$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/817/nZO-cvMICH7fCfCIphIc1zAOM10.roa File: nZO-cvMICH7fCfCIphIc1zAOM10.roa (raw, json) Hash identifier: h3u0MwuQI2Wt4U0xGQMWolXN7hZstiJ80eM+CoW/+l4= Subject key identifier: 9D:93:BE:72:F3:08:08:7E:DF:09:F0:88:A6:12:1C:D7:30:0E:33:5D Certificate issuer: /CN=2A711AA7DC60049B0B0D884897E015B1171F37B9 Certificate serial: 217A Authority key identifier: 2A:71:1A:A7:DC:60:04:9B:0B:0D:88:48:97:E0:15:B1:17:1F:37:B9 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/nZO-cvMICH7fCfCIphIc1zAOM10.roa Signing time: Fri 29 Aug 2025 09:05:24 +0000 ROA not before: Fri 29 Aug 2025 09:05:24 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 135377 IP address blocks: 106.75.195.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/KnEap9xgBJsLDYhIl-AVsRcfN7k.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/KnEap9xgBJsLDYhIl-AVsRcfN7k.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 05 Sep 2025 10:03:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8570 (0x217a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2A711AA7DC60049B0B0D884897E015B1171F37B9 Validity Not Before: Aug 29 09:05:24 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=9D93BE72F308087EDF09F088A6121CD7300E335D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f4:f4:de:73:fc:d8:eb:94:6c:76:ed:f0:cf:a2: 33:f8:76:46:5c:af:48:7e:f7:bd:70:31:4d:76:9d: bc:7c:e4:69:59:59:e6:da:c1:e4:5f:6a:31:91:63: 96:9f:66:cf:82:b6:4e:d3:b6:15:54:07:0b:cf:b8: fb:98:02:da:02:2b:d5:ce:6a:5d:28:97:c4:2c:81: 2d:ab:37:72:67:b1:ce:27:ed:c2:32:e4:e0:7e:45: c8:99:56:e2:39:5b:1c:79:15:0b:b6:c1:0d:8d:47: 4d:79:47:c8:52:af:cc:81:6b:16:d6:19:ef:e4:25: 9a:ac:eb:82:86:13:d7:a3:73:b4:81:9a:80:5a:2c: 0d:12:e3:44:59:a7:8f:2d:4e:04:58:58:32:23:34: 1f:c5:32:22:9c:b3:67:7e:10:fb:c8:20:f5:8f:48: f0:0d:f5:7f:5d:d0:26:77:52:b5:76:77:51:d1:8d: 21:56:a8:58:9c:f7:99:21:0a:42:66:38:6e:0f:eb: 8a:89:90:cd:3e:99:f2:14:83:e1:00:29:ae:9b:3c: f1:18:3f:d5:e2:4a:c2:3a:ab:d2:e1:82:62:b8:69: f7:ba:2e:af:4e:67:e9:9c:38:fa:ef:52:3c:4c:75: 6f:fa:ad:10:a7:d0:73:25:14:37:20:bf:7b:50:da: 5d:7f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9D:93:BE:72:F3:08:08:7E:DF:09:F0:88:A6:12:1C:D7:30:0E:33:5D X509v3 Authority Key Identifier: keyid:2A:71:1A:A7:DC:60:04:9B:0B:0D:88:48:97:E0:15:B1:17:1F:37:B9 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/KnEap9xgBJsLDYhIl-AVsRcfN7k.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/nZO-cvMICH7fCfCIphIc1zAOM10.