$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3095/sNXxpQ408tdgwXFnWK8OUqQDgo8.roa File: sNXxpQ408tdgwXFnWK8OUqQDgo8.roa (raw, json) Hash identifier: h09zP7klaJgGz0ySKA33BP7AKmE4xlmoPbzrtHGOIec= Subject key identifier: B0:D5:F1:A5:0E:34:F2:D7:60:C1:71:67:58:AF:0E:52:A4:03:82:8F Certificate issuer: /CN=CB16707EAF0BDFD1326AFD9BDEC6AFFA6E63BA98 Certificate serial: 0CB9 Authority key identifier: CB:16:70:7E:AF:0B:DF:D1:32:6A:FD:9B:DE:C6:AF:FA:6E:63:BA:98 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/yxZwfq8L39Eyav2b3sav-m5jupg.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3095/sNXxpQ408tdgwXFnWK8OUqQDgo8.roa Signing time: Wed 09 Jul 2025 10:27:36 +0000 ROA not before: Wed 09 Jul 2025 10:27:36 +0000 ROA not after: Fri 03 Apr 2026 08:00:09 +0000 asID: 9808 IP address blocks: 202.46.224.0/20 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3095/yxZwfq8L39Eyav2b3sav-m5jupg.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3095/yxZwfq8L39Eyav2b3sav-m5jupg.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/yxZwfq8L39Eyav2b3sav-m5jupg.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 20 Jul 2025 12:40:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3257 (0xcb9) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=CB16707EAF0BDFD1326AFD9BDEC6AFFA6E63BA98 Validity Not Before: Jul 9 10:27:36 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=B0D5F1A50E34F2D760C1716758AF0E52A403828F Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:71:52:d5:d2:d7:76:0c:1d:00:ae:34:4f:ef: fb:68:5a:a0:03:b1:e4:cd:b7:8d:7b:ee:48:0d:66: 97:d3:7b:6d:3f:83:16:e9:37:8b:a9:10:7a:53:01: f2:5e:9d:34:d1:91:f3:4f:cc:d1:42:8a:15:f3:e9: 5f:b3:f3:7b:1c:ad:15:7d:37:e7:e0:05:f4:9c:44: e7:e7:14:10:3c:a1:ab:e1:b6:cf:04:e3:1e:32:44: 47:e9:cd:43:35:fa:4a:f9:b1:14:b0:be:60:0c:c6: a8:20:ed:ba:26:ce:ee:0b:7d:5d:64:31:18:53:c4: 41:04:09:74:02:ce:ae:57:86:64:74:dd:a5:6b:8d: 62:35:0d:8e:2a:0b:24:e2:3b:0a:84:36:0b:ad:a5: 0b:62:6e:34:01:9e:37:13:e3:5e:e6:38:62:ed:9e: 9c:e3:be:f1:07:de:cd:9a:0c:70:7a:04:28:db:d8: de:86:c3:32:0c:ee:0b:f5:ec:a3:3b:5b:2a:7b:b7: c8:fc:28:85:e7:b4:7e:db:3a:21:55:4f:9f:de:c2: a1:74:00:2c:e4:69:6f:f6:76:87:52:11:e6:b2:41: 28:c6:74:a2:d6:03:78:bc:43:89:09:cf:24:16:eb: 37:38:3b:27:60:d2:6d:f4:02:bb:2d:37:39:2d:e2: 2b:ef Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B0:D5:F1:A5:0E:34:F2:D7:60:C1:71:67:58:AF:0E:52:A4:03:82:8F X509v3 Authority Key Identifier: keyid:CB:16:70:7E:AF:0B:DF:D1:32:6A:FD:9B:DE:C6:AF:FA:6E:63:BA:98 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3095/yxZwfq8L39Eyav2b3sav-m5jupg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/yxZwfq8L39Eyav2b3sav-m5jupg.