$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3014/xEHGETglSFZuxoUFFcaktPh70dI.roa File: xEHGETglSFZuxoUFFcaktPh70dI.roa (raw, json) Hash identifier: 1OQQdFFNg4f7Tf5/CMRTAXGZ8KltSNnwVXuQmLEC1ck= Subject key identifier: C4:41:C6:11:38:25:48:56:6E:C6:85:05:15:C6:A4:B4:F8:7B:D1:D2 Certificate issuer: /CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9 Certificate serial: 1608 Authority key identifier: 3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/xEHGETglSFZuxoUFFcaktPh70dI.roa Signing time: Mon 22 Sep 2025 09:57:14 +0000 ROA not before: Mon 22 Sep 2025 09:57:14 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 55990 IP address blocks: 115.120.100.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 23:00:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5640 (0x1608) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9 Validity Not Before: Sep 22 09:57:14 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=C441C611382548566EC6850515C6A4B4F87BD1D2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:78:94:1d:0f:a4:97:de:3c:da:de:b0:37:e5: 69:82:aa:0d:dc:b5:d1:b0:fa:3d:28:c6:9c:09:cc: 98:6d:8d:ba:eb:59:07:9b:3b:f2:8c:dd:99:e4:e6: c0:bf:16:40:a6:11:1c:32:ef:bd:cc:5c:4d:ec:42: 57:f8:0e:ab:c8:b5:a8:04:e9:cf:3c:a4:b6:25:76: f8:43:c7:bd:44:d0:69:aa:e8:2e:20:75:c3:05:c0: 24:f0:56:82:f5:61:cf:14:9a:89:c9:24:25:03:66: 28:69:39:10:44:50:e6:7d:32:6d:e9:1e:58:e9:54: 39:2d:cb:9e:6f:57:98:ed:39:15:4b:29:a6:08:f9: e4:43:6f:40:0a:38:53:74:57:d1:63:0f:d5:53:bf: e5:c3:34:95:0c:92:8c:54:f8:a4:7b:8a:96:18:8f: 7e:cd:14:74:38:e2:cd:e0:43:e1:be:1f:95:29:6a: 5b:78:0b:48:f3:c3:10:d0:14:55:7f:ee:ae:dd:67: 40:9d:7c:64:99:fe:8a:6b:de:c4:16:1b:2b:df:8c: 4d:fb:70:e6:ea:8a:e4:73:32:54:e9:95:e8:4d:40: d1:a6:f6:4f:ba:2e:21:6e:0d:94:3c:3f:7d:11:b8: 8b:d7:40:d9:10:77:36:16:36:32:75:26:4c:1c:5b: 84:83 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C4:41:C6:11:38:25:48:56:6E:C6:85:05:15:C6:A4:B4:F8:7B:D1:D2 X509v3 Authority Key Identifier: keyid:3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/xEHGETglSFZuxoUFFcaktPh70dI.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 115.120.100.0/22 Signature Algorithm: sha256WithRSAEncryption 95:df:20:7a:8a:36:1e:cf:56:6a:2e:37:fe:5a:e1:00:d1:3b: 06:55:75:54:da:19:dd:a9:75:ac:97:50:f4:ae:b3:d8:3e:cd: 01:6e:9d:a9:20:72:72:ce:c1:f0:a6:bf:d4:91:c3:15:7c:0e: ad:4c:69:58:8f:9e:75:9e:d9:d3:17:11:2c:e1:ab:d3:c0:ef: d5:48:d1:73:0a:1c:2f:5e:0a:84:77:c7:a4:18:8b:8b:e8:ef: a3:07:fb:e5:59:94:82:5a:a5:ff:08:0a:58:3a:d5:2c:77:99: 80:46:2a:6b:8c:19:01:7e:33:0e:60:77:72:b0:91:12:28:71: 9a:e1:a0:53:75:37:cd:33:ae:7a:68:3f:57:f2:3a:3d:02:62: 06:58:8c:5f:bf:76:32:b7:4e:4d:93:2f:22:f9:24:cd:20:6c: 22:3a:6d:09:18:16:20:df:95:d1:f6:62:b8:27:57:72:59:d8: 40:14:e5:a1:65:7f:9a:5e:ba:25:ad:04:10:25:d4:bb:e2:80: 39:78:13:bc:7e:5a:f3:f4:2a:33:2b:a9:0a:40:69:fb:64:65: d1:ac:b5:a0:60:d5:c4:3a:d0:d0:e9:7d:c9:bd:49:93:14:81: ac:a4:88:df:cb:64:56:50:05:22:d9:f1:19:51:4c:60:a8:37: 0b:a6:80:79 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICFggwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0FD RTEwQzgzODI5MkM2RkM3MDY1ODVCNDQ0RUJBRURDQTJBMTFCOTAeFw0yNTA5MjIw OTU3MTRaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKEM0NDFDNjExMzgyNTQ4 NTY2RUM2ODUwNTE1QzZBNEI0Rjg3QkQxRDIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC0eJQdD6SX3jza3rA35WmCqg3ctdGw+j0oxpwJzJhtjbrrWQeb O/KM3Znk5sC/FkCmERwy773MXE3sQlf4DqvItagE6c88pLYldvhDx71E0Gmq6C4g dcMFwCTwVoL1Yc8UmonJJCUDZihpORBEUOZ9Mm3pHljpVDkty55vV5jtORVLKaYI +eRDb0AKOFN0V9FjD9VTv+XDNJUMkoxU+KR7ipYYj37NFHQ44s3gQ+G+H5Upalt4 C0jzwxDQFFV/7q7dZ0CdfGSZ/opr3sQWGyvfjE37cObqiuRzMlTplehNQNGm9k+6 LiFuDZQ8P30RuIvXQNkQdzYWNjJ1JkwcW4SDAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUxEHGETglSFZuxoUFFcaktPh70dIwHwYDVR0jBBgwFoAUOs4QyDgpLG/HBlhb RE667coqEbkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzAx NC9PczRReURncExHX0hCbGhiUkU2Njdjb3FFYmsuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL09zNFF5RGdwTEdfSEJsaGJSRTY2N2NvcUViay5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwMTQveEVIR0VUZ2xTRlp1 eG9VRkZjYWt0UGg3MGRJLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAnN4ZDANBgkqhkiG9w0BAQsFAAOCAQEAld8geoo2Hs9Wai43/lrhANE7BlV1 VNoZ3al1rJdQ9K6z2D7NAW6dqSBycs7B8Ka/1JHDFXwOrUxpWI+edZ7Z0xcRLOGr 08Dv1UjRcwocL14KhHfHpBiLi+jvowf75VmUglql/wgKWDrVLHeZgEYqa4wZAX4z DmB3crCREihxmuGgU3U3zTOuemg/V/I6PQJiBliMX792MrdOTZMvIvkkzSBsIjpt CRgWIN+V0fZiuCdXclnYQBTloWV/ml66Ja0EECXUu+KAOXgTvH5a8/QqMyupCkBp +2Rl0ay1oGDVxDrQ0Ol9yb1JkxSBrKSI38tkVlAFItnxGVFMYKg3C6aAeQ== -----END CERTIFICATE-----Generated at Mon Oct 20 19:21:07 2025 by rpki-client