$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3014/lm9M1QUTTBC67EFYIPxWzflZCiE.roa File: lm9M1QUTTBC67EFYIPxWzflZCiE.roa (raw, json) Hash identifier: w1bGMpo//RDF07qkORSC6EoHAz/AqQSCF4xWBZ9UYi8= Subject key identifier: 96:6F:4C:D5:05:13:4C:10:BA:EC:41:58:20:FC:56:CD:F9:59:0A:21 Certificate issuer: /CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9 Certificate serial: 15C1 Authority key identifier: 3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/lm9M1QUTTBC67EFYIPxWzflZCiE.roa Signing time: Sat 13 Sep 2025 03:06:46 +0000 ROA not before: Sat 13 Sep 2025 03:06:46 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 55990 IP address blocks: 113.45.120.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 23:00:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5569 (0x15c1) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9 Validity Not Before: Sep 13 03:06:46 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=966F4CD505134C10BAEC415820FC56CDF9590A21 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:c9:bb:2b:24:7c:68:93:22:02:8a:e7:b6:61: 6e:ee:01:46:00:f0:21:cd:b7:11:b0:44:c4:c2:1d: 94:2b:10:d5:e7:41:86:fc:8c:02:68:84:97:d8:98: f9:49:b7:0c:3b:b3:28:eb:dd:87:77:53:20:81:cd: 45:7e:c0:ca:82:7a:d7:c5:b0:70:e5:cd:b2:59:1a: fc:18:0d:4d:38:8f:43:38:1a:1c:f5:cd:08:ec:20: f7:02:cd:a4:3c:9b:6f:81:84:00:05:28:9b:d0:71: 82:46:f0:48:a4:46:34:fc:10:05:cb:2f:22:80:56: f8:12:39:d7:18:a2:aa:c7:55:40:d4:9e:9b:78:8d: 47:68:6a:93:6e:51:68:c6:5b:0f:70:6f:e0:5e:c1: f3:97:8e:50:54:7d:d6:d1:c1:99:1e:8b:8f:bd:ba: 23:46:cf:6b:56:e4:d2:c0:c4:2e:6f:c4:58:e3:d1: 14:69:72:86:a3:44:00:08:2d:f3:0e:67:d7:11:48: b1:52:43:7a:1a:b5:a6:29:c9:89:2f:50:b2:af:a6: 1b:09:49:c4:19:60:4e:31:df:e3:30:9f:1f:3a:52: 2b:dd:27:39:5d:70:da:fa:c7:20:fa:96:1c:0e:73: 72:40:2a:b4:f8:7a:80:ea:f2:f3:93:d2:65:40:7b: ef:73 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 96:6F:4C:D5:05:13:4C:10:BA:EC:41:58:20:FC:56:CD:F9:59:0A:21 X509v3 Authority Key Identifier: keyid:3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/lm9M1QUTTBC67EFYIPxWzflZCiE.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 113.45.120.0/22 Signature Algorithm: sha256WithRSAEncryption 04:af:a4:83:33:0c:2f:86:b3:8e:b7:62:37:77:52:2e:28:c3: f4:0b:90:c0:b6:b3:ee:b6:d0:47:ac:60:8d:77:19:4f:7d:fd: 7c:86:e1:76:89:b2:30:b0:6a:af:bf:a9:92:e1:35:65:b2:91: 9c:d1:77:ec:35:6a:6c:cd:9f:95:4d:07:99:dc:11:f9:1b:f6: cd:f4:e9:5c:b8:1d:04:fd:92:e5:91:e3:a3:ec:da:f1:c5:3e: 98:6e:a8:98:ac:53:ae:07:c0:37:f0:2c:3f:af:4c:2a:31:d0: 3b:0d:47:49:21:41:9a:e4:41:15:50:94:ba:f9:80:e6:0b:21: b3:21:59:1f:68:6c:e5:80:4d:ff:19:be:66:0d:70:3e:8d:e1: d1:dc:1d:ec:68:3f:0b:21:40:9f:24:24:27:c2:b8:c5:63:90: fb:e1:57:17:a6:fe:a1:71:4e:e7:a3:12:59:04:70:8d:8b:6f: 90:24:ec:8a:1a:41:5e:e9:a7:70:06:51:10:c7:51:e0:da:f1: 04:5e:e1:54:91:35:f3:cc:42:25:36:24:fd:10:d8:7a:b1:1f: 6c:0c:8b:d1:62:ac:ec:aa:2c:60:8c:47:36:d7:5f:66:b4:85: 5b:c1:72:84:fa:67:79:8e:b7:de:ae:15:44:c9:58:2d:73:db: 2d:2e:a0:a3 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICFcEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0FD RTEwQzgzODI5MkM2RkM3MDY1ODVCNDQ0RUJBRURDQTJBMTFCOTAeFw0yNTA5MTMw MzA2NDZaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDk2NkY0Q0Q1MDUxMzRD MTBCQUVDNDE1ODIwRkM1NkNERjk1OTBBMjEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCvybsrJHxokyICiue2YW7uAUYA8CHNtxGwRMTCHZQrENXnQYb8 jAJohJfYmPlJtww7syjr3Yd3UyCBzUV+wMqCetfFsHDlzbJZGvwYDU04j0M4Ghz1 zQjsIPcCzaQ8m2+BhAAFKJvQcYJG8EikRjT8EAXLLyKAVvgSOdcYoqrHVUDUnpt4 jUdoapNuUWjGWw9wb+BewfOXjlBUfdbRwZkei4+9uiNGz2tW5NLAxC5vxFjj0RRp coajRAAILfMOZ9cRSLFSQ3oataYpyYkvULKvphsJScQZYE4x3+Mwnx86UivdJzld cNr6xyD6lhwOc3JAKrT4eoDq8vOT0mVAe+9zAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUlm9M1QUTTBC67EFYIPxWzflZCiEwHwYDVR0jBBgwFoAUOs4QyDgpLG/HBlhb RE667coqEbkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzAx NC9PczRReURncExHX0hCbGhiUkU2Njdjb3FFYmsuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL09zNFF5RGdwTEdfSEJsaGJSRTY2N2NvcUViay5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwMTQvbG05TTFRVVRUQkM2 N0VGWUlQeFd6ZmxaQ2lFLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAnEteDANBgkqhkiG9w0BAQsFAAOCAQEABK+kgzMML4azjrdiN3dSLijD9AuQ wLaz7rbQR6xgjXcZT339fIbhdomyMLBqr7+pkuE1ZbKRnNF37DVqbM2flU0HmdwR +Rv2zfTpXLgdBP2S5ZHjo+za8cU+mG6omKxTrgfAN/AsP69MKjHQOw1HSSFBmuRB FVCUuvmA5gshsyFZH2hs5YBN/xm+Zg1wPo3h0dwd7Gg/CyFAnyQkJ8K4xWOQ++FX F6b+oXFO56MSWQRwjYtvkCTsihpBXumncAZREMdR4NrxBF7hVJE188xCJTYk/RDY erEfbAyL0WKs7KosYIxHNtdfZrSFW8FyhPpneY633q4VRMlYLXPbLS6gow== -----END CERTIFICATE-----Generated at Mon Oct 20 19:21:18 2025 by rpki-client