$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/623/nOwbBqF0fG857-cOOnKFLDZ2Iic.roa File: nOwbBqF0fG857-cOOnKFLDZ2Iic.roa (raw, json) Hash identifier: 2lmFPmiZkRXgWLwM+1CMKfpGd0hJw4Sw1vI8MpVy7cc= Subject key identifier: 9C:EC:1B:06:A1:74:7C:6F:39:EF:E7:0E:3A:72:85:2C:36:76:22:27 Certificate issuer: /CN=DEBFC900EDC34F81DA4827F1F9F63D04E0E2F756 Certificate serial: 07B8 Authority key identifier: DE:BF:C9:00:ED:C3:4F:81:DA:48:27:F1:F9:F6:3D:04:E0:E2:F7:56 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3r_JAO3DT4HaSCfx-fY9BODi91Y.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/623/nOwbBqF0fG857-cOOnKFLDZ2Iic.roa Signing time: Tue 13 May 2025 06:52:26 +0000 ROA not before: Tue 13 May 2025 06:52:26 +0000 ROA not after: Fri 03 Apr 2026 08:00:09 +0000 asID: 58834 IP address blocks: 202.168.180.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/623/3r_JAO3DT4HaSCfx-fY9BODi91Y.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/623/3r_JAO3DT4HaSCfx-fY9BODi91Y.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3r_JAO3DT4HaSCfx-fY9BODi91Y.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 18 May 2025 03:37:32 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1976 (0x7b8) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=DEBFC900EDC34F81DA4827F1F9F63D04E0E2F756 Validity Not Before: May 13 06:52:26 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=9CEC1B06A1747C6F39EFE70E3A72852C36762227 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:12:e1:dd:22:ee:f7:03:3b:49:ce:d3:ac:74: af:f0:e2:21:78:4a:88:7e:66:d2:a0:95:19:18:66: 1c:d3:b0:c6:54:a5:bc:ca:39:ef:8a:d8:ac:2b:9a: ed:d4:97:12:66:44:ec:66:6a:f8:23:4a:52:46:b3: c3:7f:45:8f:fa:74:e6:57:70:c8:d8:f9:68:d9:a8: 07:4c:89:c2:a1:fa:9f:05:07:ff:32:cd:82:95:59: ac:5c:de:96:5d:79:37:1f:a1:e7:23:49:ac:3a:4f: 97:b3:27:7a:9e:fb:67:08:91:b3:36:b9:85:cc:11: c8:91:52:af:82:16:90:8c:3c:60:e1:75:be:b8:1a: 2c:62:67:86:b5:cc:a5:8e:80:fa:ed:00:b4:a9:56: d6:5d:2e:7a:bb:76:dc:b6:d8:f8:c6:0d:af:bc:3e: 8f:9e:4b:db:d4:e0:81:3c:46:07:14:f5:ea:4e:e1: 81:b6:44:cc:0d:5b:8f:8f:23:0f:c9:17:f6:cb:e9: f0:d3:f8:a1:91:82:c4:5b:8b:d4:da:5d:b1:25:14: 94:87:20:be:83:75:e5:30:42:75:b6:52:93:53:0d: a3:07:3c:17:e7:5f:e2:58:de:8c:bd:6b:31:f3:37: 8a:bd:ea:60:5f:7f:3a:58:3f:8d:b2:c3:29:9d:6c: 7b:45 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9C:EC:1B:06:A1:74:7C:6F:39:EF:E7:0E:3A:72:85:2C:36:76:22:27 X509v3 Authority Key Identifier: keyid:DE:BF:C9:00:ED:C3:4F:81:DA:48:27:F1:F9:F6:3D:04:E0:E2:F7:56 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/623/3r_JAO3DT4HaSCfx-fY9BODi91Y.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3r_JAO3DT4HaSCfx-fY9BODi91Y.