$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3130/nmpUn0br8VwUA6KA1qEqrOVOGmk.roa File: nmpUn0br8VwUA6KA1qEqrOVOGmk.roa (raw, json) Hash identifier: wMYJPfFr5icrCXJzzZVjg2Hrzvr98KWci1kPqVOh2Io= Subject key identifier: 9E:6A:54:9F:46:EB:F1:5C:14:03:A2:80:D6:A1:2A:AC:E5:4E:1A:69 Certificate issuer: /CN=2B0C50542CA87AA3C12F30C32323062C87102221 Certificate serial: 1A84 Authority key identifier: 2B:0C:50:54:2C:A8:7A:A3:C1:2F:30:C3:23:23:06:2C:87:10:22:21 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/nmpUn0br8VwUA6KA1qEqrOVOGmk.roa Signing time: Sat 13 Sep 2025 03:07:20 +0000 ROA not before: Sat 13 Sep 2025 03:07:20 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 18811 IP address blocks: 180.223.208.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 04:06:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6788 (0x1a84) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2B0C50542CA87AA3C12F30C32323062C87102221 Validity Not Before: Sep 13 03:07:20 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=9E6A549F46EBF15C1403A280D6A12AACE54E1A69 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:39:7a:82:31:75:9e:45:97:a6:b4:75:db:d6: c9:ce:b2:96:d6:bd:d9:79:7c:ce:b8:fe:6d:00:17: b1:3f:c0:f0:db:1a:fa:a7:98:d0:3f:d5:f7:62:17: 4d:26:80:2e:25:44:be:69:61:20:5b:43:b1:66:aa: e2:8b:df:e8:fe:c8:7c:7f:e2:c8:8e:95:f6:ae:6e: a4:87:24:94:b5:24:e9:76:41:eb:62:54:91:20:52: c6:4f:d6:ff:81:95:45:ca:26:5c:33:6d:e7:b6:3c: 14:aa:ac:e8:e6:aa:8c:7b:7e:24:90:6b:63:79:82: 17:d8:fb:c7:65:7e:12:a8:dd:ad:b4:fd:60:58:34: 69:61:59:2d:97:06:fb:66:d8:22:16:4d:4d:8b:06: e1:3a:f8:c7:c3:05:c7:1f:bd:70:79:70:e8:cc:dd: 3e:22:26:96:f1:ec:0c:09:4f:57:28:df:0b:43:d6: 21:48:c9:06:3b:2c:cd:36:ac:82:c7:02:92:64:7b: 61:f2:3f:52:7f:c2:9e:68:69:c3:8d:ee:36:d4:6d: 46:1b:c4:03:ad:d0:de:ca:2f:63:f2:12:c9:c7:8b: 37:78:b2:97:b0:fa:15:4e:c8:cd:e4:0c:40:9d:6f: 8e:60:04:27:ab:af:4a:bf:c3:63:87:3b:a5:be:94: 68:77 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9E:6A:54:9F:46:EB:F1:5C:14:03:A2:80:D6:A1:2A:AC:E5:4E:1A:69 X509v3 Authority Key Identifier: keyid:2B:0C:50:54:2C:A8:7A:A3:C1:2F:30:C3:23:23:06:2C:87:10:22:21 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/nmpUn0br8VwUA6KA1qEqrOVOGmk.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 180.223.208.0/22 Signature Algorithm: sha256WithRSAEncryption 12:e2:ce:91:bb:eb:02:a5:a9:b9:8d:0f:cd:5d:44:d9:75:60: e8:2e:66:ee:1d:5f:7a:a1:06:9d:c2:f7:b3:2b:87:91:b3:59: 21:c2:f0:61:ac:49:89:23:15:69:61:4f:2c:f8:b5:27:96:05: e2:cd:2a:ae:93:a3:1a:d8:af:5c:10:16:d0:3d:57:fa:c2:a6: 06:71:30:36:db:85:54:82:a2:ed:95:d7:71:b1:f0:98:2b:12: bf:3a:32:50:f3:52:94:01:22:80:39:d1:70:58:2e:34:b9:c3: 62:40:ec:0f:d6:09:73:ea:1e:0c:49:6e:ac:26:a9:a9:6a:92: b5:ac:f0:9c:ce:31:4a:f3:51:fe:a7:ff:33:a4:04:7e:52:56: 1f:05:cb:28:ee:29:7c:3f:39:bf:ed:4e:06:0c:ec:f9:18:f5: e3:bf:e2:bc:b4:76:18:30:8e:ae:01:d0:1f:7a:f9:2c:57:4f: 07:14:4d:04:bb:9a:92:b5:9a:a7:44:82:f2:cd:73:cc:de:d3: 07:d1:28:0b:29:ca:01:b8:39:09:e3:cc:ff:1e:98:ba:92:be: d0:27:b2:33:3a:34:a4:3c:65:69:73:cd:4d:a9:22:fb:5b:81: bf:b0:b2:d0:de:66:e2:35:b3:da:76:59:f7:a7:8b:a6:cf:e7: 36:b2:40:4d -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICGoQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkIw QzUwNTQyQ0E4N0FBM0MxMkYzMEMzMjMyMzA2MkM4NzEwMjIyMTAeFw0yNTA5MTMw MzA3MjBaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDlFNkE1NDlGNDZFQkYx NUMxNDAzQTI4MEQ2QTEyQUFDRTU0RTFBNjkwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDOOXqCMXWeRZemtHXb1snOspbWvdl5fM64/m0AF7E/wPDbGvqn mNA/1fdiF00mgC4lRL5pYSBbQ7FmquKL3+j+yHx/4siOlfaubqSHJJS1JOl2Qeti VJEgUsZP1v+BlUXKJlwzbee2PBSqrOjmqox7fiSQa2N5ghfY+8dlfhKo3a20/WBY NGlhWS2XBvtm2CIWTU2LBuE6+MfDBccfvXB5cOjM3T4iJpbx7AwJT1co3wtD1iFI yQY7LM02rILHApJke2HyP1J/wp5oacON7jbUbUYbxAOt0N7KL2PyEsnHizd4spew +hVOyM3kDECdb45gBCerr0q/w2OHO6W+lGh3AgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUnmpUn0br8VwUA6KA1qEqrOVOGmkwHwYDVR0jBBgwFoAUKwxQVCyoeqPBLzDD IyMGLIcQIiEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzEz MC9Ld3hRVkN5b2VxUEJMekRESXlNR0xJY1FJaUUuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0t3eFFWQ3lvZXFQQkx6RERJeU1HTEljUUlpRS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMxMzAvbm1wVW4wYnI4VndV QTZLQTFxRXFyT1ZPR21rLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEArTf0DANBgkqhkiG9w0BAQsFAAOCAQEAEuLOkbvrAqWpuY0PzV1E2XVg6C5m 7h1feqEGncL3syuHkbNZIcLwYaxJiSMVaWFPLPi1J5YF4s0qrpOjGtivXBAW0D1X +sKmBnEwNtuFVIKi7ZXXcbHwmCsSvzoyUPNSlAEigDnRcFguNLnDYkDsD9YJc+oe DElurCapqWqStazwnM4xSvNR/qf/M6QEflJWHwXLKO4pfD85v+1OBgzs+Rj147/i vLR2GDCOrgHQH3r5LFdPBxRNBLuakrWap0SC8s1zzN7TB9EoCynKAbg5CePM/x6Y upK+0CeyMzo0pDxlaXPNTaki+1uBv7Cy0N5m4jWz2nZZ96eLps/nNrJATQ== -----END CERTIFICATE-----Generated at Mon Oct 20 00:04:34 2025 by rpki-client