$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3014/c2NAAjpk9U1PCkeTFJxKidKvGe4.roa File: c2NAAjpk9U1PCkeTFJxKidKvGe4.roa (raw, json) Hash identifier: A6fe3ftfPilszSk/htLp8P3ec3h3a5u9pRA6NdhLWLM= Subject key identifier: 73:63:40:02:3A:64:F5:4D:4F:0A:47:93:14:9C:4A:89:D2:AF:19:EE Certificate issuer: /CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9 Certificate serial: 159C Authority key identifier: 3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/c2NAAjpk9U1PCkeTFJxKidKvGe4.roa Signing time: Sat 13 Sep 2025 03:06:38 +0000 ROA not before: Sat 13 Sep 2025 03:06:38 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 55990 IP address blocks: 113.47.250.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 23:00:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5532 (0x159c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9 Validity Not Before: Sep 13 03:06:38 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=736340023A64F54D4F0A4793149C4A89D2AF19EE Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:e0:68:78:0d:77:7e:c9:10:11:0b:85:51:ee: 35:8e:dc:b2:3b:be:55:22:77:22:4b:e4:38:5b:53: b0:67:06:13:fa:40:67:e6:e0:61:e9:e3:7a:57:96: 71:c2:f2:49:b0:ca:3c:43:7f:8c:17:85:5b:9a:1a: dc:3d:b4:2b:b5:61:54:03:6f:f3:85:54:15:1d:95: 3d:9e:51:40:c2:65:09:24:ed:67:aa:18:96:26:36: db:56:1f:51:21:d6:44:eb:72:1a:17:40:71:6d:a2: 61:0a:33:2f:2b:4a:ef:a4:9b:c4:4b:31:da:cf:38: 0f:2b:79:2f:ba:c4:ea:bf:59:87:ac:28:52:bf:c5: b0:16:61:6c:55:39:7a:1f:9a:ad:e4:c7:29:97:83: 01:e1:01:fe:1b:a1:08:1c:17:f4:62:8d:1d:fa:16: ed:36:3a:9a:7a:d3:44:97:72:0d:9b:64:be:93:a0: 22:99:ee:25:48:31:71:d8:a5:7d:0c:67:d7:cf:2a: 67:80:52:ea:57:15:5d:f7:3e:98:22:01:07:91:7d: 40:5a:d8:70:ce:65:40:86:b5:71:a3:df:93:89:86: ef:a7:98:4c:d8:1d:39:7c:9c:5a:7c:b6:d2:aa:47: 51:c5:60:b4:8d:78:6a:2d:9b:5c:e5:6f:01:e5:a6: f4:45 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 73:63:40:02:3A:64:F5:4D:4F:0A:47:93:14:9C:4A:89:D2:AF:19:EE X509v3 Authority Key Identifier: keyid:3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/c2NAAjpk9U1PCkeTFJxKidKvGe4.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 113.47.250.0/23 Signature Algorithm: sha256WithRSAEncryption 3b:47:2b:33:e6:4c:91:d5:27:93:6c:16:5e:88:67:3f:fa:b4: 4b:d5:1f:9e:a7:b4:53:f1:ef:cf:63:1e:8b:58:25:b5:ca:63: c6:c1:48:10:7b:9c:d0:c3:3f:09:e5:ec:56:d4:d0:8f:46:75: 5d:91:8f:e3:2a:a0:f6:7e:21:5f:ea:f6:dd:ac:ba:08:71:ab: ed:e3:0d:21:f0:2c:ce:76:ee:86:de:51:82:6b:9f:69:37:03: dc:42:c1:46:23:9a:60:b2:c1:05:c2:d7:1f:23:d0:d9:66:d5: b1:4c:9d:d9:e2:8e:69:25:7d:32:2b:4b:3d:2b:b1:08:10:b4: 9a:97:1e:08:19:eb:32:1d:4f:64:7d:26:92:91:6f:96:5e:5a: 96:46:12:79:1e:37:ef:0a:3b:f1:36:4a:e4:af:f4:93:57:e5: 1f:0d:73:21:f1:5d:31:94:65:19:c4:bb:30:ea:2d:5f:48:cc: db:b0:f9:0e:be:03:9b:55:4d:f7:39:a0:36:6f:a8:28:4e:bd: 37:ac:1a:ae:aa:d4:ee:41:62:ff:3e:e3:b6:0a:ec:7d:83:b9: 73:27:63:ce:af:6f:64:8c:f3:6b:e0:af:8d:fc:2b:a6:04:75: 83:7c:f2:a5:a0:19:9f:59:29:12:dc:ee:0e:87:d1:4b:d2:1b: 41:3b:71:72 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICFZwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0FD RTEwQzgzODI5MkM2RkM3MDY1ODVCNDQ0RUJBRURDQTJBMTFCOTAeFw0yNTA5MTMw MzA2MzhaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDczNjM0MDAyM0E2NEY1 NEQ0RjBBNDc5MzE0OUM0QTg5RDJBRjE5RUUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDF4Gh4DXd+yRARC4VR7jWO3LI7vlUidyJL5DhbU7BnBhP6QGfm 4GHp43pXlnHC8kmwyjxDf4wXhVuaGtw9tCu1YVQDb/OFVBUdlT2eUUDCZQkk7Weq GJYmNttWH1Eh1kTrchoXQHFtomEKMy8rSu+km8RLMdrPOA8reS+6xOq/WYesKFK/ xbAWYWxVOXofmq3kxymXgwHhAf4boQgcF/RijR36Fu02Opp600SXcg2bZL6ToCKZ 7iVIMXHYpX0MZ9fPKmeAUupXFV33PpgiAQeRfUBa2HDOZUCGtXGj35OJhu+nmEzY HTl8nFp8ttKqR1HFYLSNeGotm1zlbwHlpvRFAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUc2NAAjpk9U1PCkeTFJxKidKvGe4wHwYDVR0jBBgwFoAUOs4QyDgpLG/HBlhb RE667coqEbkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzAx NC9PczRReURncExHX0hCbGhiUkU2Njdjb3FFYmsuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL09zNFF5RGdwTEdfSEJsaGJSRTY2N2NvcUViay5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwMTQvYzJOQUFqcGs5VTFQ Q2tlVEZKeEtpZEt2R2U0LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAXEv+jANBgkqhkiG9w0BAQsFAAOCAQEAO0crM+ZMkdUnk2wWXohnP/q0S9Uf nqe0U/Hvz2Mei1gltcpjxsFIEHuc0MM/CeXsVtTQj0Z1XZGP4yqg9n4hX+r23ay6 CHGr7eMNIfAsznbuht5RgmufaTcD3ELBRiOaYLLBBcLXHyPQ2WbVsUyd2eKOaSV9 MitLPSuxCBC0mpceCBnrMh1PZH0mkpFvll5alkYSeR437wo78TZK5K/0k1flHw1z IfFdMZRlGcS7MOotX0jM27D5Dr4Dm1VN9zmgNm+oKE69N6warqrU7kFi/z7jtgrs fYO5cydjzq9vZIzza+CvjfwrpgR1g3zypaAZn1kpEtzuDofRS9IbQTtxcg== -----END CERTIFICATE-----Generated at Mon Oct 20 19:21:06 2025 by rpki-client