$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3014/BVXhnLWPYzj1f4KKon3LF0zFPek.roa File: BVXhnLWPYzj1f4KKon3LF0zFPek.roa (raw, json) Hash identifier: IXpbPwxJKzLvWz79T6W+K6fTTaXTL/Bf1JmvG9koru0= Subject key identifier: 05:55:E1:9C:B5:8F:63:38:F5:7F:82:8A:A2:7D:CB:17:4C:C5:3D:E9 Certificate issuer: /CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9 Certificate serial: 1609 Authority key identifier: 3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/BVXhnLWPYzj1f4KKon3LF0zFPek.roa Signing time: Mon 22 Sep 2025 09:57:14 +0000 ROA not before: Mon 22 Sep 2025 09:57:14 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 55990 IP address blocks: 115.120.96.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 23:00:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5641 (0x1609) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9 Validity Not Before: Sep 22 09:57:14 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=0555E19CB58F6338F57F828AA27DCB174CC53DE9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:4d:63:21:05:95:24:6c:ad:e5:43:70:db:61: 3d:14:e9:31:70:13:5e:70:19:19:cc:4a:6d:da:a8: 5d:27:dd:8b:44:0c:4e:6d:32:d5:5d:05:9c:27:5f: 8b:cc:35:07:f5:7f:84:31:d5:a2:54:d1:97:9e:ec: 2d:4f:6d:e8:47:e6:3e:a6:dd:cc:c7:3d:eb:4d:e4: 0e:13:e4:fb:d7:7f:e8:69:10:d2:77:17:a5:f4:58: 9f:c2:66:9f:ac:8a:72:34:84:2e:c5:73:b0:96:45: b3:f2:b0:6b:4f:17:cd:c3:29:86:5c:e7:53:6a:44: 09:f9:dd:3f:80:a2:26:73:76:77:e1:9b:8b:1d:94: 07:54:d4:01:37:a3:2b:d6:66:01:06:40:7f:7d:28: 1a:ab:cf:31:ae:8e:ed:7c:02:d1:0a:9e:fc:69:30: ea:90:ce:9f:d6:1b:1e:c8:87:3c:e2:cd:32:58:cb: f1:d0:2d:bd:e5:94:ac:de:40:be:51:ff:f0:43:db: e5:da:ea:6f:38:81:3c:d5:b7:68:c9:be:c5:f9:9c: 5a:f3:97:5a:1b:d1:9f:73:34:84:32:e0:79:27:86: c6:89:53:e4:68:24:1d:9a:ee:6d:82:0f:19:11:ab: 5c:c8:55:59:a5:32:6a:f7:da:a9:0b:64:ee:ba:1e: f3:17 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 05:55:E1:9C:B5:8F:63:38:F5:7F:82:8A:A2:7D:CB:17:4C:C5:3D:E9 X509v3 Authority Key Identifier: keyid:3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/BVXhnLWPYzj1f4KKon3LF0zFPek.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 115.120.96.0/22 Signature Algorithm: sha256WithRSAEncryption 56:2a:e6:e6:13:ca:c0:89:17:58:8d:c2:65:0e:02:87:89:08: d3:3e:d8:7a:d2:22:0a:33:db:37:f3:a4:14:e0:ad:cd:b3:67: c9:99:cb:bb:56:6e:04:75:a3:3a:f2:4c:d8:92:64:d0:3c:2b: 35:27:a1:46:fd:58:cb:2e:89:63:33:fc:38:58:99:d7:d6:09: c6:c3:8a:ae:0e:36:52:59:0b:32:5d:02:19:be:59:81:f0:ae: 85:86:ee:31:e2:d2:0a:0c:77:41:db:a6:01:21:06:27:67:87: e9:68:ca:b3:b4:a0:6a:26:cd:64:ac:85:0c:7c:89:2b:76:3a: 97:20:f8:f1:9c:d1:83:23:51:35:8e:31:f5:ef:4a:b7:53:b0: c3:2d:87:92:82:71:92:2d:91:6a:36:02:df:05:b7:6b:b1:d7: 6a:bc:13:67:10:ee:a1:74:49:b1:54:82:d9:2c:97:e3:a8:58: e9:b3:8a:f3:29:48:5d:3d:2e:8f:6a:3e:5c:d3:68:c0:ec:29: e1:74:e7:b6:80:b1:2e:b7:a3:3a:42:f3:18:26:15:53:ae:e6: b7:ed:ec:6c:e1:b6:e4:7b:88:ad:07:1f:86:df:1a:f2:10:e5: 1f:80:5c:8e:cb:d5:65:fc:cf:86:10:7f:7e:51:4f:b7:b3:91: 2a:66:33:70 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICFgkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0FD RTEwQzgzODI5MkM2RkM3MDY1ODVCNDQ0RUJBRURDQTJBMTFCOTAeFw0yNTA5MjIw OTU3MTRaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDA1NTVFMTlDQjU4RjYz MzhGNTdGODI4QUEyN0RDQjE3NENDNTNERTkwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCrTWMhBZUkbK3lQ3DbYT0U6TFwE15wGRnMSm3aqF0n3YtEDE5t MtVdBZwnX4vMNQf1f4Qx1aJU0Zee7C1PbehH5j6m3czHPetN5A4T5PvXf+hpENJ3 F6X0WJ/CZp+sinI0hC7Fc7CWRbPysGtPF83DKYZc51NqRAn53T+AoiZzdnfhm4sd lAdU1AE3oyvWZgEGQH99KBqrzzGuju18AtEKnvxpMOqQzp/WGx7IhzzizTJYy/HQ Lb3llKzeQL5R//BD2+Xa6m84gTzVt2jJvsX5nFrzl1ob0Z9zNIQy4HknhsaJU+Ro JB2a7m2CDxkRq1zIVVmlMmr32qkLZO66HvMXAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUBVXhnLWPYzj1f4KKon3LF0zFPekwHwYDVR0jBBgwFoAUOs4QyDgpLG/HBlhb RE667coqEbkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzAx NC9PczRReURncExHX0hCbGhiUkU2Njdjb3FFYmsuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL09zNFF5RGdwTEdfSEJsaGJSRTY2N2NvcUViay5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwMTQvQlZYaG5MV1BZemox ZjRLS29uM0xGMHpGUGVrLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAnN4YDANBgkqhkiG9w0BAQsFAAOCAQEAVirm5hPKwIkXWI3CZQ4Ch4kI0z7Y etIiCjPbN/OkFOCtzbNnyZnLu1ZuBHWjOvJM2JJk0DwrNSehRv1Yyy6JYzP8OFiZ 19YJxsOKrg42UlkLMl0CGb5ZgfCuhYbuMeLSCgx3QdumASEGJ2eH6WjKs7SgaibN ZKyFDHyJK3Y6lyD48ZzRgyNRNY4x9e9Kt1Owwy2HkoJxki2RajYC3wW3a7HXarwT ZxDuoXRJsVSC2SyX46hY6bOK8ylIXT0uj2o+XNNowOwp4XTntoCxLrejOkLzGCYV U67mt+3sbOG25HuIrQcfht8a8hDlH4BcjsvVZfzPhhB/flFPt7ORKmYzcA== -----END CERTIFICATE-----Generated at Mon Oct 20 19:21:07 2025 by rpki-client