$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3014/KmNTk1ngZUeGAK5ayMvHWA2pSw8.roa File: KmNTk1ngZUeGAK5ayMvHWA2pSw8.roa (raw, json) Hash identifier: dhlk3JYzzcgTtgXuxvE0lai6OTwwewulTNB3ymxQvDs= Subject key identifier: 2A:63:53:93:59:E0:65:47:86:00:AE:5A:C8:CB:C7:58:0D:A9:4B:0F Certificate issuer: /CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9 Certificate serial: 15B0 Authority key identifier: 3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/KmNTk1ngZUeGAK5ayMvHWA2pSw8.roa Signing time: Sat 13 Sep 2025 03:06:42 +0000 ROA not before: Sat 13 Sep 2025 03:06:42 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 55990 IP address blocks: 113.46.240.0/21 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 23:00:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5552 (0x15b0) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9 Validity Not Before: Sep 13 03:06:42 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=2A63539359E065478600AE5AC8CBC7580DA94B0F Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:93:5e:08:13:05:d2:12:7e:16:7c:86:7c:5d: a1:13:27:0f:f1:59:8e:8d:8a:b4:23:ff:ac:18:ba: 2a:b4:ba:0b:b4:2a:f3:a5:00:4d:ad:fe:81:c1:ad: 2f:b1:b8:80:ff:03:19:e8:ab:60:ba:4c:26:1e:a0: 52:25:8c:99:f7:61:32:1f:b7:13:24:f3:9e:99:de: 03:7d:ac:ad:63:98:ed:60:8c:75:74:68:26:79:af: e1:12:61:fb:2e:15:86:98:c3:1c:8c:65:f0:52:2b: 59:a4:24:d3:b1:dc:1b:01:e9:fd:4c:5a:69:d1:08: 78:c5:92:74:ce:b5:b9:e6:2a:89:db:96:e2:83:8a: c2:2d:a3:a5:b5:97:7a:d6:a6:ca:80:f1:3e:df:a7: 41:a8:bc:67:49:86:1b:1e:45:01:a2:16:b4:66:d6: 15:53:3f:66:ee:09:0c:0b:7f:ca:9f:0c:ef:34:2c: ad:b5:3d:f7:7b:35:8c:fe:a8:04:6b:19:4e:a4:91: 59:bf:66:14:1d:bf:38:79:89:c9:e6:4e:b4:24:27: 5f:47:d0:59:5e:b8:90:11:f6:9e:c6:79:55:c1:a6: 19:57:51:18:a3:48:a0:a1:dd:86:73:3b:12:fd:43: 5e:80:cc:7c:61:37:b1:e6:bd:62:bc:55:f3:c4:44: db:51 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2A:63:53:93:59:E0:65:47:86:00:AE:5A:C8:CB:C7:58:0D:A9:4B:0F X509v3 Authority Key Identifier: keyid:3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/KmNTk1ngZUeGAK5ayMvHWA2pSw8.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 113.46.240.0/21 Signature Algorithm: sha256WithRSAEncryption 8e:00:53:f0:f5:f8:2c:3a:08:25:f9:b0:41:5e:27:2c:c3:9f: 77:1c:ff:25:20:bc:01:4d:1e:89:48:1d:d0:f8:17:36:81:dd: 9d:e4:49:eb:61:d5:2c:dd:b1:ff:dd:e6:f5:72:8c:f3:32:45: 12:5c:cd:15:e8:d9:55:f0:e5:36:7d:3d:57:79:75:fd:4d:8e: f5:2f:a1:41:81:dd:64:e2:b0:30:70:7e:51:a3:5c:b4:c5:42: 4a:35:b9:4b:b8:40:a9:ab:b2:04:94:72:e2:1e:77:df:d9:bd: e9:c9:ce:d4:55:0d:b9:be:de:c9:14:7e:dc:e3:1b:bb:bb:74: 2e:ad:3a:4f:30:e2:bc:70:63:ea:c6:d1:23:71:e6:3c:c6:fc: 95:52:31:28:70:76:95:6f:e5:ce:ba:36:d0:8e:9a:ba:fe:8e: 5f:86:2d:12:63:23:1e:60:87:6e:35:19:6d:96:5b:d9:60:44: 1b:9e:ac:9e:49:cf:f5:12:27:2e:58:fb:2e:fb:aa:89:47:91: 2b:4a:ff:73:54:02:c2:8c:db:a6:a2:5a:46:ac:06:ed:4e:2b: 6f:9d:5b:5a:d3:52:00:22:8a:6c:b0:9e:51:ed:01:dc:b8:2e: 74:69:72:75:1b:25:f4:99:a2:84:70:0b:63:c2:01:a0:fa:f4: 80:76:30:49 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICFbAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0FD RTEwQzgzODI5MkM2RkM3MDY1ODVCNDQ0RUJBRURDQTJBMTFCOTAeFw0yNTA5MTMw MzA2NDJaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDJBNjM1MzkzNTlFMDY1 NDc4NjAwQUU1QUM4Q0JDNzU4MERBOTRCMEYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCyk14IEwXSEn4WfIZ8XaETJw/xWY6NirQj/6wYuiq0ugu0KvOl AE2t/oHBrS+xuID/Axnoq2C6TCYeoFIljJn3YTIftxMk856Z3gN9rK1jmO1gjHV0 aCZ5r+ESYfsuFYaYwxyMZfBSK1mkJNOx3BsB6f1MWmnRCHjFknTOtbnmKonbluKD isIto6W1l3rWpsqA8T7fp0GovGdJhhseRQGiFrRm1hVTP2buCQwLf8qfDO80LK21 Pfd7NYz+qARrGU6kkVm/ZhQdvzh5icnmTrQkJ19H0FleuJAR9p7GeVXBphlXURij SKCh3YZzOxL9Q16AzHxhN7HmvWK8VfPERNtRAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUKmNTk1ngZUeGAK5ayMvHWA2pSw8wHwYDVR0jBBgwFoAUOs4QyDgpLG/HBlhb RE667coqEbkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzAx NC9PczRReURncExHX0hCbGhiUkU2Njdjb3FFYmsuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL09zNFF5RGdwTEdfSEJsaGJSRTY2N2NvcUViay5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwMTQvS21OVGsxbmdaVWVH QUs1YXlNdkhXQTJwU3c4LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEA3Eu8DANBgkqhkiG9w0BAQsFAAOCAQEAjgBT8PX4LDoIJfmwQV4nLMOfdxz/ JSC8AU0eiUgd0PgXNoHdneRJ62HVLN2x/93m9XKM8zJFElzNFejZVfDlNn09V3l1 /U2O9S+hQYHdZOKwMHB+UaNctMVCSjW5S7hAqauyBJRy4h5339m96cnO1FUNub7e yRR+3OMbu7t0Lq06TzDivHBj6sbRI3HmPMb8lVIxKHB2lW/lzro20I6auv6OX4Yt EmMjHmCHbjUZbZZb2WBEG56snknP9RInLlj7LvuqiUeRK0r/c1QCwozbpqJaRqwG 7U4rb51bWtNSACKKbLCeUe0B3LgudGlydRsl9JmihHALY8IBoPr0gHYwSQ== -----END CERTIFICATE-----Generated at Mon Oct 20 19:21:13 2025 by rpki-client