$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/817/nLH-wcYh9R4NU4CwsStSvQpDEMs.roa File: nLH-wcYh9R4NU4CwsStSvQpDEMs.roa (raw, json) Hash identifier: XkkcUZso1BWwZPjyDfPLTdDmB3/+OUkORMynYvPRocQ= Subject key identifier: 9C:B1:FE:C1:C6:21:F5:1E:0D:53:80:B0:B1:2B:52:BD:0A:43:10:CB Certificate issuer: /CN=2A711AA7DC60049B0B0D884897E015B1171F37B9 Certificate serial: 2180 Authority key identifier: 2A:71:1A:A7:DC:60:04:9B:0B:0D:88:48:97:E0:15:B1:17:1F:37:B9 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/nLH-wcYh9R4NU4CwsStSvQpDEMs.roa Signing time: Fri 29 Aug 2025 09:05:25 +0000 ROA not before: Fri 29 Aug 2025 09:05:25 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 17621 IP address blocks: 113.31.176.0/20 maxlen: 20 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/KnEap9xgBJsLDYhIl-AVsRcfN7k.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/KnEap9xgBJsLDYhIl-AVsRcfN7k.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 09 Sep 2025 11:06:22 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8576 (0x2180) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2A711AA7DC60049B0B0D884897E015B1171F37B9 Validity Not Before: Aug 29 09:05:25 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=9CB1FEC1C621F51E0D5380B0B12B52BD0A4310CB Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:dc:17:e1:ad:3c:ee:1e:66:2c:a2:f0:67:17: 08:ef:cf:b2:33:b9:d7:f5:88:d9:fb:cd:ed:60:1b: 1f:d1:d9:a9:dd:14:01:95:5b:2a:3d:0b:06:0c:37: 38:1a:bb:6a:15:02:c1:53:4c:7d:35:4f:04:7b:34: a9:8a:88:2c:70:de:52:f4:16:2c:ee:28:33:c6:37: ae:ae:cd:93:4c:b7:7a:83:18:b2:a2:63:39:87:07: c1:81:0c:d0:08:ae:20:6b:61:47:58:f6:62:cf:73: 79:87:a6:0e:e4:1a:fc:2b:54:09:18:68:49:59:84: 83:2d:44:b8:df:21:cb:68:43:b6:53:fc:3d:47:ed: 44:64:ce:6c:aa:6a:0c:e6:00:44:b1:d2:0b:e5:cf: d2:f5:93:34:ab:97:f5:68:de:3c:aa:20:00:05:4b: 8d:bc:c5:9f:2b:75:38:d7:0c:05:f2:fd:1c:f3:70: 2a:f8:d9:a3:fa:9e:70:ef:3d:b0:97:3c:9d:31:9c: b2:f9:cb:a3:2d:84:84:7a:ef:78:32:6d:4f:e2:e7: 79:4f:f7:b7:3d:d3:5d:0d:2d:fc:d9:eb:98:1b:e4: 1d:3a:03:c8:53:55:0b:c8:0d:72:40:6a:32:e2:b6: 8a:28:e0:3d:a4:a5:75:73:a4:88:46:16:c9:e0:68: 61:bb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9C:B1:FE:C1:C6:21:F5:1E:0D:53:80:B0:B1:2B:52:BD:0A:43:10:CB X509v3 Authority Key Identifier: keyid:2A:71:1A:A7:DC:60:04:9B:0B:0D:88:48:97:E0:15:B1:17:1F:37:B9 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/KnEap9xgBJsLDYhIl-AVsRcfN7k.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/nLH-wcYh9R4NU4CwsStSvQpDEMs.