$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3171/N3GFntIB1rIHQkdwNA-MErwsnhA.roa File: N3GFntIB1rIHQkdwNA-MErwsnhA.roa (raw, json) Hash identifier: cb28yzvAVmBffLRAuQsGCOVBar292ioRhQdB6xFWgUI= Subject key identifier: 37:71:85:9E:D2:01:D6:B2:07:42:47:70:34:0F:8C:12:BC:2C:9E:10 Certificate issuer: /CN=02FB05DE3C544A9F1C344A63EB5F6CFDD3481156 Certificate serial: 15D2 Authority key identifier: 02:FB:05:DE:3C:54:4A:9F:1C:34:4A:63:EB:5F:6C:FD:D3:48:11:56 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/AvsF3jxUSp8cNEpj619s_dNIEVY.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3171/N3GFntIB1rIHQkdwNA-MErwsnhA.roa Signing time: Sat 13 Sep 2025 03:03:55 +0000 ROA not before: Sat 13 Sep 2025 03:03:55 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 137443 IP address blocks: 103.218.95.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3171/AvsF3jxUSp8cNEpj619s_dNIEVY.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3171/AvsF3jxUSp8cNEpj619s_dNIEVY.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/AvsF3jxUSp8cNEpj619s_dNIEVY.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 16 Sep 2025 02:03:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5586 (0x15d2) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=02FB05DE3C544A9F1C344A63EB5F6CFDD3481156 Validity Not Before: Sep 13 03:03:55 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=3771859ED201D6B207424770340F8C12BC2C9E10 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:5e:0c:1e:82:f6:37:63:73:d6:c0:55:35:80: 3c:5d:8b:ea:70:85:68:a4:d4:9b:99:40:d5:ca:c5: 66:2e:6c:fa:a3:69:2a:79:1d:d6:12:6f:2e:d0:82: 5d:fc:5f:ec:60:1e:b3:71:39:81:dc:e4:f8:da:9a: 43:38:d4:07:82:70:34:ea:16:fe:dd:22:cc:5d:1a: fc:6a:20:fc:e6:73:97:e3:a5:68:79:7a:f7:6a:b0: ea:58:39:86:b1:01:06:1f:68:df:58:50:10:83:08: eb:62:de:17:73:82:d3:e6:f5:02:c5:d4:c2:fa:89: 47:fa:b8:ca:1e:21:a0:44:a0:78:ce:5f:07:72:e1: 25:96:3a:44:d7:31:0f:52:eb:a7:10:b5:73:7b:c1: 72:78:e6:0e:e1:59:54:13:00:99:16:5f:f2:12:2f: 2d:2d:02:36:80:55:ed:00:20:5f:cd:af:4e:11:a1: 31:ea:18:80:c4:3e:93:ec:c8:ec:cd:ca:d2:be:50: 59:1b:df:8f:a1:76:f7:7c:ec:ab:9a:ba:b6:d3:3f: 62:20:f2:e4:95:6e:e1:39:ac:83:7e:81:b9:06:3c: e5:29:c1:11:f1:63:b6:3e:4b:d2:3b:10:ed:5c:1c: 95:4e:6f:a1:0a:78:93:0a:02:73:2c:7a:88:ec:36: f4:05 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 37:71:85:9E:D2:01:D6:B2:07:42:47:70:34:0F:8C:12:BC:2C:9E:10 X509v3 Authority Key Identifier: keyid:02:FB:05:DE:3C:54:4A:9F:1C:34:4A:63:EB:5F:6C:FD:D3:48:11:56 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3171/AvsF3jxUSp8cNEpj619s_dNIEVY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/AvsF3jxUSp8cNEpj619s_dNIEVY.