$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3014/iZr5ZOA-BgNsJhT8v4jtItC_jsQ.roa File: iZr5ZOA-BgNsJhT8v4jtItC_jsQ.roa (raw, json) Hash identifier: hVikeb1+4SeG9Hlzcafy+JpC7arA6p424by15gRoCcg= Subject key identifier: 89:9A:F9:64:E0:3E:06:03:6C:26:14:FC:BF:88:ED:22:D0:BF:8E:C4 Certificate issuer: /CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9 Certificate serial: 15D3 Authority key identifier: 3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/iZr5ZOA-BgNsJhT8v4jtItC_jsQ.roa Signing time: Sat 13 Sep 2025 03:06:50 +0000 ROA not before: Sat 13 Sep 2025 03:06:50 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 55990 IP address blocks: 113.46.88.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 23:00:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5587 (0x15d3) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9 Validity Not Before: Sep 13 03:06:50 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=899AF964E03E06036C2614FCBF88ED22D0BF8EC4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:c2:b0:2a:3e:99:34:44:c6:67:db:20:72:4f: e3:5c:8b:60:08:da:80:b6:4a:9d:15:5c:83:98:5c: 1f:5f:1f:a1:3b:da:0c:a2:e1:b0:de:b5:50:40:08: 55:db:0c:34:c9:a9:b9:e5:33:20:2b:a4:58:c5:72: 01:a6:1b:47:12:5f:af:3f:0e:46:af:66:61:fa:4c: 0d:f6:d9:a0:8e:55:88:ba:09:47:55:7e:7f:66:94: 29:97:69:45:92:cf:3f:ea:4c:89:03:1b:cb:95:76: d4:c3:42:f3:d5:2d:b9:52:3e:80:a5:88:ec:77:fc: e6:03:bd:db:ff:f1:ed:5e:84:d9:b3:55:f1:8d:fb: 7d:b9:c4:5c:dc:92:c5:c8:0e:00:8e:0a:1b:ab:98: 4a:99:b4:a0:ff:69:a1:f4:3e:38:2d:76:7e:14:13: b8:b7:cb:0a:ac:e0:c4:75:a8:21:b0:a3:b4:e4:8f: bd:79:2c:c3:79:79:e2:2d:3a:47:77:f3:c1:f8:87: 7a:28:4b:c1:92:d0:ba:bc:4c:79:b5:df:bb:2c:f6: 47:3d:7a:53:33:da:98:63:cd:74:42:e6:0a:2b:bb: 5e:4c:ee:3c:a4:b4:fe:22:92:95:66:db:3d:d7:77: 22:86:a4:ea:ae:fe:91:2e:51:3e:24:89:88:ae:2f: f5:2f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 89:9A:F9:64:E0:3E:06:03:6C:26:14:FC:BF:88:ED:22:D0:BF:8E:C4 X509v3 Authority Key Identifier: keyid:3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/iZr5ZOA-BgNsJhT8v4jtItC_jsQ.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 113.46.88.0/22 Signature Algorithm: sha256WithRSAEncryption 51:2f:5e:8f:1f:f6:d1:f1:e3:b8:9f:b8:6a:2d:54:83:17:5e: fb:02:b3:ed:28:20:6c:c4:a6:e6:5b:22:d6:0d:e6:da:79:d0: 22:e2:19:55:c8:e0:20:21:7c:69:d2:ef:f3:b5:6c:f6:e2:9c: e2:4e:7a:17:96:3e:b7:8d:b9:3d:03:01:4b:5d:51:37:86:4e: fc:f1:0c:81:e5:c0:85:c7:0b:5c:31:c5:a1:52:08:1c:a9:a2: eb:7d:41:11:26:0a:e0:ef:0d:04:e3:86:65:f8:f4:ff:cd:30: fc:30:ec:0e:60:1e:73:92:e1:8d:16:9c:cd:27:db:84:d1:25: 9a:aa:f9:6c:ba:30:e5:6a:83:1a:5b:37:f7:2e:04:63:08:9b: c1:46:56:b4:ce:96:6b:98:24:f4:9d:61:d0:dc:6b:ca:e3:0e: 13:ac:5c:b1:97:c5:8d:dd:cc:35:0f:62:d3:78:19:cd:34:a8: 82:15:df:22:45:1b:b1:08:32:a9:6f:8c:90:d6:77:95:30:7f: cd:c5:4e:fa:0d:40:d8:d1:3f:ab:83:5a:e8:a9:ac:4d:17:12: 60:9c:ae:0e:7d:6d:a6:2a:8e:99:d8:90:44:d4:81:57:a9:82: ed:23:8e:ce:cc:56:ef:57:e6:53:b6:80:57:15:f0:d6:36:dd: 88:b2:77:06 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICFdMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0FD RTEwQzgzODI5MkM2RkM3MDY1ODVCNDQ0RUJBRURDQTJBMTFCOTAeFw0yNTA5MTMw MzA2NTBaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDg5OUFGOTY0RTAzRTA2 MDM2QzI2MTRGQ0JGODhFRDIyRDBCRjhFQzQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCxwrAqPpk0RMZn2yByT+Nci2AI2oC2Sp0VXIOYXB9fH6E72gyi 4bDetVBACFXbDDTJqbnlMyArpFjFcgGmG0cSX68/DkavZmH6TA322aCOVYi6CUdV fn9mlCmXaUWSzz/qTIkDG8uVdtTDQvPVLblSPoCliOx3/OYDvdv/8e1ehNmzVfGN +325xFzcksXIDgCOChurmEqZtKD/aaH0Pjgtdn4UE7i3ywqs4MR1qCGwo7Tkj715 LMN5eeItOkd388H4h3ooS8GS0Lq8THm137ss9kc9elMz2phjzXRC5goru15M7jyk tP4ikpVm2z3XdyKGpOqu/pEuUT4kiYiuL/UvAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUiZr5ZOA+BgNsJhT8v4jtItC/jsQwHwYDVR0jBBgwFoAUOs4QyDgpLG/HBlhb RE667coqEbkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzAx NC9PczRReURncExHX0hCbGhiUkU2Njdjb3FFYmsuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL09zNFF5RGdwTEdfSEJsaGJSRTY2N2NvcUViay5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwMTQvaVpyNVpPQS1CZ05z SmhUOHY0anRJdENfanNRLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAnEuWDANBgkqhkiG9w0BAQsFAAOCAQEAUS9ejx/20fHjuJ+4ai1Ugxde+wKz 7SggbMSm5lsi1g3m2nnQIuIZVcjgICF8adLv87Vs9uKc4k56F5Y+t425PQMBS11R N4ZO/PEMgeXAhccLXDHFoVIIHKmi631BESYK4O8NBOOGZfj0/80w/DDsDmAec5Lh jRaczSfbhNElmqr5bLow5WqDGls39y4EYwibwUZWtM6Wa5gk9J1h0NxryuMOE6xc sZfFjd3MNQ9i03gZzTSoghXfIkUbsQgyqW+MkNZ3lTB/zcVO+g1A2NE/q4Na6Kms TRcSYJyuDn1tpiqOmdiQRNSBV6mC7SOOzsxW71fmU7aAVxXw1jbdiLJ3Bg== -----END CERTIFICATE-----Generated at Mon Oct 20 19:21:03 2025 by rpki-client