$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/561/nGs8FHA9YPQT5lt1JMY6HuEz-2g.roa File: nGs8FHA9YPQT5lt1JMY6HuEz-2g.roa (raw, json) Hash identifier: G76MiAdf02iqVcYlYGDT3nxyCJdad+sYBHxLpvQTzbQ= Subject key identifier: 9C:6B:3C:14:70:3D:60:F4:13:E6:5B:75:24:C6:3A:1E:E1:33:FB:68 Certificate issuer: /CN=83E77F37B3B93850835BAA30EE8FC12D55F87054 Certificate serial: 202E Authority key identifier: 83:E7:7F:37:B3:B9:38:50:83:5B:AA:30:EE:8F:C1:2D:55:F8:70:54 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/g-d_N7O5OFCDW6ow7o_BLVX4cFQ.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/561/nGs8FHA9YPQT5lt1JMY6HuEz-2g.roa Signing time: Tue 26 Aug 2025 05:09:53 +0000 ROA not before: Tue 26 Aug 2025 05:09:53 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 23724 IP address blocks: 103.235.220.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/561/g-d_N7O5OFCDW6ow7o_BLVX4cFQ.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/561/g-d_N7O5OFCDW6ow7o_BLVX4cFQ.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/g-d_N7O5OFCDW6ow7o_BLVX4cFQ.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 08 Sep 2025 05:06:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8238 (0x202e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=83E77F37B3B93850835BAA30EE8FC12D55F87054 Validity Not Before: Aug 26 05:09:53 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=9C6B3C14703D60F413E65B7524C63A1EE133FB68 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:d1:28:71:56:da:90:a9:cf:4e:26:c2:d7:6a: 62:82:13:61:c7:51:8c:55:cf:f0:a3:30:74:9e:6c: bd:08:c6:b6:1e:6a:af:40:63:5d:0e:d9:dd:f3:48: 1d:9e:fc:60:89:99:97:6f:f8:34:9a:e5:83:99:8a: a0:a6:d0:64:fd:fa:f9:32:79:18:35:10:e6:21:77: 0e:b0:9b:dd:b6:09:07:db:ce:9c:8e:94:4d:ba:4d: 48:f2:84:94:20:fb:6c:7e:db:68:fa:37:3c:2d:42: f9:2b:f0:b5:cb:86:ce:1b:c1:07:52:7e:77:a1:9d: 67:50:95:45:92:d9:4b:49:ad:4e:27:f8:fb:d5:e0: 11:4c:92:da:d4:68:22:00:c2:20:f9:64:e5:bf:cb: a0:4e:90:f2:4f:a2:4f:32:9c:8f:83:d7:ee:f7:2c: b6:ab:10:44:65:f7:7a:82:fe:a2:70:e5:72:7f:65: 1d:fb:b6:11:ee:bc:26:b6:9a:0a:1f:59:45:cc:a9: 93:68:c3:73:d6:53:7c:6d:bd:07:8d:19:a4:5c:a1: 43:95:21:60:90:8b:9a:bd:fd:e6:99:1e:a1:ec:86: e0:ba:fb:ba:b2:b9:d4:55:c6:3f:7e:c7:51:27:1c: d1:11:ea:4a:4b:5b:74:96:ea:f4:2e:e1:df:12:b4: 0e:bb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9C:6B:3C:14:70:3D:60:F4:13:E6:5B:75:24:C6:3A:1E:E1:33:FB:68 X509v3 Authority Key Identifier: keyid:83:E7:7F:37:B3:B9:38:50:83:5B:AA:30:EE:8F:C1:2D:55:F8:70:54 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/561/g-d_N7O5OFCDW6ow7o_BLVX4cFQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/g-d_N7O5OFCDW6ow7o_BLVX4cFQ.