$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/nxzh-9tbh541R9N4KrQ47OrUngk.roa File: nxzh-9tbh541R9N4KrQ47OrUngk.roa (raw, json) Hash identifier: /yYDPVV0Td8ajeuGWd+ASUpfD2Q2bc4ofHrVnPus5B0= Subject key identifier: 9F:1C:E1:FB:DB:5B:87:9E:35:47:D3:78:2A:B4:38:EC:EA:D4:9E:09 Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 1EBA Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/nxzh-9tbh541R9N4KrQ47OrUngk.roa Signing time: Sat 13 Sep 2025 03:05:25 +0000 ROA not before: Sat 13 Sep 2025 03:05:25 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 139259 IP address blocks: 103.220.251.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 13:37:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7866 (0x1eba) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Sep 13 03:05:25 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=9F1CE1FBDB5B879E3547D3782AB438ECEAD49E09 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:d7:c6:e3:e2:88:41:f7:45:9e:dc:d2:1d:9c: 34:58:2c:e2:71:fd:ee:8f:6b:7c:70:6a:80:98:93: 80:ed:28:7d:83:77:44:18:d0:4c:6d:0d:70:7f:9e: 61:5a:b5:0d:c2:7c:de:97:ae:6b:a7:34:01:e6:60: fe:9a:66:34:90:10:4f:33:47:dd:1d:d3:af:43:59: fc:63:ab:a0:39:2a:2d:6b:e2:1c:e5:0e:84:ad:b3: 29:70:36:0c:08:31:5e:8f:ec:dc:6e:0b:4a:07:04: 29:dc:e2:0a:d1:01:71:37:7c:39:5a:11:44:31:02: f4:70:7f:2d:7d:2d:34:d7:79:fe:f4:d5:e3:75:61: 37:14:1e:3d:b3:84:60:19:be:c2:b7:4c:24:a4:55: b7:8d:03:0a:ad:08:c3:e6:74:22:19:3f:82:df:ef: b3:89:96:54:7c:77:27:e3:89:10:e8:89:9f:50:9b: 5b:45:85:2a:ea:40:40:a8:10:e0:1d:d6:be:c2:cd: 50:75:36:01:7e:00:af:fa:06:fc:e1:d5:69:3a:4e: 41:c7:a8:76:d1:50:7b:66:6f:84:34:db:3a:ae:8e: b7:9c:e1:11:00:56:e5:19:d1:8a:c6:3e:71:9b:e3: 4d:f7:33:19:84:03:0b:76:df:7c:45:d7:a6:2d:c9: 07:5d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9F:1C:E1:FB:DB:5B:87:9E:35:47:D3:78:2A:B4:38:EC:EA:D4:9E:09 X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/nxzh-9tbh541R9N4KrQ47OrUngk.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.220.251.0/24 Signature Algorithm: sha256WithRSAEncryption 3c:da:9d:d2:48:9a:8f:47:0f:6c:44:e3:b7:2e:a7:5c:d5:d1: d7:8e:b0:73:1e:4e:d1:88:4a:1f:eb:e5:0a:64:76:02:f8:4b: 45:bb:a8:d1:c6:e6:4a:98:8d:8d:03:01:f2:6b:fe:a8:44:d6: 41:91:d0:4b:ab:96:58:76:2c:71:5f:6f:31:fb:9b:92:3f:b1: 23:81:c6:52:17:ca:c2:69:21:2f:6f:24:73:73:5f:9a:23:29: 1b:a6:09:e8:c9:e4:91:3c:dd:c8:ab:70:50:5d:f7:e4:31:6f: 47:71:8b:96:0f:e8:7c:1c:c8:ec:45:50:a2:da:c1:8a:fb:0b: 6d:6d:d8:fc:54:f0:90:63:8e:56:c9:ae:ab:c1:7a:2a:45:cc: 5e:e8:8e:29:ea:5f:ed:07:43:cb:27:80:e7:df:81:d7:11:40: 44:ba:b5:7b:37:b1:8c:13:fa:71:29:c3:fd:d9:49:aa:bd:8d: e7:de:b5:85:a3:d2:7b:6e:0b:4d:bf:a9:cf:59:76:b4:ab:ef: a6:60:ee:50:64:c7:15:99:87:4c:cc:ae:b1:c0:a7:39:53:b3: 50:5b:5d:ed:b8:ae:08:20:3f:e1:f0:6d:4b:d0:6a:6d:fb:31: cc:c3:59:eb:6b:fb:b0:bc:64:0a:de:a1:f9:89:be:24:25:f1: 4d:bd:2c:8f -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICHrowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTA5MTMw MzA1MjVaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDlGMUNFMUZCREI1Qjg3 OUUzNTQ3RDM3ODJBQjQzOEVDRUFENDlFMDkwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDP18bj4ohB90We3NIdnDRYLOJx/e6Pa3xwaoCYk4DtKH2Dd0QY 0ExtDXB/nmFatQ3CfN6XrmunNAHmYP6aZjSQEE8zR90d069DWfxjq6A5Ki1r4hzl DoStsylwNgwIMV6P7NxuC0oHBCnc4grRAXE3fDlaEUQxAvRwfy19LTTXef701eN1 YTcUHj2zhGAZvsK3TCSkVbeNAwqtCMPmdCIZP4Lf77OJllR8dyfjiRDoiZ9Qm1tF hSrqQECoEOAd1r7CzVB1NgF+AK/6Bvzh1Wk6TkHHqHbRUHtmb4Q02zqujrec4REA VuUZ0YrGPnGb4033MxmEAwt233xF16YtyQddAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUnxzh+9tbh541R9N4KrQ47OrUngkwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L254emgtOXRiaDU0MVI5 TjRLclE0N09yVW5nay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BABn3PswDQYJKoZIhvcNAQELBQADggEBADzandJImo9HD2xE47cup1zV0deOsHMe TtGISh/r5QpkdgL4S0W7qNHG5kqYjY0DAfJr/qhE1kGR0Eurllh2LHFfbzH7m5I/ sSOBxlIXysJpIS9vJHNzX5ojKRumCejJ5JE83circFBd9+Qxb0dxi5YP6HwcyOxF UKLawYr7C21t2PxU8JBjjlbJrqvBeipFzF7ojinqX+0HQ8sngOffgdcRQES6tXs3 sYwT+nEpw/3ZSaq9jefetYWj0ntuC02/qc9ZdrSr76Zg7lBkxxWZh0zMrrHApzlT s1BbXe24rgggP+HwbUvQam37MczDWetr+7C8ZAreofmJviQl8U29LI8= -----END CERTIFICATE-----Generated at Mon Oct 20 13:30:53 2025 by rpki-client