$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3014/WbmpyNl5UNWb_CEtAPraVXMk6QA.roa File: WbmpyNl5UNWb_CEtAPraVXMk6QA.roa (raw, json) Hash identifier: 4jUp4erheYhaQZ7zUSu7ANCvi6NG2Wkr7P4d7A+lVSc= Subject key identifier: 59:B9:A9:C8:D9:79:50:D5:9B:FC:21:2D:00:FA:DA:55:73:24:E9:00 Certificate issuer: /CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9 Certificate serial: 15D8 Authority key identifier: 3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/WbmpyNl5UNWb_CEtAPraVXMk6QA.roa Signing time: Sat 13 Sep 2025 03:06:51 +0000 ROA not before: Sat 13 Sep 2025 03:06:51 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 55990 IP address blocks: 113.46.68.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 23:00:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5592 (0x15d8) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9 Validity Not Before: Sep 13 03:06:51 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=59B9A9C8D97950D59BFC212D00FADA557324E900 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:77:f7:c0:85:13:53:dd:76:18:fe:26:09:f9: dd:26:b4:95:7a:74:d5:8b:c0:54:cc:b3:d0:49:94: 9e:e3:a2:5b:b2:3b:0d:b2:0a:20:ca:ae:f4:58:b6: 16:87:d6:e1:43:b1:b0:91:12:3d:1a:af:30:b1:d5: c3:65:e9:7f:1c:cd:77:84:5a:fc:b2:8c:bf:01:c7: a1:e8:c9:04:64:4a:0b:4c:67:f9:2c:82:bc:bd:ef: 32:1c:89:14:dd:99:f9:b3:52:22:35:2c:e7:70:64: d6:7e:75:ef:69:c3:10:e9:59:ec:37:eb:5d:e5:b6: e8:d4:49:93:06:5c:32:b6:08:5e:24:a5:9d:68:7d: 53:cd:eb:7e:dc:9b:ab:9f:fb:9d:69:ef:94:a7:8d: 8e:fd:4f:dd:4a:b9:19:fe:0f:cb:8a:08:b5:db:c8: 0f:43:3c:74:ce:a4:e5:f3:c5:dd:a7:b2:5f:b1:2c: 5f:da:6a:9f:99:7c:f2:6e:36:e4:f3:d6:cf:40:18: 03:08:37:62:20:f1:e1:10:c9:d6:88:0c:fa:0e:d1: 77:f3:a3:92:48:9a:e1:a0:1c:3a:c0:17:20:96:7d: b0:65:dd:94:49:4f:13:aa:02:17:00:8c:cf:91:83: 37:58:02:ce:26:b8:1a:a8:44:90:5b:6a:74:7e:95: 76:39 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 59:B9:A9:C8:D9:79:50:D5:9B:FC:21:2D:00:FA:DA:55:73:24:E9:00 X509v3 Authority Key Identifier: keyid:3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/WbmpyNl5UNWb_CEtAPraVXMk6QA.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 113.46.68.0/22 Signature Algorithm: sha256WithRSAEncryption 7d:ee:55:91:bf:86:94:cc:ac:b5:3f:41:a7:45:94:ca:6d:c0: 14:b6:e0:b9:65:7f:f1:14:85:90:57:ea:c3:c4:e1:fc:c3:71: df:a4:59:a0:a0:fc:47:a5:03:b1:08:5e:e1:44:9c:46:0c:af: 74:08:92:b7:f8:1c:94:bd:6c:91:5d:25:1d:1b:58:48:04:72: d8:79:62:48:9b:b1:c2:9b:7a:fc:b6:0b:2a:c3:92:8d:c0:0f: 5a:e4:25:03:a9:43:80:e6:5e:14:a7:04:73:28:05:ac:fe:43: d1:2e:81:49:ed:3a:45:46:25:7c:80:ea:9b:cc:5f:18:c9:bd: 1f:d6:2e:ab:e7:d9:1e:e3:4b:7d:94:16:5d:68:76:6d:4c:6b: 9d:bd:95:9a:d9:c9:a6:08:2c:1f:b0:0a:cc:1d:73:82:e3:e8: bf:9f:af:7d:af:61:8d:d5:49:f8:fe:d3:2c:7b:c2:28:1b:c0: 9e:b2:c4:30:ae:d9:49:fa:fc:1e:33:40:3d:d5:18:48:49:09: 79:38:c1:8a:7b:74:1e:63:f3:50:de:14:45:71:0a:cc:5f:b6: c3:7a:85:6d:2b:d2:9d:4b:3f:14:08:a1:31:78:83:dd:cb:bd: 8e:c1:07:0c:f3:96:41:18:1d:1d:cc:ad:f1:f6:70:52:94:7c: 27:f2:01:d2 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICFdgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0FD RTEwQzgzODI5MkM2RkM3MDY1ODVCNDQ0RUJBRURDQTJBMTFCOTAeFw0yNTA5MTMw MzA2NTFaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDU5QjlBOUM4RDk3OTUw RDU5QkZDMjEyRDAwRkFEQTU1NzMyNEU5MDAwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC8d/fAhRNT3XYY/iYJ+d0mtJV6dNWLwFTMs9BJlJ7joluyOw2y CiDKrvRYthaH1uFDsbCREj0arzCx1cNl6X8czXeEWvyyjL8Bx6HoyQRkSgtMZ/ks gry97zIciRTdmfmzUiI1LOdwZNZ+de9pwxDpWew3613ltujUSZMGXDK2CF4kpZ1o fVPN637cm6uf+51p75SnjY79T91KuRn+D8uKCLXbyA9DPHTOpOXzxd2nsl+xLF/a ap+ZfPJuNuTz1s9AGAMIN2Ig8eEQydaIDPoO0Xfzo5JImuGgHDrAFyCWfbBl3ZRJ TxOqAhcAjM+RgzdYAs4muBqoRJBbanR+lXY5AgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUWbmpyNl5UNWb/CEtAPraVXMk6QAwHwYDVR0jBBgwFoAUOs4QyDgpLG/HBlhb RE667coqEbkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzAx NC9PczRReURncExHX0hCbGhiUkU2Njdjb3FFYmsuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL09zNFF5RGdwTEdfSEJsaGJSRTY2N2NvcUViay5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwMTQvV2JtcHlObDVVTldi X0NFdEFQcmFWWE1rNlFBLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAnEuRDANBgkqhkiG9w0BAQsFAAOCAQEAfe5Vkb+GlMystT9Bp0WUym3AFLbg uWV/8RSFkFfqw8Th/MNx36RZoKD8R6UDsQhe4UScRgyvdAiSt/gclL1skV0lHRtY SARy2HliSJuxwpt6/LYLKsOSjcAPWuQlA6lDgOZeFKcEcygFrP5D0S6BSe06RUYl fIDqm8xfGMm9H9Yuq+fZHuNLfZQWXWh2bUxrnb2VmtnJpggsH7AKzB1zguPov5+v fa9hjdVJ+P7TLHvCKBvAnrLEMK7ZSfr8HjNAPdUYSEkJeTjBint0HmPzUN4URXEK zF+2w3qFbSvSnUs/FAihMXiD3cu9jsEHDPOWQRgdHcyt8fZwUpR8J/IB0g== -----END CERTIFICATE-----Generated at Mon Oct 20 19:21:25 2025 by rpki-client