$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3095/NDt9_Zy5xFmNFH8DWWCQrHH-AF0.roa File: NDt9_Zy5xFmNFH8DWWCQrHH-AF0.roa (raw, json) Hash identifier: FjYOpNGlHchQ1H5lVdER0sT7OhXYwZRVxoySSzp2x6o= Subject key identifier: 34:3B:7D:FD:9C:B9:C4:59:8D:14:7F:03:59:60:90:AC:71:FE:00:5D Certificate issuer: /CN=CB16707EAF0BDFD1326AFD9BDEC6AFFA6E63BA98 Certificate serial: 0CC8 Authority key identifier: CB:16:70:7E:AF:0B:DF:D1:32:6A:FD:9B:DE:C6:AF:FA:6E:63:BA:98 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/yxZwfq8L39Eyav2b3sav-m5jupg.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3095/NDt9_Zy5xFmNFH8DWWCQrHH-AF0.roa Signing time: Wed 09 Jul 2025 11:23:20 +0000 ROA not before: Wed 09 Jul 2025 11:23:20 +0000 ROA not after: Fri 03 Apr 2026 08:00:09 +0000 asID: 4134 IP address blocks: 202.46.224.0/20 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3095/yxZwfq8L39Eyav2b3sav-m5jupg.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3095/yxZwfq8L39Eyav2b3sav-m5jupg.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/yxZwfq8L39Eyav2b3sav-m5jupg.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 20 Jul 2025 12:40:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3272 (0xcc8) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=CB16707EAF0BDFD1326AFD9BDEC6AFFA6E63BA98 Validity Not Before: Jul 9 11:23:20 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=343B7DFD9CB9C4598D147F03596090AC71FE005D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f6:8a:68:23:b4:7e:ca:27:2a:b3:bd:5c:d8:80: c3:c3:37:34:8c:8e:85:6b:c4:e2:8d:86:54:94:ef: 26:31:c5:57:76:2c:41:c2:27:c0:23:f2:de:4c:90: 0d:b1:e4:c9:d9:50:30:50:ca:b4:45:81:f8:30:8d: 69:22:d2:58:57:73:ba:5f:21:3c:5c:41:ca:14:26: 6f:02:78:af:40:fb:8d:cc:0b:11:7f:fe:02:c4:21: e2:2b:12:c7:d9:73:ed:19:33:73:58:45:df:5d:e4: 49:3f:95:e5:2a:a1:94:ed:14:9f:75:5e:51:82:0a: e5:6e:62:f6:54:ea:a4:c9:9a:1a:ee:6b:18:e8:41: fd:e1:32:0e:65:77:ec:7e:d4:45:1b:50:66:56:45: 90:00:30:9d:5c:7a:08:97:71:dd:07:70:fc:f5:df: c6:c8:1b:d3:ba:92:1c:7c:3c:15:00:d2:a7:c0:52: b8:6f:4e:2c:61:0e:97:30:f4:68:f4:41:95:94:a0: 00:4a:de:b5:d4:d9:a2:94:11:0e:fc:59:33:3d:63: 61:43:bc:d4:19:57:ba:8d:cb:72:49:5e:2a:19:c6: 8f:ee:b3:07:3e:66:e7:33:29:0d:e4:08:2a:a3:dc: 9d:9f:37:5a:ce:fc:bc:fe:58:1b:d6:ab:b2:a1:70: d6:47 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 34:3B:7D:FD:9C:B9:C4:59:8D:14:7F:03:59:60:90:AC:71:FE:00:5D X509v3 Authority Key Identifier: keyid:CB:16:70:7E:AF:0B:DF:D1:32:6A:FD:9B:DE:C6:AF:FA:6E:63:BA:98 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3095/yxZwfq8L39Eyav2b3sav-m5jupg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/yxZwfq8L39Eyav2b3sav-m5jupg.