$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3014/qdSyl0n1jx5lAfMcYldIOSDnY6Y.roa File: qdSyl0n1jx5lAfMcYldIOSDnY6Y.roa (raw, json) Hash identifier: 06HzdTkOKD3WzHqmiABYAESvB5dQdGp239GfC35vcH4= Subject key identifier: A9:D4:B2:97:49:F5:8F:1E:65:01:F3:1C:62:57:48:39:20:E7:63:A6 Certificate issuer: /CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9 Certificate serial: 15C0 Authority key identifier: 3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/qdSyl0n1jx5lAfMcYldIOSDnY6Y.roa Signing time: Sat 13 Sep 2025 03:06:45 +0000 ROA not before: Sat 13 Sep 2025 03:06:45 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 55990 IP address blocks: 115.175.96.0/19 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 23:00:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5568 (0x15c0) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9 Validity Not Before: Sep 13 03:06:45 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=A9D4B29749F58F1E6501F31C6257483920E763A6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e0:e2:65:46:c7:52:f5:90:8a:c4:c6:41:ba:83: 4f:b5:33:0c:2b:17:4c:8d:6c:22:58:ce:0f:e5:f6: a0:a6:e2:e0:80:e0:0d:26:30:e8:17:d2:43:7b:a7: 12:6d:89:01:37:74:a3:55:d2:a9:3c:fa:07:e5:14: ea:5b:f0:de:0d:76:fa:e4:2f:70:23:5c:0a:9e:d4: 10:5d:7f:8c:70:ba:27:32:6b:0b:54:4b:5d:f4:36: c8:c4:bd:0f:be:eb:4d:c3:78:9b:29:96:95:2b:da: ac:62:74:04:4f:3f:a1:ff:be:43:00:fe:f3:48:df: bf:48:f1:3d:7b:d9:ed:38:2c:2b:dc:72:67:06:f5: 09:4a:eb:7f:f2:8a:d1:2d:de:b9:35:48:ed:25:de: 46:7b:64:b2:1d:d2:da:6b:b8:29:f6:f1:1c:99:8b: f0:4c:20:dc:55:cc:5c:2c:9e:cb:b2:ee:5c:ef:71: 7b:c2:1a:ef:52:9a:a4:d1:25:65:4b:3a:5d:de:b4: 0c:b3:41:ce:0e:bc:ca:f0:0a:29:9f:d1:db:32:e4: 61:49:04:a6:cb:55:29:48:8c:1b:69:1f:fa:32:77: 8b:8f:c8:08:96:d0:ac:76:5b:dc:e7:11:31:7d:fe: a0:8c:d9:05:43:1a:37:a3:01:f4:cc:92:fd:b0:71: a2:67 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A9:D4:B2:97:49:F5:8F:1E:65:01:F3:1C:62:57:48:39:20:E7:63:A6 X509v3 Authority Key Identifier: keyid:3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/qdSyl0n1jx5lAfMcYldIOSDnY6Y.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 115.175.96.0/19 Signature Algorithm: sha256WithRSAEncryption 34:ac:bd:b5:0a:6b:05:6a:2d:b0:e8:14:99:cb:6d:01:27:dd: 96:6b:84:5e:1f:c0:df:52:e6:54:f4:e6:01:2b:0c:47:c6:35: b3:0f:c5:47:97:63:57:4b:9d:83:07:f9:85:5f:85:75:03:ca: 42:5e:39:c3:fe:2c:be:de:c0:bf:39:f9:8f:24:fd:13:7a:16: f6:1c:15:4f:b1:31:b4:97:79:56:4d:ff:f9:62:94:19:59:52: 56:0b:a8:d4:5e:c1:87:d9:a0:fd:38:af:3f:3e:6b:ec:70:e3: c7:6c:47:fc:3e:bf:7c:e2:7a:5b:09:8d:3f:2c:ef:91:10:c4: ca:ee:75:7f:3b:bf:89:01:96:bb:b2:64:7a:29:6a:10:27:09: b6:fa:8b:e6:5a:cf:18:08:f2:70:5f:c7:93:e5:55:20:af:da: 8c:fc:66:f8:11:cf:87:5b:82:2e:a8:c1:bf:79:b7:4d:b1:04: c0:e5:2d:be:66:be:47:3b:94:d6:b3:ef:e7:70:88:a0:c4:1c: 40:33:c5:2f:b2:3b:8d:4d:f6:cd:34:09:e5:a5:15:18:40:b5: b9:6d:c4:e6:67:cb:c9:32:15:25:a7:5a:da:a9:d3:6c:cb:71: b3:4f:15:1b:54:81:af:0f:42:cc:27:af:e9:8d:74:b5:70:78: e0:a3:f2:7d -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICFcAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0FD RTEwQzgzODI5MkM2RkM3MDY1ODVCNDQ0RUJBRURDQTJBMTFCOTAeFw0yNTA5MTMw MzA2NDVaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKEE5RDRCMjk3NDlGNThG MUU2NTAxRjMxQzYyNTc0ODM5MjBFNzYzQTYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDg4mVGx1L1kIrExkG6g0+1MwwrF0yNbCJYzg/l9qCm4uCA4A0m MOgX0kN7pxJtiQE3dKNV0qk8+gflFOpb8N4NdvrkL3AjXAqe1BBdf4xwuicyawtU S130NsjEvQ++603DeJsplpUr2qxidARPP6H/vkMA/vNI379I8T172e04LCvccmcG 9QlK63/yitEt3rk1SO0l3kZ7ZLId0tpruCn28RyZi/BMINxVzFwsnsuy7lzvcXvC Gu9SmqTRJWVLOl3etAyzQc4OvMrwCimf0dsy5GFJBKbLVSlIjBtpH/oyd4uPyAiW 0Kx2W9znETF9/qCM2QVDGjejAfTMkv2wcaJnAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUqdSyl0n1jx5lAfMcYldIOSDnY6YwHwYDVR0jBBgwFoAUOs4QyDgpLG/HBlhb RE667coqEbkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzAx NC9PczRReURncExHX0hCbGhiUkU2Njdjb3FFYmsuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL09zNFF5RGdwTEdfSEJsaGJSRTY2N2NvcUViay5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwMTQvcWRTeWwwbjFqeDVs QWZNY1lsZElPU0RuWTZZLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEBXOvYDANBgkqhkiG9w0BAQsFAAOCAQEANKy9tQprBWotsOgUmcttASfdlmuE Xh/A31LmVPTmASsMR8Y1sw/FR5djV0udgwf5hV+FdQPKQl45w/4svt7Avzn5jyT9 E3oW9hwVT7ExtJd5Vk3/+WKUGVlSVguo1F7Bh9mg/TivPz5r7HDjx2xH/D6/fOJ6 WwmNPyzvkRDEyu51fzu/iQGWu7JkeilqECcJtvqL5lrPGAjycF/Hk+VVIK/ajPxm +BHPh1uCLqjBv3m3TbEEwOUtvma+RzuU1rPv53CIoMQcQDPFL7I7jU32zTQJ5aUV GEC1uW3E5mfLyTIVJada2qnTbMtxs08VG1SBrw9CzCev6Y10tXB44KPyfQ== -----END CERTIFICATE-----Generated at Mon Oct 20 19:20:59 2025 by rpki-client