$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3014/TgGQNMUj_Jt8Q3uvUuS6vxHgilc.roa File: TgGQNMUj_Jt8Q3uvUuS6vxHgilc.roa (raw, json) Hash identifier: EPxO6B8tSOvZ5HnrC5d/eAD3D7w+E4Bbe8Yk5fA8sls= Subject key identifier: 4E:01:90:34:C5:23:FC:9B:7C:43:7B:AF:52:E4:BA:BF:11:E0:8A:57 Certificate issuer: /CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9 Certificate serial: 15BC Authority key identifier: 3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/TgGQNMUj_Jt8Q3uvUuS6vxHgilc.roa Signing time: Sat 13 Sep 2025 03:06:45 +0000 ROA not before: Sat 13 Sep 2025 03:06:45 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 55990 IP address blocks: 113.47.240.0/23 maxlen: 23 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 23:00:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5564 (0x15bc) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9 Validity Not Before: Sep 13 03:06:45 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=4E019034C523FC9B7C437BAF52E4BABF11E08A57 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:1c:5f:10:f5:9b:f5:4e:1a:4c:44:59:c4:ac: 89:3f:c7:08:ff:25:5f:f2:51:51:cb:a7:55:9f:8f: 2e:52:c8:b5:54:aa:ad:5a:a5:ad:c2:15:fa:b0:ad: cb:25:5d:23:a8:68:2a:05:28:32:48:c5:35:1b:f7: 2a:7f:78:c9:6f:f9:7a:c7:45:e4:92:d0:dd:31:e4: 53:0a:d9:ac:79:b6:f6:52:43:04:04:d8:76:b1:a8: 17:9f:c8:a2:f2:1b:a5:ae:9f:63:59:49:b8:22:2b: 91:3d:50:9a:11:83:19:1b:45:bd:b6:6b:51:ed:03: a7:c3:60:ff:15:32:af:06:e5:d8:7d:f9:8b:19:cc: ac:69:5b:e1:fa:ad:e2:01:e9:ac:07:8c:ca:6e:eb: 43:40:2c:45:b7:17:0c:6e:7f:3a:29:d8:46:cd:b9: 87:b1:1b:82:7a:1c:5b:70:5c:1f:13:b3:72:4a:cd: 8e:40:05:c5:fd:38:11:3c:92:1d:f5:54:b0:08:25: db:23:b7:06:ec:b7:61:39:af:c7:11:6a:87:94:72: 8f:73:39:b5:6a:b7:53:1a:73:e3:c3:8d:ba:d1:4e: 55:7e:ea:07:05:5b:b3:26:32:8a:12:26:b4:d2:02: 4b:dd:91:68:64:d3:fa:64:0b:96:f8:5b:71:88:fa: 64:e5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4E:01:90:34:C5:23:FC:9B:7C:43:7B:AF:52:E4:BA:BF:11:E0:8A:57 X509v3 Authority Key Identifier: keyid:3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/TgGQNMUj_Jt8Q3uvUuS6vxHgilc.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 113.47.240.0/23 Signature Algorithm: sha256WithRSAEncryption 46:6e:19:69:ea:30:e4:6d:67:48:ee:6a:9b:7b:c6:5f:3d:b0: 50:7a:1a:72:04:f6:0a:1e:cc:8b:72:6e:9b:10:3f:e0:3b:88: 2e:d0:0d:cf:71:83:ac:28:29:ca:f0:67:63:9c:ae:d1:50:4b: 79:82:67:40:ec:aa:84:83:a4:61:1e:86:4c:bc:d4:53:a5:4f: ed:37:fe:17:31:af:6f:10:6b:6e:02:57:f4:0b:88:8c:34:5b: 12:7b:48:8f:7d:83:ad:c5:0b:8a:c7:01:c0:71:cb:31:ac:fd: c8:4d:b8:49:05:ea:2c:47:54:76:dd:ff:a7:a4:90:4c:a7:07: 86:0c:9d:81:44:75:f3:10:4a:ef:51:d6:68:38:57:27:79:c1: 9d:f9:15:ba:2f:70:7b:2b:ec:8c:42:e3:df:cc:88:34:ba:52: 42:1c:b3:b4:56:c7:46:69:36:f4:e2:48:48:25:23:a6:ff:72: ed:16:29:35:d1:10:44:e0:eb:71:25:96:c3:bc:96:c2:98:fe: 3f:36:a7:ba:df:21:8a:78:d6:9e:df:33:20:eb:ee:0f:86:9b: 21:b3:97:1e:7e:48:3a:59:f7:0f:22:5a:80:34:87:99:f4:01: 96:5b:32:1a:99:c9:cf:95:b5:9b:fe:71:9f:78:0a:a8:92:92: a1:b6:aa:d4 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICFbwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0FD RTEwQzgzODI5MkM2RkM3MDY1ODVCNDQ0RUJBRURDQTJBMTFCOTAeFw0yNTA5MTMw MzA2NDVaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDRFMDE5MDM0QzUyM0ZD OUI3QzQzN0JBRjUyRTRCQUJGMTFFMDhBNTcwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDOHF8Q9Zv1ThpMRFnErIk/xwj/JV/yUVHLp1Wfjy5SyLVUqq1a pa3CFfqwrcslXSOoaCoFKDJIxTUb9yp/eMlv+XrHReSS0N0x5FMK2ax5tvZSQwQE 2HaxqBefyKLyG6Wun2NZSbgiK5E9UJoRgxkbRb22a1HtA6fDYP8VMq8G5dh9+YsZ zKxpW+H6reIB6awHjMpu60NALEW3Fwxufzop2EbNuYexG4J6HFtwXB8Ts3JKzY5A BcX9OBE8kh31VLAIJdsjtwbst2E5r8cRaoeUco9zObVqt1Mac+PDjbrRTlV+6gcF W7MmMooSJrTSAkvdkWhk0/pkC5b4W3GI+mTlAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUTgGQNMUj/Jt8Q3uvUuS6vxHgilcwHwYDVR0jBBgwFoAUOs4QyDgpLG/HBlhb RE667coqEbkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzAx NC9PczRReURncExHX0hCbGhiUkU2Njdjb3FFYmsuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL09zNFF5RGdwTEdfSEJsaGJSRTY2N2NvcUViay5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwMTQvVGdHUU5NVWpfSnQ4 UTN1dlV1UzZ2eEhnaWxjLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAXEv8DANBgkqhkiG9w0BAQsFAAOCAQEARm4Zaeow5G1nSO5qm3vGXz2wUHoa cgT2Ch7Mi3JumxA/4DuILtANz3GDrCgpyvBnY5yu0VBLeYJnQOyqhIOkYR6GTLzU U6VP7Tf+FzGvbxBrbgJX9AuIjDRbEntIj32DrcULiscBwHHLMaz9yE24SQXqLEdU dt3/p6SQTKcHhgydgUR18xBK71HWaDhXJ3nBnfkVui9weyvsjELj38yINLpSQhyz tFbHRmk29OJISCUjpv9y7RYpNdEQRODrcSWWw7yWwpj+Pzanut8hinjWnt8zIOvu D4abIbOXHn5IOln3DyJagDSHmfQBllsyGpnJz5W1m/5xn3gKqJKSobaq1A== -----END CERTIFICATE-----Generated at Mon Oct 20 19:20:59 2025 by rpki-client