$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3014/yhkUA4cGJR-zpn3sBTpv1pIsdmQ.roa File: yhkUA4cGJR-zpn3sBTpv1pIsdmQ.roa (raw, json) Hash identifier: oKUbaSEbBYsEiwRHK3X94W9BRLbsV1wXhrzf3K+Je7w= Subject key identifier: CA:19:14:03:87:06:25:1F:B3:A6:7D:EC:05:3A:6F:D6:92:2C:76:64 Certificate issuer: /CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9 Certificate serial: 15A6 Authority key identifier: 3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/yhkUA4cGJR-zpn3sBTpv1pIsdmQ.roa Signing time: Sat 13 Sep 2025 03:06:40 +0000 ROA not before: Sat 13 Sep 2025 03:06:40 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 55990 IP address blocks: 113.47.96.0/19 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 23:00:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5542 (0x15a6) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9 Validity Not Before: Sep 13 03:06:40 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=CA1914038706251FB3A67DEC053A6FD6922C7664 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f4:68:d2:b4:37:33:fd:df:86:29:bf:02:08:05: ec:de:60:a3:d3:47:ab:3e:d5:98:2f:dc:44:02:e3: 80:2d:64:c1:bf:fb:4e:a8:f0:34:14:9b:13:27:a9: 9e:c6:c9:d5:6b:80:4a:ab:5a:5f:db:ea:76:0d:be: 84:b6:dc:ab:2c:26:09:76:14:be:1c:51:f4:02:16: 9c:0d:75:94:58:f1:e6:ba:85:97:c9:48:2f:bb:a5: f0:d0:b4:2e:2e:57:3a:7c:29:77:c0:33:26:80:cf: df:54:4b:3c:b5:af:fc:90:c8:f1:12:51:db:4d:cb: cb:c3:e4:13:a0:dd:f5:eb:a5:74:5e:f6:f4:95:4e: 45:21:08:36:44:a3:82:5f:a3:51:72:dc:09:34:92: 4e:09:85:59:04:fe:5a:07:7b:50:e8:d7:87:77:9f: 71:d6:f1:a5:f0:b4:d7:70:6f:18:7e:6c:47:49:80: 77:f7:d7:26:80:70:00:06:6a:53:22:4d:ac:25:83: a7:55:7d:af:2d:b8:60:29:1e:54:76:c3:84:cb:79: 4f:30:35:05:b3:4c:77:5e:92:5b:fe:04:51:8d:22: 1b:3e:78:7a:2a:e2:5c:34:2c:60:7c:61:e4:ed:5b: 1d:ed:8c:72:7d:4c:59:c4:1a:3f:b8:a2:8c:48:4c: a7:6b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CA:19:14:03:87:06:25:1F:B3:A6:7D:EC:05:3A:6F:D6:92:2C:76:64 X509v3 Authority Key Identifier: keyid:3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/yhkUA4cGJR-zpn3sBTpv1pIsdmQ.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 113.47.96.0/19 Signature Algorithm: sha256WithRSAEncryption 74:8f:0e:8a:9d:07:6e:79:90:1a:76:47:bb:c3:92:b1:13:e9: 04:3d:38:0d:24:67:c7:5b:9f:70:a3:ef:db:91:ac:68:ce:e0: 05:8a:52:a2:d6:75:03:2e:d1:67:2c:dc:de:c7:a6:ad:08:27: 1e:e0:82:88:b3:06:6f:d9:4c:72:aa:60:55:19:5f:39:4a:41: 34:fb:0a:eb:f8:ba:d4:93:cd:f6:37:21:46:c3:d0:54:1b:54: 22:83:63:f3:31:63:d2:6f:73:64:c7:df:51:35:a6:50:46:01: 26:6f:45:a5:2d:10:09:ee:4d:4a:e6:b2:ea:47:b5:c5:5d:a9: 8f:89:d2:d7:23:2a:78:64:24:31:03:9d:3f:ad:46:65:66:17: e7:33:08:73:9d:8e:39:ee:3e:40:94:c0:e8:bb:00:bb:2a:5f: 36:f2:07:46:2e:c4:24:48:01:52:53:97:b8:42:bc:37:53:37: 4a:53:8f:3b:54:59:a2:e5:7b:6b:70:63:63:85:08:aa:1a:13: 4e:c3:5a:2d:dd:9a:dd:da:8e:07:fc:da:b0:55:18:e6:18:63: 06:d5:63:31:1c:87:80:e2:b3:8d:77:e3:45:9b:86:58:83:02: c4:26:16:5c:6c:6a:5f:3c:ca:1f:c1:69:6c:72:a2:bd:18:8b: b0:09:27:b7 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICFaYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0FD RTEwQzgzODI5MkM2RkM3MDY1ODVCNDQ0RUJBRURDQTJBMTFCOTAeFw0yNTA5MTMw MzA2NDBaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKENBMTkxNDAzODcwNjI1 MUZCM0E2N0RFQzA1M0E2RkQ2OTIyQzc2NjQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQD0aNK0NzP934YpvwIIBezeYKPTR6s+1Zgv3EQC44AtZMG/+06o 8DQUmxMnqZ7GydVrgEqrWl/b6nYNvoS23KssJgl2FL4cUfQCFpwNdZRY8ea6hZfJ SC+7pfDQtC4uVzp8KXfAMyaAz99USzy1r/yQyPESUdtNy8vD5BOg3fXrpXRe9vSV TkUhCDZEo4Jfo1Fy3Ak0kk4JhVkE/loHe1Do14d3n3HW8aXwtNdwbxh+bEdJgHf3 1yaAcAAGalMiTawlg6dVfa8tuGApHlR2w4TLeU8wNQWzTHdeklv+BFGNIhs+eHoq 4lw0LGB8YeTtWx3tjHJ9TFnEGj+4ooxITKdrAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUyhkUA4cGJR+zpn3sBTpv1pIsdmQwHwYDVR0jBBgwFoAUOs4QyDgpLG/HBlhb RE667coqEbkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzAx NC9PczRReURncExHX0hCbGhiUkU2Njdjb3FFYmsuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL09zNFF5RGdwTEdfSEJsaGJSRTY2N2NvcUViay5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwMTQveWhrVUE0Y0dKUi16 cG4zc0JUcHYxcElzZG1RLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEBXEvYDANBgkqhkiG9w0BAQsFAAOCAQEAdI8Oip0HbnmQGnZHu8OSsRPpBD04 DSRnx1ufcKPv25GsaM7gBYpSotZ1Ay7RZyzc3semrQgnHuCCiLMGb9lMcqpgVRlf OUpBNPsK6/i61JPN9jchRsPQVBtUIoNj8zFj0m9zZMffUTWmUEYBJm9FpS0QCe5N Suay6ke1xV2pj4nS1yMqeGQkMQOdP61GZWYX5zMIc52OOe4+QJTA6LsAuypfNvIH Ri7EJEgBUlOXuEK8N1M3SlOPO1RZouV7a3BjY4UIqhoTTsNaLd2a3dqOB/zasFUY 5hhjBtVjMRyHgOKzjXfjRZuGWIMCxCYWXGxqXzzKH8FpbHKivRiLsAkntw== -----END CERTIFICATE-----Generated at Mon Oct 20 19:21:04 2025 by rpki-client