$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2578/nlfKk31w0-JMOBpbuydpYlmgaK4.roa File: nlfKk31w0-JMOBpbuydpYlmgaK4.roa (raw, json) Hash identifier: Pd6xFisxhVIf9N5p5BSqwtwrTZp9+Wnd5CgCa9g0/nM= Subject key identifier: 9E:57:CA:93:7D:70:D3:E2:4C:38:1A:5B:BB:27:69:62:59:A0:68:AE Certificate issuer: /CN=7CF44C06D5EA7DF0CBD4F68508F14E84DA08B752 Certificate serial: 17D0 Authority key identifier: 7C:F4:4C:06:D5:EA:7D:F0:CB:D4:F6:85:08:F1:4E:84:DA:08:B7:52 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/fPRMBtXqffDL1PaFCPFOhNoIt1I.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2578/nlfKk31w0-JMOBpbuydpYlmgaK4.roa Signing time: Tue 05 Aug 2025 13:46:32 +0000 ROA not before: Tue 05 Aug 2025 13:46:32 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 18186 IP address blocks: 103.99.78.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2578/fPRMBtXqffDL1PaFCPFOhNoIt1I.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2578/fPRMBtXqffDL1PaFCPFOhNoIt1I.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/fPRMBtXqffDL1PaFCPFOhNoIt1I.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 01:04:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6096 (0x17d0) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=7CF44C06D5EA7DF0CBD4F68508F14E84DA08B752 Validity Not Before: Aug 5 13:46:32 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=9E57CA937D70D3E24C381A5BBB27696259A068AE Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d9:8c:08:ff:36:59:fc:e8:32:b7:ab:9c:38:c7: af:11:92:25:c5:b1:bc:16:dd:e2:98:47:ec:40:7f: ae:a9:75:73:2f:9c:74:d3:c1:9c:fe:0d:e3:3c:f3: ee:35:ee:17:77:16:19:6b:81:1b:e3:e8:56:f9:7a: 00:ff:ef:e2:62:04:c3:8a:25:6f:99:a9:99:fd:1e: 41:21:c1:f8:07:6c:32:da:27:e9:30:4b:b8:15:e6: 76:de:f1:e1:ee:27:8c:fa:8e:0f:1d:05:84:a7:94: d2:3e:d8:74:45:81:2f:2d:0b:e6:99:5f:5d:32:47: 42:0d:25:37:b8:80:7d:39:17:e1:a6:66:42:2c:11: 6c:56:39:38:50:f7:58:cf:c0:c7:4e:f2:35:f2:dd: c8:df:00:da:3d:03:f4:93:62:33:31:f6:69:db:bd: 72:1e:c1:c1:36:a8:73:73:3c:2a:9a:06:4b:fa:37: 57:ee:06:57:92:6c:7c:ed:b6:d1:a4:d1:ef:11:0c: fb:2b:3d:5b:1e:c3:9f:41:71:7d:b4:0a:c7:b1:ac: b3:24:9d:0f:e9:d1:34:70:b6:8a:78:08:ed:65:02: 96:38:e9:a1:53:83:00:d2:aa:b4:f9:45:3b:d7:f1: 73:a4:89:21:61:2f:d3:e1:4c:49:05:2f:28:3a:6b: a4:f7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9E:57:CA:93:7D:70:D3:E2:4C:38:1A:5B:BB:27:69:62:59:A0:68:AE X509v3 Authority Key Identifier: keyid:7C:F4:4C:06:D5:EA:7D:F0:CB:D4:F6:85:08:F1:4E:84:DA:08:B7:52 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2578/fPRMBtXqffDL1PaFCPFOhNoIt1I.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/fPRMBtXqffDL1PaFCPFOhNoIt1I.