$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3014/PMaV2fGG0Kyf6dFKaQ_MQI6KLaI.roa File: PMaV2fGG0Kyf6dFKaQ_MQI6KLaI.roa (raw, json) Hash identifier: z/IVLAxtg/wcigLquatVejyN1AE23iE4MarsZt6QlnI= Subject key identifier: 3C:C6:95:D9:F1:86:D0:AC:9F:E9:D1:4A:69:0F:CC:40:8E:8A:2D:A2 Certificate issuer: /CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9 Certificate serial: 15AA Authority key identifier: 3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/PMaV2fGG0Kyf6dFKaQ_MQI6KLaI.roa Signing time: Sat 13 Sep 2025 03:06:41 +0000 ROA not before: Sat 13 Sep 2025 03:06:41 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 55990 IP address blocks: 113.45.0.0/18 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 23:00:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5546 (0x15aa) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9 Validity Not Before: Sep 13 03:06:41 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=3CC695D9F186D0AC9FE9D14A690FCC408E8A2DA2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d3:bd:8b:ea:d8:5d:da:cf:38:af:ba:0c:e9:be: b2:f5:47:d4:f9:24:d2:e5:f6:d2:0d:a7:42:3a:2a: 83:7e:4d:3a:ec:d7:c3:fd:f2:57:72:ac:6c:1b:a6: b2:a2:81:ea:f4:75:55:83:60:2a:21:b8:a1:77:18: db:51:0e:2c:ce:dd:38:82:3b:7a:2b:42:88:20:e3: 65:3d:15:d2:ef:ad:96:dc:21:50:91:1a:3d:b5:ac: 4f:9d:4f:5d:d7:65:f7:47:77:3f:f0:85:78:b1:09: 31:14:fb:13:fb:c3:ff:38:fe:97:fc:f1:52:c3:97: 8b:12:92:b2:69:9a:4e:f3:a4:3a:68:1f:f5:a8:12: e1:09:d2:b2:c4:f4:4a:ff:f8:6f:9a:b3:ed:59:91: a4:f7:b3:5b:65:21:36:d7:28:e8:fc:47:f5:cb:a9: 1f:b7:35:f8:86:b4:6f:3d:6c:67:85:19:a9:b3:0e: 20:2c:7f:fb:11:c9:48:0d:41:90:fd:30:a6:64:4e: 6b:06:a8:d6:1a:ba:ca:b3:83:25:61:4c:29:48:85: 74:7f:4f:10:7e:f1:6f:20:cc:d9:17:ff:d3:a1:2d: d7:d0:25:22:b3:ad:43:42:28:f6:79:ff:28:24:4d: 4c:f8:3e:b7:6b:60:8f:8b:4b:a1:21:b9:b3:e9:e2: 7c:e7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3C:C6:95:D9:F1:86:D0:AC:9F:E9:D1:4A:69:0F:CC:40:8E:8A:2D:A2 X509v3 Authority Key Identifier: keyid:3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/PMaV2fGG0Kyf6dFKaQ_MQI6KLaI.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 113.45.0.0/18 Signature Algorithm: sha256WithRSAEncryption 50:b6:f0:01:83:5d:38:9a:2e:4a:8a:76:75:a2:03:f8:39:b2: e1:aa:6f:26:5a:a9:c1:12:05:f7:bc:88:d8:5f:10:df:6b:81: 4a:db:72:35:03:9d:f8:52:ee:42:ea:a8:29:62:93:1b:7e:74: 2f:30:37:c2:15:b4:1f:f0:71:ab:5f:89:7f:2a:ae:bc:3b:6a: 34:52:fd:20:bb:7f:12:9c:98:1b:2b:fe:7a:5c:d3:2f:5e:c4: 3a:3a:07:3c:43:7e:c6:6a:18:12:1e:36:45:6d:e7:cf:73:a1: 79:4c:ab:27:ac:be:94:d3:f7:30:da:2e:75:90:ce:4c:a2:14: bc:a0:5c:86:3c:e7:9e:8e:fb:3e:b4:40:cc:7e:db:c7:48:8e: 5c:68:ba:37:f4:d6:19:03:54:66:45:e6:c0:b6:b4:b1:df:d7: bb:ea:37:78:27:af:8f:40:1d:bc:70:13:9b:fd:00:3c:98:20: c4:b9:4c:97:bd:81:1c:cc:89:1c:65:68:4f:88:3f:bb:d0:21: 34:b1:1a:25:c6:29:b2:b2:d4:22:1f:44:5f:35:ad:13:57:d2: 70:ff:52:5a:e5:6b:ad:1b:36:c5:b6:3d:55:67:fd:7c:44:3a: e9:f7:99:b9:1b:cc:a2:e2:1e:b6:8f:90:6e:98:77:36:53:20: d1:03:55:90 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICFaowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0FD RTEwQzgzODI5MkM2RkM3MDY1ODVCNDQ0RUJBRURDQTJBMTFCOTAeFw0yNTA5MTMw MzA2NDFaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDNDQzY5NUQ5RjE4NkQw QUM5RkU5RDE0QTY5MEZDQzQwOEU4QTJEQTIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDTvYvq2F3azzivugzpvrL1R9T5JNLl9tINp0I6KoN+TTrs18P9 8ldyrGwbprKiger0dVWDYCohuKF3GNtRDizO3TiCO3orQogg42U9FdLvrZbcIVCR Gj21rE+dT13XZfdHdz/whXixCTEU+xP7w/84/pf88VLDl4sSkrJpmk7zpDpoH/Wo EuEJ0rLE9Er/+G+as+1ZkaT3s1tlITbXKOj8R/XLqR+3NfiGtG89bGeFGamzDiAs f/sRyUgNQZD9MKZkTmsGqNYausqzgyVhTClIhXR/TxB+8W8gzNkX/9OhLdfQJSKz rUNCKPZ5/ygkTUz4PrdrYI+LS6EhubPp4nznAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUPMaV2fGG0Kyf6dFKaQ/MQI6KLaIwHwYDVR0jBBgwFoAUOs4QyDgpLG/HBlhb RE667coqEbkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzAx NC9PczRReURncExHX0hCbGhiUkU2Njdjb3FFYmsuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL09zNFF5RGdwTEdfSEJsaGJSRTY2N2NvcUViay5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwMTQvUE1hVjJmR0cwS3lm NmRGS2FRX01RSTZLTGFJLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEBnEtADANBgkqhkiG9w0BAQsFAAOCAQEAULbwAYNdOJouSop2daID+Dmy4apv JlqpwRIF97yI2F8Q32uBSttyNQOd+FLuQuqoKWKTG350LzA3whW0H/Bxq1+Jfyqu vDtqNFL9ILt/EpyYGyv+elzTL17EOjoHPEN+xmoYEh42RW3nz3OheUyrJ6y+lNP3 MNoudZDOTKIUvKBchjznno77PrRAzH7bx0iOXGi6N/TWGQNUZkXmwLa0sd/Xu+o3 eCevj0AdvHATm/0APJggxLlMl72BHMyJHGVoT4g/u9AhNLEaJcYpsrLUIh9EXzWt E1fScP9SWuVrrRs2xbY9VWf9fEQ66feZuRvMouIeto+Qbph3NlMg0QNVkA== -----END CERTIFICATE-----Generated at Mon Oct 20 19:21:13 2025 by rpki-client