$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2927/rNKBTWQo7UWNzVh2mXv8YwCgAB0.roa File: rNKBTWQo7UWNzVh2mXv8YwCgAB0.roa (raw, json) Hash identifier: nllRU1a+VNXHaqGR2zHZ5J+GQLKd57tDgPZdCt4stLs= Subject key identifier: AC:D2:81:4D:64:28:ED:45:8D:CD:58:76:99:7B:FC:63:00:A0:00:1D Certificate issuer: /CN=73D211D5B210E3B196054DB71892D8E38A4E09EF Certificate serial: 06 Authority key identifier: 73:D2:11:D5:B2:10:E3:B1:96:05:4D:B7:18:92:D8:E3:8A:4E:09:EF Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/c9IR1bIQ47GWBU23GJLY44pOCe8.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2927/rNKBTWQo7UWNzVh2mXv8YwCgAB0.roa Signing time: Wed 25 Jun 2025 02:40:31 +0000 ROA not before: Wed 25 Jun 2025 02:40:31 +0000 ROA not after: Thu 25 Jun 2026 02:35:12 +0000 asID: 134760 IP address blocks: 103.143.16.0/23 maxlen: 23 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2927/c9IR1bIQ47GWBU23GJLY44pOCe8.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2927/c9IR1bIQ47GWBU23GJLY44pOCe8.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/c9IR1bIQ47GWBU23GJLY44pOCe8.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 04 Jul 2025 13:18:22 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6 (0x6) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=73D211D5B210E3B196054DB71892D8E38A4E09EF Validity Not Before: Jun 25 02:40:31 2025 GMT Not After : Jun 25 02:35:12 2026 GMT Subject: CN=ACD2814D6428ED458DCD5876997BFC6300A0001D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:41:a0:61:d7:92:2c:c3:5e:be:6c:a0:59:42: 9f:ee:f1:ee:65:28:01:cc:97:d0:1a:b5:4b:f0:47: 4f:09:c5:78:0e:3d:43:f4:90:79:49:8c:07:01:8d: 31:21:5c:38:5c:11:76:02:2e:36:58:01:59:02:95: 2e:96:0f:b3:64:2e:75:ad:9e:e9:4d:0e:eb:86:d6: d9:e3:bb:71:d9:55:71:11:08:ee:bf:31:c1:86:5d: 21:9d:a5:b3:6d:f3:f7:48:25:ff:7a:b9:af:6c:14: 7a:40:d0:a4:e9:45:57:1e:3f:0f:4d:7b:50:22:bc: a1:59:ab:ce:55:a7:2b:ca:05:b9:6f:32:2c:95:cf: fa:67:70:71:3b:c8:5c:9c:bb:11:d8:75:c1:ac:73: 26:c4:4b:13:f6:b8:f8:07:78:31:9e:d4:52:ea:e8: 74:e6:ae:95:fd:ec:73:95:16:6b:9a:40:de:d7:a5: ea:32:61:d4:a7:d7:05:d7:83:b2:d8:81:61:c3:7f: 32:c4:c3:d0:ea:93:9a:7b:e1:9e:b3:bb:b0:9c:10: ef:13:ef:5b:c6:2c:c7:d9:7d:d3:09:68:bc:3d:db: 31:a9:61:6c:05:34:13:2b:01:f5:f4:91:29:c5:20: 64:6d:3a:1a:70:0f:07:90:50:ef:03:51:54:b5:30: ac:5b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AC:D2:81:4D:64:28:ED:45:8D:CD:58:76:99:7B:FC:63:00:A0:00:1D X509v3 Authority Key Identifier: keyid:73:D2:11:D5:B2:10:E3:B1:96:05:4D:B7:18:92:D8:E3:8A:4E:09:EF X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2927/c9IR1bIQ47GWBU23GJLY44pOCe8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/c9IR1bIQ47GWBU23GJLY44pOCe8.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2927/rNKBTWQo7UWNzVh2mXv8YwCgAB0.