$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3014/SMg2413tjUbjgE_5yl50N_oY86Y.roa File: SMg2413tjUbjgE_5yl50N_oY86Y.roa (raw, json) Hash identifier: 7dNwJoYnU1oxBxEsOcRC2DCuiSAeh++DZZgAjDSPJdo= Subject key identifier: 48:C8:36:E3:5D:ED:8D:46:E3:80:4F:F9:CA:5E:74:37:FA:18:F3:A6 Certificate issuer: /CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9 Certificate serial: 160C Authority key identifier: 3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/SMg2413tjUbjgE_5yl50N_oY86Y.roa Signing time: Mon 22 Sep 2025 09:57:15 +0000 ROA not before: Mon 22 Sep 2025 09:57:15 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 55990 IP address blocks: 101.245.144.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 23:00:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5644 (0x160c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9 Validity Not Before: Sep 22 09:57:15 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=48C836E35DED8D46E3804FF9CA5E7437FA18F3A6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d3:1e:8b:5e:95:b7:5e:09:9e:a4:b6:0a:4d:b8: 07:17:3c:11:68:c8:46:0f:d9:5e:12:f9:11:ce:52: f9:70:25:69:f0:2f:02:5a:13:62:b4:32:c2:5a:42: e4:f1:e0:88:2a:fe:6f:bb:8c:8c:64:d4:40:f9:5c: 00:51:bf:0e:1c:51:32:dd:ca:a5:9e:ed:41:68:18: 66:f0:12:35:5a:74:95:58:29:68:c0:23:6c:43:17: 63:8c:d3:63:5c:a6:8d:b2:4f:d6:d5:5e:3d:db:ab: 27:66:bf:e0:ab:d0:33:6c:de:39:24:ae:59:80:71: 3c:e9:46:52:cd:e9:40:13:1f:84:71:59:74:4c:ca: 9f:53:3a:4f:46:74:e3:36:bd:0c:c0:d5:c6:df:20: ca:e0:6b:82:ba:84:c0:d2:68:8b:e2:30:15:a3:a1: 59:37:42:ef:c4:a9:4c:7b:55:35:58:af:c0:57:77: 41:50:98:f2:0a:05:c7:dc:68:3f:3c:1f:98:5d:57: d4:93:39:f7:29:f9:03:7b:8f:a7:ab:c8:50:7f:59: 3d:8e:db:52:ff:d8:51:55:eb:06:f0:5d:53:ff:c3: 56:f8:b7:fe:d4:1e:36:f8:29:19:3d:ff:3f:78:d5: 6e:e7:01:cd:ed:72:73:ed:96:33:50:d2:97:19:ad: 9b:df Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 48:C8:36:E3:5D:ED:8D:46:E3:80:4F:F9:CA:5E:74:37:FA:18:F3:A6 X509v3 Authority Key Identifier: keyid:3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/SMg2413tjUbjgE_5yl50N_oY86Y.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 101.245.144.0/22 Signature Algorithm: sha256WithRSAEncryption 64:d4:e7:06:3d:4d:89:00:84:63:83:2c:e6:1d:26:4d:39:8f: a6:30:21:ba:dc:38:c2:2f:12:52:4d:6f:a3:21:ef:3c:aa:f6: af:cf:8c:6b:a8:f8:45:92:4c:34:f7:84:d5:1e:ef:93:cc:d3: 28:ab:d4:86:2e:4b:96:8c:e4:e1:bb:bd:b2:de:75:12:84:72: b3:ca:9e:6c:2c:98:ed:e0:93:e4:11:f7:52:bf:36:49:74:0c: 5c:ab:e8:08:be:b4:6d:36:bb:9e:9e:01:dc:bc:17:23:be:80: 3d:cf:0e:ec:5f:16:c0:2a:a3:28:89:3b:46:52:c3:39:83:07: a8:51:d3:c5:65:44:d5:1e:c1:a2:c6:b9:af:91:8c:3c:79:b2: 16:15:61:48:16:c2:39:67:d0:ea:0c:3f:54:c0:af:f4:9d:46: a0:7d:48:0c:a8:71:8e:cf:e5:83:49:39:a0:81:09:f1:04:d4: 3a:33:4e:d5:fd:6b:ca:d6:87:4b:87:21:72:2b:6e:61:a0:9f: ae:5f:9c:d7:7f:13:da:7b:f9:d8:95:7a:f5:2f:f2:44:81:55: c2:16:b5:a6:9d:44:18:56:fd:f0:0e:76:b9:bb:85:f5:22:85: 7a:15:85:12:38:d3:af:f5:1c:d2:b0:a1:76:03:c5:e7:12:e9: 38:9a:a7:65 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICFgwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0FD RTEwQzgzODI5MkM2RkM3MDY1ODVCNDQ0RUJBRURDQTJBMTFCOTAeFw0yNTA5MjIw OTU3MTVaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDQ4QzgzNkUzNURFRDhE NDZFMzgwNEZGOUNBNUU3NDM3RkExOEYzQTYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDTHotelbdeCZ6ktgpNuAcXPBFoyEYP2V4S+RHOUvlwJWnwLwJa E2K0MsJaQuTx4Igq/m+7jIxk1ED5XABRvw4cUTLdyqWe7UFoGGbwEjVadJVYKWjA I2xDF2OM02Ncpo2yT9bVXj3bqydmv+Cr0DNs3jkkrlmAcTzpRlLN6UATH4RxWXRM yp9TOk9GdOM2vQzA1cbfIMrga4K6hMDSaIviMBWjoVk3Qu/EqUx7VTVYr8BXd0FQ mPIKBcfcaD88H5hdV9STOfcp+QN7j6eryFB/WT2O21L/2FFV6wbwXVP/w1b4t/7U Hjb4KRk9/z941W7nAc3tcnPtljNQ0pcZrZvfAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUSMg2413tjUbjgE/5yl50N/oY86YwHwYDVR0jBBgwFoAUOs4QyDgpLG/HBlhb RE667coqEbkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzAx NC9PczRReURncExHX0hCbGhiUkU2Njdjb3FFYmsuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL09zNFF5RGdwTEdfSEJsaGJSRTY2N2NvcUViay5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwMTQvU01nMjQxM3RqVWJq Z0VfNXlsNTBOX29ZODZZLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAmX1kDANBgkqhkiG9w0BAQsFAAOCAQEAZNTnBj1NiQCEY4Ms5h0mTTmPpjAh utw4wi8SUk1voyHvPKr2r8+Ma6j4RZJMNPeE1R7vk8zTKKvUhi5Llozk4bu9st51 EoRys8qebCyY7eCT5BH3Ur82SXQMXKvoCL60bTa7np4B3LwXI76APc8O7F8WwCqj KIk7RlLDOYMHqFHTxWVE1R7Bosa5r5GMPHmyFhVhSBbCOWfQ6gw/VMCv9J1GoH1I DKhxjs/lg0k5oIEJ8QTUOjNO1f1rytaHS4chcituYaCfrl+c138T2nv52JV69S/y RIFVwha1pp1EGFb98A52ubuF9SKFehWFEjjTr/Uc0rChdgPF5xLpOJqnZQ== -----END CERTIFICATE-----Generated at Mon Oct 20 19:20:54 2025 by rpki-client