$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3014/T3umTNzwBG_CK65iCgvSlh8LdA8.roa File: T3umTNzwBG_CK65iCgvSlh8LdA8.roa (raw, json) Hash identifier: tdnFEeTeFF/kodFIzjfOU1mR5MBUb6I++wBtk43XN4I= Subject key identifier: 4F:7B:A6:4C:DC:F0:04:6F:C2:2B:AE:62:0A:0B:D2:96:1F:0B:74:0F Certificate issuer: /CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9 Certificate serial: 14A9 Authority key identifier: 3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/T3umTNzwBG_CK65iCgvSlh8LdA8.roa Signing time: Wed 30 Jul 2025 02:47:58 +0000 ROA not before: Wed 30 Jul 2025 02:47:58 +0000 ROA not after: Fri 03 Apr 2026 08:00:09 +0000 asID: 55990 IP address blocks: 115.32.32.0/21 maxlen: 21 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 13:03:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5289 (0x14a9) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9 Validity Not Before: Jul 30 02:47:58 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=4F7BA64CDCF0046FC22BAE620A0BD2961F0B740F Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:63:28:fc:a3:95:41:e4:66:d1:f8:28:20:a7: 43:c6:27:93:eb:98:11:68:0a:67:f6:f5:55:29:0d: c5:59:bb:7a:5e:66:a7:c6:cd:bd:02:49:32:b1:e4: 4d:d0:fe:cd:fa:eb:33:91:79:d8:c4:09:17:78:0a: 38:f4:ba:14:eb:96:28:48:44:95:76:62:4a:a2:7d: d8:2f:80:48:08:b6:30:38:7e:01:64:b9:67:58:56: 16:ad:72:5d:be:c8:31:dc:b8:0e:49:a7:4b:c0:bf: 7e:a2:af:0e:73:31:13:6b:b4:46:6a:97:bc:aa:60: 48:00:05:c1:5b:02:8c:f9:77:b3:49:92:47:90:de: e2:65:98:b4:3c:8b:3e:1e:7a:f7:04:34:d3:da:7b: cf:6a:9d:c4:19:1c:07:29:85:14:0a:fa:95:df:8e: e3:4b:41:f0:e2:53:2e:5c:bd:29:f0:4a:f1:a3:f6: b3:b6:00:77:81:12:63:e2:c7:80:2f:e8:80:51:a8: 84:84:cf:36:0b:85:24:4e:0f:57:d1:5b:fe:58:f6: 4c:db:aa:0e:e1:2f:37:48:4d:2d:62:91:4d:1a:f5: d5:a1:7b:7a:0f:e0:c0:72:d2:6d:bc:21:d9:aa:50: 5b:1f:2d:96:54:a8:71:16:94:8e:be:51:0a:7b:a7: ba:43 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4F:7B:A6:4C:DC:F0:04:6F:C2:2B:AE:62:0A:0B:D2:96:1F:0B:74:0F X509v3 Authority Key Identifier: keyid:3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/T3umTNzwBG_CK65iCgvSlh8LdA8.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 115.32.32.0/21 Signature Algorithm: sha256WithRSAEncryption b6:8d:ab:50:40:13:8e:a1:ba:4a:76:20:d5:79:f7:e1:30:b9: 3a:7a:2e:21:48:8d:05:da:d1:ae:85:9f:9d:6f:38:95:52:f9: 58:e3:79:b0:a9:f4:e1:c8:e5:6d:f2:bf:da:40:6b:c7:8b:eb: de:eb:34:cd:d6:78:27:fa:45:12:78:f2:85:ca:36:29:af:79: 7d:9e:ad:97:da:94:af:8e:3d:e5:15:16:0b:94:b6:e5:71:11: 64:42:22:6b:a5:d8:63:51:7e:a2:46:fa:40:d8:ff:6c:d5:00: 5d:71:28:7a:45:59:2d:7e:7d:68:df:a9:cb:91:98:ea:2e:cd: fb:43:03:a5:36:51:22:ea:bf:b4:57:c6:66:53:2e:2c:4b:f8: 03:f5:b2:72:10:da:a2:0e:f5:bd:87:f3:ca:59:60:d6:df:08: d5:40:02:66:2d:e7:cd:ee:72:7a:36:da:2f:ee:99:27:37:82: 82:c8:26:a9:d2:13:9a:3e:8e:58:13:cb:d1:d6:a6:41:77:16: cf:54:2c:fc:10:b5:ef:fd:96:f4:22:35:f1:db:4b:88:27:e5: ea:eb:b4:9a:ba:67:02:e5:a1:6e:12:9e:27:12:d8:da:e0:9e: 8d:55:44:6d:c1:3c:27:50:59:f3:7f:53:8c:09:be:2c:94:0a: 04:4d:5f:01 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICFKkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0FD RTEwQzgzODI5MkM2RkM3MDY1ODVCNDQ0RUJBRURDQTJBMTFCOTAeFw0yNTA3MzAw MjQ3NThaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDRGN0JBNjRDRENGMDA0 NkZDMjJCQUU2MjBBMEJEMjk2MUYwQjc0MEYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC5Yyj8o5VB5GbR+Cggp0PGJ5PrmBFoCmf29VUpDcVZu3peZqfG zb0CSTKx5E3Q/s366zORedjECRd4Cjj0uhTrlihIRJV2YkqifdgvgEgItjA4fgFk uWdYVhatcl2+yDHcuA5Jp0vAv36irw5zMRNrtEZql7yqYEgABcFbAoz5d7NJkkeQ 3uJlmLQ8iz4eevcENNPae89qncQZHAcphRQK+pXfjuNLQfDiUy5cvSnwSvGj9rO2 AHeBEmPix4Av6IBRqISEzzYLhSROD1fRW/5Y9kzbqg7hLzdITS1ikU0a9dWhe3oP 4MBy0m28IdmqUFsfLZZUqHEWlI6+UQp7p7pDAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUT3umTNzwBG/CK65iCgvSlh8LdA8wHwYDVR0jBBgwFoAUOs4QyDgpLG/HBlhb RE667coqEbkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzAx NC9PczRReURncExHX0hCbGhiUkU2Njdjb3FFYmsuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL09zNFF5RGdwTEdfSEJsaGJSRTY2N2NvcUViay5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwMTQvVDN1bVROendCR19D SzY1aUNndlNsaDhMZEE4LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEA3MgIDANBgkqhkiG9w0BAQsFAAOCAQEAto2rUEATjqG6SnYg1Xn34TC5Onou IUiNBdrRroWfnW84lVL5WON5sKn04cjlbfK/2kBrx4vr3us0zdZ4J/pFEnjyhco2 Ka95fZ6tl9qUr4495RUWC5S25XERZEIia6XYY1F+okb6QNj/bNUAXXEoekVZLX59 aN+py5GY6i7N+0MDpTZRIuq/tFfGZlMuLEv4A/WychDaog71vYfzyllg1t8I1UAC Zi3nze5yejbaL+6ZJzeCgsgmqdITmj6OWBPL0damQXcWz1Qs/BC17/2W9CI18dtL iCfl6uu0mrpnAuWhbhKeJxLY2uCejVVEbcE8J1BZ839TjAm+LJQKBE1fAQ== -----END CERTIFICATE-----Generated at Sun Aug 24 13:01:21 2025 by rpki-client