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.143.16.0/23 Signature Algorithm: sha256WithRSAEncryption be:55:bc:f3:de:32:ab:c4:79:0c:17:81:21:06:0b:17:f7:3d: 4f:ed:f8:ec:d6:c9:46:8d:4c:e5:68:6e:a4:58:76:8a:6b:27: 6d:0d:54:7f:bb:91:29:a9:78:88:fa:0c:f1:b7:92:65:50:4c: e1:00:4b:94:66:7f:13:57:dc:93:65:f6:8c:75:89:d2:3e:d1: f5:03:69:1f:4f:4e:74:b3:be:85:82:ac:65:af:fb:58:3a:14: e4:14:47:12:1e:d2:40:88:71:b3:10:a6:58:17:6e:d5:f3:33: b7:4c:77:39:76:11:02:92:2b:a0:7b:a4:f8:0a:b4:80:23:38: 5e:5e:27:53:9f:bd:92:23:49:96:cc:95:3d:e8:14:68:55:43: 9e:88:ae:24:bd:47:10:8f:4d:a5:58:21:77:66:0d:9f:01:a7: 31:2b:ff:15:41:1f:14:70:43:f6:b6:39:e8:3b:9b:13:40:14: 82:e2:d6:fc:52:e7:6f:74:2d:24:5d:84:bb:65:d3:12:e0:e4: 64:6d:d5:16:6c:c5:88:09:1a:1c:e9:c1:6b:2e:a1:93:b6:d7: 1e:50:cb:4b:53:e9:b6:86:7b:14:49:a5:0e:3f:06:76:ba:26: bf:5f:dc:5e:e2:a7:51:ca:66:73:66:a8:62:c1:fd:e1:ed:5a: 9a:a1:f1:7a -----BEGIN CERTIFICATE----- MIIE1jCCA76gAwIBAgIBBjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3M0Qy MTFENUIyMTBFM0IxOTYwNTREQjcxODkyRDhFMzhBNEUwOUVGMB4XDTI1MDYyNTAy NDAzMVoXDTI2MDYyNTAyMzUxMlowMzExMC8GA1UEAxMoQUNEMjgxNEQ2NDI4RUQ0 NThEQ0Q1ODc2OTk3QkZDNjMwMEEwMDAxRDCCASIwDQYJKoZIhvcNAQEBBQADggEP ADCCAQoCggEBALdBoGHXkizDXr5soFlCn+7x7mUoAcyX0Bq1S/BHTwnFeA49Q/SQ eUmMBwGNMSFcOFwRdgIuNlgBWQKVLpYPs2Quda2e6U0O64bW2eO7cdlVcREI7r8x wYZdIZ2ls23z90gl/3q5r2wUekDQpOlFVx4/D017UCK8oVmrzlWnK8oFuW8yLJXP +mdwcTvIXJy7Edh1waxzJsRLE/a4+Ad4MZ7UUurodOaulf3sc5UWa5pA3tel6jJh 1KfXBdeDstiBYcN/MsTD0OqTmnvhnrO7sJwQ7xPvW8Ysx9l90wlovD3bMalhbAU0 EysB9fSRKcUgZG06GnAPB5BQ7wNRVLUwrFsCAwEAAaOCAfMwggHvMB0GA1UdDgQW BBSs0oFNZCjtRY3NWHaZe/xjAKAAHTAfBgNVHSMEGDAWgBRz0hHVshDjsZYFTbcY ktjjik4J7zAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMF0GA1UdHwRWMFQwUqBQ oE6GTHJzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC8yOTI3 L2M5SVIxYklRNDdHV0JVMjNHSkxZNDRwT0NlOC5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvYzlJUjFiSVE0N0dXQlUyM0dKTFk0NHBPQ2U4LmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZ0GCCsGAQUFBwELBIGQMIGNMFgGCCsGAQUFBzALhkxyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjkyNy9yTktCVFdRbzdVV056 VmgybVh2OFl3Q2dBQjAucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25u aWMuY24vcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQBZ48QMA0GCSqGSIb3DQEBCwUAA4IBAQC+Vbzz3jKrxHkMF4EhBgsX9z1P7fjs 1slGjUzlaG6kWHaKaydtDVR/u5EpqXiI+gzxt5JlUEzhAEuUZn8TV9yTZfaMdYnS PtH1A2kfT050s76Fgqxlr/tYOhTkFEcSHtJAiHGzEKZYF27V8zO3THc5dhECkiug e6T4CrSAIzheXidTn72SI0mWzJU96BRoVUOeiK4kvUcQj02lWCF3Zg2fAacxK/8V QR8UcEP2tjnoO5sTQBSC4tb8UudvdC0kXYS7ZdMS4ORkbdUWbMWICRoc6cFrLqGT ttceUMtLU+m2hnsUSaUOPwZ2uia/X9xe4qdRymZzZqhiwf3h7VqaofF6 -----END CERTIFICATE-----Generated at Fri Jul 4 10:55:51 2025 by rpki-client