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2578/nlfKk31w0-JMOBpbuydpYlmgaK4.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.99.78.0/24 Signature Algorithm: sha256WithRSAEncryption 8f:4d:78:df:1a:7b:5b:ef:42:7e:6d:d3:45:55:72:f8:d3:9b: 2b:80:93:1c:c0:6c:17:1c:9c:62:5b:30:66:44:8e:61:5d:76: 01:66:a9:33:83:29:fe:3d:b5:0a:5f:4a:8d:00:44:d9:ae:99: 9f:3d:7b:41:bf:01:a2:cb:6e:37:5d:d9:d5:4d:9b:6f:f1:26: b4:d7:a5:9a:94:52:1b:c3:34:ba:bb:3c:b4:e0:85:0a:1a:e1: 24:d6:44:e5:22:fd:fe:81:48:24:2d:ae:dc:62:42:d2:e7:bf: f2:e6:05:78:a4:1f:01:4a:a0:3b:67:51:78:db:2f:c4:f8:e1: e1:9a:fc:7b:df:f3:3b:dd:73:b7:b0:b0:d0:86:b2:7e:ef:2c: 16:7f:fd:c2:d3:45:21:ed:19:9a:57:4d:7c:cf:10:71:ad:e1: 72:81:90:f7:0f:ed:d0:34:0a:6a:f4:bb:f4:ba:21:a0:b3:f4: a9:05:a5:2e:9d:69:62:b9:e7:0e:df:a7:d1:36:18:9f:a9:b5: 85:ae:d6:3c:b9:2a:62:47:91:3c:be:b4:97:1e:a5:6c:a9:de: 0d:5b:b2:98:44:5c:1b:b9:28:9a:6e:e9:01:7c:4b:97:1d:d9: 79:61:10:60:6a:e3:48:25:90:03:62:f8:b6:b1:0d:1e:5d:57: 0c:1c:4a:14 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICF9AwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoN0NG NDRDMDZENUVBN0RGMENCRDRGNjg1MDhGMTRFODREQTA4Qjc1MjAeFw0yNTA4MDUx MzQ2MzJaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDlFNTdDQTkzN0Q3MEQz RTI0QzM4MUE1QkJCMjc2OTYyNTlBMDY4QUUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDZjAj/Nln86DK3q5w4x68RkiXFsbwW3eKYR+xAf66pdXMvnHTT wZz+DeM88+417hd3FhlrgRvj6Fb5egD/7+JiBMOKJW+ZqZn9HkEhwfgHbDLaJ+kw S7gV5nbe8eHuJ4z6jg8dBYSnlNI+2HRFgS8tC+aZX10yR0INJTe4gH05F+GmZkIs EWxWOThQ91jPwMdO8jXy3cjfANo9A/STYjMx9mnbvXIewcE2qHNzPCqaBkv6N1fu BleSbHztttGk0e8RDPsrPVsew59BcX20CsexrLMknQ/p0TRwtop4CO1lApY46aFT gwDSqrT5RTvX8XOkiSFhL9PhTEkFLyg6a6T3AgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUnlfKk31w0+JMOBpbuydpYlmgaK4wHwYDVR0jBBgwFoAUfPRMBtXqffDL1PaF CPFOhNoIt1IwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjU3 OC9mUFJNQnRYcWZmREwxUGFGQ1BGT2hOb0l0MUkuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL2ZQUk1CdFhxZmZETDFQYUZDUEZPaE5vSXQxSS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI1NzgvbmxmS2szMXcwLUpN T0JwYnV5ZHBZbG1nYUs0LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAGdjTjANBgkqhkiG9w0BAQsFAAOCAQEAj0143xp7W+9Cfm3TRVVy+NObK4CT HMBsFxycYlswZkSOYV12AWapM4Mp/j21Cl9KjQBE2a6Znz17Qb8BostuN13Z1U2b b/EmtNelmpRSG8M0urs8tOCFChrhJNZE5SL9/oFIJC2u3GJC0ue/8uYFeKQfAUqg O2dReNsvxPjh4Zr8e9/zO91zt7Cw0Iayfu8sFn/9wtNFIe0ZmldNfM8Qca3hcoGQ 9w/t0DQKavS79LohoLP0qQWlLp1pYrnnDt+n0TYYn6m1ha7WPLkqYkeRPL60lx6l bKneDVuymERcG7komm7pAXxLlx3ZeWEQYGrjSCWQA2L4trENHl1XDBxKFA== -----END CERTIFICATE-----Generated at Sun Aug 24 00:56:29 2025 by rpki-client