$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3014/bWIW4_aZU8zveEJsL5V-1x9cv3c.roa File: bWIW4_aZU8zveEJsL5V-1x9cv3c.roa (raw, json) Hash identifier: nWYCV0s9eb2zDoM9t79GGRaIXHI/wa8jirnkVsMaLZI= Subject key identifier: 6D:62:16:E3:F6:99:53:CC:EF:78:42:6C:2F:95:7E:D7:1F:5C:BF:77 Certificate issuer: /CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9 Certificate serial: 15C3 Authority key identifier: 3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/bWIW4_aZU8zveEJsL5V-1x9cv3c.roa Signing time: Sat 13 Sep 2025 03:06:46 +0000 ROA not before: Sat 13 Sep 2025 03:06:46 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 55990 IP address blocks: 113.46.66.0/23 maxlen: 23 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 23:00:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5571 (0x15c3) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9 Validity Not Before: Sep 13 03:06:46 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=6D6216E3F69953CCEF78426C2F957ED71F5CBF77 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e0:41:de:e7:35:36:b7:74:48:cd:f1:3c:bf:e7: a9:59:51:64:1c:fa:05:0b:00:44:e0:b8:c5:d8:ac: e9:88:45:ce:0c:75:ec:ec:b0:b4:8a:31:8e:a2:72: 44:7d:88:89:34:47:b8:9a:50:dc:9e:02:24:0a:a3: 35:ef:8f:ec:91:c4:24:7b:7b:e1:ab:bc:75:1e:55: bd:d1:18:04:16:ed:8b:b1:31:b5:a8:cd:60:40:59: 39:b0:36:57:e3:2e:23:65:4f:b2:47:20:11:7e:e6: a6:dc:90:5c:10:8a:3c:a9:70:e5:51:45:08:34:11: 71:ea:52:e4:1b:00:79:64:91:39:70:22:cc:bb:97: 2e:ca:5f:99:5d:9a:be:91:25:c1:a4:b5:6a:06:ac: 53:0a:3b:17:bb:2f:f5:0c:6d:ac:72:ce:87:6a:ff: da:be:00:60:45:de:9d:8b:e2:71:9f:0b:49:11:1c: 08:51:ae:b4:de:0d:e9:af:bb:c4:aa:7a:d2:95:98: cc:92:bc:9d:80:cc:b3:09:48:ef:4c:eb:9b:98:76: 84:df:f6:b7:99:71:5d:d8:f4:fb:ff:7e:2a:0f:97: 04:a8:fe:96:15:34:86:68:4b:83:94:5a:d7:27:7a: c3:a9:ff:c7:61:ef:55:0e:34:01:82:f1:af:ca:0f: 79:c1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6D:62:16:E3:F6:99:53:CC:EF:78:42:6C:2F:95:7E:D7:1F:5C:BF:77 X509v3 Authority Key Identifier: keyid:3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/bWIW4_aZU8zveEJsL5V-1x9cv3c.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 113.46.66.0/23 Signature Algorithm: sha256WithRSAEncryption 51:96:85:d2:b4:68:88:09:27:a8:b4:a5:b6:5d:dc:4e:de:c2: 4e:31:9a:26:82:55:c2:03:05:9f:46:7f:26:ed:2f:dd:a0:9f: 2f:a3:da:6d:5e:1b:4b:8e:f9:df:bf:8f:96:c6:16:d8:46:11: 68:b3:35:c5:44:04:0b:a1:ab:61:34:60:8f:46:ba:d5:37:8f: 3c:58:c4:59:2f:ab:cc:fc:83:cc:6f:31:65:bb:13:97:56:0c: da:32:73:f5:d9:bb:4d:f6:92:11:17:f0:ff:2d:96:bf:7b:b4: da:66:0b:54:b1:c9:3b:a4:90:3b:d0:50:93:23:79:96:47:85: 80:e3:4c:2e:68:a0:0c:43:ff:27:a4:ac:cf:49:d5:c6:19:88: 0f:b4:46:df:92:16:eb:0e:2d:8e:4a:e0:15:bf:1b:11:9f:a0: 24:30:00:41:50:f7:1d:e8:ab:7d:db:9f:7b:85:b3:13:df:38: 89:3d:3b:da:e5:e0:8c:95:b2:5a:cf:7c:b5:88:d1:95:c8:61: da:c2:4d:a4:c5:0a:e6:67:36:51:6b:14:0a:8d:87:0c:d9:25: e7:64:91:79:90:55:d1:80:cd:da:37:20:67:1f:ea:3f:2d:54: 31:f5:6e:41:98:67:65:f9:c7:b3:b1:0d:53:0f:e5:a8:14:33: 7d:b2:8c:55 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICFcMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0FD RTEwQzgzODI5MkM2RkM3MDY1ODVCNDQ0RUJBRURDQTJBMTFCOTAeFw0yNTA5MTMw MzA2NDZaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDZENjIxNkUzRjY5OTUz Q0NFRjc4NDI2QzJGOTU3RUQ3MUY1Q0JGNzcwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDgQd7nNTa3dEjN8Ty/56lZUWQc+gULAETguMXYrOmIRc4Mdezs sLSKMY6ickR9iIk0R7iaUNyeAiQKozXvj+yRxCR7e+GrvHUeVb3RGAQW7YuxMbWo zWBAWTmwNlfjLiNlT7JHIBF+5qbckFwQijypcOVRRQg0EXHqUuQbAHlkkTlwIsy7 ly7KX5ldmr6RJcGktWoGrFMKOxe7L/UMbaxyzodq/9q+AGBF3p2L4nGfC0kRHAhR rrTeDemvu8SqetKVmMySvJ2AzLMJSO9M65uYdoTf9reZcV3Y9Pv/fioPlwSo/pYV NIZoS4OUWtcnesOp/8dh71UONAGC8a/KD3nBAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUbWIW4/aZU8zveEJsL5V+1x9cv3cwHwYDVR0jBBgwFoAUOs4QyDgpLG/HBlhb RE667coqEbkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzAx NC9PczRReURncExHX0hCbGhiUkU2Njdjb3FFYmsuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL09zNFF5RGdwTEdfSEJsaGJSRTY2N2NvcUViay5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwMTQvYldJVzRfYVpVOHp2 ZUVKc0w1Vi0xeDljdjNjLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAXEuQjANBgkqhkiG9w0BAQsFAAOCAQEAUZaF0rRoiAknqLSltl3cTt7CTjGa JoJVwgMFn0Z/Ju0v3aCfL6PabV4bS47537+PlsYW2EYRaLM1xUQEC6GrYTRgj0a6 1TePPFjEWS+rzPyDzG8xZbsTl1YM2jJz9dm7TfaSERfw/y2Wv3u02mYLVLHJO6SQ O9BQkyN5lkeFgONMLmigDEP/J6Ssz0nVxhmID7RG35IW6w4tjkrgFb8bEZ+gJDAA QVD3Heirfdufe4WzE984iT072uXgjJWyWs98tYjRlchh2sJNpMUK5mc2UWsUCo2H DNkl52SReZBV0YDN2jcgZx/qPy1UMfVuQZhnZfnHs7ENUw/lqBQzfbKMVQ== -----END CERTIFICATE-----Generated at Mon Oct 20 19:21:20 2025 by rpki-client