$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3014/uhKXq3TBjfKtKP9johey_XP7xSs.roa File: uhKXq3TBjfKtKP9johey_XP7xSs.roa (raw, json) Hash identifier: dZHzlSc6MhNX1Nhmz0g2hXhULv6ERa05FI+Grpi1dkQ= Subject key identifier: BA:12:97:AB:74:C1:8D:F2:AD:28:FF:63:A2:17:B2:FD:73:FB:C5:2B Certificate issuer: /CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9 Certificate serial: 15CA Authority key identifier: 3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/uhKXq3TBjfKtKP9johey_XP7xSs.roa Signing time: Sat 13 Sep 2025 03:06:48 +0000 ROA not before: Sat 13 Sep 2025 03:06:48 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 55990 IP address blocks: 113.46.96.0/19 maxlen: 19 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 23:00:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5578 (0x15ca) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9 Validity Not Before: Sep 13 03:06:48 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=BA1297AB74C18DF2AD28FF63A217B2FD73FBC52B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:af:75:46:64:db:81:98:18:8a:6a:89:2d:8a: ef:67:32:5d:f1:4b:5e:5e:fd:5d:e7:07:72:74:b4: d4:93:f7:73:fd:8f:85:79:67:3f:4c:ab:5a:9a:a6: f0:d0:74:b2:df:c3:40:51:ab:2f:69:8b:c6:96:6a: eb:27:17:23:8d:27:cf:a0:44:9e:24:2d:27:25:e9: fa:d4:f0:54:41:e4:47:76:18:94:6d:65:3e:63:ac: af:a2:25:ed:36:a7:2e:61:1d:77:96:28:20:bf:1f: 05:03:d7:5d:ae:2f:6e:1c:1f:18:3b:75:c9:03:66: 7a:5f:ea:28:b2:cd:9f:ff:ea:e9:80:11:7e:33:c6: 86:0d:21:67:db:b1:2f:ce:99:58:fd:c9:eb:aa:a5: 91:93:63:aa:ee:c9:bb:3b:7c:ba:68:e8:26:3c:e0: 38:db:ed:e9:8a:32:0f:c7:74:ef:e5:92:35:b2:a1: 35:b9:dd:ec:b2:1b:be:d0:0f:e0:d6:90:ee:81:00: 17:3e:13:4c:53:b4:1e:ad:6c:e0:39:7f:7a:0b:77: 73:6f:53:60:79:36:36:55:9e:d2:4c:59:70:be:19: ea:a3:f0:34:90:06:c1:85:8e:24:7a:01:c1:73:93: e4:dd:a7:2d:0b:fb:b8:f7:22:c1:80:51:b6:22:04: ce:4f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BA:12:97:AB:74:C1:8D:F2:AD:28:FF:63:A2:17:B2:FD:73:FB:C5:2B X509v3 Authority Key Identifier: keyid:3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/uhKXq3TBjfKtKP9johey_XP7xSs.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 113.46.96.0/19 Signature Algorithm: sha256WithRSAEncryption 1e:40:da:c5:fd:ed:9c:b9:f8:ec:91:b0:b3:7b:0e:07:76:55: 5d:d6:77:16:02:2e:1a:58:64:8a:2a:a4:ad:a5:4d:91:cd:3e: e6:aa:bc:a3:df:fc:5d:43:3c:ba:8b:39:f5:c9:07:1b:03:e7: 1a:8f:97:6a:b5:20:19:5f:59:f1:bb:85:50:e5:3d:4e:2f:50: 6d:89:34:43:17:31:01:31:9c:1a:7b:37:5f:a6:e7:7b:16:5e: ac:90:81:70:e9:d1:ab:11:ff:76:01:c8:8b:87:84:c4:e5:41: 17:31:65:09:f8:aa:26:22:6e:2e:56:57:2a:45:88:8f:4c:d3: 45:67:2f:e1:36:62:47:80:1d:8e:01:ef:c5:26:68:c2:84:55: ed:cc:56:07:c4:b2:d9:5b:d1:63:ad:49:27:5b:7d:07:ab:4a: 04:cd:ce:4d:86:7c:bc:22:26:a4:e2:b1:76:d4:89:49:75:12: a1:72:5b:e6:26:46:10:52:a7:97:9d:94:aa:10:be:25:d9:e4: f3:70:59:19:89:b5:96:c9:84:80:96:68:9e:68:41:fa:b7:b6: 0b:c9:a0:e0:8b:8d:ce:c1:6f:2f:80:9d:9b:94:dc:8c:70:dd: 62:c4:cc:c8:25:69:01:0c:ea:95:4a:4e:0a:8a:0a:34:e0:c1: 11:2b:3d:a5 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICFcowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0FD RTEwQzgzODI5MkM2RkM3MDY1ODVCNDQ0RUJBRURDQTJBMTFCOTAeFw0yNTA5MTMw MzA2NDhaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKEJBMTI5N0FCNzRDMThE RjJBRDI4RkY2M0EyMTdCMkZENzNGQkM1MkIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCvr3VGZNuBmBiKaoktiu9nMl3xS15e/V3nB3J0tNST93P9j4V5 Zz9Mq1qapvDQdLLfw0BRqy9pi8aWausnFyONJ8+gRJ4kLScl6frU8FRB5Ed2GJRt ZT5jrK+iJe02py5hHXeWKCC/HwUD112uL24cHxg7dckDZnpf6iiyzZ//6umAEX4z xoYNIWfbsS/OmVj9yeuqpZGTY6ruybs7fLpo6CY84Djb7emKMg/HdO/lkjWyoTW5 3eyyG77QD+DWkO6BABc+E0xTtB6tbOA5f3oLd3NvU2B5NjZVntJMWXC+Geqj8DSQ BsGFjiR6AcFzk+Tdpy0L+7j3IsGAUbYiBM5PAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUuhKXq3TBjfKtKP9johey/XP7xSswHwYDVR0jBBgwFoAUOs4QyDgpLG/HBlhb RE667coqEbkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzAx NC9PczRReURncExHX0hCbGhiUkU2Njdjb3FFYmsuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL09zNFF5RGdwTEdfSEJsaGJSRTY2N2NvcUViay5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwMTQvdWhLWHEzVEJqZkt0 S1A5am9oZXlfWFA3eFNzLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEBXEuYDANBgkqhkiG9w0BAQsFAAOCAQEAHkDaxf3tnLn47JGws3sOB3ZVXdZ3 FgIuGlhkiiqkraVNkc0+5qq8o9/8XUM8uos59ckHGwPnGo+XarUgGV9Z8buFUOU9 Ti9QbYk0QxcxATGcGns3X6bnexZerJCBcOnRqxH/dgHIi4eExOVBFzFlCfiqJiJu LlZXKkWIj0zTRWcv4TZiR4AdjgHvxSZowoRV7cxWB8Sy2VvRY61JJ1t9B6tKBM3O TYZ8vCImpOKxdtSJSXUSoXJb5iZGEFKnl52UqhC+Jdnk83BZGYm1lsmEgJZonmhB +re2C8mg4IuNzsFvL4Cdm5TcjHDdYsTMyCVpAQzqlUpOCooKNODBESs9pQ== -----END CERTIFICATE-----Generated at Mon Oct 20 19:21:01 2025 by rpki-client