$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3014/42ajRmfOB9WXyIXL1_j9JNfi5c0.roa File: 42ajRmfOB9WXyIXL1_j9JNfi5c0.roa (raw, json) Hash identifier: fSChUYFPCaKUqiuORZnS6k+x/H7ZTK9uIxrjVoL5Cug= Subject key identifier: E3:66:A3:46:67:CE:07:D5:97:C8:85:CB:D7:F8:FD:24:D7:E2:E5:CD Certificate issuer: /CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9 Certificate serial: 15A8 Authority key identifier: 3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/42ajRmfOB9WXyIXL1_j9JNfi5c0.roa Signing time: Sat 13 Sep 2025 03:06:41 +0000 ROA not before: Sat 13 Sep 2025 03:06:41 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 55990 IP address blocks: 113.46.64.0/23 maxlen: 23 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 23:00:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5544 (0x15a8) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9 Validity Not Before: Sep 13 03:06:41 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=E366A34667CE07D597C885CBD7F8FD24D7E2E5CD Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:bd:02:4e:36:61:d2:d7:31:b6:7b:1f:ca:4a: 63:06:81:e5:f4:9a:3c:bd:b8:a2:7e:a5:02:0e:02: 8b:7f:c4:22:2c:e0:c1:b6:37:ca:6a:fe:27:19:47: 2d:2b:6e:21:fa:be:bc:1f:6a:2e:97:77:e6:e1:37: 07:1c:1d:b8:bb:89:3a:30:9d:a9:e4:72:35:42:fb: 84:40:47:be:d6:2f:3a:b7:e9:cd:14:87:00:49:28: 97:d1:59:f0:d8:a7:c1:e9:f3:87:21:74:fd:41:9d: 9e:90:dd:a4:fb:bf:28:48:6d:ef:17:5f:fb:de:74: 8d:a8:24:4f:7c:0a:65:22:02:ad:56:2b:9a:56:f7: 2e:8a:17:d1:b7:12:06:11:6f:4d:4f:58:03:bc:b1: 87:b8:4e:4a:7d:63:ef:f1:91:d8:1c:28:86:dd:5c: 5b:7f:20:d3:bd:ad:cb:7f:93:a4:3a:26:5b:dc:d3: 57:9d:c5:5a:1b:91:19:d6:f5:d6:cf:e5:28:74:56: b9:e7:37:d7:9d:dc:cf:94:9c:50:0c:24:1e:64:60: 54:85:c4:9b:16:c5:29:79:78:d6:0e:f5:19:a4:bf: cf:5a:d6:f6:9d:77:7f:e9:61:f4:b2:de:52:ee:fc: 0d:36:7f:0d:a6:c3:16:06:fc:9d:e4:aa:89:8c:a8: 50:2f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E3:66:A3:46:67:CE:07:D5:97:C8:85:CB:D7:F8:FD:24:D7:E2:E5:CD X509v3 Authority Key Identifier: keyid:3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/42ajRmfOB9WXyIXL1_j9JNfi5c0.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 113.46.64.0/23 Signature Algorithm: sha256WithRSAEncryption 72:df:83:96:cc:fe:8c:44:70:20:64:ee:c7:e5:c4:79:75:c7: 89:47:22:f7:18:0e:62:e0:5e:ae:d9:dc:3e:9d:dd:a4:36:a0: 87:99:d2:c1:bd:eb:cd:53:d9:2f:c9:00:04:4d:b3:9a:cb:f1: 22:36:b1:3b:d8:27:06:8b:02:f0:72:cf:a9:a6:8a:35:01:06: 05:22:a5:1d:9f:a4:d6:a6:a1:cc:f7:5a:08:4f:87:e5:0b:c5: 15:b1:25:95:b6:6a:72:b0:d3:b3:52:c7:a5:81:cc:ca:20:7e: 89:74:91:cb:37:35:15:93:4b:c5:4d:30:9a:15:cb:aa:13:f3: 8b:0c:09:cc:2a:94:e3:d1:83:de:2c:73:e1:f0:90:92:75:c1: 1e:2f:59:d5:ac:75:f8:30:bd:fd:e2:3e:df:5e:70:45:53:7e: ff:14:cb:d5:b5:0f:05:51:44:5e:36:b7:24:4a:a5:27:ce:f1: 33:f0:97:c6:dd:e8:1f:19:2e:38:ab:a1:c7:65:61:0f:1a:42: aa:5b:be:f8:6b:36:7e:23:11:52:a4:1c:e8:68:10:37:e4:db: 78:59:aa:ff:f8:0b:f3:21:5e:09:e9:6c:b0:3d:de:cd:51:5d: 20:d2:92:d0:50:54:a5:01:1d:85:b6:7a:96:57:95:13:e7:ca: bd:9a:64:06 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICFagwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0FD RTEwQzgzODI5MkM2RkM3MDY1ODVCNDQ0RUJBRURDQTJBMTFCOTAeFw0yNTA5MTMw MzA2NDFaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKEUzNjZBMzQ2NjdDRTA3 RDU5N0M4ODVDQkQ3RjhGRDI0RDdFMkU1Q0QwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDQvQJONmHS1zG2ex/KSmMGgeX0mjy9uKJ+pQIOAot/xCIs4MG2 N8pq/icZRy0rbiH6vrwfai6Xd+bhNwccHbi7iTownankcjVC+4RAR77WLzq36c0U hwBJKJfRWfDYp8Hp84chdP1BnZ6Q3aT7vyhIbe8XX/vedI2oJE98CmUiAq1WK5pW 9y6KF9G3EgYRb01PWAO8sYe4Tkp9Y+/xkdgcKIbdXFt/INO9rct/k6Q6Jlvc01ed xVobkRnW9dbP5Sh0VrnnN9ed3M+UnFAMJB5kYFSFxJsWxSl5eNYO9Rmkv89a1vad d3/pYfSy3lLu/A02fw2mwxYG/J3kqomMqFAvAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQU42ajRmfOB9WXyIXL1/j9JNfi5c0wHwYDVR0jBBgwFoAUOs4QyDgpLG/HBlhb RE667coqEbkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzAx NC9PczRReURncExHX0hCbGhiUkU2Njdjb3FFYmsuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL09zNFF5RGdwTEdfSEJsaGJSRTY2N2NvcUViay5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwMTQvNDJhalJtZk9COVdY eUlYTDFfajlKTmZpNWMwLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAXEuQDANBgkqhkiG9w0BAQsFAAOCAQEAct+Dlsz+jERwIGTux+XEeXXHiUci 9xgOYuBertncPp3dpDagh5nSwb3rzVPZL8kABE2zmsvxIjaxO9gnBosC8HLPqaaK NQEGBSKlHZ+k1qahzPdaCE+H5QvFFbEllbZqcrDTs1LHpYHMyiB+iXSRyzc1FZNL xU0wmhXLqhPziwwJzCqU49GD3ixz4fCQknXBHi9Z1ax1+DC9/eI+315wRVN+/xTL 1bUPBVFEXja3JEqlJ87xM/CXxt3oHxkuOKuhx2VhDxpCqlu++Gs2fiMRUqQc6GgQ N+TbeFmq//gL8yFeCelssD3ezVFdINKS0FBUpQEdhbZ6lleVE+fKvZpkBg== -----END CERTIFICATE-----Generated at Mon Oct 20 19:21:17 2025 by rpki-client