$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3014/lg4sK-TacvU_lWLiqqhYHsQotZQ.roa File: lg4sK-TacvU_lWLiqqhYHsQotZQ.roa (raw, json) Hash identifier: AGC7Yx7aId2R5HQ3a7UMMRjbKY6DCYIemGFzOJ6L0Ds= Subject key identifier: 96:0E:2C:2B:E4:DA:72:F5:3F:95:62:E2:AA:A8:58:1E:C4:28:B5:94 Certificate issuer: /CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9 Certificate serial: 15A0 Authority key identifier: 3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/lg4sK-TacvU_lWLiqqhYHsQotZQ.roa Signing time: Sat 13 Sep 2025 03:06:39 +0000 ROA not before: Sat 13 Sep 2025 03:06:39 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 55990 IP address blocks: 113.47.32.0/19 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 23:00:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5536 (0x15a0) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9 Validity Not Before: Sep 13 03:06:39 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=960E2C2BE4DA72F53F9562E2AAA8581EC428B594 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:97:3c:c0:27:91:1a:a3:db:18:61:eb:4c:e8:98: 2f:b9:71:79:23:cc:ec:17:8d:5e:69:3f:f9:13:74: 47:d3:60:f0:e6:e2:8e:4f:5c:10:48:a2:2e:5c:76: cb:08:f2:58:d5:32:3c:01:ad:1e:50:70:40:55:9b: e8:13:10:9f:43:7e:e5:dc:b5:ad:7b:61:cd:89:b1: 55:a5:27:9c:79:67:6a:23:d0:81:23:39:0a:a8:cc: 4e:e1:42:9c:c7:e1:66:10:4d:d8:b0:57:3b:df:68: 28:a4:9b:d0:e7:e6:83:0e:62:9a:93:33:a0:eb:c1: c1:b9:f8:9d:51:9e:ac:21:58:7d:e8:07:ec:21:4e: a2:25:fb:74:67:d7:44:4a:83:a7:ad:a2:f7:42:ed: 49:fc:9e:18:42:2b:13:6f:2f:58:f6:13:5c:82:a5: 07:b2:92:47:4b:8a:da:3b:a6:1a:19:f7:33:3f:9c: 13:c9:99:0c:24:ea:61:4b:a8:21:04:7c:42:08:c9: b3:f7:1a:6d:c5:15:ce:f8:12:d1:a2:95:c6:3d:67: 9e:27:03:95:fa:dc:a5:36:b5:d4:d8:1f:da:92:e7: 7f:d9:af:5c:34:58:40:32:94:8f:cb:00:73:f3:47: b6:ac:eb:87:db:4f:07:33:9d:ef:7d:72:93:19:8b: a3:e5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 96:0E:2C:2B:E4:DA:72:F5:3F:95:62:E2:AA:A8:58:1E:C4:28:B5:94 X509v3 Authority Key Identifier: keyid:3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/lg4sK-TacvU_lWLiqqhYHsQotZQ.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 113.47.32.0/19 Signature Algorithm: sha256WithRSAEncryption 8e:88:a5:fb:2d:fe:18:92:41:95:d9:86:e6:9d:c0:c8:92:66: 8e:82:44:59:bc:46:46:bf:aa:ee:e9:7b:8d:69:00:a5:c6:b6: 8d:d4:61:f1:e7:d9:4e:47:c3:dc:46:72:65:8a:91:52:cd:86: 8d:e6:45:de:d5:2f:7a:0e:d3:79:19:a2:f7:56:da:d4:21:0f: 1d:c5:d9:8d:df:29:69:06:43:92:87:72:20:a6:6d:bb:85:7a: 92:e4:68:32:4d:73:77:22:37:41:84:3e:d9:d2:d4:58:71:1b: 3e:67:f6:82:0c:ea:5a:ce:70:b0:da:fb:4b:59:7d:74:05:7d: 5f:6d:ca:33:1d:64:81:85:0d:29:c3:a3:bd:69:82:8a:64:1c: 4a:87:28:bf:23:98:da:bb:b7:f5:b9:0f:e7:11:73:f1:44:9f: 51:8d:de:48:83:38:97:ce:70:8e:b1:13:ae:09:29:17:a0:92: a6:f5:16:a2:1c:de:60:c7:19:8e:a4:b4:d5:5b:7b:26:a5:a2: ac:56:e7:0d:0d:c9:a4:56:12:83:00:9b:b1:17:9c:c8:db:37: 4f:25:ad:2d:8a:49:2f:a3:d1:59:8c:f3:e0:9b:77:95:ef:f9: 8a:2d:a6:ad:d6:81:c3:58:33:e3:73:8b:83:24:09:e6:5a:77: 01:c5:22:b0 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICFaAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0FD RTEwQzgzODI5MkM2RkM3MDY1ODVCNDQ0RUJBRURDQTJBMTFCOTAeFw0yNTA5MTMw MzA2MzlaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDk2MEUyQzJCRTREQTcy RjUzRjk1NjJFMkFBQTg1ODFFQzQyOEI1OTQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCXPMAnkRqj2xhh60zomC+5cXkjzOwXjV5pP/kTdEfTYPDm4o5P XBBIoi5cdssI8ljVMjwBrR5QcEBVm+gTEJ9DfuXcta17Yc2JsVWlJ5x5Z2oj0IEj OQqozE7hQpzH4WYQTdiwVzvfaCikm9Dn5oMOYpqTM6DrwcG5+J1RnqwhWH3oB+wh TqIl+3Rn10RKg6etovdC7Un8nhhCKxNvL1j2E1yCpQeykkdLito7phoZ9zM/nBPJ mQwk6mFLqCEEfEIIybP3Gm3FFc74EtGilcY9Z54nA5X63KU2tdTYH9qS53/Zr1w0 WEAylI/LAHPzR7as64fbTwczne99cpMZi6PlAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUlg4sK+TacvU/lWLiqqhYHsQotZQwHwYDVR0jBBgwFoAUOs4QyDgpLG/HBlhb RE667coqEbkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzAx NC9PczRReURncExHX0hCbGhiUkU2Njdjb3FFYmsuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL09zNFF5RGdwTEdfSEJsaGJSRTY2N2NvcUViay5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwMTQvbGc0c0stVGFjdlVf bFdMaXFxaFlIc1FvdFpRLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEBXEvIDANBgkqhkiG9w0BAQsFAAOCAQEAjoil+y3+GJJBldmG5p3AyJJmjoJE WbxGRr+q7ul7jWkApca2jdRh8efZTkfD3EZyZYqRUs2GjeZF3tUveg7TeRmi91ba 1CEPHcXZjd8paQZDkodyIKZtu4V6kuRoMk1zdyI3QYQ+2dLUWHEbPmf2ggzqWs5w sNr7S1l9dAV9X23KMx1kgYUNKcOjvWmCimQcSocovyOY2ru39bkP5xFz8USfUY3e SIM4l85wjrETrgkpF6CSpvUWohzeYMcZjqS01Vt7JqWirFbnDQ3JpFYSgwCbsRec yNs3TyWtLYpJL6PRWYzz4Jt3le/5ii2mrdaBw1gz43OLgyQJ5lp3AcUisA== -----END CERTIFICATE-----Generated at Mon Oct 20 19:21:01 2025 by rpki-client