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/623/nOwbBqF0fG857-cOOnKFLDZ2Iic.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 202.168.180.0/22 Signature Algorithm: sha256WithRSAEncryption 70:43:ed:e8:93:36:9a:7d:c9:0e:a8:c5:b1:05:16:36:05:f1: 77:7b:6d:ad:d0:38:59:50:19:4e:c8:46:93:ef:7b:1f:f0:77: f8:88:c9:b2:5b:d5:12:51:79:6f:80:f9:c5:cd:ba:05:84:9b: 76:39:d6:43:9e:8c:b9:cc:94:ac:cf:b5:78:14:4a:0f:c0:59: 96:cf:78:7a:8d:ce:e6:11:85:68:90:61:2f:a8:1c:25:b0:a4: ea:12:d4:32:dd:f5:e5:02:fe:71:1e:30:91:23:e9:93:b7:bb: 95:f8:ca:6c:08:ef:89:f8:c6:1d:ba:c4:88:86:c9:8e:6d:3d: b5:a3:0b:39:bd:6d:56:b7:b5:59:8c:b1:a2:b8:95:bf:69:a3: 7f:23:1c:c6:ad:f3:c9:95:8d:e3:52:ef:46:ff:a0:ee:6a:f4: eb:fd:16:19:e0:8c:0f:48:c7:6c:ef:f4:01:e7:cc:23:b3:3a: 66:61:cf:60:18:ec:8b:0f:79:65:7b:70:7d:b9:b4:c1:a1:3a: 39:ca:16:97:7c:92:49:45:bd:47:b2:82:c2:33:5e:da:06:f6: 4a:ad:3b:a1:05:71:6c:bb:71:2e:d3:c1:9f:30:aa:c0:b8:7f: 77:cd:e3:9b:74:2d:bd:b6:ba:da:24:c7:02:d4:50:88:ae:63: 3d:9f:b0:2c -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICB7gwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoREVC RkM5MDBFREMzNEY4MURBNDgyN0YxRjlGNjNEMDRFMEUyRjc1NjAeFw0yNTA1MTMw NjUyMjZaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDlDRUMxQjA2QTE3NDdD NkYzOUVGRTcwRTNBNzI4NTJDMzY3NjIyMjcwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC5EuHdIu73AztJztOsdK/w4iF4Soh+ZtKglRkYZhzTsMZUpbzK Oe+K2Kwrmu3UlxJmROxmavgjSlJGs8N/RY/6dOZXcMjY+WjZqAdMicKh+p8FB/8y zYKVWaxc3pZdeTcfoecjSaw6T5ezJ3qe+2cIkbM2uYXMEciRUq+CFpCMPGDhdb64 GixiZ4a1zKWOgPrtALSpVtZdLnq7dty22PjGDa+8Po+eS9vU4IE8RgcU9epO4YG2 RMwNW4+PIw/JF/bL6fDT+KGRgsRbi9TaXbElFJSHIL6DdeUwQnW2UpNTDaMHPBfn X+JY3oy9azHzN4q96mBffzpYP42ywymdbHtFAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUnOwbBqF0fG857+cOOnKFLDZ2IicwHwYDVR0jBBgwFoAU3r/JAO3DT4HaSCfx +fY9BODi91YwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjIz LzNyX0pBTzNEVDRIYVNDZngtZlk5Qk9EaTkxWS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvM3JfSkFPM0RUNEhhU0NmeC1mWTlCT0RpOTFZLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjIzL25Pd2JCcUYwZkc4NTct Y09PbktGTERaMklpYy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BALKqLQwDQYJKoZIhvcNAQELBQADggEBAHBD7eiTNpp9yQ6oxbEFFjYF8Xd7ba3Q OFlQGU7IRpPvex/wd/iIybJb1RJReW+A+cXNugWEm3Y51kOejLnMlKzPtXgUSg/A WZbPeHqNzuYRhWiQYS+oHCWwpOoS1DLd9eUC/nEeMJEj6ZO3u5X4ymwI74n4xh26 xIiGyY5tPbWjCzm9bVa3tVmMsaK4lb9po38jHMat88mVjeNS70b/oO5q9Ov9Fhng jA9Ix2zv9AHnzCOzOmZhz2AY7IsPeWV7cH25tMGhOjnKFpd8kklFvUeygsIzXtoG 9kqtO6EFcWy7cS7TwZ8wqsC4f3fN45t0Lb22utokxwLUUIiuYz2fsCw= -----END CERTIFICATE-----Generated at Sun May 18 02:04:04 2025 by rpki-client