$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3014/gNgUDJhd_ITpxzJb914_DBcWKpA.roa File: gNgUDJhd_ITpxzJb914_DBcWKpA.roa (raw, json) Hash identifier: qlH1pnXgARYM/Abhhpmwa3o1RA5w3uItyaj7uhTJ9n4= Subject key identifier: 80:D8:14:0C:98:5D:FC:84:E9:C7:32:5B:F7:5E:3F:0C:17:16:2A:90 Certificate issuer: /CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9 Certificate serial: 159E Authority key identifier: 3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/gNgUDJhd_ITpxzJb914_DBcWKpA.roa Signing time: Sat 13 Sep 2025 03:06:39 +0000 ROA not before: Sat 13 Sep 2025 03:06:39 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 55990 IP address blocks: 113.45.100.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 23:00:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5534 (0x159e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9 Validity Not Before: Sep 13 03:06:39 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=80D8140C985DFC84E9C7325BF75E3F0C17162A90 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:52:d9:ab:cc:9e:6e:21:05:de:e8:89:8a:f0: 1c:db:45:84:59:82:90:03:39:97:4b:45:57:d6:42: 2b:95:30:99:68:49:b6:1d:9a:9c:19:a8:e0:91:8d: 78:57:8d:9f:c1:9f:8a:d9:8d:dc:95:4f:93:46:a4: e1:fa:01:e4:08:60:31:13:36:7e:23:f6:13:54:d9: 7d:ca:2b:83:93:4c:93:6e:9e:1f:78:a5:df:33:48: e4:43:82:4d:1e:11:e5:21:66:d1:2d:67:0f:28:72: 9f:d0:4c:4c:0d:a8:78:0a:a8:01:d8:61:af:70:3f: 82:4d:6b:ca:86:64:e4:01:fd:c1:33:df:17:81:6a: 19:ab:f7:db:6b:a9:ce:1e:18:e6:e6:b5:d7:73:92: c3:5c:d6:22:2c:60:1f:b1:d7:8a:6f:1d:e7:2c:0b: 7c:7e:78:64:0a:90:4b:29:29:f3:7b:5f:06:2b:31: dd:a0:e7:dc:59:d3:cf:f9:79:9b:aa:44:11:4a:21: 77:e5:20:3b:94:57:5d:80:35:b8:f6:ac:b9:88:a6: c3:d2:a5:dc:5f:09:17:99:85:4e:6f:5d:33:3f:f5: 7d:8d:aa:05:36:59:2e:cc:24:f6:d6:18:b8:39:7e: 2e:8d:64:38:da:a5:f8:c8:09:e4:2d:51:6b:c5:1b: 54:d9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 80:D8:14:0C:98:5D:FC:84:E9:C7:32:5B:F7:5E:3F:0C:17:16:2A:90 X509v3 Authority Key Identifier: keyid:3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/gNgUDJhd_ITpxzJb914_DBcWKpA.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 113.45.100.0/22 Signature Algorithm: sha256WithRSAEncryption a6:71:39:34:31:5f:6b:84:b0:76:81:18:25:4a:09:03:d5:e1: d0:ac:32:3c:94:8f:13:e1:a5:39:a1:e9:0c:2b:d8:10:02:a3: d1:04:4c:75:44:98:48:6a:44:0c:e1:1f:9e:9f:82:64:a6:b1: 53:f6:2b:3e:4c:18:d9:7c:db:53:8c:bb:70:89:4f:73:b8:07: 8a:3e:7e:ac:c8:58:9c:19:d7:c4:5b:c8:ef:f9:6f:4c:bf:d6: ba:47:23:d4:46:54:27:7b:7a:1b:2e:bb:c8:87:5a:04:8a:7c: a6:b6:bb:82:2f:94:21:bd:fb:5b:db:8b:c2:8f:95:ef:41:28: c4:41:96:b5:49:a5:3e:c2:c8:0a:00:5d:15:8e:12:74:a8:ae: 72:03:42:61:3e:bc:0b:b5:da:83:1e:cd:7b:f3:52:4b:aa:3c: 3d:18:a5:2e:93:8c:91:68:06:fe:73:2e:d0:a2:bc:12:10:3d: 4c:5f:9a:fc:75:c3:06:f2:dc:e7:9c:e9:78:c7:ee:e4:b9:1b: e4:c3:91:61:09:94:c7:de:83:29:8c:ae:e5:da:da:b6:0b:03: 6a:8d:4a:cd:c1:85:8c:7f:1c:1f:94:e2:04:1e:85:77:ef:ae: 3f:0e:02:a7:56:54:6e:68:07:17:72:c7:d8:94:79:f0:5e:91: e5:b4:a1:d2 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICFZ4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0FD RTEwQzgzODI5MkM2RkM3MDY1ODVCNDQ0RUJBRURDQTJBMTFCOTAeFw0yNTA5MTMw MzA2MzlaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDgwRDgxNDBDOTg1REZD ODRFOUM3MzI1QkY3NUUzRjBDMTcxNjJBOTAwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDEUtmrzJ5uIQXe6ImK8BzbRYRZgpADOZdLRVfWQiuVMJloSbYd mpwZqOCRjXhXjZ/Bn4rZjdyVT5NGpOH6AeQIYDETNn4j9hNU2X3KK4OTTJNunh94 pd8zSORDgk0eEeUhZtEtZw8ocp/QTEwNqHgKqAHYYa9wP4JNa8qGZOQB/cEz3xeB ahmr99trqc4eGObmtddzksNc1iIsYB+x14pvHecsC3x+eGQKkEspKfN7XwYrMd2g 59xZ08/5eZuqRBFKIXflIDuUV12ANbj2rLmIpsPSpdxfCReZhU5vXTM/9X2NqgU2 WS7MJPbWGLg5fi6NZDjapfjICeQtUWvFG1TZAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUgNgUDJhd/ITpxzJb914/DBcWKpAwHwYDVR0jBBgwFoAUOs4QyDgpLG/HBlhb RE667coqEbkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzAx NC9PczRReURncExHX0hCbGhiUkU2Njdjb3FFYmsuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL09zNFF5RGdwTEdfSEJsaGJSRTY2N2NvcUViay5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwMTQvZ05nVURKaGRfSVRw eHpKYjkxNF9EQmNXS3BBLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAnEtZDANBgkqhkiG9w0BAQsFAAOCAQEApnE5NDFfa4SwdoEYJUoJA9Xh0Kwy PJSPE+GlOaHpDCvYEAKj0QRMdUSYSGpEDOEfnp+CZKaxU/YrPkwY2XzbU4y7cIlP c7gHij5+rMhYnBnXxFvI7/lvTL/Wukcj1EZUJ3t6Gy67yIdaBIp8pra7gi+UIb37 W9uLwo+V70EoxEGWtUmlPsLICgBdFY4SdKiucgNCYT68C7Xagx7Ne/NSS6o8PRil LpOMkWgG/nMu0KK8EhA9TF+a/HXDBvLc55zpeMfu5Lkb5MORYQmUx96DKYyu5dra tgsDao1KzcGFjH8cH5TiBB6Fd++uPw4Cp1ZUbmgHF3LH2JR58F6R5bSh0g== -----END CERTIFICATE-----Generated at Mon Oct 20 19:21:20 2025 by rpki-client