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3095/NDt9_Zy5xFmNFH8DWWCQrHH-AF0.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 202.46.224.0/20 Signature Algorithm: sha256WithRSAEncryption 6b:7a:a5:3c:87:12:09:a1:af:1b:09:00:b3:08:38:89:54:be: b6:1a:84:91:fd:20:92:ae:4c:ec:ca:48:45:02:a2:20:93:0f: de:b3:30:d4:7a:4d:72:ca:04:5f:22:72:1a:84:83:82:9e:e1: 81:5b:51:dd:88:3c:08:ae:5a:16:6b:72:3f:67:6b:78:16:2d: 02:d6:30:8f:82:c7:2a:e8:dc:22:a2:b1:81:40:09:b7:a7:8a: d4:ae:57:a2:2e:60:70:96:a7:13:f5:45:0a:b9:a5:ec:ec:67: e2:9c:76:ac:a0:95:85:2f:34:57:79:2f:0b:34:bd:b3:52:bb: eb:6c:02:67:c3:a0:7d:90:76:f0:07:a4:b3:83:c5:32:d7:d6: eb:a4:c5:47:df:68:cb:7b:3b:6d:51:fd:c8:dc:65:fb:09:c6: f8:3b:83:32:5b:12:24:49:36:1a:c4:1b:67:3b:c6:15:07:9d: 12:bc:e8:4e:ae:d4:14:01:c1:2c:ec:b5:9c:b5:8d:8c:84:dd: 86:37:d9:50:80:22:b7:ce:ab:10:3b:24:65:1c:ac:c3:bc:2e: 5f:2d:fc:f8:b6:5d:13:ea:b4:a2:0d:18:4b:44:85:c3:f0:fb: 30:69:b2:06:18:c3:7b:bb:f8:df:c6:6d:27:c5:85:9c:c4:41: 6c:2a:29:36 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICDMgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQ0Ix NjcwN0VBRjBCREZEMTMyNkFGRDlCREVDNkFGRkE2RTYzQkE5ODAeFw0yNTA3MDkx MTIzMjBaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDM0M0I3REZEOUNCOUM0 NTk4RDE0N0YwMzU5NjA5MEFDNzFGRTAwNUQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQD2imgjtH7KJyqzvVzYgMPDNzSMjoVrxOKNhlSU7yYxxVd2LEHC J8Aj8t5MkA2x5MnZUDBQyrRFgfgwjWki0lhXc7pfITxcQcoUJm8CeK9A+43MCxF/ /gLEIeIrEsfZc+0ZM3NYRd9d5Ek/leUqoZTtFJ91XlGCCuVuYvZU6qTJmhruaxjo Qf3hMg5ld+x+1EUbUGZWRZAAMJ1cegiXcd0HcPz138bIG9O6khx8PBUA0qfAUrhv TixhDpcw9Gj0QZWUoABK3rXU2aKUEQ78WTM9Y2FDvNQZV7qNy3JJXioZxo/uswc+ ZuczKQ3kCCqj3J2fN1rO/Lz+WBvWq7KhcNZHAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUNDt9/Zy5xFmNFH8DWWCQrHH+AF0wHwYDVR0jBBgwFoAUyxZwfq8L39Eyav2b 3sav+m5jupgwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA5 NS95eFp3ZnE4TDM5RXlhdjJiM3Nhdi1tNWp1cGcuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL3l4WndmcThMMzlFeWF2MmIzc2F2LW01anVwZy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwOTUvTkR0OV9aeTV4Rm1O Rkg4RFdXQ1FySEgtQUYwLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEBMou4DANBgkqhkiG9w0BAQsFAAOCAQEAa3qlPIcSCaGvGwkAswg4iVS+thqE kf0gkq5M7MpIRQKiIJMP3rMw1HpNcsoEXyJyGoSDgp7hgVtR3Yg8CK5aFmtyP2dr eBYtAtYwj4LHKujcIqKxgUAJt6eK1K5Xoi5gcJanE/VFCrml7Oxn4px2rKCVhS80 V3kvCzS9s1K762wCZ8OgfZB28Aeks4PFMtfW66TFR99oy3s7bVH9yNxl+wnG+DuD MlsSJEk2GsQbZzvGFQedErzoTq7UFAHBLOy1nLWNjITdhjfZUIAit86rEDskZRys w7wuXy38+LZdE+q0og0YS0SFw/D7MGmyBhjDe7v438ZtJ8WFnMRBbCopNg== -----END CERTIFICATE-----Generated at Sun Jul 20 12:38:44 2025 by rpki-client