$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3014/bmMejRTepjvuoW2bxNni5z3jpSU.roa File: bmMejRTepjvuoW2bxNni5z3jpSU.roa (raw, json) Hash identifier: aJKIwoZBxX/KGkP1SrKJirsX0tFdivPRE7HrcU0k/AM= Subject key identifier: 6E:63:1E:8D:14:DE:A6:3B:EE:A1:6D:9B:C4:D9:E2:E7:3D:E3:A5:25 Certificate issuer: /CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9 Certificate serial: 1595 Authority key identifier: 3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/bmMejRTepjvuoW2bxNni5z3jpSU.roa Signing time: Sat 13 Sep 2025 03:06:37 +0000 ROA not before: Sat 13 Sep 2025 03:06:37 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 55990 IP address blocks: 113.47.160.0/19 maxlen: 19 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 23:00:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5525 (0x1595) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9 Validity Not Before: Sep 13 03:06:37 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=6E631E8D14DEA63BEEA16D9BC4D9E2E73DE3A525 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:f0:d7:ef:67:23:8c:86:16:5d:14:0b:25:10: c5:04:d5:7e:e5:39:c4:f0:5e:0b:b0:11:0b:85:9a: f8:2d:c8:b1:46:b1:7b:e4:83:b5:a9:2e:ca:0b:98: 97:1b:f0:f9:9a:80:b5:c0:f7:4f:8e:4f:8a:2c:d3: 1a:ab:5a:1f:c6:1e:44:4e:62:16:29:de:e7:b7:3e: 20:cd:1f:c3:ba:83:1a:cf:13:2c:13:1f:56:22:5b: fa:56:a7:9e:d0:35:77:ac:a2:a9:46:eb:61:f4:b3: 16:f0:8f:6a:41:38:e6:f1:c7:31:7d:0d:94:10:db: 3b:a4:1b:08:3b:ac:e2:82:1a:4a:04:3d:d8:85:29: 76:77:9e:b8:18:53:e7:2b:cb:7b:08:a6:e8:ef:cf: 88:62:b5:9f:85:dd:48:91:35:6b:72:36:6c:da:5a: 78:a0:36:9e:43:68:3e:d0:3b:21:c3:f7:48:93:ee: 10:65:99:ad:ce:c1:2c:4b:2d:f0:cc:c6:d7:39:8a: d9:48:1c:bb:64:0f:3f:5b:7d:c0:73:c9:1a:26:19: a4:a0:98:aa:59:69:b2:63:a3:34:6b:3d:1b:49:a8: db:70:3e:2f:56:9e:16:0b:79:67:9b:55:a2:6c:e5: 43:d3:42:5e:8f:fc:58:8a:af:56:28:ae:2f:80:49: 08:b5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6E:63:1E:8D:14:DE:A6:3B:EE:A1:6D:9B:C4:D9:E2:E7:3D:E3:A5:25 X509v3 Authority Key Identifier: keyid:3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/bmMejRTepjvuoW2bxNni5z3jpSU.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 113.47.160.0/19 Signature Algorithm: sha256WithRSAEncryption 47:1e:a8:1a:d4:01:47:3c:9d:f2:ad:1f:48:05:ac:42:8f:0c: d8:52:61:c0:3f:00:20:4b:e5:81:5f:4b:d4:fc:74:4e:6d:2e: 35:60:3c:ef:0a:80:5b:a1:1b:b4:b3:c8:42:61:37:d2:c4:2a: 96:63:0e:13:da:7b:e3:45:64:85:4f:12:02:34:db:5e:ca:c7: b5:e0:84:9b:b0:33:73:0c:4a:93:ec:a0:ab:1a:96:33:4a:20: 06:68:64:e8:93:1b:5d:10:35:4a:d3:49:6f:1f:07:b8:bb:ce: 2f:67:7f:91:45:6d:b2:b5:7c:10:02:bc:99:5c:4b:f6:86:8b: 32:f1:bd:79:22:ad:e3:76:de:81:1a:1e:33:6f:06:0e:ae:2d: 1e:ca:e7:ec:d2:a2:99:3d:5e:90:ef:d5:40:c9:df:a4:04:a0: b9:53:83:84:c1:91:20:0a:7f:9c:17:fd:38:3e:4b:26:2e:ef: ac:25:d7:63:7f:1f:88:69:10:af:b1:7d:6c:0c:87:81:b3:5f: 97:6c:72:ed:92:37:66:fd:c6:02:df:36:bf:70:8f:29:3a:38: 3d:1a:ab:09:41:7e:ee:2c:39:61:04:32:3f:71:ae:49:3a:a1: 5c:b8:a7:b2:f4:99:19:69:be:d4:b6:b2:89:1a:e4:d1:34:be: 30:73:e3:19 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICFZUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0FD RTEwQzgzODI5MkM2RkM3MDY1ODVCNDQ0RUJBRURDQTJBMTFCOTAeFw0yNTA5MTMw MzA2MzdaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDZFNjMxRThEMTRERUE2 M0JFRUExNkQ5QkM0RDlFMkU3M0RFM0E1MjUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC/8NfvZyOMhhZdFAslEMUE1X7lOcTwXguwEQuFmvgtyLFGsXvk g7WpLsoLmJcb8PmagLXA90+OT4os0xqrWh/GHkROYhYp3ue3PiDNH8O6gxrPEywT H1YiW/pWp57QNXesoqlG62H0sxbwj2pBOObxxzF9DZQQ2zukGwg7rOKCGkoEPdiF KXZ3nrgYU+cry3sIpujvz4hitZ+F3UiRNWtyNmzaWnigNp5DaD7QOyHD90iT7hBl ma3OwSxLLfDMxtc5itlIHLtkDz9bfcBzyRomGaSgmKpZabJjozRrPRtJqNtwPi9W nhYLeWebVaJs5UPTQl6P/FiKr1Yori+ASQi1AgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUbmMejRTepjvuoW2bxNni5z3jpSUwHwYDVR0jBBgwFoAUOs4QyDgpLG/HBlhb RE667coqEbkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzAx NC9PczRReURncExHX0hCbGhiUkU2Njdjb3FFYmsuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL09zNFF5RGdwTEdfSEJsaGJSRTY2N2NvcUViay5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwMTQvYm1NZWpSVGVwanZ1 b1cyYnhObmk1ejNqcFNVLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEBXEvoDANBgkqhkiG9w0BAQsFAAOCAQEARx6oGtQBRzyd8q0fSAWsQo8M2FJh wD8AIEvlgV9L1Px0Tm0uNWA87wqAW6EbtLPIQmE30sQqlmMOE9p740VkhU8SAjTb XsrHteCEm7AzcwxKk+ygqxqWM0ogBmhk6JMbXRA1StNJbx8HuLvOL2d/kUVtsrV8 EAK8mVxL9oaLMvG9eSKt43begRoeM28GDq4tHsrn7NKimT1ekO/VQMnfpASguVOD hMGRIAp/nBf9OD5LJi7vrCXXY38fiGkQr7F9bAyHgbNfl2xy7ZI3Zv3GAt82v3CP KTo4PRqrCUF+7iw5YQQyP3GuSTqhXLinsvSZGWm+1LayiRrk0TS+MHPjGQ== -----END CERTIFICATE-----Generated at Mon Oct 20 19:20:54 2025 by rpki-client