$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3014/ATSdfNKCHQ6oWfN1L0twEwMoVRs.roa File: ATSdfNKCHQ6oWfN1L0twEwMoVRs.roa (raw, json) Hash identifier: d3LezfroC5FbJA+Ggh21rZQwSWcyI9e603897+8Epno= Subject key identifier: 01:34:9D:7C:D2:82:1D:0E:A8:59:F3:75:2F:4B:70:13:03:28:55:1B Certificate issuer: /CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9 Certificate serial: 159A Authority key identifier: 3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/ATSdfNKCHQ6oWfN1L0twEwMoVRs.roa Signing time: Sat 13 Sep 2025 03:06:37 +0000 ROA not before: Sat 13 Sep 2025 03:06:37 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 55990 IP address blocks: 113.47.236.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 23:00:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5530 (0x159a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9 Validity Not Before: Sep 13 03:06:37 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=01349D7CD2821D0EA859F3752F4B70130328551B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:94:be:99:99:20:2d:2f:25:53:08:cc:de:2d:fa: 97:58:2d:bd:02:9c:a7:f0:8f:89:eb:4e:0f:d1:1a: 8d:d2:02:df:0b:10:44:d2:5f:d3:7c:b8:f7:95:48: 48:20:f3:60:2e:b2:33:8c:6b:87:10:b0:a1:e9:5f: b0:2b:ad:80:29:34:97:6d:5d:c1:b0:c3:cc:41:21: 6b:df:7f:3e:42:e1:08:60:4d:b9:ea:c7:b0:5b:b9: 16:f1:c0:27:2b:d3:b5:25:69:5d:dd:9d:14:cd:e0: bf:7f:45:f8:3d:b4:2d:77:01:58:d5:18:81:35:ab: 04:56:9a:88:4d:f2:7e:5f:f3:82:5b:47:ae:b7:b0: 1c:72:00:f8:83:26:07:3d:48:46:1c:7d:df:75:49: 88:21:38:61:27:bc:d6:53:1d:14:a3:26:75:e5:90: f5:75:1f:b7:d5:02:29:f3:a3:38:f6:ee:39:1b:ea: d8:30:20:23:a5:9c:f3:16:2b:7f:95:bf:8e:43:e0: 75:15:a0:c8:a0:b4:1b:86:36:ad:7a:4e:3d:88:ce: e2:55:5c:f0:5e:cd:3f:77:e9:40:cc:ac:ef:9e:e2: 25:08:83:0b:d7:45:e6:50:21:c2:96:5d:43:8c:a0: af:ce:da:d1:57:92:89:93:99:4d:fe:17:b6:ba:0a: a7:ff Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 01:34:9D:7C:D2:82:1D:0E:A8:59:F3:75:2F:4B:70:13:03:28:55:1B X509v3 Authority Key Identifier: keyid:3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/ATSdfNKCHQ6oWfN1L0twEwMoVRs.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 113.47.236.0/23 Signature Algorithm: sha256WithRSAEncryption 8f:e2:f9:0f:38:63:b2:0f:a6:b8:6a:7e:78:1c:a7:f7:27:7e: 36:b7:dd:a7:48:60:1a:81:01:da:16:ab:aa:c4:97:84:81:88: 36:3b:5f:79:e9:17:9f:cc:69:0a:1d:23:b1:81:08:75:0d:c7: ea:1f:0a:af:8a:00:d9:3d:ca:25:8c:ff:f6:f6:78:aa:44:da: e8:0d:28:00:dc:f5:10:56:7e:51:3a:8d:f0:19:1f:43:7e:47: 47:73:18:6a:78:c5:af:f6:62:70:f5:20:70:7e:94:48:c1:8d: 36:11:1b:cd:2c:5e:e4:7b:cb:c9:45:d1:1c:fb:b5:3b:52:10: ff:25:99:71:f9:98:a5:19:f9:27:c4:88:ad:7c:de:21:af:42: 0e:87:40:12:9f:86:cc:e6:e2:52:d9:a4:86:e3:f9:f4:63:75: e1:c9:3d:96:d5:d9:ea:cf:43:35:29:93:03:c1:59:dd:67:57: e5:8e:10:8a:5a:f6:c8:91:62:45:55:9d:80:a4:0f:df:38:47: 7b:4f:33:e7:9a:e4:0b:5a:07:20:81:80:d3:a3:cf:fa:df:9d: f1:69:2a:92:b0:16:e1:ac:8d:c4:91:fb:35:55:06:98:e7:45: e6:75:45:a8:a8:65:e9:ae:c4:25:60:61:08:81:6d:63:52:7c: ee:a6:87:c0 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICFZowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0FD RTEwQzgzODI5MkM2RkM3MDY1ODVCNDQ0RUJBRURDQTJBMTFCOTAeFw0yNTA5MTMw MzA2MzdaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDAxMzQ5RDdDRDI4MjFE MEVBODU5RjM3NTJGNEI3MDEzMDMyODU1MUIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCUvpmZIC0vJVMIzN4t+pdYLb0CnKfwj4nrTg/RGo3SAt8LEETS X9N8uPeVSEgg82AusjOMa4cQsKHpX7ArrYApNJdtXcGww8xBIWvffz5C4QhgTbnq x7BbuRbxwCcr07UlaV3dnRTN4L9/Rfg9tC13AVjVGIE1qwRWmohN8n5f84JbR663 sBxyAPiDJgc9SEYcfd91SYghOGEnvNZTHRSjJnXlkPV1H7fVAinzozj27jkb6tgw ICOlnPMWK3+Vv45D4HUVoMigtBuGNq16Tj2IzuJVXPBezT936UDMrO+e4iUIgwvX ReZQIcKWXUOMoK/O2tFXkomTmU3+F7a6Cqf/AgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUATSdfNKCHQ6oWfN1L0twEwMoVRswHwYDVR0jBBgwFoAUOs4QyDgpLG/HBlhb RE667coqEbkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzAx NC9PczRReURncExHX0hCbGhiUkU2Njdjb3FFYmsuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL09zNFF5RGdwTEdfSEJsaGJSRTY2N2NvcUViay5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwMTQvQVRTZGZOS0NIUTZv V2ZOMUwwdHdFd01vVlJzLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAXEv7DANBgkqhkiG9w0BAQsFAAOCAQEAj+L5Dzhjsg+muGp+eByn9yd+Nrfd p0hgGoEB2harqsSXhIGINjtfeekXn8xpCh0jsYEIdQ3H6h8Kr4oA2T3KJYz/9vZ4 qkTa6A0oANz1EFZ+UTqN8BkfQ35HR3MYanjFr/ZicPUgcH6USMGNNhEbzSxe5HvL yUXRHPu1O1IQ/yWZcfmYpRn5J8SIrXzeIa9CDodAEp+GzObiUtmkhuP59GN14ck9 ltXZ6s9DNSmTA8FZ3WdX5Y4Qilr2yJFiRVWdgKQP3zhHe08z55rkC1oHIIGA06PP +t+d8WkqkrAW4ayNxJH7NVUGmOdF5nVFqKhl6a7EJWBhCIFtY1J87qaHwA== -----END CERTIFICATE-----Generated at Mon Oct 20 19:21:19 2025 by rpki-client