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 113.31.176.0/20 Signature Algorithm: sha256WithRSAEncryption ba:91:a4:47:87:f3:b0:64:e2:43:dd:98:16:bf:26:b0:d6:8f: 51:79:93:70:72:d1:bc:02:19:0e:81:e6:58:37:46:15:6e:07: 9e:81:5b:10:e0:39:9b:ef:74:9b:06:a8:d2:ab:6d:9d:a3:c3: 61:58:39:d8:6c:c5:9b:a2:e6:f3:3b:ed:3f:16:12:99:a9:a8: 47:95:20:fa:9d:57:7d:43:31:9d:c0:6c:f4:d2:e5:6b:c9:6f: 21:01:5e:d8:fc:50:9f:f4:f8:fc:c0:c8:0d:d3:42:bd:71:9d: ce:2c:3d:96:ce:3d:7e:47:7e:92:1d:b3:b0:a0:1c:73:6a:fd: 62:e8:6e:80:3c:b7:15:80:29:cc:61:a9:4a:99:42:85:46:7c: 3d:62:b2:4f:86:88:1f:1f:5d:3c:29:c7:b6:b1:3f:04:81:85: 7f:6b:72:27:f5:b9:03:11:d2:96:c3:09:e1:3a:19:ed:e8:62: 6b:8c:5b:3c:16:81:0c:34:30:f8:06:1e:9a:82:cf:3c:ff:1b: 61:6a:07:b6:1d:21:b2:78:50:d9:05:4e:b9:2c:47:bb:fa:8d: c3:09:c2:da:23:07:0b:9a:c1:ba:72:4b:e7:3c:85:b3:e7:5a: c1:3f:d3:04:8d:ae:c0:29:3e:26:68:3d:53:b4:76:45:1d:bc: d3:7a:d7:42 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICIYAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkE3 MTFBQTdEQzYwMDQ5QjBCMEQ4ODQ4OTdFMDE1QjExNzFGMzdCOTAeFw0yNTA4Mjkw OTA1MjVaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDlDQjFGRUMxQzYyMUY1 MUUwRDUzODBCMEIxMkI1MkJEMEE0MzEwQ0IwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDO3BfhrTzuHmYsovBnFwjvz7Izudf1iNn7ze1gGx/R2andFAGV Wyo9CwYMNzgau2oVAsFTTH01TwR7NKmKiCxw3lL0FizuKDPGN66uzZNMt3qDGLKi YzmHB8GBDNAIriBrYUdY9mLPc3mHpg7kGvwrVAkYaElZhIMtRLjfIctoQ7ZT/D1H 7URkzmyqagzmAESx0gvlz9L1kzSrl/Vo3jyqIAAFS428xZ8rdTjXDAXy/RzzcCr4 2aP6nnDvPbCXPJ0xnLL5y6MthIR673gybU/i53lP97c9010NLfzZ65gb5B06A8hT VQvIDXJAajLitooo4D2kpXVzpIhGFsngaGG7AgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUnLH+wcYh9R4NU4CwsStSvQpDEMswHwYDVR0jBBgwFoAUKnEap9xgBJsLDYhI l+AVsRcfN7kwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODE3 L0tuRWFwOXhnQkpzTERZaElsLUFWc1JjZk43ay5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvS25FYXA5eGdCSnNMRFloSWwtQVZzUmNmTjdrLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODE3L25MSC13Y1loOVI0TlU0 Q3dzU3RTdlFwREVNcy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BARxH7AwDQYJKoZIhvcNAQELBQADggEBALqRpEeH87Bk4kPdmBa/JrDWj1F5k3By 0bwCGQ6B5lg3RhVuB56BWxDgOZvvdJsGqNKrbZ2jw2FYOdhsxZui5vM77T8WEpmp qEeVIPqdV31DMZ3AbPTS5WvJbyEBXtj8UJ/0+PzAyA3TQr1xnc4sPZbOPX5HfpId s7CgHHNq/WLoboA8txWAKcxhqUqZQoVGfD1isk+GiB8fXTwpx7axPwSBhX9rcif1 uQMR0pbDCeE6Ge3oYmuMWzwWgQw0MPgGHpqCzzz/G2FqB7YdIbJ4UNkFTrksR7v6 jcMJwtojBwuawbpyS+c8hbPnWsE/0wSNrsApPiZoPVO0dkUdvNN610I= -----END CERTIFICATE-----Generated at Tue Sep 9 10:12:51 2025 by rpki-client