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 106.75.195.0/24 Signature Algorithm: sha256WithRSAEncryption 33:69:e8:6b:93:4f:ba:57:28:c2:e9:05:f4:df:21:d2:be:a1: b2:ae:85:b5:0f:48:43:7e:13:cb:24:2e:07:fa:b9:eb:10:4d: 85:d8:1f:30:db:65:78:fb:f9:45:76:e5:75:66:23:9a:a0:1d: 73:eb:c6:da:d5:3b:b9:74:4c:b0:72:0c:cc:4d:8f:d3:02:14: 37:86:a1:d0:bb:4f:fd:5f:49:1c:4b:f3:49:a0:fb:08:fc:ec: 99:07:c2:ec:ce:46:bd:07:06:7d:5c:bb:a1:c3:66:25:67:ee: d0:c2:aa:29:1a:a4:78:16:24:7e:15:e1:29:ae:2a:f3:fd:5f: 75:5a:ed:6a:75:e0:c6:21:05:5c:14:5e:83:f3:f7:b6:ae:e1: bf:e9:71:4d:3a:d0:0e:b5:9e:10:cf:3b:f7:4c:0c:af:a8:53: d4:48:05:c5:2e:8d:26:29:2b:6c:4f:04:79:46:bb:ae:d3:8a: ae:af:62:a3:f0:50:06:3c:4e:f7:5c:15:da:81:5a:61:78:d0: 89:23:b9:ac:cc:d7:2d:32:ef:34:23:96:c2:de:68:42:50:ff: 7d:72:6a:1f:95:23:ba:53:61:f2:df:e4:9f:67:41:68:33:f7: b3:52:d6:55:5d:41:ca:39:b3:b7:66:e7:f9:19:b5:e2:92:fd: 85:81:7f:83 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICIXowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkE3 MTFBQTdEQzYwMDQ5QjBCMEQ4ODQ4OTdFMDE1QjExNzFGMzdCOTAeFw0yNTA4Mjkw OTA1MjRaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDlEOTNCRTcyRjMwODA4 N0VERjA5RjA4OEE2MTIxQ0Q3MzAwRTMzNUQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQD09N5z/NjrlGx27fDPojP4dkZcr0h+971wMU12nbx85GlZWeba weRfajGRY5afZs+Ctk7TthVUBwvPuPuYAtoCK9XOal0ol8QsgS2rN3Jnsc4n7cIy 5OB+RciZVuI5Wxx5FQu2wQ2NR015R8hSr8yBaxbWGe/kJZqs64KGE9ejc7SBmoBa LA0S40RZp48tTgRYWDIjNB/FMiKcs2d+EPvIIPWPSPAN9X9d0CZ3UrV2d1HRjSFW qFic95khCkJmOG4P64qJkM0+mfIUg+EAKa6bPPEYP9XiSsI6q9LhgmK4afe6Lq9O Z+mcOPrvUjxMdW/6rRCn0HMlFDcgv3tQ2l1/AgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUnZO+cvMICH7fCfCIphIc1zAOM10wHwYDVR0jBBgwFoAUKnEap9xgBJsLDYhI l+AVsRcfN7kwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODE3 L0tuRWFwOXhnQkpzTERZaElsLUFWc1JjZk43ay5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvS25FYXA5eGdCSnNMRFloSWwtQVZzUmNmTjdrLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODE3L25aTy1jdk1JQ0g3ZkNm Q0lwaEljMXpBT00xMC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BABqS8MwDQYJKoZIhvcNAQELBQADggEBADNp6GuTT7pXKMLpBfTfIdK+obKuhbUP SEN+E8skLgf6uesQTYXYHzDbZXj7+UV25XVmI5qgHXPrxtrVO7l0TLByDMxNj9MC FDeGodC7T/1fSRxL80mg+wj87JkHwuzORr0HBn1cu6HDZiVn7tDCqikapHgWJH4V 4SmuKvP9X3Va7Wp14MYhBVwUXoPz97au4b/pcU060A61nhDPO/dMDK+oU9RIBcUu jSYpK2xPBHlGu67Tiq6vYqPwUAY8TvdcFdqBWmF40IkjuazM1y0y7zQjlsLeaEJQ /31yah+VI7pTYfLf5J9nQWgz97NS1lVdQco5s7dm5/kZteKS/YWBf4M= -----END CERTIFICATE-----Generated at Fri Sep 5 09:08:35 2025 by rpki-client