$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3168/nKW77ckOSIGBxDVlc7xBbBZlD0w.roa File: nKW77ckOSIGBxDVlc7xBbBZlD0w.roa (raw, json) Hash identifier: H0bt71VNrzv56exhct90bWnGEH+llK9egnoft/rELjQ= Subject key identifier: 9C:A5:BB:ED:C9:0E:48:81:81:C4:35:65:73:BC:41:6C:16:65:0F:4C Certificate issuer: /CN=240987F40A6030CDFA33DED1EEE7CF4DC7C30094 Certificate serial: 164D Authority key identifier: 24:09:87:F4:0A:60:30:CD:FA:33:DE:D1:EE:E7:CF:4D:C7:C3:00:94 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/JAmH9ApgMM36M97R7ufPTcfDAJQ.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3168/nKW77ckOSIGBxDVlc7xBbBZlD0w.roa Signing time: Mon 08 Sep 2025 09:24:01 +0000 ROA not before: Mon 08 Sep 2025 09:24:01 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 209242 IP address blocks: 42.201.16.0/20 maxlen: 20 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3168/JAmH9ApgMM36M97R7ufPTcfDAJQ.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3168/JAmH9ApgMM36M97R7ufPTcfDAJQ.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/JAmH9ApgMM36M97R7ufPTcfDAJQ.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 18 Sep 2025 01:35:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5709 (0x164d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=240987F40A6030CDFA33DED1EEE7CF4DC7C30094 Validity Not Before: Sep 8 09:24:01 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=9CA5BBEDC90E488181C4356573BC416C16650F4C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e8:5c:b5:06:f8:ab:d5:bf:c8:ab:7f:22:51:de: 03:9a:b2:74:83:ab:88:73:81:41:73:5f:83:79:c1: db:ac:80:d4:57:ea:59:0c:59:ed:49:7d:23:e9:af: e5:76:ac:3b:7a:a6:61:7c:cf:b3:c8:68:9a:7d:0e: 8f:61:bb:ce:8c:2a:3d:de:39:52:ed:b2:a4:e4:88: 95:82:ea:90:1f:6d:e2:3e:68:c0:64:9c:6c:d4:11: 02:d2:fc:6b:b9:ef:55:13:07:7c:53:f8:ec:d5:f1: 8e:59:69:7e:7e:d0:88:35:da:86:96:7b:b1:98:ba: b1:bb:56:ac:da:68:ac:7d:83:e5:57:78:c4:4d:47: f3:1b:d0:17:d6:b8:37:85:f0:03:f7:98:3c:19:76: 56:29:cf:ff:28:c7:1c:35:75:8a:aa:f1:92:1b:20: 71:35:37:d6:bf:5a:34:92:39:91:68:5b:b3:83:91: 92:1c:7b:c8:5e:ee:0d:00:74:9c:52:aa:8b:db:7f: 24:18:a6:1a:52:68:20:a2:37:20:b1:0d:c6:24:52: 0e:f3:76:52:4b:00:a7:bc:19:4f:90:44:1b:55:86: 9f:b2:2a:dc:ad:f0:26:fc:51:c3:94:a4:a8:5b:45: 9c:f9:43:bd:92:94:67:2f:b6:1a:42:85:c5:f8:3d: aa:5b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9C:A5:BB:ED:C9:0E:48:81:81:C4:35:65:73:BC:41:6C:16:65:0F:4C X509v3 Authority Key Identifier: keyid:24:09:87:F4:0A:60:30:CD:FA:33:DE:D1:EE:E7:CF:4D:C7:C3:00:94 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3168/JAmH9ApgMM36M97R7ufPTcfDAJQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/JAmH9ApgMM36M97R7ufPTcfDAJQ.