$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3014/0NQmB-IIMv1UPTQNHSxd_ko82JQ.roa File: 0NQmB-IIMv1UPTQNHSxd_ko82JQ.roa (raw, json) Hash identifier: DVnoM/5SAz24Vmj1IxTPmqDpB7wjFSfNW/GARAdT+oI= Subject key identifier: D0:D4:26:07:E2:08:32:FD:54:3D:34:0D:1D:2C:5D:FE:4A:3C:D8:94 Certificate issuer: /CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9 Certificate serial: 1599 Authority key identifier: 3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/0NQmB-IIMv1UPTQNHSxd_ko82JQ.roa Signing time: Sat 13 Sep 2025 03:06:37 +0000 ROA not before: Sat 13 Sep 2025 03:06:37 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 55990 IP address blocks: 113.47.204.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 23:00:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5529 (0x1599) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9 Validity Not Before: Sep 13 03:06:37 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=D0D42607E20832FD543D340D1D2C5DFE4A3CD894 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:5e:ea:70:e3:5a:21:9d:fc:22:51:09:e5:65: d3:bb:57:fd:18:e5:4f:7b:1f:5f:35:78:61:e2:ad: fe:ad:92:ec:01:5f:e1:ab:5a:2a:98:b0:6e:c7:b7: 39:a3:65:30:9d:a5:0a:c3:e6:7f:10:48:a7:d1:eb: aa:df:db:3a:20:7b:70:9c:24:f7:96:1b:de:57:1c: d8:15:60:5d:af:49:4c:72:37:f4:76:39:89:c9:38: 4c:fe:e1:23:44:46:a2:e6:a2:17:78:78:bd:e1:64: 2d:c6:3d:fb:65:f3:de:78:46:1f:19:ca:d3:fd:c1: 1b:10:62:1b:74:fe:c7:ae:b0:c1:6d:a8:75:cc:29: 83:90:3a:33:06:4d:00:86:62:ca:09:75:e1:6c:27: ce:b8:a7:b5:0e:d4:1e:e5:e1:d0:d4:d7:37:40:e1: 95:f2:39:1b:b4:5b:3f:03:f8:84:87:01:88:56:e4: e1:fc:05:55:a3:b3:26:ed:15:d6:32:be:2b:6b:6c: a2:9c:c8:96:95:0f:bb:d2:5b:0e:f0:94:29:fe:d0: af:1d:9b:a9:74:6d:ba:60:14:e1:cd:4d:36:26:7d: 49:ac:12:94:33:fc:f9:2d:9c:d0:e3:69:59:1d:a6: b3:41:3b:58:b7:9d:66:b5:3d:d4:fd:dc:2f:c8:dd: 4a:c1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D0:D4:26:07:E2:08:32:FD:54:3D:34:0D:1D:2C:5D:FE:4A:3C:D8:94 X509v3 Authority Key Identifier: keyid:3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/0NQmB-IIMv1UPTQNHSxd_ko82JQ.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 113.47.204.0/23 Signature Algorithm: sha256WithRSAEncryption 59:ff:29:4f:f3:67:4d:ed:be:0a:1f:55:2e:2e:12:57:73:48: 98:66:a2:8e:fa:95:49:dc:c0:15:52:85:3c:9a:45:c3:df:e0: 1a:c7:26:53:2f:74:95:5c:dd:ba:c5:a4:78:a1:45:27:ed:03: 60:71:c1:a3:fd:fc:b9:86:b3:d4:e0:8f:b1:c9:db:de:95:7a: fb:c5:d7:34:11:c6:64:95:d2:01:40:9c:54:82:de:2c:4f:15: 3a:16:ba:5a:9a:17:db:4f:17:19:0f:22:67:76:25:c9:fd:95: f7:32:cc:6d:18:19:ec:b6:26:b9:e0:08:72:72:22:ef:23:51: 2e:1f:b8:95:f5:de:90:6e:2f:2d:44:ab:94:eb:ed:b7:e2:03: 93:91:a8:06:90:15:51:d8:ce:82:71:d1:7b:ed:b0:c7:1d:3f: 15:70:70:2a:46:9d:6f:81:7a:35:4a:83:6a:3f:57:e2:d2:b5: 1d:ca:69:9d:ff:a2:21:9b:64:86:a5:19:d6:07:04:e5:87:9e: 82:21:f6:36:10:29:7a:e4:d5:66:21:f9:9a:07:c3:c8:c4:39: 36:b3:08:60:e3:3c:5e:01:7d:49:df:79:f5:0d:d2:8b:f9:fd: 28:fc:18:9c:83:8a:cb:bf:c3:31:12:9e:1e:50:b5:40:50:ba: 8d:d9:dd:95 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICFZkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0FD RTEwQzgzODI5MkM2RkM3MDY1ODVCNDQ0RUJBRURDQTJBMTFCOTAeFw0yNTA5MTMw MzA2MzdaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKEQwRDQyNjA3RTIwODMy RkQ1NDNEMzQwRDFEMkM1REZFNEEzQ0Q4OTQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCtXupw41ohnfwiUQnlZdO7V/0Y5U97H181eGHirf6tkuwBX+Gr WiqYsG7HtzmjZTCdpQrD5n8QSKfR66rf2zoge3CcJPeWG95XHNgVYF2vSUxyN/R2 OYnJOEz+4SNERqLmohd4eL3hZC3GPftl8954Rh8ZytP9wRsQYht0/seusMFtqHXM KYOQOjMGTQCGYsoJdeFsJ864p7UO1B7l4dDU1zdA4ZXyORu0Wz8D+ISHAYhW5OH8 BVWjsybtFdYyvitrbKKcyJaVD7vSWw7wlCn+0K8dm6l0bbpgFOHNTTYmfUmsEpQz /PktnNDjaVkdprNBO1i3nWa1PdT93C/I3UrBAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQU0NQmB+IIMv1UPTQNHSxd/ko82JQwHwYDVR0jBBgwFoAUOs4QyDgpLG/HBlhb RE667coqEbkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzAx NC9PczRReURncExHX0hCbGhiUkU2Njdjb3FFYmsuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL09zNFF5RGdwTEdfSEJsaGJSRTY2N2NvcUViay5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwMTQvME5RbUItSUlNdjFV UFRRTkhTeGRfa284MkpRLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAXEvzDANBgkqhkiG9w0BAQsFAAOCAQEAWf8pT/NnTe2+Ch9VLi4SV3NImGai jvqVSdzAFVKFPJpFw9/gGscmUy90lVzdusWkeKFFJ+0DYHHBo/38uYaz1OCPscnb 3pV6+8XXNBHGZJXSAUCcVILeLE8VOha6WpoX208XGQ8iZ3Ylyf2V9zLMbRgZ7LYm ueAIcnIi7yNRLh+4lfXekG4vLUSrlOvtt+IDk5GoBpAVUdjOgnHRe+2wxx0/FXBw Kkadb4F6NUqDaj9X4tK1Hcppnf+iIZtkhqUZ1gcE5YeegiH2NhApeuTVZiH5mgfD yMQ5NrMIYOM8XgF9Sd959Q3Si/n9KPwYnIOKy7/DMRKeHlC1QFC6jdndlQ== -----END CERTIFICATE-----Generated at Mon Oct 20 19:21:17 2025 by rpki-client