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3171/N3GFntIB1rIHQkdwNA-MErwsnhA.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.218.95.0/24 Signature Algorithm: sha256WithRSAEncryption a9:6c:5c:11:b4:0c:c2:4b:4f:97:3f:9d:4a:f5:c4:51:62:2c: 7e:1d:6c:f1:6c:79:18:1a:67:de:7a:1b:74:ec:36:a7:74:db: ca:75:42:a0:fb:0a:66:e1:89:c5:94:9f:47:58:51:49:ac:94: df:f3:3e:2f:14:a2:63:ab:7d:34:78:d3:15:30:7b:02:bd:c9: 28:d3:f6:60:65:ff:2f:bb:aa:ef:24:8f:31:2d:d5:cf:5d:eb: 02:c5:46:5f:43:d4:14:93:d4:09:ef:c1:99:34:75:05:4e:b3: 05:20:e5:94:bb:44:53:c6:62:06:b1:9d:91:b1:53:c6:15:55: 5e:47:df:c1:03:b3:4b:52:28:09:59:d5:ff:ad:18:af:a7:93: d4:b2:4c:a6:99:5c:cb:3a:b3:c5:28:7d:71:90:19:a9:58:38: ba:5f:99:d8:d7:f7:b1:0d:91:d6:ad:c4:25:fd:53:91:9b:b5: e1:5a:28:53:2b:98:9f:d0:77:e8:31:52:5e:29:b1:2b:16:7d: 43:f6:63:09:2f:14:e4:ff:de:de:67:78:8e:2c:ce:de:d5:55: 11:fb:18:c2:9a:d1:f3:17:d0:9f:65:c6:d0:39:6e:f7:03:dd: 77:77:a1:52:22:97:b1:d5:a5:36:21:b6:c2:91:a7:09:70:44: 32:60:d9:12 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICFdIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMDJG QjA1REUzQzU0NEE5RjFDMzQ0QTYzRUI1RjZDRkREMzQ4MTE1NjAeFw0yNTA5MTMw MzAzNTVaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDM3NzE4NTlFRDIwMUQ2 QjIwNzQyNDc3MDM0MEY4QzEyQkMyQzlFMTAwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCuXgwegvY3Y3PWwFU1gDxdi+pwhWik1JuZQNXKxWYubPqjaSp5 HdYSby7Qgl38X+xgHrNxOYHc5PjamkM41AeCcDTqFv7dIsxdGvxqIPzmc5fjpWh5 evdqsOpYOYaxAQYfaN9YUBCDCOti3hdzgtPm9QLF1ML6iUf6uMoeIaBEoHjOXwdy 4SWWOkTXMQ9S66cQtXN7wXJ45g7hWVQTAJkWX/ISLy0tAjaAVe0AIF/Nr04RoTHq GIDEPpPsyOzNytK+UFkb34+hdvd87KuaurbTP2Ig8uSVbuE5rIN+gbkGPOUpwRHx Y7Y+S9I7EO1cHJVOb6EKeJMKAnMseojsNvQFAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUN3GFntIB1rIHQkdwNA+MErwsnhAwHwYDVR0jBBgwFoAUAvsF3jxUSp8cNEpj 619s/dNIEVYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzE3 MS9BdnNGM2p4VVNwOGNORXBqNjE5c19kTklFVlkuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0F2c0YzanhVU3A4Y05FcGo2MTlzX2ROSUVWWS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMxNzEvTjNHRm50SUIxcklI UWtkd05BLU1FcndzbmhBLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAGfaXzANBgkqhkiG9w0BAQsFAAOCAQEAqWxcEbQMwktPlz+dSvXEUWIsfh1s 8Wx5GBpn3nobdOw2p3TbynVCoPsKZuGJxZSfR1hRSayU3/M+LxSiY6t9NHjTFTB7 Ar3JKNP2YGX/L7uq7ySPMS3Vz13rAsVGX0PUFJPUCe/BmTR1BU6zBSDllLtEU8Zi BrGdkbFTxhVVXkffwQOzS1IoCVnV/60Yr6eT1LJMpplcyzqzxSh9cZAZqVg4ul+Z 2Nf3sQ2R1q3EJf1TkZu14VooUyuYn9B36DFSXimxKxZ9Q/ZjCS8U5P/e3md4jizO 3tVVEfsYwprR8xfQn2XG0Dlu9wPdd3ehUiKXsdWlNiG2wpGnCXBEMmDZEg== -----END CERTIFICATE-----Generated at Tue Sep 16 01:41:38 2025 by rpki-client