$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3014/EkcFqVu9DvECthjfWci50Lf0Qgg.roa File: EkcFqVu9DvECthjfWci50Lf0Qgg.roa (raw, json) Hash identifier: Dp68UtqxNaRXOkDb0v7hI5+MBxyhWsmknGHRQZOLSA0= Subject key identifier: 12:47:05:A9:5B:BD:0E:F1:02:B6:18:DF:59:C8:B9:D0:B7:F4:42:08 Certificate issuer: /CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9 Certificate serial: 15A5 Authority key identifier: 3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/EkcFqVu9DvECthjfWci50Lf0Qgg.roa Signing time: Sat 13 Sep 2025 03:06:40 +0000 ROA not before: Sat 13 Sep 2025 03:06:40 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 55990 IP address blocks: 110.41.208.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 23:00:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5541 (0x15a5) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9 Validity Not Before: Sep 13 03:06:40 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=124705A95BBD0EF102B618DF59C8B9D0B7F44208 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:f4:27:ee:09:2c:f8:19:de:4b:f9:96:10:76: 35:1b:8f:78:cc:95:16:95:3f:e4:d5:c2:57:2b:48: 0e:01:64:d9:d2:a0:23:80:05:58:92:25:a8:4e:eb: a7:96:70:a9:b6:13:70:c9:4e:b1:27:b9:84:a7:5f: 0e:93:bd:b3:4f:6f:02:e7:d2:01:11:ce:99:c5:b8: ee:bb:d8:00:70:61:37:6b:65:b2:82:48:e6:29:45: 6f:44:41:a8:d0:a8:e4:9c:0a:94:5a:69:ec:8c:a1: cd:29:3e:34:b9:27:a1:14:4d:41:6d:eb:70:54:10: 3e:b4:51:66:65:78:44:e4:27:05:2b:83:61:db:61: 2d:2e:4d:76:05:a0:70:5f:5d:b1:25:26:c2:bc:6f: 41:78:0c:d8:97:65:27:b5:46:d2:41:eb:86:a2:14: 66:98:97:fa:95:39:c8:7d:9c:a6:7d:c7:99:83:07: fa:01:c8:4b:c3:a4:2b:ab:7f:d5:03:23:f8:16:29: 8b:e8:ee:70:cc:c1:c0:da:48:3f:31:43:fb:32:a5: e9:9a:b2:a5:a9:38:d1:68:91:6a:86:46:66:ef:1d: 18:81:0e:d9:09:70:21:ce:57:ea:fe:70:12:1c:16: df:37:09:d3:6d:d5:80:35:0d:8d:8e:ef:a9:5e:47: 63:ed Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 12:47:05:A9:5B:BD:0E:F1:02:B6:18:DF:59:C8:B9:D0:B7:F4:42:08 X509v3 Authority Key Identifier: keyid:3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/EkcFqVu9DvECthjfWci50Lf0Qgg.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 110.41.208.0/24 Signature Algorithm: sha256WithRSAEncryption 3b:93:63:80:e1:ac:15:f6:18:d2:f8:4a:94:48:79:94:d8:f4: 98:3c:cd:32:b4:5a:d6:ae:33:eb:c4:0f:8d:62:94:32:af:0a: 86:36:a8:ea:70:91:46:59:86:c5:c0:af:04:cd:e4:6d:44:0b: 8b:f3:0a:1e:07:bb:35:3f:73:4f:7d:44:cd:d4:90:1b:bc:3d: 8b:ee:b4:f3:bd:e1:2f:75:dc:9b:16:e2:5c:fa:0f:96:30:7b: d1:b6:72:b8:12:9a:88:5a:b7:53:7f:78:cd:9d:2c:2b:25:f7: 32:c5:14:04:d7:a2:36:2b:10:87:8c:d4:5d:94:20:25:47:86: e8:65:ed:65:77:76:ce:2c:f6:47:1a:e3:84:c8:4d:13:6f:37: a6:3b:17:ca:60:25:7b:e5:ef:4c:43:9c:9b:ab:64:d2:a7:44: 5d:4c:80:bd:48:50:1d:39:5c:98:61:f6:20:fb:7a:4e:b5:10: ee:8a:15:6a:b0:52:90:05:ba:9a:84:84:5a:f4:c1:7c:ed:8b: 77:01:aa:82:3d:eb:5e:32:44:8d:35:82:cb:b8:18:b3:82:92: d6:52:3e:c9:50:9c:07:95:34:61:e8:47:3c:af:34:76:ba:e2: 0d:2b:7d:f8:57:b7:d3:58:f2:2e:a4:35:dc:af:aa:5f:e9:fa: 69:85:a8:4b -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICFaUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0FD RTEwQzgzODI5MkM2RkM3MDY1ODVCNDQ0RUJBRURDQTJBMTFCOTAeFw0yNTA5MTMw MzA2NDBaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDEyNDcwNUE5NUJCRDBF RjEwMkI2MThERjU5QzhCOUQwQjdGNDQyMDgwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCz9CfuCSz4Gd5L+ZYQdjUbj3jMlRaVP+TVwlcrSA4BZNnSoCOA BViSJahO66eWcKm2E3DJTrEnuYSnXw6TvbNPbwLn0gERzpnFuO672ABwYTdrZbKC SOYpRW9EQajQqOScCpRaaeyMoc0pPjS5J6EUTUFt63BUED60UWZleETkJwUrg2Hb YS0uTXYFoHBfXbElJsK8b0F4DNiXZSe1RtJB64aiFGaYl/qVOch9nKZ9x5mDB/oB yEvDpCurf9UDI/gWKYvo7nDMwcDaSD8xQ/sypemasqWpONFokWqGRmbvHRiBDtkJ cCHOV+r+cBIcFt83CdNt1YA1DY2O76leR2PtAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUEkcFqVu9DvECthjfWci50Lf0QggwHwYDVR0jBBgwFoAUOs4QyDgpLG/HBlhb RE667coqEbkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzAx NC9PczRReURncExHX0hCbGhiUkU2Njdjb3FFYmsuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL09zNFF5RGdwTEdfSEJsaGJSRTY2N2NvcUViay5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwMTQvRWtjRnFWdTlEdkVD dGhqZldjaTUwTGYwUWdnLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAG4p0DANBgkqhkiG9w0BAQsFAAOCAQEAO5NjgOGsFfYY0vhKlEh5lNj0mDzN MrRa1q4z68QPjWKUMq8Khjao6nCRRlmGxcCvBM3kbUQLi/MKHge7NT9zT31EzdSQ G7w9i+60873hL3XcmxbiXPoPljB70bZyuBKaiFq3U394zZ0sKyX3MsUUBNeiNisQ h4zUXZQgJUeG6GXtZXd2ziz2RxrjhMhNE283pjsXymAle+XvTEOcm6tk0qdEXUyA vUhQHTlcmGH2IPt6TrUQ7ooVarBSkAW6moSEWvTBfO2LdwGqgj3rXjJEjTWCy7gY s4KS1lI+yVCcB5U0YehHPK80drriDSt9+Fe301jyLqQ13K+qX+n6aYWoSw== -----END CERTIFICATE-----Generated at Mon Oct 20 19:21:01 2025 by rpki-client