$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/623/NBmOK7Ez_UIwrdE5yX651PDa2Zg.roa File: NBmOK7Ez_UIwrdE5yX651PDa2Zg.roa (raw, json) Hash identifier: IbKtMRI5682zNZGeYlzgiPHPQCKe+QUkMnLIrRZTBws= Subject key identifier: 34:19:8E:2B:B1:33:FD:42:30:AD:D1:39:C9:7E:B9:D4:F0:DA:D9:98 Certificate issuer: /CN=DEBFC900EDC34F81DA4827F1F9F63D04E0E2F756 Certificate serial: 078F Authority key identifier: DE:BF:C9:00:ED:C3:4F:81:DA:48:27:F1:F9:F6:3D:04:E0:E2:F7:56 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3r_JAO3DT4HaSCfx-fY9BODi91Y.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/623/NBmOK7Ez_UIwrdE5yX651PDa2Zg.roa Signing time: Tue 06 May 2025 14:56:29 +0000 ROA not before: Tue 06 May 2025 14:56:29 +0000 ROA not after: Fri 03 Apr 2026 08:00:09 +0000 asID: 58834 IP address blocks: 202.168.170.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/623/3r_JAO3DT4HaSCfx-fY9BODi91Y.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/623/3r_JAO3DT4HaSCfx-fY9BODi91Y.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3r_JAO3DT4HaSCfx-fY9BODi91Y.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 17 May 2025 20:09:47 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1935 (0x78f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=DEBFC900EDC34F81DA4827F1F9F63D04E0E2F756 Validity Not Before: May 6 14:56:29 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=34198E2BB133FD4230ADD139C97EB9D4F0DAD998 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:6f:f1:a4:75:de:4d:f7:38:6d:3a:0d:8b:88: b0:d8:f0:a1:7a:62:c6:5a:ef:46:e1:64:b7:17:d2: 91:2e:bf:5c:4a:de:23:51:17:d3:3e:98:27:3e:2f: 08:a0:21:d6:01:4e:66:a4:05:41:5d:24:51:ce:03: 0a:92:e6:4e:bf:5c:3c:dc:4f:0c:ab:29:26:07:58: f8:c5:aa:ee:6a:1a:57:ad:e3:eb:84:36:2e:9d:ac: 31:1d:17:87:68:d5:f9:cd:df:f2:19:72:cb:bf:04: 96:50:39:a9:f4:74:3b:a1:d4:dd:4d:16:34:94:0b: 74:f3:6c:6d:81:c4:4d:b3:c1:cd:5c:2d:00:fc:ef: c2:cc:74:dc:9d:fc:06:38:c3:61:f5:ae:a5:48:33: 48:39:94:b4:59:38:3a:dd:9c:7e:ba:46:f0:58:90: fd:45:7e:99:19:c5:a7:40:6f:5e:0b:1a:76:df:50: 47:f9:4b:3a:42:cb:a7:13:43:ce:cc:30:e1:47:cb: bd:81:bc:68:59:c4:54:16:5b:79:9c:36:9e:37:d6: 38:aa:26:d9:49:e2:df:63:e6:e9:8c:9a:d3:53:46: 7b:b4:4a:63:de:49:b5:0a:56:89:31:66:21:ae:da: 0f:68:96:58:6f:f8:b4:33:b5:c2:c1:b2:0a:32:5b: 2d:2d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 34:19:8E:2B:B1:33:FD:42:30:AD:D1:39:C9:7E:B9:D4:F0:DA:D9:98 X509v3 Authority Key Identifier: keyid:DE:BF:C9:00:ED:C3:4F:81:DA:48:27:F1:F9:F6:3D:04:E0:E2:F7:56 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/623/3r_JAO3DT4HaSCfx-fY9BODi91Y.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3r_JAO3DT4HaSCfx-fY9BODi91Y.