$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3014/xw5P6gyQs3xrOFr79eJS3URP0xI.roa File: xw5P6gyQs3xrOFr79eJS3URP0xI.roa (raw, json) Hash identifier: GManqhhjhz2Y1TjyqkitBYbflK8g7bAcdEtCwpRu6XE= Subject key identifier: C7:0E:4F:EA:0C:90:B3:7C:6B:38:5A:FB:F5:E2:52:DD:44:4F:D3:12 Certificate issuer: /CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9 Certificate serial: 15AB Authority key identifier: 3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/xw5P6gyQs3xrOFr79eJS3URP0xI.roa Signing time: Sat 13 Sep 2025 03:06:41 +0000 ROA not before: Sat 13 Sep 2025 03:06:41 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 55990 IP address blocks: 113.47.128.0/21 maxlen: 21 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 23:00:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5547 (0x15ab) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9 Validity Not Before: Sep 13 03:06:41 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=C70E4FEA0C90B37C6B385AFBF5E252DD444FD312 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:6a:0d:5e:f7:cc:bf:7e:a3:63:36:43:4b:15: c7:e3:96:6a:13:b2:99:bb:83:58:7c:7a:9c:fe:bb: 0e:6f:dd:3a:a2:0f:70:9d:4a:59:80:5f:45:d4:49: 33:bf:13:3f:1c:da:67:f6:bd:2c:94:3e:e3:a1:a2: 27:e8:f4:4d:e1:38:3e:b0:11:2b:bb:fe:e7:99:4a: b9:40:60:48:6d:1e:fb:6c:8d:78:ab:ac:8b:26:47: d2:42:3b:07:82:38:a6:c5:c1:da:fd:ce:7d:d7:15: 7e:68:40:66:aa:17:d8:72:76:99:13:a4:00:e2:4e: 10:aa:49:1f:c9:b7:41:08:f3:4f:3e:4e:b1:66:4d: f9:1c:8a:81:ce:be:39:2c:02:9b:3a:69:a0:d2:bd: 6b:54:c0:c1:00:b7:54:e8:13:48:45:4c:ef:cb:42: 67:54:14:bb:36:15:72:f2:bd:a2:d5:65:35:36:6b: 9c:54:00:38:a7:87:eb:e0:5c:ff:45:55:a2:b4:d4: 5c:eb:99:d2:7c:49:e3:4b:d5:32:ae:d3:8e:f4:6a: 8e:ea:f7:06:64:3d:99:09:50:13:a6:7d:dc:c6:e9: e2:a3:ae:77:cc:20:15:02:67:0e:fa:c2:0b:d6:43: 9b:3f:b1:be:08:3b:b0:3e:63:0c:90:77:97:b1:0b: 1e:53 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C7:0E:4F:EA:0C:90:B3:7C:6B:38:5A:FB:F5:E2:52:DD:44:4F:D3:12 X509v3 Authority Key Identifier: keyid:3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/xw5P6gyQs3xrOFr79eJS3URP0xI.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 113.47.128.0/21 Signature Algorithm: sha256WithRSAEncryption 73:50:b9:70:1b:3f:6c:79:3b:31:f8:93:70:c2:ce:fe:48:1d: 82:9d:ed:f2:24:34:8f:a5:9c:4c:0b:ff:07:89:2e:1b:29:e2: 61:90:56:f6:6c:fd:8b:bf:70:e0:47:6d:70:43:8e:2b:39:b4: b0:e4:55:bf:a3:3d:d3:9d:2d:2f:6f:2a:fd:04:97:34:65:77: 65:d2:e9:23:52:a3:09:09:1e:b4:82:c6:87:d9:96:c5:1f:dd: c3:04:36:b0:35:bd:b8:22:d1:77:79:f9:e2:09:ad:83:cc:e4: b4:5a:08:1a:63:82:d3:52:43:c4:53:ee:b6:81:4e:a0:68:fa: 87:b7:9e:94:95:3c:6e:55:95:0c:80:2f:10:0a:e6:6a:ef:6c: dc:3c:cd:70:9d:82:7c:0c:fe:82:c1:13:4d:74:68:27:e8:89: bc:39:76:f4:d0:f3:8f:fe:07:17:3e:05:8e:50:6e:ba:e7:55: 04:81:88:70:e5:3b:b7:d6:a5:ce:0c:21:db:3c:9b:6d:ed:3d: 89:aa:25:7f:3d:94:7c:28:77:6e:64:08:71:3a:f7:31:49:a0: 5f:44:af:88:51:74:02:d6:51:36:44:c1:05:17:3c:7e:78:17: 8a:5b:d3:0b:88:9f:e4:11:1e:3f:a5:33:c9:c7:5c:ec:0c:60: 5d:17:cd:f0 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICFaswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0FD RTEwQzgzODI5MkM2RkM3MDY1ODVCNDQ0RUJBRURDQTJBMTFCOTAeFw0yNTA5MTMw MzA2NDFaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKEM3MEU0RkVBMEM5MEIz N0M2QjM4NUFGQkY1RTI1MkRENDQ0RkQzMTIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCrag1e98y/fqNjNkNLFcfjlmoTspm7g1h8epz+uw5v3TqiD3Cd SlmAX0XUSTO/Ez8c2mf2vSyUPuOhoifo9E3hOD6wESu7/ueZSrlAYEhtHvtsjXir rIsmR9JCOweCOKbFwdr9zn3XFX5oQGaqF9hydpkTpADiThCqSR/Jt0EI808+TrFm TfkcioHOvjksAps6aaDSvWtUwMEAt1ToE0hFTO/LQmdUFLs2FXLyvaLVZTU2a5xU ADinh+vgXP9FVaK01FzrmdJ8SeNL1TKu0470ao7q9wZkPZkJUBOmfdzG6eKjrnfM IBUCZw76wgvWQ5s/sb4IO7A+YwyQd5exCx5TAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUxw5P6gyQs3xrOFr79eJS3URP0xIwHwYDVR0jBBgwFoAUOs4QyDgpLG/HBlhb RE667coqEbkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzAx NC9PczRReURncExHX0hCbGhiUkU2Njdjb3FFYmsuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL09zNFF5RGdwTEdfSEJsaGJSRTY2N2NvcUViay5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwMTQveHc1UDZneVFzM3hy T0ZyNzllSlMzVVJQMHhJLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEA3EvgDANBgkqhkiG9w0BAQsFAAOCAQEAc1C5cBs/bHk7MfiTcMLO/kgdgp3t 8iQ0j6WcTAv/B4kuGyniYZBW9mz9i79w4EdtcEOOKzm0sORVv6M9050tL28q/QSX NGV3ZdLpI1KjCQketILGh9mWxR/dwwQ2sDW9uCLRd3n54gmtg8zktFoIGmOC01JD xFPutoFOoGj6h7eelJU8blWVDIAvEArmau9s3DzNcJ2CfAz+gsETTXRoJ+iJvDl2 9NDzj/4HFz4FjlBuuudVBIGIcOU7t9alzgwh2zybbe09iaolfz2UfCh3bmQIcTr3 MUmgX0SviFF0AtZRNkTBBRc8fngXilvTC4if5BEeP6Uzycdc7AxgXRfN8A== -----END CERTIFICATE-----Generated at Mon Oct 20 19:21:18 2025 by rpki-client