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3168/nKW77ckOSIGBxDVlc7xBbBZlD0w.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 42.201.16.0/20 Signature Algorithm: sha256WithRSAEncryption 06:58:59:db:2c:88:55:02:e4:26:23:bc:3c:29:1f:90:e1:c4: 13:d4:76:e0:c1:3d:64:64:7b:23:a1:f3:b3:b2:35:b1:30:4a: 94:a2:39:f1:03:99:ef:41:5d:07:e2:7f:f0:ca:15:6a:66:34: ef:ef:0f:b5:7e:0c:8a:52:f3:16:08:f4:f3:04:d5:e2:f7:c5: fb:05:7e:83:03:ab:ac:86:0b:b4:e9:1c:a8:35:57:d5:7f:02: 31:08:7d:07:da:95:60:ed:be:d8:56:84:56:ac:76:21:f9:99: a0:84:50:1d:ae:75:0f:10:90:b1:e7:0e:4d:8a:4a:50:44:a2: 01:2f:03:16:7f:72:92:e1:05:9e:19:12:c6:b6:3a:a2:17:49: 87:78:b2:aa:ee:3e:58:30:a0:60:9e:aa:80:8d:78:73:b9:15: c6:25:52:80:65:65:49:d4:35:d2:0a:ab:c0:08:63:b1:19:ea: 52:c0:7d:c3:03:6f:2d:61:6a:e2:4d:b4:f0:03:10:0d:6a:fd: 37:49:66:29:c1:19:ae:15:ed:95:42:fb:ac:8a:d4:36:8c:15: 44:8e:1b:58:e6:c7:ad:bd:76:33:b5:f4:88:95:e7:2d:a7:fb: ee:e3:40:ae:4f:78:c2:cb:25:9e:22:c3:57:54:bb:d0:31:cd: 55:dc:cb:c3 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICFk0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMjQw OTg3RjQwQTYwMzBDREZBMzNERUQxRUVFN0NGNERDN0MzMDA5NDAeFw0yNTA5MDgw OTI0MDFaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDlDQTVCQkVEQzkwRTQ4 ODE4MUM0MzU2NTczQkM0MTZDMTY2NTBGNEMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDoXLUG+KvVv8irfyJR3gOasnSDq4hzgUFzX4N5wdusgNRX6lkM We1JfSPpr+V2rDt6pmF8z7PIaJp9Do9hu86MKj3eOVLtsqTkiJWC6pAfbeI+aMBk nGzUEQLS/Gu571UTB3xT+OzV8Y5ZaX5+0Ig12oaWe7GYurG7VqzaaKx9g+VXeMRN R/Mb0BfWuDeF8AP3mDwZdlYpz/8oxxw1dYqq8ZIbIHE1N9a/WjSSOZFoW7ODkZIc e8he7g0AdJxSqovbfyQYphpSaCCiNyCxDcYkUg7zdlJLAKe8GU+QRBtVhp+yKtyt 8Cb8UcOUpKhbRZz5Q72SlGcvthpChcX4PapbAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUnKW77ckOSIGBxDVlc7xBbBZlD0wwHwYDVR0jBBgwFoAUJAmH9ApgMM36M97R 7ufPTcfDAJQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzE2 OC9KQW1IOUFwZ01NMzZNOTdSN3VmUFRjZkRBSlEuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0pBbUg5QXBnTU0zNk05N1I3dWZQVGNmREFKUS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMxNjgvbktXNzdja09TSUdC eERWbGM3eEJiQlpsRDB3LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEBCrJEDANBgkqhkiG9w0BAQsFAAOCAQEABlhZ2yyIVQLkJiO8PCkfkOHEE9R2 4ME9ZGR7I6Hzs7I1sTBKlKI58QOZ70FdB+J/8MoVamY07+8PtX4MilLzFgj08wTV 4vfF+wV+gwOrrIYLtOkcqDVX1X8CMQh9B9qVYO2+2FaEVqx2IfmZoIRQHa51DxCQ secOTYpKUESiAS8DFn9ykuEFnhkSxrY6ohdJh3iyqu4+WDCgYJ6qgI14c7kVxiVS gGVlSdQ10gqrwAhjsRnqUsB9wwNvLWFq4k208AMQDWr9N0lmKcEZrhXtlUL7rIrU NowVRI4bWObHrb12M7X0iJXnLaf77uNArk94wsslniLDV1S70DHNVdzLww== -----END CERTIFICATE-----Generated at Wed Sep 17 23:28:18 2025 by rpki-client