$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3014/TfNbZqM8fjZZsVETwCzy3pEUmho.roa File: TfNbZqM8fjZZsVETwCzy3pEUmho.roa (raw, json) Hash identifier: qEMaSeLcjrdHQ3pKWnOLHo/ahf3/0icsVlLgQCySv1M= Subject key identifier: 4D:F3:5B:66:A3:3C:7E:36:59:B1:51:13:C0:2C:F2:DE:91:14:9A:1A Certificate issuer: /CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9 Certificate serial: 15A3 Authority key identifier: 3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/TfNbZqM8fjZZsVETwCzy3pEUmho.roa Signing time: Sat 13 Sep 2025 03:06:40 +0000 ROA not before: Sat 13 Sep 2025 03:06:40 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 55990 IP address blocks: 113.46.72.0/21 maxlen: 21 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 23:00:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5539 (0x15a3) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9 Validity Not Before: Sep 13 03:06:40 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=4DF35B66A33C7E3659B15113C02CF2DE91149A1A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e5:0d:18:a5:fd:58:ec:e7:c7:9b:40:26:53:f6: 50:ae:54:e0:4d:ea:68:a9:51:fa:d1:47:de:69:f5: 0d:56:ff:48:e7:b5:09:e2:c3:c5:e7:1d:61:f9:8e: f1:3c:ec:7a:92:72:2d:ae:f2:a0:d2:47:b4:f3:da: f4:70:f9:69:e9:9e:a3:e5:42:bd:25:d3:2e:73:73: c8:67:fb:39:b2:d5:a7:17:3c:7d:a6:04:59:57:7f: b6:29:ed:c0:69:9f:c8:c8:d2:de:c7:cb:fa:bd:4a: 51:85:06:4e:47:0b:55:f2:64:66:1b:6f:3e:9c:df: d1:f3:51:ad:bc:4e:34:47:9c:9d:35:e7:60:29:e8: fc:c3:ea:74:e3:3e:a4:88:1a:69:a9:62:e0:38:b9: 40:17:62:69:cf:7b:de:1d:61:31:4d:0c:12:b8:b3: 42:39:83:15:49:dd:bd:83:98:4d:61:63:f3:91:72: 38:e4:e7:65:fa:8b:fc:ac:80:70:44:b6:28:9e:96: 62:3e:23:4b:a7:0d:48:86:6e:4a:c2:c6:f5:92:99: e7:2b:38:d6:bc:67:10:fe:e3:d2:ac:58:26:7f:6e: e6:17:b7:d6:f0:5e:f9:ad:6d:09:be:63:16:db:2e: 3d:98:4c:24:f7:e2:ac:a9:60:fb:3c:28:f3:97:7c: e3:e9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4D:F3:5B:66:A3:3C:7E:36:59:B1:51:13:C0:2C:F2:DE:91:14:9A:1A X509v3 Authority Key Identifier: keyid:3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/TfNbZqM8fjZZsVETwCzy3pEUmho.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 113.46.72.0/21 Signature Algorithm: sha256WithRSAEncryption 62:32:49:2f:8b:09:8f:bd:d3:10:79:1b:c0:a6:f4:9d:42:18: 0b:c3:45:e3:ef:ae:3b:2b:9c:25:57:69:39:6c:68:d5:21:2e: 99:62:05:16:7b:62:37:8b:0b:f0:e6:76:02:72:d0:ba:e0:2b: dc:d5:c8:76:29:b7:2a:ef:26:70:e1:a0:89:73:8d:f0:2f:01: 59:fe:97:85:9a:7d:a5:84:80:f2:43:29:63:91:60:04:36:26: 78:1e:bd:71:d4:6a:7e:f6:24:d4:60:06:c1:19:6c:19:27:b0: 34:5f:9a:b6:32:e5:2c:c2:13:0e:13:2d:36:6c:7e:84:60:a3: e8:34:bc:72:c8:a9:3d:d3:6d:ae:df:ef:d0:2a:6b:9a:7c:0b: 39:74:9f:c6:77:5b:a1:4d:b6:65:36:d1:d1:8f:6d:80:1d:0b: 23:92:c0:d5:de:0a:ae:92:4b:22:4d:be:33:ab:c0:da:ac:1f: f5:4a:38:91:63:a8:20:b0:99:76:0a:55:11:42:5c:a7:1f:ff: 61:ea:30:26:72:3f:d2:fb:62:d7:fd:5e:fb:c2:ea:37:e2:ff: 1b:40:df:15:93:7f:99:13:a2:38:2c:74:7b:9e:ef:1e:7f:43: 36:d4:bf:c3:cd:1f:86:74:9e:35:fb:bf:2c:4d:78:3c:fb:4f: ba:ad:e3:57 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICFaMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0FD RTEwQzgzODI5MkM2RkM3MDY1ODVCNDQ0RUJBRURDQTJBMTFCOTAeFw0yNTA5MTMw MzA2NDBaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDRERjM1QjY2QTMzQzdF MzY1OUIxNTExM0MwMkNGMkRFOTExNDlBMUEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDlDRil/Vjs58ebQCZT9lCuVOBN6mipUfrRR95p9Q1W/0jntQni w8XnHWH5jvE87HqSci2u8qDSR7Tz2vRw+WnpnqPlQr0l0y5zc8hn+zmy1acXPH2m BFlXf7Yp7cBpn8jI0t7Hy/q9SlGFBk5HC1XyZGYbbz6c39HzUa28TjRHnJ0152Ap 6PzD6nTjPqSIGmmpYuA4uUAXYmnPe94dYTFNDBK4s0I5gxVJ3b2DmE1hY/ORcjjk 52X6i/ysgHBEtiielmI+I0unDUiGbkrCxvWSmecrONa8ZxD+49KsWCZ/buYXt9bw XvmtbQm+YxbbLj2YTCT34qypYPs8KPOXfOPpAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUTfNbZqM8fjZZsVETwCzy3pEUmhowHwYDVR0jBBgwFoAUOs4QyDgpLG/HBlhb RE667coqEbkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzAx NC9PczRReURncExHX0hCbGhiUkU2Njdjb3FFYmsuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL09zNFF5RGdwTEdfSEJsaGJSRTY2N2NvcUViay5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwMTQvVGZOYlpxTThmalpa c1ZFVHdDenkzcEVVbWhvLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEA3EuSDANBgkqhkiG9w0BAQsFAAOCAQEAYjJJL4sJj73TEHkbwKb0nUIYC8NF 4++uOyucJVdpOWxo1SEumWIFFntiN4sL8OZ2AnLQuuAr3NXIdim3Ku8mcOGgiXON 8C8BWf6XhZp9pYSA8kMpY5FgBDYmeB69cdRqfvYk1GAGwRlsGSewNF+atjLlLMIT DhMtNmx+hGCj6DS8csipPdNtrt/v0CprmnwLOXSfxndboU22ZTbR0Y9tgB0LI5LA 1d4KrpJLIk2+M6vA2qwf9Uo4kWOoILCZdgpVEUJcpx//YeowJnI/0vti1/1e+8Lq N+L/G0DfFZN/mROiOCx0e57vHn9DNtS/w80fhnSeNfu/LE14PPtPuq3jVw== -----END CERTIFICATE-----Generated at Mon Oct 20 19:21:02 2025 by rpki-client