$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/nGwaZYJ86N_1QNSfT9erHW7i6gk.roa File: nGwaZYJ86N_1QNSfT9erHW7i6gk.roa (raw, json) Hash identifier: l2u6Seb3gUXVSZacwhFMPCIw8gQrzYUSrv3h/Oa+o6w= Subject key identifier: 9C:6C:1A:65:82:7C:E8:DF:F5:40:D4:9F:4F:D7:AB:1D:6E:E2:EA:09 Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 1EDF Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/nGwaZYJ86N_1QNSfT9erHW7i6gk.roa Signing time: Sat 13 Sep 2025 03:05:34 +0000 ROA not before: Sat 13 Sep 2025 03:05:34 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 24373 IP address blocks: 45.252.32.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 15:05:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7903 (0x1edf) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Sep 13 03:05:34 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=9C6C1A65827CE8DFF540D49F4FD7AB1D6EE2EA09 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d6:bf:9c:c5:e5:08:34:44:79:e5:79:25:16:7e: 92:96:b0:98:78:cb:dc:6a:5d:03:83:2b:f2:6d:7c: 58:6b:08:48:e9:46:35:fe:db:4d:6a:e0:16:ae:97: c6:bc:fa:e0:d0:cd:d9:e6:74:03:67:58:4e:79:d4: 37:32:11:96:1d:12:8d:55:d6:e0:57:74:e0:c0:b9: 9c:c3:ce:78:df:d8:53:9c:99:34:22:15:f3:0f:37: a3:ab:6a:83:39:52:f5:dd:58:a2:d5:da:2d:67:11: 94:b0:4f:cb:e5:ea:9b:bb:11:3f:6b:2c:4e:ed:fc: f9:f2:2f:5f:dc:0d:7e:d7:5e:53:9e:9c:96:0e:91: eb:64:2b:63:5f:6b:7f:ed:52:f7:ed:2b:4d:61:52: 7b:39:22:a7:fc:cf:c1:a5:24:7f:81:5b:75:ba:4c: f6:b3:1d:7b:9f:ed:54:f8:97:23:ec:90:24:1e:de: 96:f5:80:91:92:73:33:43:2d:f6:8a:4e:84:91:fb: bb:41:77:26:f5:ea:35:07:77:e2:11:60:7a:2e:c3: 45:77:ab:21:5f:6f:ea:37:f4:4a:46:8a:3f:6a:fb: e1:c4:7e:b4:a3:32:4e:f3:71:90:53:3d:75:ff:37: 31:3c:e4:fc:46:a5:c1:c4:64:fe:96:a0:6f:bd:2b: a8:1d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9C:6C:1A:65:82:7C:E8:DF:F5:40:D4:9F:4F:D7:AB:1D:6E:E2:EA:09 X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/nGwaZYJ86N_1QNSfT9erHW7i6gk.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 45.252.32.0/22 Signature Algorithm: sha256WithRSAEncryption d0:28:ea:a8:52:96:03:4c:9d:25:12:ae:57:ec:ef:9c:f2:82: 48:2b:43:a1:14:d0:ad:73:86:0a:f1:55:14:50:81:96:10:1e: 6c:3c:ea:ba:6f:44:19:c1:4b:8a:7e:43:23:f3:f9:52:70:b0: fa:b8:de:7c:f4:11:f4:11:b7:2f:77:31:52:21:d9:c2:f9:f2: 15:8e:3c:1d:76:44:98:bd:9c:d1:61:dc:5a:9e:26:22:29:78: 80:18:c5:3b:32:82:52:70:dd:c6:eb:4e:3a:8f:6e:0f:c7:b6: 21:64:02:3b:57:3e:7f:25:a3:36:7f:fb:8f:50:d6:d1:ec:bf: a0:7c:f4:26:f4:49:9d:a8:bd:52:9f:24:35:1e:21:01:6f:6f: 37:a1:ab:53:5a:3e:bd:dc:f6:00:18:d4:d6:47:06:9e:82:00: 67:c8:e9:69:04:d3:65:cb:15:de:04:d0:63:c4:53:4d:e0:c1: e8:d4:e6:78:88:30:d5:9f:f6:6c:91:40:37:0d:b8:82:7f:11: aa:73:1c:4a:e0:d0:4a:5e:98:45:a7:65:55:b0:30:02:1c:54: 0f:07:98:16:62:b7:0b:1a:25:17:74:57:20:92:e9:19:bf:0d: 0c:be:e5:4c:6f:6b:6d:36:3f:6d:ee:1e:d5:b7:3c:b9:63:e3: 12:42:00:79 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICHt8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTA5MTMw MzA1MzRaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDlDNkMxQTY1ODI3Q0U4 REZGNTQwRDQ5RjRGRDdBQjFENkVFMkVBMDkwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDWv5zF5Qg0RHnleSUWfpKWsJh4y9xqXQODK/JtfFhrCEjpRjX+ 201q4Baul8a8+uDQzdnmdANnWE551DcyEZYdEo1V1uBXdODAuZzDznjf2FOcmTQi FfMPN6OraoM5UvXdWKLV2i1nEZSwT8vl6pu7ET9rLE7t/PnyL1/cDX7XXlOenJYO ketkK2Nfa3/tUvftK01hUns5Iqf8z8GlJH+BW3W6TPazHXuf7VT4lyPskCQe3pb1 gJGSczNDLfaKToSR+7tBdyb16jUHd+IRYHouw0V3qyFfb+o39EpGij9q++HEfrSj Mk7zcZBTPXX/NzE85PxGpcHEZP6WoG+9K6gdAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUnGwaZYJ86N/1QNSfT9erHW7i6gkwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L25Hd2FaWUo4Nk5fMVFO U2ZUOWVySFc3aTZnay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAIt/CAwDQYJKoZIhvcNAQELBQADggEBANAo6qhSlgNMnSUSrlfs75zygkgrQ6EU 0K1zhgrxVRRQgZYQHmw86rpvRBnBS4p+QyPz+VJwsPq43nz0EfQRty93MVIh2cL5 8hWOPB12RJi9nNFh3FqeJiIpeIAYxTsyglJw3cbrTjqPbg/HtiFkAjtXPn8lozZ/ +49Q1tHsv6B89Cb0SZ2ovVKfJDUeIQFvbzehq1NaPr3c9gAY1NZHBp6CAGfI6WkE 02XLFd4E0GPEU03gwejU5niIMNWf9myRQDcNuIJ/EapzHErg0EpemEWnZVWwMAIc VA8HmBZitwsaJRd0VyCS6Rm/DQy+5Uxva202P23uHtW3PLlj4xJCAHk= -----END CERTIFICATE-----Generated at Mon Oct 20 14:31:54 2025 by rpki-client