$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3014/S-JVUrU6FlsgqYdY5d5D5BuPIjQ.roa File: S-JVUrU6FlsgqYdY5d5D5BuPIjQ.roa (raw, json) Hash identifier: PA/wbemIznlknPJOnqcmkRrMQg5mRUnD0w+ktb9LsnA= Subject key identifier: 4B:E2:55:52:B5:3A:16:5B:20:A9:87:58:E5:DE:43:E4:1B:8F:22:34 Certificate issuer: /CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9 Certificate serial: 15BD Authority key identifier: 3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/S-JVUrU6FlsgqYdY5d5D5BuPIjQ.roa Signing time: Sat 13 Sep 2025 03:06:45 +0000 ROA not before: Sat 13 Sep 2025 03:06:45 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 55990 IP address blocks: 113.46.80.0/21 maxlen: 21 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 23:00:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5565 (0x15bd) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9 Validity Not Before: Sep 13 03:06:45 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=4BE25552B53A165B20A98758E5DE43E41B8F2234 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:87:b0:66:3e:4d:49:c4:8d:44:e7:ce:b5:2f: 0c:29:9d:26:53:0c:a3:e2:99:ae:f9:a5:41:f9:36: 52:a8:15:09:b7:72:08:9b:d8:12:7f:76:9d:99:08: 66:8a:73:70:0d:25:36:6e:da:26:24:2b:bd:6e:52: 73:9a:ae:b9:81:38:b8:1a:ae:be:8f:c6:f0:71:dc: 3d:e5:55:04:8a:4f:41:84:66:b7:c4:26:75:a2:5b: 05:ca:d2:51:dd:b8:2b:42:a1:91:70:6d:c1:fc:b0: f2:25:f3:90:f2:42:6e:97:96:14:f8:c5:14:69:1e: 4e:56:43:99:87:1c:74:ea:0a:ea:f4:94:6e:d1:bd: 9b:76:41:87:dc:67:a4:14:ab:46:1a:f8:0e:8f:af: d0:ee:fb:37:9d:84:8d:04:85:d9:13:7d:e8:73:c3: a7:91:6d:ab:fa:c1:eb:7f:e3:8e:f7:0f:5f:24:19: 96:44:36:75:f2:4c:dd:92:b4:f1:cd:4e:58:61:ce: 03:2c:ed:f0:93:ba:5e:26:20:98:28:4b:5a:55:92: 5b:ce:3c:4b:22:62:f4:d3:5b:99:2d:76:e7:74:e3: 72:ef:06:9e:de:22:3a:ad:10:c4:d7:9b:a3:54:fa: 97:28:e1:a8:27:a6:db:1e:0a:07:bf:ba:c5:4b:a1: ce:11 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4B:E2:55:52:B5:3A:16:5B:20:A9:87:58:E5:DE:43:E4:1B:8F:22:34 X509v3 Authority Key Identifier: keyid:3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/S-JVUrU6FlsgqYdY5d5D5BuPIjQ.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 113.46.80.0/21 Signature Algorithm: sha256WithRSAEncryption ac:e4:a7:e0:20:dc:e2:b1:6c:25:f6:55:67:8b:c1:6c:d2:a0: 77:b7:9d:3a:63:ce:4d:46:af:8a:68:a4:30:28:04:e2:2f:de: 94:6d:f5:e3:bf:ab:7a:e9:23:9f:98:9a:1e:42:57:e2:fc:96: b2:91:c9:1d:3a:d5:50:c5:0d:3e:c3:e5:f5:06:4a:fe:78:b4: e6:fc:92:e6:3d:62:d7:02:68:b4:d7:3c:97:3b:d1:9f:50:70: 35:7c:f2:2d:71:e2:8a:72:47:90:14:4c:2e:ab:9b:d6:b5:58: 23:d0:ef:aa:9c:26:7a:ba:d8:f1:61:ac:cc:67:26:00:04:c7: f8:0d:f3:af:6b:bf:45:e0:61:16:ef:e6:7a:1e:fa:58:15:2c: d1:fd:3c:f4:df:2c:be:61:6e:9c:5d:db:21:d2:72:ec:18:07: 29:90:c8:5f:c6:cf:89:4f:62:5a:02:9a:34:c4:1e:13:94:42: 1a:53:40:ff:96:7a:ff:24:6c:73:21:f4:34:33:50:51:2d:b5: 42:75:c2:39:8a:ca:ca:f6:c1:d0:0d:00:11:a8:09:db:84:43: 75:60:1a:cd:b3:56:c3:90:07:c9:8e:84:8b:fc:9f:22:b6:a9: 0e:a7:df:97:08:71:d9:cc:02:07:cb:e3:81:49:30:02:f2:3a: a0:0f:1c:74 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICFb0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0FD RTEwQzgzODI5MkM2RkM3MDY1ODVCNDQ0RUJBRURDQTJBMTFCOTAeFw0yNTA5MTMw MzA2NDVaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDRCRTI1NTUyQjUzQTE2 NUIyMEE5ODc1OEU1REU0M0U0MUI4RjIyMzQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDBh7BmPk1JxI1E5861LwwpnSZTDKPima75pUH5NlKoFQm3cgib 2BJ/dp2ZCGaKc3ANJTZu2iYkK71uUnOarrmBOLgarr6PxvBx3D3lVQSKT0GEZrfE JnWiWwXK0lHduCtCoZFwbcH8sPIl85DyQm6XlhT4xRRpHk5WQ5mHHHTqCur0lG7R vZt2QYfcZ6QUq0Ya+A6Pr9Du+zedhI0EhdkTfehzw6eRbav6wet/4473D18kGZZE NnXyTN2StPHNTlhhzgMs7fCTul4mIJgoS1pVklvOPEsiYvTTW5ktdud043LvBp7e IjqtEMTXm6NU+pco4agnptseCge/usVLoc4RAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUS+JVUrU6FlsgqYdY5d5D5BuPIjQwHwYDVR0jBBgwFoAUOs4QyDgpLG/HBlhb RE667coqEbkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzAx NC9PczRReURncExHX0hCbGhiUkU2Njdjb3FFYmsuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL09zNFF5RGdwTEdfSEJsaGJSRTY2N2NvcUViay5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwMTQvUy1KVlVyVTZGbHNn cVlkWTVkNUQ1QnVQSWpRLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEA3EuUDANBgkqhkiG9w0BAQsFAAOCAQEArOSn4CDc4rFsJfZVZ4vBbNKgd7ed OmPOTUavimikMCgE4i/elG3147+reukjn5iaHkJX4vyWspHJHTrVUMUNPsPl9QZK /ni05vyS5j1i1wJotNc8lzvRn1BwNXzyLXHiinJHkBRMLqub1rVYI9DvqpwmerrY 8WGszGcmAATH+A3zr2u/ReBhFu/meh76WBUs0f089N8svmFunF3bIdJy7BgHKZDI X8bPiU9iWgKaNMQeE5RCGlNA/5Z6/yRscyH0NDNQUS21QnXCOYrKyvbB0A0AEagJ 24RDdWAazbNWw5AHyY6Ei/yfIrapDqfflwhx2cwCB8vjgUkwAvI6oA8cdA== -----END CERTIFICATE-----Generated at Mon Oct 20 19:21:03 2025 by rpki-client