$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3014/ZAC5alox4m1SG1fJv9ed92W6X-I.roa File: ZAC5alox4m1SG1fJv9ed92W6X-I.roa (raw, json) Hash identifier: yj/ErKYWSAbek2V0RkiGzg9RUHxMe43zyit+tghoHZM= Subject key identifier: 64:00:B9:6A:5A:31:E2:6D:52:1B:57:C9:BF:D7:9D:F7:65:BA:5F:E2 Certificate issuer: /CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9 Certificate serial: 1594 Authority key identifier: 3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/ZAC5alox4m1SG1fJv9ed92W6X-I.roa Signing time: Sat 13 Sep 2025 03:06:37 +0000 ROA not before: Sat 13 Sep 2025 03:06:37 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 55990 IP address blocks: 113.45.64.0/19 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 23:00:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5524 (0x1594) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9 Validity Not Before: Sep 13 03:06:37 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=6400B96A5A31E26D521B57C9BFD79DF765BA5FE2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d7:36:1c:7c:af:41:ae:de:35:38:da:3a:d0:0a: fd:bd:23:ad:af:6d:81:f1:ac:1c:7a:29:c6:90:b3: d9:f2:68:29:42:b9:77:b3:8f:12:ed:68:aa:39:9a: 2f:4b:53:70:fd:7f:db:71:19:2d:ec:c1:62:69:7c: 8b:56:4b:77:9d:d5:de:1c:f5:da:bc:55:30:f4:1e: f6:3a:fb:56:29:ec:42:84:43:32:12:f2:bc:21:5a: 2f:42:0a:fd:d0:37:3b:07:ac:8f:e3:5b:47:06:23: 51:86:a7:3b:2c:23:b4:b1:5b:9d:d8:78:bc:87:d5: 4c:a5:78:89:b5:2d:a4:01:ee:b2:72:95:8e:af:a1: 5e:95:d0:1c:65:36:ef:26:b8:6a:e9:41:f4:f8:23: 1e:ef:6c:53:d5:8a:4a:e2:8a:82:8d:d3:84:15:2c: b9:7f:1e:41:53:c2:76:d2:b1:3d:5d:71:cc:65:a8: 9c:9d:f2:fe:ae:15:08:60:bc:90:c5:c8:29:84:5e: 1d:df:94:16:e5:a5:7c:05:d2:49:ce:91:d2:6d:af: 3c:22:31:02:02:ae:cb:b2:5f:bd:25:dd:c6:8a:3c: 28:a7:7b:2c:90:43:65:68:6c:9b:97:6e:85:37:2e: 0f:a3:80:9c:aa:25:c4:97:52:0e:a0:54:f4:d3:6c: 86:81 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 64:00:B9:6A:5A:31:E2:6D:52:1B:57:C9:BF:D7:9D:F7:65:BA:5F:E2 X509v3 Authority Key Identifier: keyid:3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/ZAC5alox4m1SG1fJv9ed92W6X-I.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 113.45.64.0/19 Signature Algorithm: sha256WithRSAEncryption 63:dc:95:a9:40:b1:a8:ef:b7:e2:00:08:fe:d9:2e:65:0b:55: bd:b2:41:a5:83:48:07:34:dd:bc:63:ea:d8:ab:d3:8e:9e:c9: 79:a0:26:e8:19:5b:2d:17:e1:09:d7:0e:bc:ec:48:c3:42:b6: 4c:59:2f:28:04:52:94:c6:cf:e8:a6:b5:c4:bd:5f:13:0b:ef: f2:17:dc:85:4c:d9:f3:42:bd:54:2a:06:08:ca:18:5b:69:d2: 36:ae:57:21:34:5e:7d:78:fe:f3:23:f3:72:56:a3:08:01:38: 5a:b7:81:ab:ff:4a:31:c2:ef:28:85:da:72:f1:3c:21:5c:e5: f7:96:a8:3e:a5:bb:0b:61:ec:4b:6b:76:b6:9a:ff:c7:2b:55: 46:c2:f2:ec:59:b3:c2:49:93:66:67:bf:37:b7:96:d2:c3:57: f9:95:a2:ad:a5:29:f5:25:07:ce:1b:1c:67:9b:40:21:15:67: f1:da:27:67:fe:26:f1:c5:24:10:32:06:49:9e:e7:0e:29:08: c8:71:52:73:f3:36:61:27:b2:22:05:c6:99:df:8b:e9:11:17: c6:dc:d8:90:ec:ac:eb:c0:5d:c6:a7:d5:28:53:71:2b:c0:ec: 16:64:76:0e:53:6d:db:e5:27:f1:33:f5:c8:ec:09:b7:33:ef: 51:f4:ef:46 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICFZQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0FD RTEwQzgzODI5MkM2RkM3MDY1ODVCNDQ0RUJBRURDQTJBMTFCOTAeFw0yNTA5MTMw MzA2MzdaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDY0MDBCOTZBNUEzMUUy NkQ1MjFCNTdDOUJGRDc5REY3NjVCQTVGRTIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDXNhx8r0Gu3jU42jrQCv29I62vbYHxrBx6KcaQs9nyaClCuXez jxLtaKo5mi9LU3D9f9txGS3swWJpfItWS3ed1d4c9dq8VTD0HvY6+1Yp7EKEQzIS 8rwhWi9CCv3QNzsHrI/jW0cGI1GGpzssI7SxW53YeLyH1UyleIm1LaQB7rJylY6v oV6V0BxlNu8muGrpQfT4Ix7vbFPVikriioKN04QVLLl/HkFTwnbSsT1dccxlqJyd 8v6uFQhgvJDFyCmEXh3flBblpXwF0knOkdJtrzwiMQICrsuyX70l3caKPCineyyQ Q2VobJuXboU3Lg+jgJyqJcSXUg6gVPTTbIaBAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUZAC5alox4m1SG1fJv9ed92W6X+IwHwYDVR0jBBgwFoAUOs4QyDgpLG/HBlhb RE667coqEbkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzAx NC9PczRReURncExHX0hCbGhiUkU2Njdjb3FFYmsuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL09zNFF5RGdwTEdfSEJsaGJSRTY2N2NvcUViay5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwMTQvWkFDNWFsb3g0bTFT RzFmSnY5ZWQ5Mlc2WC1JLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEBXEtQDANBgkqhkiG9w0BAQsFAAOCAQEAY9yVqUCxqO+34gAI/tkuZQtVvbJB pYNIBzTdvGPq2KvTjp7JeaAm6BlbLRfhCdcOvOxIw0K2TFkvKARSlMbP6Ka1xL1f Ewvv8hfchUzZ80K9VCoGCMoYW2nSNq5XITRefXj+8yPzclajCAE4WreBq/9KMcLv KIXacvE8IVzl95aoPqW7C2HsS2t2tpr/xytVRsLy7FmzwkmTZme/N7eW0sNX+ZWi raUp9SUHzhscZ5tAIRVn8donZ/4m8cUkEDIGSZ7nDikIyHFSc/M2YSeyIgXGmd+L 6REXxtzYkOys68BdxqfVKFNxK8DsFmR2DlNt2+Un8TP1yOwJtzPvUfTvRg== -----END CERTIFICATE-----Generated at Mon Oct 20 19:21:13 2025 by rpki-client