e3:f8:b7:b6:12: 4e:e3:f8:56:a5:fe:5e:72:ca:26:b1:fe:01:c8:bb: 0b:49:88:99:1f:9d:ae:aa:ec:2f:37:6f:4a:d1:ea: 83:e9:cf:3e:3f:1a:0d:16:e6:3e:7d:ba:16:75:6f: b3:31:eb:a1:d7:f8:bf:b1:1d:47:28:76:37:f2:e4: 02:cc:af:b7:a5:9f:65:a3:13:ad:a6:a1:4d:04:e9: c7:1f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9E:CA:75:AC:23:B2:0E:02:5C:0F:A9:39:FB:4D:C5:D1:06:77:1A:6D X509v3 Authority Key Identifier: keyid:6A:21:A1:1A:AC:4E:AE:0A:63:06:59:B3:1A:23:0B:08:D6:B5:81:77 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2564/aiGhGqxOrgpjBlmzGiMLCNa1gXc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/aiGhGqxOrgpjBlmzGiMLCNa1gXc.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2564/nsp1rCOyDgJcD6k5-03F0QZ3Gm0.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.98.164.0/22 Signature Algorithm: sha256WithRSAEncryption 31:54:1f:df:b9:62:96:47:ad:71:70:27:90:dc:62:ee:d0:43: db:71:d3:12:87:1b:2d:df:0c:5c:75:7a:9b:a6:3c:bf:d2:b8: 9d:90:74:ed:21:df:18:0f:eb:4f:53:d6:b8:90:b6:c4:d3:15: 1d:d1:a1:26:c0:58:c6:1e:9b:a8:34:7d:7d:ca:b1:96:fe:bd: 74:7e:39:b3:40:cd:f0:91:53:9d:da:93:4a:5a:62:83:39:34: e0:39:af:f9:ef:f4:90:21:35:aa:9e:03:7c:b7:7f:a7:cb:34: 1c:4c:e5:fe:d8:fa:5c:9b:9f:20:7f:47:a9:88:45:ff:b2:25: 36:72:15:7b:fd:2b:e3:62:9e:32:c8:12:4b:f9:2c:f5:3f:36: af:f3:40:9e:0f:d9:e8:ff:15:1e:91:9b:b5:b0:a9:f1:92:05: aa:c6:ce:af:ad:82:9e:04:8a:bd:dc:ca:35:f4:e5:0e:92:35: 06:24:a3:2b:3f:35:5c:9d:f9:83:91:19:2d:62:62:43:38:44: 5e:a4:bf:79:80:a7:4a:ee:23:ad:47:d9:18:ce:55:e9:26:db: 3e:23:08:c3:a7:85:d8:eb:38:4c:2a:11:d2:4a:53:56:85:7c: 63:89:5c:ed:f1:0a:78:2a:ba:3d:f9:a8:da:2e:2b:ce:39:73: bc:c7:28:1d -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICIHgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNkEy MUExMUFBQzRFQUUwQTYzMDY1OUIzMUEyMzBCMDhENkI1ODE3NzAeFw0yNTA5MTMw MzEwMjZaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDlFQ0E3NUFDMjNCMjBF MDI1QzBGQTkzOUZCNERDNUQxMDY3NzFBNkQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDHntd29gCFazk3WBoyJtUYJUgd+l6RORaxqeEK727HiWsubkMa UMFrwcjjyvNC6iPc39Psh33AP1sh0ablq+YgvBc6rie9bE6XS1Cq5I7o4NY8+zqI RptVdl1XcEViMG2NhlZU1IZTZgI5Se0847SETN7VZmAkj5kyaIBUgPU7Or7FoqDG KgTNvWCFG+x8OZy4Ue5Kv9cz5RzpFLz86RyUn6VoYCUjKouCWL9nUunj+Le2Ek7j +Fal/l5yyiax/gHIuwtJiJkfna6q7C83b0rR6oPpzz4/Gg0W5j59uhZ1b7Mx66HX +L+xHUcodjfy5ALMr7eln2WjE62moU0E6ccfAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUnsp1rCOyDgJcD6k5+03F0QZ3Gm0wHwYDVR0jBBgwFoAUaiGhGqxOrgpjBlmz GiMLCNa1gXcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjU2 NC9haUdoR3F4T3JncGpCbG16R2lNTENOYTFnWGMuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL2FpR2hHcXhPcmdwakJsbXpHaU1MQ05hMWdYYy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI1NjQvbnNwMXJDT3lEZ0pj RDZrNS0wM0YwUVozR20wLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAmdipDANBgkqhkiG9w0BAQsFAAOCAQEAMVQf37lilketcXAnkNxi7tBD23HT EocbLd8MXHV6m6Y8v9K4nZB07SHfGA/rT1PWuJC2xNMVHdGhJsBYxh6bqDR9fcqx lv69dH45s0DN8JFTndqTSlpigzk04Dmv+e/0kCE1qp4DfLd/p8s0HEzl/tj6XJuf IH9HqYhF/7IlNnIVe/0r42KeMsgSS/ks9T82r/NAng/Z6P8VHpGbtbCp8ZIFqsbO r62CngSKvdzKNfTlDpI1BiSjKz81XJ35g5EZLWJiQzhEXqS/eYCnSu4jrUfZGM5V 6SbbPiMIw6eF2Os4TCoR0kpTVoV8Y4lc7fEKeCq6Pfmo2i4rzjlzvMcoHQ== -----END CERTIFICATE-----Generated at Thu Sep 18 02:54:10 2025 by rpki-client