$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3014/rHD_Aafbbs2WZ-JaxBuVobob614.roa File: rHD_Aafbbs2WZ-JaxBuVobob614.roa (raw, json) Hash identifier: u4YrMWBHAKtsXJ5lDMEjDcDFdue0HGTrGEbkz7mXa/I= Subject key identifier: AC:70:FF:01:A7:DB:6E:CD:96:67:E2:5A:C4:1B:95:A1:BA:1B:EB:5E Certificate issuer: /CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9 Certificate serial: 1607 Authority key identifier: 3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/rHD_Aafbbs2WZ-JaxBuVobob614.roa Signing time: Mon 22 Sep 2025 09:57:14 +0000 ROA not before: Mon 22 Sep 2025 09:57:14 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 55990 IP address blocks: 115.175.240.0/20 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 23:00:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5639 (0x1607) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9 Validity Not Before: Sep 22 09:57:14 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=AC70FF01A7DB6ECD9667E25AC41B95A1BA1BEB5E Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:cc:04:ce:32:ee:4d:29:8e:99:82:e1:2c:15: 5e:8c:ab:4f:cd:69:40:5a:94:79:f9:4c:ec:ba:b0: 0e:24:2d:96:a4:33:ef:4a:5f:24:07:40:c1:3b:87: be:fe:13:ab:64:93:6c:f4:ae:56:4d:77:bc:fa:e0: 30:37:ae:92:c9:cc:f5:fa:f3:a3:b2:01:22:ca:27: 37:5b:d8:d6:53:e5:2e:cb:ab:ed:33:4a:64:44:1c: cd:d2:cb:3b:1b:90:36:90:3e:11:32:8a:06:fc:3e: 80:99:31:af:7e:5e:f2:a4:a9:b9:a3:0e:5e:bc:58: 8e:f8:a6:01:3b:35:10:0f:33:4c:57:d0:8f:46:f7: cf:35:47:60:ef:58:99:61:85:27:2c:3a:03:c2:b7: 0d:f1:d1:cc:df:99:fa:cb:15:35:56:63:01:4c:ee: b6:43:83:73:c4:14:03:6e:3b:16:b5:0a:65:cc:94: 7b:67:f4:f4:90:59:ed:e3:0a:c5:36:67:11:84:c2: c0:3e:87:b6:51:c1:08:3a:b3:a1:6f:5b:6b:1a:f3: 22:f0:a3:74:cc:26:fe:ed:ad:43:dc:22:5b:cf:91: 64:f0:81:1e:d9:70:f2:f4:b8:cf:ea:d3:4c:46:5b: 5d:30:0e:fe:71:8c:1a:44:92:05:fc:63:17:8c:bc: 66:97 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AC:70:FF:01:A7:DB:6E:CD:96:67:E2:5A:C4:1B:95:A1:BA:1B:EB:5E X509v3 Authority Key Identifier: keyid:3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/rHD_Aafbbs2WZ-JaxBuVobob614.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 115.175.240.0/20 Signature Algorithm: sha256WithRSAEncryption 00:a9:64:24:55:94:8b:9b:8a:ef:01:77:45:82:a3:ec:1a:d2: 6d:99:9e:3c:b3:a2:82:4c:0a:14:49:bc:8b:53:1d:9d:ab:ab: f4:a3:9c:13:4e:81:8f:b3:4f:7f:69:31:b6:ab:eb:30:32:71: 19:6c:fc:f4:32:54:c1:ff:1a:65:06:1f:b0:e4:65:23:4c:b1: 1d:ae:13:5b:8e:c8:be:f6:05:1f:dd:d1:4e:81:a0:77:ef:37: 0e:e7:33:c6:20:ab:72:9b:98:3f:dc:a2:37:df:51:5c:4a:38: 14:c9:a8:d9:f3:6f:5f:4b:5d:6e:6f:4f:8d:f2:ac:23:63:4f: 31:a3:24:59:78:da:7b:ec:0d:be:24:39:f9:0c:27:72:d4:3e: d1:bc:f9:45:d8:05:86:e3:45:55:34:a2:19:9b:5b:02:11:fb: c3:2c:b3:fb:b5:1b:3f:7a:f4:03:38:5f:88:d0:c7:b7:41:89: e3:dc:15:c3:7b:21:cc:cf:40:30:0c:5d:1b:f4:10:ec:20:c5: 08:4b:ba:4b:a9:dc:b7:fe:cd:e9:89:e7:e0:8c:fc:4c:78:f9: 56:9c:46:5d:84:89:af:b0:96:03:f9:1d:fe:3a:e3:aa:79:14: 6f:f6:ad:bf:df:79:b7:cb:26:4e:25:34:64:60:17:f4:0c:dd: bb:b2:f9:ad -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICFgcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0FD RTEwQzgzODI5MkM2RkM3MDY1ODVCNDQ0RUJBRURDQTJBMTFCOTAeFw0yNTA5MjIw OTU3MTRaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKEFDNzBGRjAxQTdEQjZF Q0Q5NjY3RTI1QUM0MUI5NUExQkExQkVCNUUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDGzATOMu5NKY6ZguEsFV6Mq0/NaUBalHn5TOy6sA4kLZakM+9K XyQHQME7h77+E6tkk2z0rlZNd7z64DA3rpLJzPX686OyASLKJzdb2NZT5S7Lq+0z SmREHM3SyzsbkDaQPhEyigb8PoCZMa9+XvKkqbmjDl68WI74pgE7NRAPM0xX0I9G 9881R2DvWJlhhScsOgPCtw3x0czfmfrLFTVWYwFM7rZDg3PEFANuOxa1CmXMlHtn 9PSQWe3jCsU2ZxGEwsA+h7ZRwQg6s6FvW2sa8yLwo3TMJv7trUPcIlvPkWTwgR7Z cPL0uM/q00xGW10wDv5xjBpEkgX8YxeMvGaXAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUrHD/Aafbbs2WZ+JaxBuVobob614wHwYDVR0jBBgwFoAUOs4QyDgpLG/HBlhb RE667coqEbkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzAx NC9PczRReURncExHX0hCbGhiUkU2Njdjb3FFYmsuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL09zNFF5RGdwTEdfSEJsaGJSRTY2N2NvcUViay5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwMTQvckhEX0FhZmJiczJX Wi1KYXhCdVZvYm9iNjE0LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEBHOv8DANBgkqhkiG9w0BAQsFAAOCAQEAAKlkJFWUi5uK7wF3RYKj7BrSbZme PLOigkwKFEm8i1Mdnaur9KOcE06Bj7NPf2kxtqvrMDJxGWz89DJUwf8aZQYfsORl I0yxHa4TW47IvvYFH93RToGgd+83DuczxiCrcpuYP9yiN99RXEo4FMmo2fNvX0td bm9PjfKsI2NPMaMkWXjae+wNviQ5+QwnctQ+0bz5RdgFhuNFVTSiGZtbAhH7wyyz +7UbP3r0AzhfiNDHt0GJ49wVw3shzM9AMAxdG/QQ7CDFCEu6S6nct/7N6Ynn4Iz8 THj5VpxGXYSJr7CWA/kd/jrjqnkUb/atv995t8smTiU0ZGAX9Azdu7L5rQ== -----END CERTIFICATE-----Generated at Mon Oct 20 19:21:06 2025 by rpki-client