$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3014/3SC-DxIUJ4o3GtrIFT05QqT1vrA.roa File: 3SC-DxIUJ4o3GtrIFT05QqT1vrA.roa (raw, json) Hash identifier: LgB5R/Ed8+ULLxR/ay7hY0aNlQOlXYzi0+01dyNeCqg= Subject key identifier: DD:20:BE:0F:12:14:27:8A:37:1A:DA:C8:15:3D:39:42:A4:F5:BE:B0 Certificate issuer: /CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9 Certificate serial: 1592 Authority key identifier: 3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/3SC-DxIUJ4o3GtrIFT05QqT1vrA.roa Signing time: Sat 13 Sep 2025 03:06:36 +0000 ROA not before: Sat 13 Sep 2025 03:06:36 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 55990 IP address blocks: 113.46.94.0/23 maxlen: 23 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 23:00:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5522 (0x1592) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9 Validity Not Before: Sep 13 03:06:36 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=DD20BE0F1214278A371ADAC8153D3942A4F5BEB0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:b1:6e:51:72:f7:7c:5d:af:b7:b3:14:52:83: 33:de:7e:05:2c:6a:89:68:b6:58:3a:87:d9:a6:57: 59:1d:7b:1a:2e:f4:69:9d:62:2b:b5:50:73:8f:17: b8:3c:08:84:a1:02:0e:94:d8:9d:55:84:a3:c8:02: 32:59:c5:ea:91:98:1f:fa:d0:37:ba:b9:b8:bf:1c: e5:15:8b:04:64:5d:d5:cb:55:e0:b2:1c:16:cb:ee: d0:bc:7f:0d:c4:e9:b3:2a:f0:73:06:e2:95:6e:72: 0c:15:b1:45:5d:cc:90:f8:8b:a6:76:65:17:27:ae: e7:1f:28:ef:ac:b5:55:f6:53:0e:d8:d3:46:24:de: 8f:84:dd:24:43:86:f1:d3:7d:a0:3c:98:a4:34:32: b4:d3:21:bb:75:00:52:3b:3b:b2:f8:41:af:2c:c3: e4:86:63:f0:de:bf:fb:6c:0a:75:2b:39:77:14:35: f5:de:2f:84:92:f7:19:e4:fb:e9:1c:67:66:93:a9: 34:fd:18:06:bb:a5:d7:96:d9:d4:1d:55:81:fe:32: 9a:80:b4:78:31:19:d4:c0:c4:f7:7e:c9:24:2e:81: 77:50:d9:0f:31:e5:b1:d9:26:ee:d5:0d:5c:11:be: 91:3a:b7:b3:c8:ec:61:dd:c8:a5:0e:e3:18:be:27: bf:d5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DD:20:BE:0F:12:14:27:8A:37:1A:DA:C8:15:3D:39:42:A4:F5:BE:B0 X509v3 Authority Key Identifier: keyid:3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/3SC-DxIUJ4o3GtrIFT05QqT1vrA.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 113.46.94.0/23 Signature Algorithm: sha256WithRSAEncryption 0b:b2:c2:68:cd:ff:98:a1:6f:2f:3d:ab:d8:cc:e4:5a:31:16: 8c:04:a3:4d:be:12:af:5a:27:26:2b:c0:d3:2b:95:ad:5e:aa: 32:c0:42:b6:18:0b:1d:32:11:75:22:81:ad:68:01:e0:e1:10: 35:73:69:39:d6:a4:d6:79:6c:db:99:14:d6:14:04:ec:cc:bd: 81:10:ed:d2:37:5f:f8:ee:56:a3:83:c1:9e:ad:ea:48:d9:68: 52:68:ea:ea:f6:e6:7b:b3:1b:07:12:75:79:e9:07:bf:0a:13: 7b:e5:80:3d:91:94:25:f0:94:1e:46:89:43:d6:8d:a3:d5:9d: 1f:4a:28:82:ce:a8:4d:05:a9:bc:c3:0f:52:d4:15:20:5e:89: 2d:a6:67:ee:9d:ca:52:69:38:af:a6:5d:23:24:0f:fe:e7:2d: b1:08:8a:6e:a7:5f:5d:bd:bf:66:45:f3:29:6b:cf:17:4d:a7: 4b:20:80:d3:b0:26:53:64:d9:c7:18:a0:3d:ac:8a:e5:ea:05: 32:e4:a6:96:74:27:9a:fd:55:ab:a5:a8:5d:a1:1a:f7:0b:56: de:54:86:78:e7:43:e0:2f:3d:ca:21:5d:3d:3e:e1:2a:60:ed: 6e:c1:83:24:f4:f6:fa:ae:70:67:83:16:82:97:42:e4:14:ad: 49:c6:cc:fa -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICFZIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0FD RTEwQzgzODI5MkM2RkM3MDY1ODVCNDQ0RUJBRURDQTJBMTFCOTAeFw0yNTA5MTMw MzA2MzZaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKEREMjBCRTBGMTIxNDI3 OEEzNzFBREFDODE1M0QzOTQyQTRGNUJFQjAwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCssW5Rcvd8Xa+3sxRSgzPefgUsaolotlg6h9mmV1kdexou9Gmd Yiu1UHOPF7g8CIShAg6U2J1VhKPIAjJZxeqRmB/60De6ubi/HOUViwRkXdXLVeCy HBbL7tC8fw3E6bMq8HMG4pVucgwVsUVdzJD4i6Z2ZRcnrucfKO+stVX2Uw7Y00Yk 3o+E3SRDhvHTfaA8mKQ0MrTTIbt1AFI7O7L4Qa8sw+SGY/Dev/tsCnUrOXcUNfXe L4SS9xnk++kcZ2aTqTT9GAa7pdeW2dQdVYH+MpqAtHgxGdTAxPd+ySQugXdQ2Q8x 5bHZJu7VDVwRvpE6t7PI7GHdyKUO4xi+J7/VAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQU3SC+DxIUJ4o3GtrIFT05QqT1vrAwHwYDVR0jBBgwFoAUOs4QyDgpLG/HBlhb RE667coqEbkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzAx NC9PczRReURncExHX0hCbGhiUkU2Njdjb3FFYmsuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL09zNFF5RGdwTEdfSEJsaGJSRTY2N2NvcUViay5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwMTQvM1NDLUR4SVVKNG8z R3RySUZUMDVRcVQxdnJBLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAXEuXjANBgkqhkiG9w0BAQsFAAOCAQEAC7LCaM3/mKFvLz2r2MzkWjEWjASj Tb4Sr1onJivA0yuVrV6qMsBCthgLHTIRdSKBrWgB4OEQNXNpOdak1nls25kU1hQE 7My9gRDt0jdf+O5Wo4PBnq3qSNloUmjq6vbme7MbBxJ1eekHvwoTe+WAPZGUJfCU HkaJQ9aNo9WdH0oogs6oTQWpvMMPUtQVIF6JLaZn7p3KUmk4r6ZdIyQP/uctsQiK bqdfXb2/ZkXzKWvPF02nSyCA07AmU2TZxxigPayK5eoFMuSmlnQnmv1Vq6WoXaEa 9wtW3lSGeOdD4C89yiFdPT7hKmDtbsGDJPT2+q5wZ4MWgpdC5BStScbM+g== -----END CERTIFICATE-----Generated at Mon Oct 20 19:21:03 2025 by rpki-client