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/561/nGs8FHA9YPQT5lt1JMY6HuEz-2g.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.235.220.0/22 Signature Algorithm: sha256WithRSAEncryption c4:2e:58:c0:78:a4:af:a0:38:07:8d:b7:e4:74:81:98:0e:be: 80:36:10:b0:c6:52:87:3c:4f:b3:80:bf:8c:05:33:cc:71:a3: ad:37:91:af:bd:bb:54:93:5f:a0:06:73:38:ff:22:c3:8f:51: c2:3c:7b:9a:f7:ea:fd:b9:57:6d:c5:af:d9:bf:35:64:78:9a: a2:21:97:a4:b9:42:fc:18:ea:33:c7:e2:46:d3:aa:eb:f6:c0: f6:e9:26:8e:0f:6d:a3:8f:e0:02:28:0c:8f:37:37:96:ee:ed: 20:29:8a:c6:e5:a0:6b:cd:0d:6e:57:7a:0e:50:75:56:7e:a1: 85:b2:27:ed:79:4f:90:dc:fe:98:13:84:34:e2:15:50:d7:95: 8e:a4:d3:da:3a:9e:c2:25:1e:e9:30:c4:83:4c:a9:ea:b8:25: 17:db:71:50:1a:64:4b:d5:49:dd:a4:83:22:ee:dd:43:da:6a: 81:a7:c0:2c:c6:de:e3:64:42:64:0d:1c:d7:39:83:b7:d6:2d: da:de:59:e3:66:a5:1c:79:f8:10:ad:cb:52:89:20:f2:10:ff: 5c:87:91:88:4e:ca:09:60:1d:80:93:a0:83:74:a6:60:0d:b5: 5f:d4:95:d5:24:06:bb:4c:ed:1d:4b:74:eb:e7:18:d4:20:5d: a1:50:10:6c -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICIC4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoODNF NzdGMzdCM0I5Mzg1MDgzNUJBQTMwRUU4RkMxMkQ1NUY4NzA1NDAeFw0yNTA4MjYw NTA5NTNaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDlDNkIzQzE0NzAzRDYw RjQxM0U2NUI3NTI0QzYzQTFFRTEzM0ZCNjgwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCu0ShxVtqQqc9OJsLXamKCE2HHUYxVz/CjMHSebL0IxrYeaq9A Y10O2d3zSB2e/GCJmZdv+DSa5YOZiqCm0GT9+vkyeRg1EOYhdw6wm922CQfbzpyO lE26TUjyhJQg+2x+22j6NzwtQvkr8LXLhs4bwQdSfnehnWdQlUWS2UtJrU4n+PvV 4BFMktrUaCIAwiD5ZOW/y6BOkPJPok8ynI+D1+73LLarEERl93qC/qJw5XJ/ZR37 thHuvCa2mgofWUXMqZNow3PWU3xtvQeNGaRcoUOVIWCQi5q9/eaZHqHshuC6+7qy udRVxj9+x1EnHNER6kpLW3SW6vQu4d8StA67AgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUnGs8FHA9YPQT5lt1JMY6HuEz+2gwHwYDVR0jBBgwFoAUg+d/N7O5OFCDW6ow 7o/BLVX4cFQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTYx L2ctZF9ON081T0ZDRFc2b3c3b19CTFZYNGNGUS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZy1kX043TzVPRkNEVzZvdzdvX0JMVlg0Y0ZRLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTYxL25HczhGSEE5WVBRVDVs dDFKTVk2SHVFei0yZy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAJn69wwDQYJKoZIhvcNAQELBQADggEBAMQuWMB4pK+gOAeNt+R0gZgOvoA2ELDG Uoc8T7OAv4wFM8xxo603ka+9u1STX6AGczj/IsOPUcI8e5r36v25V23Fr9m/NWR4 mqIhl6S5QvwY6jPH4kbTquv2wPbpJo4PbaOP4AIoDI83N5bu7SApisbloGvNDW5X eg5QdVZ+oYWyJ+15T5Dc/pgThDTiFVDXlY6k09o6nsIlHukwxINMqeq4JRfbcVAa ZEvVSd2kgyLu3UPaaoGnwCzG3uNkQmQNHNc5g7fWLdreWeNmpRx5+BCty1KJIPIQ /1yHkYhOyglgHYCToIN0pmANtV/UldUkBrtM7R1LdOvnGNQgXaFQEGw= -----END CERTIFICATE-----Generated at Mon Sep 8 02:33:43 2025 by rpki-client