$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/817/NCuNyAfPvOccyLyb1gUDJ0lxFLs.roa File: NCuNyAfPvOccyLyb1gUDJ0lxFLs.roa (raw, json) Hash identifier: hqvpJUTAITSQB+1T0SqqdlbkHxBF1iC/yYz0ybg2jQg= Subject key identifier: 34:2B:8D:C8:07:CF:BC:E7:1C:C8:BC:9B:D6:05:03:27:49:71:14:BB Certificate issuer: /CN=2A711AA7DC60049B0B0D884897E015B1171F37B9 Certificate serial: 2172 Authority key identifier: 2A:71:1A:A7:DC:60:04:9B:0B:0D:88:48:97:E0:15:B1:17:1F:37:B9 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/NCuNyAfPvOccyLyb1gUDJ0lxFLs.roa Signing time: Fri 29 Aug 2025 09:05:22 +0000 ROA not before: Fri 29 Aug 2025 09:05:22 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 17621 IP address blocks: 113.31.160.0/20 maxlen: 20 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/KnEap9xgBJsLDYhIl-AVsRcfN7k.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/KnEap9xgBJsLDYhIl-AVsRcfN7k.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 09 Sep 2025 06:34:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8562 (0x2172) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2A711AA7DC60049B0B0D884897E015B1171F37B9 Validity Not Before: Aug 29 09:05:22 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=342B8DC807CFBCE71CC8BC9BD6050327497114BB Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d4:0c:82:92:0a:7f:ee:00:b5:bd:85:d9:51:51: 7e:b0:d2:7c:4e:6d:f4:be:29:cb:f8:4e:03:b2:92: b4:b9:f1:06:e8:bd:29:c6:22:1a:7a:94:89:58:8f: a7:d8:12:1b:94:d8:08:7b:df:35:ff:db:7b:32:6c: 5e:d9:81:58:76:9d:d0:9f:6d:dd:5c:d3:b3:16:58: aa:97:88:dc:db:8e:5b:5b:eb:f6:db:1a:d4:80:c6: ae:56:67:e0:fb:45:85:f9:13:4b:e7:2d:0e:4f:78: c1:a1:53:3f:41:7c:cf:14:95:f3:51:25:e6:84:a7: 19:9a:54:12:33:14:37:11:0c:c6:14:7d:eb:9d:a3: f1:4e:6f:be:2c:e4:94:a2:93:05:5a:20:ef:f8:f1: 96:b0:4e:30:28:54:1d:84:f0:4b:eb:65:a2:0c:29: 04:22:f0:21:f6:8d:8e:0e:d0:e2:03:3f:18:5f:a3: 65:29:9a:a7:2a:ce:db:b1:76:60:90:c0:59:3a:15: a5:77:f8:a2:b7:80:bb:90:68:46:d9:ae:a0:65:43: 61:2d:74:f7:31:f1:28:41:cf:8d:5e:53:db:99:c9: ed:a5:42:3c:64:fc:61:1d:b9:e8:0f:cb:90:f9:bd: 1d:1a:01:5f:df:02:46:91:a7:93:da:c1:f4:2c:c0: 1e:83 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 34:2B:8D:C8:07:CF:BC:E7:1C:C8:BC:9B:D6:05:03:27:49:71:14:BB X509v3 Authority Key Identifier: keyid:2A:71:1A:A7:DC:60:04:9B:0B:0D:88:48:97:E0:15:B1:17:1F:37:B9 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/KnEap9xgBJsLDYhIl-AVsRcfN7k.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/NCuNyAfPvOccyLyb1gUDJ0lxFLs.