$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3014/pDWn_NToFuIjLqnz3FYWLUBhZk4.roa File: pDWn_NToFuIjLqnz3FYWLUBhZk4.roa (raw, json) Hash identifier: 6h9OT+UsLzTdeYtW55FEvvzVBo8GJL0lcxlTvt77ot0= Subject key identifier: A4:35:A7:FC:D4:E8:16:E2:23:2E:A9:F3:DC:56:16:2D:40:61:66:4E Certificate issuer: /CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9 Certificate serial: 15D5 Authority key identifier: 3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/pDWn_NToFuIjLqnz3FYWLUBhZk4.roa Signing time: Sat 13 Sep 2025 03:06:50 +0000 ROA not before: Sat 13 Sep 2025 03:06:50 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 55990 IP address blocks: 113.45.96.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 23:00:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5589 (0x15d5) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9 Validity Not Before: Sep 13 03:06:50 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=A435A7FCD4E816E2232EA9F3DC56162D4061664E Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:ba:e3:ef:1b:ae:70:89:65:11:ae:7e:d5:81: 78:c3:8b:f7:30:ab:d8:db:a3:cb:57:8a:e7:50:c0: 1f:b6:86:7e:ee:0f:f4:c0:18:0f:ec:18:53:08:ce: 0c:04:ea:4e:62:35:77:b9:ed:a1:03:de:7c:02:8a: dd:c2:fc:53:0d:69:d1:1d:51:09:ee:a9:8d:c5:04: b0:6b:80:85:f5:2c:b0:96:da:35:0c:d4:9a:e1:5c: f4:66:5a:8c:a9:f0:22:8a:a3:e2:7f:eb:55:1d:f8: 85:71:f1:44:0b:14:38:59:08:6a:9e:d0:c6:ae:8e: 2c:b6:50:9e:71:93:e0:58:8b:c8:a9:98:ee:98:53: db:ab:c3:e5:af:9c:9d:0c:e5:6c:34:df:87:65:f5: de:a9:dc:43:09:59:7e:d4:13:01:b3:8c:27:d5:9e: ed:02:d8:d9:09:e7:9c:cd:0b:9b:9d:b3:e9:01:c4: 63:17:d5:55:20:1b:d6:a1:6a:4b:2e:bf:18:39:f0: 3a:2a:37:98:89:57:96:9d:1c:c0:d7:03:e8:4b:2f: ba:57:cf:99:3b:70:e5:25:e9:70:63:d6:72:e1:d9: 87:b1:39:d9:e4:9c:cc:1a:a7:03:aa:2a:39:8e:af: a4:47:00:01:3c:e5:34:2b:51:b3:1d:da:4b:5e:8f: e9:eb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A4:35:A7:FC:D4:E8:16:E2:23:2E:A9:F3:DC:56:16:2D:40:61:66:4E X509v3 Authority Key Identifier: keyid:3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/pDWn_NToFuIjLqnz3FYWLUBhZk4.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 113.45.96.0/23 Signature Algorithm: sha256WithRSAEncryption a1:61:e0:70:1b:c2:89:43:0d:31:55:bd:5f:10:6d:84:d7:22: c3:00:68:1e:30:41:37:5a:7c:4c:01:21:da:7c:f8:4b:d5:38: 6f:a9:9f:80:af:9b:4c:36:a5:39:7c:bb:0c:b1:6c:83:7b:a4: 7e:c8:14:59:76:fd:29:fc:9f:e8:3a:ba:2a:ce:23:88:d4:ad: 1f:94:f5:fb:55:2c:0f:c8:56:cf:b9:4e:ca:5f:23:c6:84:9d: f4:b7:f7:84:4f:7f:d0:fe:6f:a0:b8:5a:f5:43:c7:d3:92:a6: 5a:89:00:8d:80:5d:4f:4b:99:c8:bb:1c:5c:ed:1e:e4:ae:50: a9:e2:c9:48:4c:7c:de:6e:e9:8e:2c:5a:9b:a2:9b:41:46:a5: c4:a0:7e:ae:1d:42:cd:3f:1d:a8:a0:53:67:f8:07:53:ff:38: bf:3c:47:01:d5:fa:36:06:56:ed:f3:32:b9:fe:3b:39:26:f9: 4f:e8:e8:94:5f:ac:10:0c:64:6f:4b:c2:d7:c9:d2:c0:81:e8: 2f:af:1a:ae:9c:4e:7e:2e:76:20:ba:ed:6e:ed:9e:00:cf:8b: ad:29:47:26:33:f4:70:fb:bd:dc:30:a4:bb:a2:72:dd:91:76: a7:bb:21:03:03:46:6a:39:ce:cd:51:39:2e:be:f4:c1:75:77: 2d:7f:45:01 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICFdUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0FD RTEwQzgzODI5MkM2RkM3MDY1ODVCNDQ0RUJBRURDQTJBMTFCOTAeFw0yNTA5MTMw MzA2NTBaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKEE0MzVBN0ZDRDRFODE2 RTIyMzJFQTlGM0RDNTYxNjJENDA2MTY2NEUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC8uuPvG65wiWURrn7VgXjDi/cwq9jbo8tXiudQwB+2hn7uD/TA GA/sGFMIzgwE6k5iNXe57aED3nwCit3C/FMNadEdUQnuqY3FBLBrgIX1LLCW2jUM 1JrhXPRmWoyp8CKKo+J/61Ud+IVx8UQLFDhZCGqe0Maujiy2UJ5xk+BYi8ipmO6Y U9urw+WvnJ0M5Ww034dl9d6p3EMJWX7UEwGzjCfVnu0C2NkJ55zNC5uds+kBxGMX 1VUgG9ahaksuvxg58DoqN5iJV5adHMDXA+hLL7pXz5k7cOUl6XBj1nLh2YexOdnk nMwapwOqKjmOr6RHAAE85TQrUbMd2ktej+nrAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUpDWn/NToFuIjLqnz3FYWLUBhZk4wHwYDVR0jBBgwFoAUOs4QyDgpLG/HBlhb RE667coqEbkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzAx NC9PczRReURncExHX0hCbGhiUkU2Njdjb3FFYmsuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL09zNFF5RGdwTEdfSEJsaGJSRTY2N2NvcUViay5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwMTQvcERXbl9OVG9GdUlq THFuejNGWVdMVUJoWms0LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAXEtYDANBgkqhkiG9w0BAQsFAAOCAQEAoWHgcBvCiUMNMVW9XxBthNciwwBo HjBBN1p8TAEh2nz4S9U4b6mfgK+bTDalOXy7DLFsg3ukfsgUWXb9Kfyf6Dq6Ks4j iNStH5T1+1UsD8hWz7lOyl8jxoSd9Lf3hE9/0P5voLha9UPH05KmWokAjYBdT0uZ yLscXO0e5K5QqeLJSEx83m7pjixam6KbQUalxKB+rh1CzT8dqKBTZ/gHU/84vzxH AdX6NgZW7fMyuf47OSb5T+jolF+sEAxkb0vC18nSwIHoL68arpxOfi52ILrtbu2e AM+LrSlHJjP0cPu93DCku6Jy3ZF2p7shAwNGajnOzVE5Lr70wXV3LX9FAQ== -----END CERTIFICATE-----Generated at Mon Oct 20 19:21:18 2025 by rpki-client