$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/NSIDhMmMRuYP8x5_bRPoyQJSjaw.roa File: NSIDhMmMRuYP8x5_bRPoyQJSjaw.roa (raw, json) Hash identifier: IitylBF+2169i8oZLEzNaGsDhm3yfp3aqfQp1rzyqCk= Subject key identifier: 35:22:03:84:C9:8C:46:E6:0F:F3:1E:7F:6D:13:E8:C9:02:52:8D:AC Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 1EA4 Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/NSIDhMmMRuYP8x5_bRPoyQJSjaw.roa Signing time: Sat 13 Sep 2025 03:05:20 +0000 ROA not before: Sat 13 Sep 2025 03:05:20 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 138527 IP address blocks: 45.252.100.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 13:37:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7844 (0x1ea4) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Sep 13 03:05:20 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=35220384C98C46E60FF31E7F6D13E8C902528DAC Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:de:f0:66:1c:05:90:1d:6e:e7:4f:79:f7:4e:ac: e9:6b:cd:49:4d:5b:df:0f:ae:1f:1e:d5:e3:a4:0d: f7:7f:37:10:86:79:78:ee:0d:58:a2:f9:7a:7b:f5: 5d:35:3b:39:9a:98:f0:e3:c3:58:43:a3:3e:ce:44: 73:11:a5:af:5f:39:e3:91:e4:8c:e6:b8:7c:54:26: b1:87:63:e1:18:eb:41:8e:ba:ac:1a:fe:cd:44:57: ea:53:04:9c:c9:f4:d8:6c:11:cb:78:d9:ec:4d:b6: 85:a4:f8:4b:d0:5c:18:a0:82:9d:a8:d3:30:29:70: d2:db:e6:37:db:4c:c5:dd:ec:3d:09:86:45:fa:4f: 7a:a1:1b:02:ec:25:e5:4f:eb:64:9c:a0:2e:0b:5a: fc:72:4e:65:db:5f:6f:9d:2b:f7:bf:f9:bc:48:0d: 4a:0f:d7:94:a8:19:4b:1b:bf:19:4a:c4:3d:89:21: bd:c3:33:cf:9a:10:2b:01:f1:c1:4a:40:0d:b9:47: 17:ac:72:e9:03:d6:27:dc:23:d9:a0:3b:d7:42:e0: db:5b:8b:23:86:39:10:af:e2:43:0f:6d:56:f9:ab: 21:97:97:2f:52:ec:be:01:d8:49:29:4c:d2:4f:d6: 81:b6:ec:95:89:06:67:35:6c:da:36:8a:3e:74:1f: b9:b7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 35:22:03:84:C9:8C:46:E6:0F:F3:1E:7F:6D:13:E8:C9:02:52:8D:AC X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/NSIDhMmMRuYP8x5_bRPoyQJSjaw.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 45.252.100.0/22 Signature Algorithm: sha256WithRSAEncryption 4e:fb:d7:9d:1b:ea:9a:54:dd:03:ed:ed:f0:4c:94:d8:c8:78: c0:7f:1a:0a:74:03:99:a3:45:81:94:77:f8:94:a5:eb:26:64: 2b:62:a0:a8:12:0a:ce:ac:c4:31:f9:69:c6:1b:50:6a:cb:45: 9c:db:99:5a:96:d3:a3:c0:19:e7:e2:f3:b2:50:1c:93:98:fa: ab:77:76:9a:98:b0:d7:fa:78:50:74:c7:d8:26:f3:e9:cc:5b: 1c:f2:04:c1:7c:b7:0c:f6:0e:38:bf:d5:ae:1e:e3:76:70:77: 83:97:df:17:65:1d:9f:bd:21:09:55:02:2e:3b:7f:46:3f:60: 1f:fb:0d:db:96:b8:00:6c:09:e7:e0:62:2c:56:dd:61:26:12: 1c:1d:dc:8d:6e:eb:46:52:ad:13:3e:75:d5:19:2c:95:18:08: 22:84:06:55:f2:57:3f:f7:60:88:4e:9f:39:eb:31:7e:99:24: e7:34:4e:24:56:ef:63:40:b1:e4:54:fb:95:21:27:73:ba:ba: 7a:2a:a6:0e:45:73:c7:76:bc:81:85:8a:c7:a6:f7:ad:ca:7b: e5:77:f4:af:72:e3:40:d7:08:5c:ca:8e:63:d6:c8:07:c4:23: af:c5:49:8b:c4:bb:a2:45:ce:72:a9:60:06:c1:64:27:c7:d5: 22:a1:82:40 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICHqQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTA5MTMw MzA1MjBaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDM1MjIwMzg0Qzk4QzQ2 RTYwRkYzMUU3RjZEMTNFOEM5MDI1MjhEQUMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDe8GYcBZAdbudPefdOrOlrzUlNW98Prh8e1eOkDfd/NxCGeXju DVii+Xp79V01OzmamPDjw1hDoz7ORHMRpa9fOeOR5IzmuHxUJrGHY+EY60GOuqwa /s1EV+pTBJzJ9NhsEct42exNtoWk+EvQXBiggp2o0zApcNLb5jfbTMXd7D0JhkX6 T3qhGwLsJeVP62ScoC4LWvxyTmXbX2+dK/e/+bxIDUoP15SoGUsbvxlKxD2JIb3D M8+aECsB8cFKQA25RxescukD1ifcI9mgO9dC4NtbiyOGORCv4kMPbVb5qyGXly9S 7L4B2EkpTNJP1oG27JWJBmc1bNo2ij50H7m3AgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUNSIDhMmMRuYP8x5/bRPoyQJSjawwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L05TSURoTW1NUnVZUDh4 NV9iUlBveVFKU2phdy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAIt/GQwDQYJKoZIhvcNAQELBQADggEBAE77150b6ppU3QPt7fBMlNjIeMB/Ggp0 A5mjRYGUd/iUpesmZCtioKgSCs6sxDH5acYbUGrLRZzbmVqW06PAGefi87JQHJOY +qt3dpqYsNf6eFB0x9gm8+nMWxzyBMF8twz2Dji/1a4e43Zwd4OX3xdlHZ+9IQlV Ai47f0Y/YB/7DduWuABsCefgYixW3WEmEhwd3I1u60ZSrRM+ddUZLJUYCCKEBlXy Vz/3YIhOnznrMX6ZJOc0TiRW72NAseRU+5UhJ3O6unoqpg5Fc8d2vIGFisem963K e+V39K9y40DXCFzKjmPWyAfEI6/FSYvEu6JFznKpYAbBZCfH1SKhgkA= -----END CERTIFICATE-----Generated at Mon Oct 20 13:13:36 2025 by rpki-client