$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3014/sHzuf16PkfKQ4eMDaV7ds75s_qk.roa File: sHzuf16PkfKQ4eMDaV7ds75s_qk.roa (raw, json) Hash identifier: WqdO0Q6cFdKJdeimFdzrQK0n5bbDmEQWS+PBSlBkHs8= Subject key identifier: B0:7C:EE:7F:5E:8F:91:F2:90:E1:E3:03:69:5E:DD:B3:BE:6C:FE:A9 Certificate issuer: /CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9 Certificate serial: 15AF Authority key identifier: 3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/sHzuf16PkfKQ4eMDaV7ds75s_qk.roa Signing time: Sat 13 Sep 2025 03:06:42 +0000 ROA not before: Sat 13 Sep 2025 03:06:42 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 55990 IP address blocks: 113.47.224.0/23 maxlen: 23 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 23:00:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5551 (0x15af) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9 Validity Not Before: Sep 13 03:06:42 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=B07CEE7F5E8F91F290E1E303695EDDB3BE6CFEA9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:f0:b7:a1:7b:72:70:4a:e6:23:c1:29:d8:0e: 00:4c:26:67:1b:a1:8b:25:bb:00:86:3e:26:c1:b4: 67:95:ef:f0:bd:9a:96:7a:f2:aa:fb:eb:57:2b:fc: 7b:36:d1:9f:13:e8:db:f0:94:97:d0:bb:a9:13:86: 74:53:74:eb:5f:ad:48:58:80:27:05:dd:c2:ac:d9: 7b:45:b4:eb:17:39:0a:8d:19:eb:51:a2:dc:9d:12: 24:c6:09:0f:56:2a:87:db:57:1c:be:d8:9d:3f:b3: 43:11:ac:f4:da:d8:5b:65:34:3d:c4:36:7b:62:cf: 13:12:f0:c5:ca:66:ad:20:23:fe:a1:97:f1:da:4e: 8d:df:5c:58:63:78:c5:2b:6b:2d:50:8e:d7:ce:c9: b6:d8:ac:05:e3:23:e4:28:73:3a:0c:09:de:7b:40: 09:32:e1:37:56:ef:df:af:5b:d1:02:6c:d1:ab:03: 83:73:97:c3:41:40:4c:7d:5b:10:86:1b:e6:7e:f9: 22:62:63:8b:06:30:a4:53:c4:63:17:80:4a:58:f0: 09:51:f2:0c:76:61:15:f5:bd:69:93:14:9b:49:68: d5:2a:9e:4d:15:9c:92:d3:15:a6:05:95:cf:f4:af: f1:e0:e0:92:69:79:be:ff:a9:8f:c7:fe:df:5b:41: c3:c7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B0:7C:EE:7F:5E:8F:91:F2:90:E1:E3:03:69:5E:DD:B3:BE:6C:FE:A9 X509v3 Authority Key Identifier: keyid:3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/sHzuf16PkfKQ4eMDaV7ds75s_qk.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 113.47.224.0/23 Signature Algorithm: sha256WithRSAEncryption 1e:f6:a6:39:b3:02:a2:f7:ea:97:3c:ee:3e:ab:e6:c2:66:19: cb:0d:92:4e:74:9a:d4:51:3a:e8:a2:8a:cf:86:3a:d3:13:4b: 5d:07:20:6a:ef:0d:c7:96:52:c9:a5:00:56:4f:e6:78:b2:3f: a1:8e:ed:c0:70:60:08:49:fc:03:1f:b7:e7:ac:6f:42:78:e1: dc:f1:d2:bf:34:d7:2e:ea:ba:88:ce:85:f2:6e:39:fc:4a:0e: f6:97:cd:19:7d:e7:ca:72:66:88:8e:cc:24:bc:1b:53:11:6a: c0:4e:b6:47:08:6d:40:36:b5:7b:91:2c:ed:5f:5f:1b:3f:64: 6f:b5:0d:b8:65:c0:cb:d9:2a:7a:db:ad:60:14:29:d2:4e:2b: ee:90:46:90:01:bb:87:cc:2d:ed:bc:14:69:8d:ff:86:85:4c: 07:15:cb:ce:97:f2:a2:66:4f:78:dd:c8:98:d4:f9:b2:98:db: 13:cf:06:c2:8e:23:20:e7:ce:bb:84:d4:75:97:e6:97:90:95: 4a:46:f3:9b:79:81:68:63:23:df:27:f1:7b:77:0d:fe:84:90: b5:1f:b0:be:1b:ac:33:62:db:01:8c:08:02:b4:b4:06:0e:c4: 47:21:5e:ee:70:35:93:d6:8c:41:c9:ce:8f:49:40:33:b2:5e: c7:2a:08:82 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICFa8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0FD RTEwQzgzODI5MkM2RkM3MDY1ODVCNDQ0RUJBRURDQTJBMTFCOTAeFw0yNTA5MTMw MzA2NDJaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKEIwN0NFRTdGNUU4Rjkx RjI5MEUxRTMwMzY5NUVEREIzQkU2Q0ZFQTkwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDB8Lehe3JwSuYjwSnYDgBMJmcboYsluwCGPibBtGeV7/C9mpZ6 8qr761cr/Hs20Z8T6NvwlJfQu6kThnRTdOtfrUhYgCcF3cKs2XtFtOsXOQqNGetR otydEiTGCQ9WKofbVxy+2J0/s0MRrPTa2FtlND3ENntizxMS8MXKZq0gI/6hl/Ha To3fXFhjeMUray1QjtfOybbYrAXjI+QoczoMCd57QAky4TdW79+vW9ECbNGrA4Nz l8NBQEx9WxCGG+Z++SJiY4sGMKRTxGMXgEpY8AlR8gx2YRX1vWmTFJtJaNUqnk0V nJLTFaYFlc/0r/Hg4JJpeb7/qY/H/t9bQcPHAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUsHzuf16PkfKQ4eMDaV7ds75s/qkwHwYDVR0jBBgwFoAUOs4QyDgpLG/HBlhb RE667coqEbkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzAx NC9PczRReURncExHX0hCbGhiUkU2Njdjb3FFYmsuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL09zNFF5RGdwTEdfSEJsaGJSRTY2N2NvcUViay5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwMTQvc0h6dWYxNlBrZktR NGVNRGFWN2RzNzVzX3FrLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAXEv4DANBgkqhkiG9w0BAQsFAAOCAQEAHvamObMCovfqlzzuPqvmwmYZyw2S TnSa1FE66KKKz4Y60xNLXQcgau8Nx5ZSyaUAVk/meLI/oY7twHBgCEn8Ax+356xv Qnjh3PHSvzTXLuq6iM6F8m45/EoO9pfNGX3nynJmiI7MJLwbUxFqwE62RwhtQDa1 e5Es7V9fGz9kb7UNuGXAy9kqetutYBQp0k4r7pBGkAG7h8wt7bwUaY3/hoVMBxXL zpfyomZPeN3ImNT5spjbE88Gwo4jIOfOu4TUdZfml5CVSkbzm3mBaGMj3yfxe3cN /oSQtR+wvhusM2LbAYwIArS0Bg7ERyFe7nA1k9aMQcnOj0lAM7JexyoIgg== -----END CERTIFICATE-----Generated at Mon Oct 20 19:21:18 2025 by rpki-client