$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3014/zLhNibaMdMV_8eLG3rrcmCpcwh8.roa File: zLhNibaMdMV_8eLG3rrcmCpcwh8.roa (raw, json) Hash identifier: 037GBfHDOuoCt7dqaXpjupJpC4+8Xmffiw69G1dcIcg= Subject key identifier: CC:B8:4D:89:B6:8C:74:C5:7F:F1:E2:C6:DE:BA:DC:98:2A:5C:C2:1F Certificate issuer: /CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9 Certificate serial: 15BB Authority key identifier: 3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/zLhNibaMdMV_8eLG3rrcmCpcwh8.roa Signing time: Sat 13 Sep 2025 03:06:44 +0000 ROA not before: Sat 13 Sep 2025 03:06:45 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 55990 IP address blocks: 113.45.112.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 23:00:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5563 (0x15bb) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9 Validity Not Before: Sep 13 03:06:45 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=CCB84D89B68C74C57FF1E2C6DEBADC982A5CC21F Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:70:86:22:bc:d7:4e:c4:33:a8:ed:0c:ac:ad: 34:fa:bd:14:4e:41:cc:b5:2d:92:87:65:8c:b0:c2: 6b:60:77:4c:6e:6d:73:9a:2b:83:5b:15:9d:7b:71: 80:40:c7:4d:79:74:59:4b:7b:87:ab:19:16:0c:57: 10:1e:54:4c:c7:a4:8d:23:54:f1:96:8d:20:4e:27: bf:da:8d:2a:29:88:1d:1d:c3:c4:41:b6:d3:66:51: 26:4b:55:45:e3:0f:72:4a:04:ba:04:24:61:4c:7d: 93:01:7a:bd:76:6f:ce:3b:4e:22:47:7d:0e:67:fa: c3:2e:d8:c0:65:3f:cb:64:8f:7a:48:8e:7a:20:bc: 39:e7:94:93:d6:28:60:6a:28:f9:77:71:71:4e:27: 9b:d1:af:5e:35:b2:54:ae:bc:0b:31:86:e5:a4:87: 81:4f:b0:8b:5c:19:82:b9:53:78:bf:6d:5f:e3:dc: 42:36:e4:43:67:03:03:5a:cf:38:35:b5:a7:bf:77: 2b:1a:ce:b3:5a:d8:ca:98:8f:ac:34:b3:21:c3:60: c4:5b:cc:f5:39:1c:29:f9:e5:cd:32:1f:11:82:8d: f4:c0:4e:1b:0f:d1:9d:23:a3:e5:ea:4f:96:ee:47: 6c:81:e9:c9:39:54:43:5b:fe:4d:e2:44:52:9d:26: 09:9f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CC:B8:4D:89:B6:8C:74:C5:7F:F1:E2:C6:DE:BA:DC:98:2A:5C:C2:1F X509v3 Authority Key Identifier: keyid:3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/zLhNibaMdMV_8eLG3rrcmCpcwh8.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 113.45.112.0/23 Signature Algorithm: sha256WithRSAEncryption ab:53:d8:b0:6c:59:d7:47:4a:c1:e8:da:c5:cb:58:e5:47:53: 90:c3:6a:04:5e:86:ad:5e:22:77:85:7a:ca:a0:df:e4:46:6a: 98:31:63:81:ac:d2:da:76:ae:dd:79:d8:58:da:80:2f:e3:11: 1e:81:d6:cc:a5:c7:33:a8:26:94:b7:c4:e3:49:50:c3:7b:c3: 4c:77:20:c2:89:0f:b8:1a:aa:f1:be:c5:e8:a9:c3:04:15:41: 6b:f4:49:3e:a4:13:96:e6:08:d5:07:fe:d1:05:5a:91:f9:c1: 6c:e2:c9:fc:e0:4a:3f:c9:63:96:b9:18:a9:ba:a9:20:14:6a: db:ce:bf:fe:52:37:da:fd:6a:ae:73:2e:69:ee:c2:b8:c5:fe: 0c:14:2f:63:d1:40:2b:b0:a3:3a:7c:41:f9:1b:c8:34:d8:aa: f1:67:e1:73:cc:18:3a:2e:ed:f6:d0:2b:82:23:13:f5:ab:00: 52:27:bc:4b:40:28:98:29:a1:db:77:05:f2:2f:2e:89:0d:be: 33:97:24:f7:d4:3f:9f:96:1a:d1:fe:fd:04:83:3a:57:1a:ff: 98:f7:8f:7e:ee:ad:93:51:8c:70:c2:78:1f:78:b5:0c:86:07: a9:fd:07:f0:a8:96:f7:a1:b3:88:b8:45:6e:4a:36:81:28:23: 51:60:64:5f -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICFbswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0FD RTEwQzgzODI5MkM2RkM3MDY1ODVCNDQ0RUJBRURDQTJBMTFCOTAeFw0yNTA5MTMw MzA2NDVaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKENDQjg0RDg5QjY4Qzc0 QzU3RkYxRTJDNkRFQkFEQzk4MkE1Q0MyMUYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC8cIYivNdOxDOo7QysrTT6vRROQcy1LZKHZYywwmtgd0xubXOa K4NbFZ17cYBAx015dFlLe4erGRYMVxAeVEzHpI0jVPGWjSBOJ7/ajSopiB0dw8RB ttNmUSZLVUXjD3JKBLoEJGFMfZMBer12b847TiJHfQ5n+sMu2MBlP8tkj3pIjnog vDnnlJPWKGBqKPl3cXFOJ5vRr141slSuvAsxhuWkh4FPsItcGYK5U3i/bV/j3EI2 5ENnAwNazzg1tae/dysazrNa2MqYj6w0syHDYMRbzPU5HCn55c0yHxGCjfTAThsP 0Z0jo+XqT5buR2yB6ck5VENb/k3iRFKdJgmfAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUzLhNibaMdMV/8eLG3rrcmCpcwh8wHwYDVR0jBBgwFoAUOs4QyDgpLG/HBlhb RE667coqEbkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzAx NC9PczRReURncExHX0hCbGhiUkU2Njdjb3FFYmsuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL09zNFF5RGdwTEdfSEJsaGJSRTY2N2NvcUViay5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwMTQvekxoTmliYU1kTVZf OGVMRzNycmNtQ3Bjd2g4LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAXEtcDANBgkqhkiG9w0BAQsFAAOCAQEAq1PYsGxZ10dKwejaxctY5UdTkMNq BF6GrV4id4V6yqDf5EZqmDFjgazS2nau3XnYWNqAL+MRHoHWzKXHM6gmlLfE40lQ w3vDTHcgwokPuBqq8b7F6KnDBBVBa/RJPqQTluYI1Qf+0QVakfnBbOLJ/OBKP8lj lrkYqbqpIBRq286//lI32v1qrnMuae7CuMX+DBQvY9FAK7CjOnxB+RvINNiq8Wfh c8wYOi7t9tArgiMT9asAUie8S0AomCmh23cF8i8uiQ2+M5ck99Q/n5Ya0f79BIM6 Vxr/mPePfu6tk1GMcMJ4H3i1DIYHqf0H8KiW96GziLhFbko2gSgjUWBkXw== -----END CERTIFICATE-----Generated at Mon Oct 20 19:21:07 2025 by rpki-client