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/623/NBmOK7Ez_UIwrdE5yX651PDa2Zg.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 202.168.170.0/23 Signature Algorithm: sha256WithRSAEncryption 9d:62:90:f4:2d:f5:49:29:40:0f:b6:58:d4:f1:26:ec:f2:0c: 2a:15:f9:f8:fb:87:7c:af:56:2f:89:99:6b:21:21:20:ae:70: c0:dd:c6:2b:60:66:89:43:58:34:c5:5f:01:c1:20:e9:a1:74: 74:b6:f5:66:bf:bf:21:54:6a:92:d9:49:e2:1f:52:4d:fa:00: d7:0e:d3:c0:79:69:7b:c6:fb:20:cc:60:fe:ab:6b:22:5d:f0: b9:6f:f8:68:61:f6:d6:96:78:f8:15:c0:5b:cd:f4:57:ed:2b: 88:ae:e1:83:27:c8:2b:19:38:dc:86:b4:57:98:6a:49:6f:4e: ff:e4:e0:06:0c:3d:08:78:10:be:2b:ab:48:b7:8e:b0:dd:82: 55:74:48:ff:70:23:f1:bf:6a:26:77:a3:1f:f9:d1:61:9a:55: 84:32:e5:31:46:49:56:5b:ad:7e:70:37:a9:ee:eb:c0:7c:3e: c9:57:9d:3b:c2:b4:e4:7c:64:eb:b6:88:1e:2c:ca:a2:80:ba: 5d:51:42:f8:9c:5d:8f:e8:1c:3f:a3:99:be:22:53:5e:50:21: 3a:77:61:f6:c8:cc:d8:3d:87:31:18:6d:bd:09:67:3b:34:9c: c4:9a:d5:0e:85:3a:8b:e8:32:2c:4f:88:09:ec:ca:9d:ef:c3: 0a:d5:aa:36 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICB48wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoREVC RkM5MDBFREMzNEY4MURBNDgyN0YxRjlGNjNEMDRFMEUyRjc1NjAeFw0yNTA1MDYx NDU2MjlaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDM0MTk4RTJCQjEzM0ZE NDIzMEFERDEzOUM5N0VCOUQ0RjBEQUQ5OTgwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDKb/Gkdd5N9zhtOg2LiLDY8KF6YsZa70bhZLcX0pEuv1xK3iNR F9M+mCc+LwigIdYBTmakBUFdJFHOAwqS5k6/XDzcTwyrKSYHWPjFqu5qGlet4+uE Ni6drDEdF4do1fnN3/IZcsu/BJZQOan0dDuh1N1NFjSUC3TzbG2BxE2zwc1cLQD8 78LMdNyd/AY4w2H1rqVIM0g5lLRZODrdnH66RvBYkP1FfpkZxadAb14LGnbfUEf5 SzpCy6cTQ87MMOFHy72BvGhZxFQWW3mcNp431jiqJtlJ4t9j5umMmtNTRnu0SmPe SbUKVokxZiGu2g9ollhv+LQztcLBsgoyWy0tAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUNBmOK7Ez/UIwrdE5yX651PDa2ZgwHwYDVR0jBBgwFoAU3r/JAO3DT4HaSCfx +fY9BODi91YwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjIz LzNyX0pBTzNEVDRIYVNDZngtZlk5Qk9EaTkxWS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvM3JfSkFPM0RUNEhhU0NmeC1mWTlCT0RpOTFZLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjIzL05CbU9LN0V6X1VJd3Jk RTV5WDY1MVBEYTJaZy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAHKqKowDQYJKoZIhvcNAQELBQADggEBAJ1ikPQt9UkpQA+2WNTxJuzyDCoV+fj7 h3yvVi+JmWshISCucMDdxitgZolDWDTFXwHBIOmhdHS29Wa/vyFUapLZSeIfUk36 ANcO08B5aXvG+yDMYP6rayJd8Llv+Ghh9taWePgVwFvN9FftK4iu4YMnyCsZONyG tFeYaklvTv/k4AYMPQh4EL4rq0i3jrDdglV0SP9wI/G/aiZ3ox/50WGaVYQy5TFG SVZbrX5wN6nu68B8PslXnTvCtOR8ZOu2iB4syqKAul1RQvicXY/oHD+jmb4iU15Q ITp3YfbIzNg9hzEYbb0JZzs0nMSa1Q6FOovoMixPiAnsyp3vwwrVqjY= -----END CERTIFICATE-----Generated at Sat May 17 19:42:14 2025 by rpki-client