$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3014/LFmuxsiDwJzfZYUE7i1StUa1ZVw.roa File: LFmuxsiDwJzfZYUE7i1StUa1ZVw.roa (raw, json) Hash identifier: OQ3mau9nR8bARZN5l1JouvAP0kBOSMaAAuFXlByxDkw= Subject key identifier: 2C:59:AE:C6:C8:83:C0:9C:DF:65:85:04:EE:2D:52:B5:46:B5:65:5C Certificate issuer: /CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9 Certificate serial: 160A Authority key identifier: 3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/LFmuxsiDwJzfZYUE7i1StUa1ZVw.roa Signing time: Mon 22 Sep 2025 09:57:15 +0000 ROA not before: Mon 22 Sep 2025 09:57:15 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 55990 IP address blocks: 115.32.64.0/19 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 23:00:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5642 (0x160a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9 Validity Not Before: Sep 22 09:57:15 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=2C59AEC6C883C09CDF658504EE2D52B546B5655C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:77:33:57:6b:74:f2:69:32:43:b5:14:bc:eb: 65:8c:87:13:49:85:9a:68:58:dc:3f:1f:ed:32:80: 27:7d:b8:72:7d:cb:88:91:0d:6b:73:00:17:b0:17: a9:b0:5a:b7:cd:79:72:42:4f:cb:1b:05:ec:9a:5c: db:5a:0f:08:2b:c1:a7:96:67:fb:55:74:ee:d0:18: d3:e1:97:5b:30:c2:af:c1:a1:62:3e:b3:34:e9:7e: 7a:1f:ec:b8:bd:77:ea:55:91:7b:89:fc:62:f9:09: 99:be:fc:ab:51:f9:ff:0c:75:d0:a8:a0:df:d7:16: a7:61:e6:55:a6:7c:7b:ef:11:56:6f:02:12:35:67: fa:06:da:a3:ea:ff:17:51:83:59:ba:b2:ae:96:6f: bd:66:8b:d9:6b:2b:29:cb:bf:20:ed:4e:81:f0:15: 41:99:4a:ce:e3:1e:e3:a9:4e:2d:ac:66:ad:a1:b1: f6:06:1a:cb:3e:43:29:ca:d3:08:6f:76:69:a8:0c: 22:c6:76:d9:f7:bd:65:7b:79:9e:a1:df:4a:f3:b0: 47:27:17:a2:f3:c8:c1:73:a9:3c:18:54:a1:44:c6: 81:6b:fa:c0:92:12:25:86:70:98:13:09:86:dd:69: d1:80:fb:a8:45:43:4e:44:01:e4:5d:a2:50:54:6a: 4d:df Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2C:59:AE:C6:C8:83:C0:9C:DF:65:85:04:EE:2D:52:B5:46:B5:65:5C X509v3 Authority Key Identifier: keyid:3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/LFmuxsiDwJzfZYUE7i1StUa1ZVw.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 115.32.64.0/19 Signature Algorithm: sha256WithRSAEncryption b3:8a:77:a5:b9:52:05:49:1c:f3:82:f6:b0:60:61:b7:7a:f7: d0:e2:a7:73:15:63:b5:7b:63:7d:af:64:30:aa:80:e2:1c:57: bd:8d:a8:58:4d:9a:dc:e2:50:d0:98:2e:48:a3:a5:d8:49:f1: 4a:91:61:53:d9:2e:34:0a:98:0e:a4:d3:03:84:93:98:c5:16: ce:c1:b9:87:a9:70:d8:cb:bf:7c:fa:92:e2:63:b5:50:f1:ae: aa:20:d6:96:41:93:8b:14:a9:d6:c5:7c:16:81:9b:f8:a8:31: d8:7c:da:68:10:e0:5d:c3:77:87:2a:16:95:b4:a9:95:a2:fb: de:97:e3:e9:df:59:23:33:ea:29:fc:f3:f3:9a:24:28:2f:54: 6b:d6:fb:70:e1:21:f6:de:18:9e:66:2e:14:23:64:eb:a1:f7: 33:c8:88:23:13:c6:87:33:47:b5:83:b4:55:ef:f9:b3:b2:62: 07:b3:bf:be:46:ac:21:38:2c:36:8b:41:b3:f3:1d:84:22:3d: 2c:d4:50:75:67:a8:0f:2f:92:df:38:ee:9b:f0:09:28:be:21: 9c:57:06:17:4d:57:c2:75:48:37:1e:18:2d:65:b5:ab:cf:9d: a5:0c:46:7f:35:52:77:06:1a:d6:67:1d:1a:cf:3a:e9:64:ce: 9a:19:a1:08 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICFgowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0FD RTEwQzgzODI5MkM2RkM3MDY1ODVCNDQ0RUJBRURDQTJBMTFCOTAeFw0yNTA5MjIw OTU3MTVaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDJDNTlBRUM2Qzg4M0Mw OUNERjY1ODUwNEVFMkQ1MkI1NDZCNTY1NUMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC+dzNXa3TyaTJDtRS862WMhxNJhZpoWNw/H+0ygCd9uHJ9y4iR DWtzABewF6mwWrfNeXJCT8sbBeyaXNtaDwgrwaeWZ/tVdO7QGNPhl1swwq/BoWI+ szTpfnof7Li9d+pVkXuJ/GL5CZm+/KtR+f8MddCooN/XFqdh5lWmfHvvEVZvAhI1 Z/oG2qPq/xdRg1m6sq6Wb71mi9lrKynLvyDtToHwFUGZSs7jHuOpTi2sZq2hsfYG Gss+QynK0whvdmmoDCLGdtn3vWV7eZ6h30rzsEcnF6LzyMFzqTwYVKFExoFr+sCS EiWGcJgTCYbdadGA+6hFQ05EAeRdolBUak3fAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQULFmuxsiDwJzfZYUE7i1StUa1ZVwwHwYDVR0jBBgwFoAUOs4QyDgpLG/HBlhb RE667coqEbkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzAx NC9PczRReURncExHX0hCbGhiUkU2Njdjb3FFYmsuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL09zNFF5RGdwTEdfSEJsaGJSRTY2N2NvcUViay5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwMTQvTEZtdXhzaUR3Snpm WllVRTdpMVN0VWExWlZ3LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEBXMgQDANBgkqhkiG9w0BAQsFAAOCAQEAs4p3pblSBUkc84L2sGBht3r30OKn cxVjtXtjfa9kMKqA4hxXvY2oWE2a3OJQ0JguSKOl2EnxSpFhU9kuNAqYDqTTA4ST mMUWzsG5h6lw2Mu/fPqS4mO1UPGuqiDWlkGTixSp1sV8FoGb+Kgx2HzaaBDgXcN3 hyoWlbSplaL73pfj6d9ZIzPqKfzz85okKC9Ua9b7cOEh9t4YnmYuFCNk66H3M8iI IxPGhzNHtYO0Ve/5s7JiB7O/vkasITgsNotBs/MdhCI9LNRQdWeoDy+S3zjum/AJ KL4hnFcGF01XwnVINx4YLWW1q8+dpQxGfzVSdwYa1mcdGs866WTOmhmhCA== -----END CERTIFICATE-----Generated at Mon Oct 20 19:21:08 2025 by rpki-client