$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3014/jNNhDbQB7yGCZrlAArXIjeYqPho.roa File: jNNhDbQB7yGCZrlAArXIjeYqPho.roa (raw, json) Hash identifier: JeIP9TxxOPkPtr8LU4QYN8iVbRTk2kwczR4T12N98Oc= Subject key identifier: 8C:D3:61:0D:B4:01:EF:21:82:66:B9:40:02:B5:C8:8D:E6:2A:3E:1A Certificate issuer: /CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9 Certificate serial: 15B4 Authority key identifier: 3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/jNNhDbQB7yGCZrlAArXIjeYqPho.roa Signing time: Sat 13 Sep 2025 03:06:43 +0000 ROA not before: Sat 13 Sep 2025 03:06:43 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 55990 IP address blocks: 113.47.252.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 23:00:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5556 (0x15b4) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9 Validity Not Before: Sep 13 03:06:43 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=8CD3610DB401EF218266B94002B5C88DE62A3E1A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a1:bb:49:67:8d:4c:39:f7:7a:79:6c:a8:2d:76: 30:ea:af:83:f8:d2:b6:95:a7:b1:c6:8d:2c:64:0d: ee:10:d2:c8:84:d9:a2:da:cf:38:f4:a1:12:35:58: e2:69:ac:b2:b7:1f:13:fa:b7:3e:ea:f5:b7:a5:b0: 0a:e1:53:ba:a2:37:07:94:f0:38:50:f4:f2:dd:3f: a6:a4:27:fe:53:d6:ae:3a:52:d2:f7:fc:b8:81:68: 56:b1:4f:28:d8:8f:94:be:0c:27:39:b5:41:79:0a: 05:bd:e1:89:a4:0c:a5:62:42:1a:ac:4a:fc:57:09: b0:dd:5a:1b:1c:81:b1:46:5b:f8:c5:e1:e2:7c:33: 96:e2:87:1e:6c:44:75:03:f0:5a:76:ee:86:be:14: 0a:ce:01:06:7b:4c:da:a8:7e:c9:62:15:07:37:25: 2b:07:74:f9:e1:0f:06:b1:d1:db:3d:67:3d:91:b1: 81:12:ac:b6:db:a9:72:10:c8:dd:0d:1a:43:de:ff: 1b:f7:ef:9f:20:92:93:a5:7b:4b:06:14:e9:23:c4: 55:2b:0e:7e:a8:ad:bf:ec:bb:97:71:e6:a5:6e:33: 9f:d1:56:de:15:81:10:85:47:f4:67:9f:7e:db:fb: 6f:f2:51:06:8c:1c:f2:96:2c:86:d0:25:ec:81:c1: 64:35 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8C:D3:61:0D:B4:01:EF:21:82:66:B9:40:02:B5:C8:8D:E6:2A:3E:1A X509v3 Authority Key Identifier: keyid:3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/jNNhDbQB7yGCZrlAArXIjeYqPho.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 113.47.252.0/23 Signature Algorithm: sha256WithRSAEncryption af:e9:8c:eb:e4:95:e9:f9:48:c8:4b:77:10:d5:4d:db:1c:0b: d5:1c:ff:3c:98:e9:da:11:e7:23:20:a2:93:8d:34:02:89:f2: fe:de:b8:59:c9:bb:b8:f1:44:93:5a:32:7d:d1:ee:41:7b:ba: 30:f9:54:38:12:de:94:3d:4b:90:fa:bb:69:72:10:f2:ab:f4: 00:d3:7b:32:5f:1f:3d:23:75:0d:06:d8:19:33:aa:19:06:52: a4:c3:2a:e5:d7:f3:2e:ae:a2:fe:78:85:a9:4e:84:0a:bb:98: 4e:fe:c8:61:20:8d:9d:78:4f:05:f9:59:e6:5b:fe:fa:59:eb: 29:74:83:ab:48:cd:1c:f7:98:10:f1:cd:0a:f7:ed:10:48:26: 90:08:22:28:4e:e4:ee:e8:72:a0:be:c7:b9:97:d3:39:99:b0: 13:5f:af:12:d2:69:0c:88:70:0d:61:ea:65:34:c2:ef:4c:1a: 05:be:e3:31:a9:2c:e2:43:9a:a0:46:c6:05:11:fd:7e:36:cd: ed:5c:b4:07:e5:d6:c6:75:98:e6:e9:3b:91:6b:cf:97:12:00: e7:b0:80:3d:4d:c0:5b:a3:ed:74:1f:27:c0:1f:38:fc:d8:6c: b8:bc:72:81:d5:e2:92:d7:63:57:05:dd:66:92:12:62:3b:08: 8a:fc:78:24 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICFbQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0FD RTEwQzgzODI5MkM2RkM3MDY1ODVCNDQ0RUJBRURDQTJBMTFCOTAeFw0yNTA5MTMw MzA2NDNaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDhDRDM2MTBEQjQwMUVG MjE4MjY2Qjk0MDAyQjVDODhERTYyQTNFMUEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQChu0lnjUw593p5bKgtdjDqr4P40raVp7HGjSxkDe4Q0siE2aLa zzj0oRI1WOJprLK3HxP6tz7q9belsArhU7qiNweU8DhQ9PLdP6akJ/5T1q46UtL3 /LiBaFaxTyjYj5S+DCc5tUF5CgW94YmkDKViQhqsSvxXCbDdWhscgbFGW/jF4eJ8 M5bihx5sRHUD8Fp27oa+FArOAQZ7TNqofsliFQc3JSsHdPnhDwax0ds9Zz2RsYES rLbbqXIQyN0NGkPe/xv3758gkpOle0sGFOkjxFUrDn6orb/su5dx5qVuM5/RVt4V gRCFR/Rnn37b+2/yUQaMHPKWLIbQJeyBwWQ1AgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUjNNhDbQB7yGCZrlAArXIjeYqPhowHwYDVR0jBBgwFoAUOs4QyDgpLG/HBlhb RE667coqEbkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzAx NC9PczRReURncExHX0hCbGhiUkU2Njdjb3FFYmsuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL09zNFF5RGdwTEdfSEJsaGJSRTY2N2NvcUViay5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwMTQvak5OaERiUUI3eUdD WnJsQUFyWElqZVlxUGhvLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAXEv/DANBgkqhkiG9w0BAQsFAAOCAQEAr+mM6+SV6flIyEt3ENVN2xwL1Rz/ PJjp2hHnIyCik400Aony/t64Wcm7uPFEk1oyfdHuQXu6MPlUOBLelD1LkPq7aXIQ 8qv0ANN7Ml8fPSN1DQbYGTOqGQZSpMMq5dfzLq6i/niFqU6ECruYTv7IYSCNnXhP BflZ5lv++lnrKXSDq0jNHPeYEPHNCvftEEgmkAgiKE7k7uhyoL7HuZfTOZmwE1+v EtJpDIhwDWHqZTTC70waBb7jMaks4kOaoEbGBRH9fjbN7Vy0B+XWxnWY5uk7kWvP lxIA57CAPU3AW6PtdB8nwB84/NhsuLxygdXiktdjVwXdZpISYjsIivx4JA== -----END CERTIFICATE-----Generated at Mon Oct 20 19:21:07 2025 by rpki-client