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3095/sNXxpQ408tdgwXFnWK8OUqQDgo8.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 202.46.224.0/20 Signature Algorithm: sha256WithRSAEncryption a2:78:90:fe:35:ba:ba:a8:13:59:ee:e2:8c:df:e2:7b:ce:b4: 33:72:d5:23:55:28:85:20:5f:b0:4f:4e:45:2b:f5:ce:b4:aa: 8f:3a:ed:da:14:70:c6:b3:b0:dc:d1:ae:90:75:2a:dc:e2:74: 2f:fa:60:66:61:ac:de:71:47:6f:f4:45:6d:ff:30:fd:ff:4f: 06:1e:ee:fd:62:ac:88:bc:ff:8e:88:dd:06:c9:e7:5b:44:8e: d5:b5:b0:1c:2c:e5:84:fa:ad:d6:17:e9:4f:18:73:38:57:6c: dc:b0:ac:80:91:b4:6c:be:9f:f3:1e:d6:3e:a0:82:94:71:95: 01:98:73:ec:90:2e:f0:f8:c0:96:19:aa:1a:e4:24:84:5e:20: 4b:8f:e2:a4:e5:b4:94:3e:2f:cc:31:7d:7e:62:c1:91:b9:39: f4:34:e5:72:ff:6c:48:4a:a0:ac:15:01:1c:ed:36:af:a5:10: 2d:81:cf:91:d7:f3:6e:a0:0a:4c:81:75:10:d8:6c:02:56:62: 38:ef:cc:a5:60:95:8f:2f:7f:61:e9:59:6e:b7:55:a2:78:b5: 3e:99:1f:e4:bc:7c:86:69:63:a7:1e:fd:77:c0:62:21:22:7b: b7:c2:3f:d8:7b:8a:34:14:e9:1c:b0:a1:bd:55:ca:17:b5:0c: dd:4b:df:0a -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICDLkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQ0Ix NjcwN0VBRjBCREZEMTMyNkFGRDlCREVDNkFGRkE2RTYzQkE5ODAeFw0yNTA3MDkx MDI3MzZaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKEIwRDVGMUE1MEUzNEYy RDc2MEMxNzE2NzU4QUYwRTUyQTQwMzgyOEYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDAcVLV0td2DB0ArjRP7/toWqADseTNt4177kgNZpfTe20/gxbp N4upEHpTAfJenTTRkfNPzNFCihXz6V+z83scrRV9N+fgBfScROfnFBA8oavhts8E 4x4yREfpzUM1+kr5sRSwvmAMxqgg7bomzu4LfV1kMRhTxEEECXQCzq5XhmR03aVr jWI1DY4qCyTiOwqENgutpQtibjQBnjcT417mOGLtnpzjvvEH3s2aDHB6BCjb2N6G wzIM7gv17KM7Wyp7t8j8KIXntH7bOiFVT5/ewqF0ACzkaW/2dodSEeayQSjGdKLW A3i8Q4kJzyQW6zc4Oydg0m30ArstNzkt4ivvAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUsNXxpQ408tdgwXFnWK8OUqQDgo8wHwYDVR0jBBgwFoAUyxZwfq8L39Eyav2b 3sav+m5jupgwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA5 NS95eFp3ZnE4TDM5RXlhdjJiM3Nhdi1tNWp1cGcuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL3l4WndmcThMMzlFeWF2MmIzc2F2LW01anVwZy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwOTUvc05YeHBRNDA4dGRn d1hGbldLOE9VcVFEZ284LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEBMou4DANBgkqhkiG9w0BAQsFAAOCAQEAoniQ/jW6uqgTWe7ijN/ie860M3LV I1UohSBfsE9ORSv1zrSqjzrt2hRwxrOw3NGukHUq3OJ0L/pgZmGs3nFHb/RFbf8w /f9PBh7u/WKsiLz/jojdBsnnW0SO1bWwHCzlhPqt1hfpTxhzOFds3LCsgJG0bL6f 8x7WPqCClHGVAZhz7JAu8PjAlhmqGuQkhF4gS4/ipOW0lD4vzDF9fmLBkbk59DTl cv9sSEqgrBUBHO02r6UQLYHPkdfzbqAKTIF1ENhsAlZiOO/MpWCVjy9/YelZbrdV oni1Ppkf5Lx8hmljpx79d8BiISJ7t8I/2HuKNBTpHLChvVXKF7UM3UvfCg== -----END CERTIFICATE-----Generated at Sun Jul 20 12:39:16 2025 by rpki-client