$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3014/L5ZlC-oyGZbJYdYjyfj_bNfwYVY.roa File: L5ZlC-oyGZbJYdYjyfj_bNfwYVY.roa (raw, json) Hash identifier: OMr+qVlR1VB+DMhgPk3zk5aMZEnmxt6V6x4nhiKT2KQ= Subject key identifier: 2F:96:65:0B:EA:32:19:96:C9:61:D6:23:C9:F8:FF:6C:D7:F0:61:56 Certificate issuer: /CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9 Certificate serial: 15A4 Authority key identifier: 3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/L5ZlC-oyGZbJYdYjyfj_bNfwYVY.roa Signing time: Sat 13 Sep 2025 03:06:40 +0000 ROA not before: Sat 13 Sep 2025 03:06:40 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 55990 IP address blocks: 115.120.184.0/21 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 23:00:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5540 (0x15a4) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9 Validity Not Before: Sep 13 03:06:40 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=2F96650BEA321996C961D623C9F8FF6CD7F06156 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:02:5d:3a:4b:a3:00:5c:ca:7c:03:f4:74:f2: d9:4a:4f:0b:33:f0:12:3a:85:c0:8b:41:d9:18:f6: d4:e9:78:18:bc:9f:7b:d5:c3:ca:35:af:70:67:7c: 15:8b:63:0f:e0:38:56:5b:83:08:12:d2:f3:fd:15: f8:65:b6:aa:da:5b:77:2e:13:06:89:0f:c5:ec:fc: 53:7d:05:bd:8f:c4:ca:24:bd:58:55:ef:49:8c:dc: 3c:6a:fd:06:83:ce:49:26:e8:2a:da:c1:e5:11:36: dc:fa:ec:25:7b:6f:ec:64:02:7c:1f:df:cb:c2:38: b8:5d:0d:e6:23:95:f2:0a:b6:15:28:1f:ff:8f:46: 47:34:81:9e:29:a6:3b:45:3d:38:cc:48:3a:9d:c9: 32:71:0c:a1:1c:30:44:51:35:aa:e7:00:01:eb:57: 3c:68:cb:34:ec:1c:83:30:8c:90:4a:a5:cb:0c:34: bd:bf:d6:30:cd:10:cc:b6:b0:27:f0:e2:86:29:98: 7b:49:82:1f:aa:a3:6c:ba:0e:a0:94:10:1e:d1:78: 72:13:7a:d1:fb:80:00:16:7d:7d:d8:ee:77:25:3b: 34:37:d1:f8:61:d9:35:69:8a:dc:2d:77:af:71:c2: 94:15:a9:2c:aa:3f:f2:20:7f:42:00:0b:7c:3c:42: 19:89 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2F:96:65:0B:EA:32:19:96:C9:61:D6:23:C9:F8:FF:6C:D7:F0:61:56 X509v3 Authority Key Identifier: keyid:3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/L5ZlC-oyGZbJYdYjyfj_bNfwYVY.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 115.120.184.0/21 Signature Algorithm: sha256WithRSAEncryption b4:31:63:bd:98:31:e2:b3:87:39:02:8b:c8:cb:8e:04:8b:16: 79:7b:30:3d:b7:d5:38:06:ec:f8:03:84:75:eb:a7:ee:a1:11: e1:58:1a:44:60:b2:3d:6b:68:89:de:d3:4d:22:97:37:df:61: 0c:d7:c7:7f:f1:31:8e:f1:35:c9:1f:50:fa:09:72:82:ce:00: ab:d2:41:ff:1f:7f:5b:60:af:b7:83:a9:48:9a:68:76:09:05: 33:02:0b:d1:96:0d:2e:8a:8e:4f:fd:77:3b:da:6b:9c:93:09: 41:c1:7a:bb:be:18:8a:f6:8f:9c:32:7f:46:8f:d6:b6:56:51: e8:d9:51:ee:72:da:12:a4:87:b6:92:9a:8a:50:9d:98:93:c2: c9:af:51:c4:4f:41:9a:0a:ba:65:d2:1f:f9:44:22:56:8f:03: da:40:6b:f1:38:8a:0f:f4:e2:7d:b6:87:4e:e2:c0:72:c2:99: 75:f2:89:b6:13:57:6e:e3:3d:f4:43:c3:67:a9:df:c3:e4:64: 29:0f:06:a1:55:38:c9:95:eb:ad:e9:5b:26:0d:7b:6b:c0:00: c2:07:4b:73:4d:0c:db:21:11:c9:34:d0:47:04:ec:26:5b:8e: b2:d7:de:dc:0c:02:cd:26:f2:5c:4b:42:01:7a:fb:c2:f9:6b: 35:f7:87:03 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICFaQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0FD RTEwQzgzODI5MkM2RkM3MDY1ODVCNDQ0RUJBRURDQTJBMTFCOTAeFw0yNTA5MTMw MzA2NDBaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDJGOTY2NTBCRUEzMjE5 OTZDOTYxRDYyM0M5RjhGRjZDRDdGMDYxNTYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDJAl06S6MAXMp8A/R08tlKTwsz8BI6hcCLQdkY9tTpeBi8n3vV w8o1r3BnfBWLYw/gOFZbgwgS0vP9FfhltqraW3cuEwaJD8Xs/FN9Bb2PxMokvVhV 70mM3Dxq/QaDzkkm6CraweURNtz67CV7b+xkAnwf38vCOLhdDeYjlfIKthUoH/+P Rkc0gZ4ppjtFPTjMSDqdyTJxDKEcMERRNarnAAHrVzxoyzTsHIMwjJBKpcsMNL2/ 1jDNEMy2sCfw4oYpmHtJgh+qo2y6DqCUEB7ReHITetH7gAAWfX3Y7nclOzQ30fhh 2TVpitwtd69xwpQVqSyqP/Igf0IAC3w8QhmJAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUL5ZlC+oyGZbJYdYjyfj/bNfwYVYwHwYDVR0jBBgwFoAUOs4QyDgpLG/HBlhb RE667coqEbkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzAx NC9PczRReURncExHX0hCbGhiUkU2Njdjb3FFYmsuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL09zNFF5RGdwTEdfSEJsaGJSRTY2N2NvcUViay5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwMTQvTDVabEMtb3lHWmJK WWRZanlmal9iTmZ3WVZZLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEA3N4uDANBgkqhkiG9w0BAQsFAAOCAQEAtDFjvZgx4rOHOQKLyMuOBIsWeXsw PbfVOAbs+AOEdeun7qER4VgaRGCyPWtoid7TTSKXN99hDNfHf/ExjvE1yR9Q+gly gs4Aq9JB/x9/W2Cvt4OpSJpodgkFMwIL0ZYNLoqOT/13O9prnJMJQcF6u74YivaP nDJ/Ro/WtlZR6NlR7nLaEqSHtpKailCdmJPCya9RxE9Bmgq6ZdIf+UQiVo8D2kBr 8TiKD/TifbaHTuLAcsKZdfKJthNXbuM99EPDZ6nfw+RkKQ8GoVU4yZXrrelbJg17 a8AAwgdLc00M2yERyTTQRwTsJluOstfe3AwCzSbyXEtCAXr7wvlrNfeHAw== -----END CERTIFICATE-----Generated at Mon Oct 20 19:20:55 2025 by rpki-client