$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3014/9Etwq-3E7CQCGP9jF9BayN1dazo.roa File: 9Etwq-3E7CQCGP9jF9BayN1dazo.roa (raw, json) Hash identifier: oj7sxaMXd6FajAMjbIPkbGDBHyysqWDOCr3oG9OUjvw= Subject key identifier: F4:4B:70:AB:ED:C4:EC:24:02:18:FF:63:17:D0:5A:C8:DD:5D:6B:3A Certificate issuer: /CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9 Certificate serial: 15D6 Authority key identifier: 3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/9Etwq-3E7CQCGP9jF9BayN1dazo.roa Signing time: Sat 13 Sep 2025 03:06:51 +0000 ROA not before: Sat 13 Sep 2025 03:06:51 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 55990 IP address blocks: 113.45.116.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 23:00:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5590 (0x15d6) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9 Validity Not Before: Sep 13 03:06:51 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=F44B70ABEDC4EC240218FF6317D05AC8DD5D6B3A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d3:67:72:78:5b:dc:88:0c:71:48:6b:38:c2:d6: 96:d8:8d:9c:b5:95:17:af:2f:e9:db:c5:6a:a5:7b: e7:c0:f0:8d:9e:d7:d3:bd:32:a6:e7:d6:c4:40:0b: f7:e4:0a:e6:f0:fe:41:45:46:c8:c1:99:1d:c5:d9: 43:6b:3b:c1:ae:e8:06:ae:bd:8a:e2:af:00:8b:9a: 6d:82:68:2a:ba:68:96:e4:18:cb:bc:4c:b5:11:ef: 7e:ec:08:8a:2c:3a:fb:ea:f8:d8:82:cb:cb:80:ad: 6f:5c:87:de:67:6b:98:f6:90:ec:d6:8a:65:7d:ec: 11:f4:31:ac:0e:97:1d:c7:36:67:cc:33:22:3f:48: cd:f7:20:8b:97:c7:ea:26:01:94:72:b6:31:fd:95: 9c:68:c7:3d:38:80:cd:c9:63:81:b4:10:0b:24:8b: 12:ac:02:a0:35:ac:d7:50:5f:e0:8b:d1:05:b7:38: 17:03:48:16:2a:28:30:53:bd:cd:2a:81:87:60:8d: 79:c0:7e:f8:98:e2:5c:89:0d:5a:fe:d1:93:22:d9: 83:38:e3:98:4e:f2:d7:b3:81:f2:bd:e3:d5:85:f7: 32:9e:29:5a:99:73:65:6b:b1:05:91:66:cf:95:19: d0:cb:97:72:17:72:de:4e:63:3a:30:fb:c9:b1:31: 65:6d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F4:4B:70:AB:ED:C4:EC:24:02:18:FF:63:17:D0:5A:C8:DD:5D:6B:3A X509v3 Authority Key Identifier: keyid:3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/9Etwq-3E7CQCGP9jF9BayN1dazo.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 113.45.116.0/22 Signature Algorithm: sha256WithRSAEncryption 48:ca:d1:d1:ce:bc:cc:67:c0:8e:cb:4a:37:c9:67:f1:21:a4: a1:f6:ea:17:60:0b:47:de:c7:63:12:fb:0a:25:bf:31:b1:ae: 52:46:70:a0:13:e3:94:5c:ec:5b:79:e0:af:2b:ed:74:fb:02: 5f:7d:c1:73:7f:23:96:29:52:c7:a7:11:2c:6b:f1:9b:96:74: 65:0c:30:96:1c:23:b4:f4:a8:14:53:bd:ba:c7:3a:a6:36:cc: 36:7a:63:56:fd:b5:16:b7:09:20:04:6c:ae:f5:41:00:f7:7c: 55:76:9c:a6:07:aa:ff:7a:3f:72:4a:d0:a9:34:9c:e2:9b:05: 5a:9f:2f:32:03:66:ec:43:2a:14:58:d4:44:c9:39:de:a0:0b: b4:ee:cc:7b:c5:11:86:03:c3:6e:57:f5:21:2d:dd:e5:35:9f: 27:dc:a5:5c:34:46:01:11:14:c3:e7:0e:bd:d9:b6:a2:e9:b7: 5f:ed:88:c2:9e:b6:da:5a:7c:9b:dc:81:3e:95:10:9f:20:7a: d4:c2:c8:27:8e:2d:1e:17:67:27:53:c2:92:02:c6:24:cd:64: 0d:f7:80:b7:85:19:13:31:23:0b:01:0f:58:f4:af:a0:6f:bd: e4:38:03:d1:47:2c:65:40:58:f7:98:f4:fa:07:4a:29:e2:17: 58:26:62:e1 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICFdYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0FD RTEwQzgzODI5MkM2RkM3MDY1ODVCNDQ0RUJBRURDQTJBMTFCOTAeFw0yNTA5MTMw MzA2NTFaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKEY0NEI3MEFCRURDNEVD MjQwMjE4RkY2MzE3RDA1QUM4REQ1RDZCM0EwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDTZ3J4W9yIDHFIazjC1pbYjZy1lRevL+nbxWqle+fA8I2e19O9 Mqbn1sRAC/fkCubw/kFFRsjBmR3F2UNrO8Gu6AauvYrirwCLmm2CaCq6aJbkGMu8 TLUR737sCIosOvvq+NiCy8uArW9ch95na5j2kOzWimV97BH0MawOlx3HNmfMMyI/ SM33IIuXx+omAZRytjH9lZxoxz04gM3JY4G0EAskixKsAqA1rNdQX+CL0QW3OBcD SBYqKDBTvc0qgYdgjXnAfviY4lyJDVr+0ZMi2YM445hO8tezgfK949WF9zKeKVqZ c2VrsQWRZs+VGdDLl3IXct5OYzow+8mxMWVtAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQU9Etwq+3E7CQCGP9jF9BayN1dazowHwYDVR0jBBgwFoAUOs4QyDgpLG/HBlhb RE667coqEbkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzAx NC9PczRReURncExHX0hCbGhiUkU2Njdjb3FFYmsuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL09zNFF5RGdwTEdfSEJsaGJSRTY2N2NvcUViay5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwMTQvOUV0d3EtM0U3Q1FD R1A5akY5QmF5TjFkYXpvLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAnEtdDANBgkqhkiG9w0BAQsFAAOCAQEASMrR0c68zGfAjstKN8ln8SGkofbq F2ALR97HYxL7CiW/MbGuUkZwoBPjlFzsW3ngryvtdPsCX33Bc38jlilSx6cRLGvx m5Z0ZQwwlhwjtPSoFFO9usc6pjbMNnpjVv21FrcJIARsrvVBAPd8VXacpgeq/3o/ ckrQqTSc4psFWp8vMgNm7EMqFFjURMk53qALtO7Me8URhgPDblf1IS3d5TWfJ9yl XDRGAREUw+cOvdm2oum3X+2Iwp622lp8m9yBPpUQnyB61MLIJ44tHhdnJ1PCkgLG JM1kDfeAt4UZEzEjCwEPWPSvoG+95DgD0UcsZUBY95j0+gdKKeIXWCZi4Q== -----END CERTIFICATE-----Generated at Mon Oct 20 19:21:13 2025 by rpki-client