$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3014/NdzWvMPPAa2TWL5EnZTqgFwyxFI.roa File: NdzWvMPPAa2TWL5EnZTqgFwyxFI.roa (raw, json) Hash identifier: MMXv30MfJZk7xmIDgQlCaz7RIr/RtJayivchUkodKoA= Subject key identifier: 35:DC:D6:BC:C3:CF:01:AD:93:58:BE:44:9D:94:EA:80:5C:32:C4:52 Certificate issuer: /CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9 Certificate serial: 15B6 Authority key identifier: 3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/NdzWvMPPAa2TWL5EnZTqgFwyxFI.roa Signing time: Sat 13 Sep 2025 03:06:43 +0000 ROA not before: Sat 13 Sep 2025 03:06:43 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 136907 IP address blocks: 124.71.250.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 18 Sep 2025 03:04:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5558 (0x15b6) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9 Validity Not Before: Sep 13 03:06:43 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=35DCD6BCC3CF01AD9358BE449D94EA805C32C452 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:db:f2:95:cd:22:5d:43:fe:ba:58:04:ca:d5:ba: 3a:b4:8a:ff:8b:94:9f:80:92:10:31:02:8d:05:c0: 37:82:b3:83:58:48:77:08:af:99:35:db:5e:92:55: 9f:9d:ad:b4:df:c9:53:0c:32:eb:ea:22:be:b6:75: fc:c8:22:2d:95:a8:77:3f:bb:94:8e:90:3f:bc:43: f9:d5:9b:ab:23:4f:94:51:55:3f:be:93:81:78:28: af:c7:c3:a6:0f:bb:5d:f0:4f:5d:db:a1:f2:d0:fe: b5:47:e9:7e:9e:f6:0e:4e:f8:56:66:50:96:d3:5e: 58:a2:0e:5e:ff:2f:cd:1e:e8:48:d6:cd:12:c3:8b: 4b:61:40:f5:d3:7c:9e:b3:70:b2:d6:65:06:17:e6: 81:bf:86:b8:7b:af:23:96:60:d4:5e:41:2f:f3:8c: 15:14:40:36:de:ff:c0:e8:38:be:2a:ba:04:98:25: 31:5f:06:a1:26:e8:dc:66:5b:a8:d1:7f:63:17:cb: 7a:6a:8e:b7:ad:d9:09:f0:d9:23:20:ab:3d:dd:6f: 18:40:1f:ab:b0:4d:1f:c2:87:36:b7:d3:dd:21:6a: b5:9d:8f:f9:5f:a4:58:21:18:12:f8:eb:fc:79:96: bb:9e:5a:2b:57:22:b1:ed:35:61:3b:5e:d0:9d:08: 1b:d5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 35:DC:D6:BC:C3:CF:01:AD:93:58:BE:44:9D:94:EA:80:5C:32:C4:52 X509v3 Authority Key Identifier: keyid:3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/NdzWvMPPAa2TWL5EnZTqgFwyxFI.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 124.71.250.0/24 Signature Algorithm: sha256WithRSAEncryption a9:9f:f1:48:55:05:e9:66:17:8b:f7:2c:87:46:6e:0e:3f:92: 29:d0:64:39:2f:94:90:42:eb:a7:fa:95:54:1d:76:d5:40:b5: 30:a4:46:36:9f:f6:b4:cb:b4:a3:6c:35:40:2b:5e:5b:c4:b7: 1f:7a:6e:32:ff:ec:d6:aa:f5:3a:7b:da:4b:9d:a9:d8:eb:b6: a0:1c:c7:4a:34:45:5b:18:ce:d9:59:52:13:7b:68:dd:6e:09: 06:cc:8d:79:2f:40:ba:8d:81:2b:bf:e1:b6:a4:94:3c:94:0f: 1d:4f:41:ff:9a:1d:86:75:9b:d5:79:62:3c:f2:e2:e2:e0:52: 09:3e:a2:f2:65:aa:c0:b0:de:f7:43:3b:5f:3e:ae:98:0b:ab: 4e:b6:18:9f:3b:bf:36:bd:ac:87:b7:68:18:bb:73:6a:f9:2e: e7:3a:82:f9:bf:1f:88:41:5d:08:0e:56:28:b3:a0:c0:21:26: 8e:ec:cc:e9:de:8c:95:d3:25:49:d0:51:14:a5:b0:b7:92:19: bb:89:27:f4:b9:ba:cb:4b:b6:06:2e:a3:19:c2:9c:68:41:1f: d7:a9:03:7c:3b:f6:3c:94:84:9f:42:25:37:ca:4e:99:25:a5: bb:94:4f:4c:ff:da:c3:fe:8a:a9:c3:57:67:10:1f:45:c9:fc: 9a:b5:5f:26 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICFbYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0FD RTEwQzgzODI5MkM2RkM3MDY1ODVCNDQ0RUJBRURDQTJBMTFCOTAeFw0yNTA5MTMw MzA2NDNaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDM1RENENkJDQzNDRjAx QUQ5MzU4QkU0NDlEOTRFQTgwNUMzMkM0NTIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDb8pXNIl1D/rpYBMrVujq0iv+LlJ+AkhAxAo0FwDeCs4NYSHcI r5k1216SVZ+drbTfyVMMMuvqIr62dfzIIi2VqHc/u5SOkD+8Q/nVm6sjT5RRVT++ k4F4KK/Hw6YPu13wT13bofLQ/rVH6X6e9g5O+FZmUJbTXliiDl7/L80e6EjWzRLD i0thQPXTfJ6zcLLWZQYX5oG/hrh7ryOWYNReQS/zjBUUQDbe/8DoOL4qugSYJTFf BqEm6NxmW6jRf2MXy3pqjret2Qnw2SMgqz3dbxhAH6uwTR/Chza3090harWdj/lf pFghGBL46/x5lrueWitXIrHtNWE7XtCdCBvVAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUNdzWvMPPAa2TWL5EnZTqgFwyxFIwHwYDVR0jBBgwFoAUOs4QyDgpLG/HBlhb RE667coqEbkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzAx NC9PczRReURncExHX0hCbGhiUkU2Njdjb3FFYmsuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL09zNFF5RGdwTEdfSEJsaGJSRTY2N2NvcUViay5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwMTQvTmR6V3ZNUFBBYTJU V0w1RW5aVHFnRnd5eEZJLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAHxH+jANBgkqhkiG9w0BAQsFAAOCAQEAqZ/xSFUF6WYXi/csh0ZuDj+SKdBk OS+UkELrp/qVVB121UC1MKRGNp/2tMu0o2w1QCteW8S3H3puMv/s1qr1OnvaS52p 2Ou2oBzHSjRFWxjO2VlSE3to3W4JBsyNeS9Auo2BK7/htqSUPJQPHU9B/5odhnWb 1XliPPLi4uBSCT6i8mWqwLDe90M7Xz6umAurTrYYnzu/Nr2sh7doGLtzavku5zqC +b8fiEFdCA5WKLOgwCEmjuzM6d6MldMlSdBRFKWwt5IZu4kn9Lm6y0u2Bi6jGcKc aEEf16kDfDv2PJSEn0IlN8pOmSWlu5RPTP/aw/6KqcNXZxAfRcn8mrVfJg== -----END CERTIFICATE-----Generated at Thu Sep 18 01:53:15 2025 by rpki-client