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 113.31.160.0/20 Signature Algorithm: sha256WithRSAEncryption 1d:1b:9d:61:26:7f:cf:e7:c4:e3:75:a7:0c:8f:1c:32:d8:19: b4:9d:3a:09:d6:cf:e5:4d:b9:fb:84:9f:14:82:d6:2f:0b:3d: cb:15:1f:a6:2b:04:54:0e:16:83:52:af:05:95:31:ef:85:fc: 8c:8d:50:91:c1:3e:a5:32:8a:b4:c2:7b:5f:1f:a2:70:ed:d3: c3:f1:bc:26:bc:39:6e:2d:c4:d2:0c:33:e9:cd:df:ef:2b:30: 24:64:ed:b4:f9:66:a8:24:bd:7f:8f:21:22:17:6a:36:5d:63: a5:b4:29:1e:4e:24:7d:4f:00:70:77:82:a2:3f:ad:22:fd:57: 6c:2c:6c:c3:6a:2f:87:19:f4:6f:37:b4:3d:21:91:8e:fe:c2: 1c:98:be:93:aa:b0:c6:a9:58:3a:27:ae:9c:3c:d6:51:f7:2e: 8a:9b:1f:9e:c1:4b:29:42:4a:93:eb:95:b5:52:d6:ab:f3:c3: cf:f0:cc:01:4b:ff:8f:5f:58:42:0f:e0:95:15:6c:eb:6c:27: 0e:93:aa:a1:35:8b:68:f8:86:1e:85:90:5e:b3:b3:8e:3f:ad: cb:f9:f6:3a:62:0f:9e:d3:c0:70:a0:51:26:20:1c:ad:67:40: ec:1d:b5:71:ac:78:c3:b8:5c:3e:a1:bf:40:ac:b5:44:1d:70: 67:29:14:81 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICIXIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkE3 MTFBQTdEQzYwMDQ5QjBCMEQ4ODQ4OTdFMDE1QjExNzFGMzdCOTAeFw0yNTA4Mjkw OTA1MjJaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDM0MkI4REM4MDdDRkJD RTcxQ0M4QkM5QkQ2MDUwMzI3NDk3MTE0QkIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDUDIKSCn/uALW9hdlRUX6w0nxObfS+Kcv4TgOykrS58QbovSnG Ihp6lIlYj6fYEhuU2Ah73zX/23sybF7ZgVh2ndCfbd1c07MWWKqXiNzbjltb6/bb GtSAxq5WZ+D7RYX5E0vnLQ5PeMGhUz9BfM8UlfNRJeaEpxmaVBIzFDcRDMYUfeud o/FOb74s5JSikwVaIO/48ZawTjAoVB2E8EvrZaIMKQQi8CH2jY4O0OIDPxhfo2Up mqcqztuxdmCQwFk6FaV3+KK3gLuQaEbZrqBlQ2EtdPcx8ShBz41eU9uZye2lQjxk /GEduegPy5D5vR0aAV/fAkaRp5PawfQswB6DAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUNCuNyAfPvOccyLyb1gUDJ0lxFLswHwYDVR0jBBgwFoAUKnEap9xgBJsLDYhI l+AVsRcfN7kwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODE3 L0tuRWFwOXhnQkpzTERZaElsLUFWc1JjZk43ay5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvS25FYXA5eGdCSnNMRFloSWwtQVZzUmNmTjdrLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODE3L05DdU55QWZQdk9jY3lM eWIxZ1VESjBseEZMcy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BARxH6AwDQYJKoZIhvcNAQELBQADggEBAB0bnWEmf8/nxON1pwyPHDLYGbSdOgnW z+VNufuEnxSC1i8LPcsVH6YrBFQOFoNSrwWVMe+F/IyNUJHBPqUyirTCe18fonDt 08PxvCa8OW4txNIMM+nN3+8rMCRk7bT5ZqgkvX+PISIXajZdY6W0KR5OJH1PAHB3 gqI/rSL9V2wsbMNqL4cZ9G83tD0hkY7+whyYvpOqsMapWDonrpw81lH3LoqbH57B SylCSpPrlbVS1qvzw8/wzAFL/49fWEIP4JUVbOtsJw6TqqE1i2j4hh6FkF6zs44/ rcv59jpiD57TwHCgUSYgHK1nQOwdtXGseMO4XD6hv0CstUQdcGcpFIE= -----END CERTIFICATE-----Generated at Tue Sep 9 04:05:00 2025 by rpki-client