$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3014/zU7a2fVWQDKLGH9cx55J-K0WGaQ.roa File: zU7a2fVWQDKLGH9cx55J-K0WGaQ.roa (raw, json) Hash identifier: xX8TzxfkgG/caYcqfxiUWvkhkXCwxaLUwdEXqL/s1Lw= Subject key identifier: CD:4E:DA:D9:F5:56:40:32:8B:18:7F:5C:C7:9E:49:F8:AD:16:19:A4 Certificate issuer: /CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9 Certificate serial: 15A7 Authority key identifier: 3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/zU7a2fVWQDKLGH9cx55J-K0WGaQ.roa Signing time: Sat 13 Sep 2025 03:06:40 +0000 ROA not before: Sat 13 Sep 2025 03:06:40 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 55990 IP address blocks: 113.47.232.0/23 maxlen: 23 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 23:00:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5543 (0x15a7) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9 Validity Not Before: Sep 13 03:06:40 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=CD4EDAD9F55640328B187F5CC79E49F8AD1619A4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dd:e3:75:ec:13:88:00:ee:e2:86:a8:e9:b9:3c: 80:60:ce:b9:3b:5d:06:15:6c:33:ee:a0:d8:27:f0: ad:95:a9:b8:0a:45:a2:8d:b6:d2:bc:48:95:ea:2d: 23:3d:2b:73:df:80:cd:cb:40:7b:f0:dc:41:98:38: b5:d1:bc:38:0e:77:35:74:6f:a6:56:66:09:c4:ac: 53:0f:55:e4:a1:1b:4b:a9:23:67:b3:c1:ca:4a:fe: 6c:f2:3e:f6:7d:be:7b:7b:59:3f:41:1d:43:e0:2c: 59:1b:45:ed:55:61:38:b7:ea:f6:94:1b:67:75:96: 77:fb:46:78:23:d1:4d:9f:23:c5:0c:c9:4c:93:fb: d4:9e:aa:3b:21:fa:bb:42:69:a2:3c:ed:70:9a:ef: f2:87:b3:fc:b1:44:b6:be:17:ea:71:2f:22:35:2e: 07:f8:f1:bc:8f:83:72:2b:4d:ed:2b:82:20:5d:a0: 9f:73:3c:d6:c4:e8:4c:13:e8:99:66:05:9f:4b:68: 3d:39:01:da:21:05:db:59:81:4a:64:dd:6e:c4:45: e2:8c:6a:30:f7:2f:c1:da:c3:d0:7c:ed:7c:24:b6: e1:6e:70:60:07:17:47:95:68:33:5b:f9:64:2d:73: 1b:fe:94:a0:63:15:98:d9:60:16:f7:79:f1:29:9c: 6b:ed Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CD:4E:DA:D9:F5:56:40:32:8B:18:7F:5C:C7:9E:49:F8:AD:16:19:A4 X509v3 Authority Key Identifier: keyid:3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/zU7a2fVWQDKLGH9cx55J-K0WGaQ.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 113.47.232.0/23 Signature Algorithm: sha256WithRSAEncryption 80:43:09:4f:cc:b3:83:18:70:d0:90:bb:41:c0:71:5c:92:06: 76:d7:2f:1f:fa:b7:73:3a:47:73:a1:eb:8c:cf:cc:a0:c8:e2: 5f:db:26:e0:43:41:bc:36:ba:3f:38:e5:dd:65:ea:72:36:6e: f4:86:7a:83:de:26:fd:57:69:59:1e:0d:13:77:9d:3c:32:13: 9a:a7:14:d2:c4:bd:7a:9c:02:3b:86:9f:9c:9b:3c:88:8e:af: 63:2a:94:7c:4c:5c:f5:d0:fe:a4:89:8a:99:71:9a:a3:40:0c: 97:1d:57:48:a6:e0:69:61:46:6f:87:bc:a8:42:91:d4:f1:f6: f0:ac:b6:e1:5c:6d:2c:50:4c:24:94:40:a5:ac:d4:da:c9:fa: 8a:7f:17:35:3b:f0:93:90:87:32:1b:69:d6:35:5b:57:b3:16: 66:7a:5f:08:ec:62:bd:e6:d1:3a:43:95:87:f6:3d:cf:9a:fa: de:cc:2b:9b:d4:93:ed:05:4a:0f:bd:94:82:74:46:e9:6f:cd: e6:93:3c:a0:07:3b:52:4f:d3:3a:48:97:64:96:cb:92:45:2e: b7:cd:4a:d3:2c:6e:dc:ba:7c:64:a9:29:cf:d0:4a:2d:dc:55: 23:51:03:9a:ba:ec:cd:4d:e2:53:4f:50:e5:56:cf:bf:2e:79: 53:ae:24:37 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICFacwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0FD RTEwQzgzODI5MkM2RkM3MDY1ODVCNDQ0RUJBRURDQTJBMTFCOTAeFw0yNTA5MTMw MzA2NDBaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKENENEVEQUQ5RjU1NjQw MzI4QjE4N0Y1Q0M3OUU0OUY4QUQxNjE5QTQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDd43XsE4gA7uKGqOm5PIBgzrk7XQYVbDPuoNgn8K2VqbgKRaKN ttK8SJXqLSM9K3PfgM3LQHvw3EGYOLXRvDgOdzV0b6ZWZgnErFMPVeShG0upI2ez wcpK/mzyPvZ9vnt7WT9BHUPgLFkbRe1VYTi36vaUG2d1lnf7Rngj0U2fI8UMyUyT +9Seqjsh+rtCaaI87XCa7/KHs/yxRLa+F+pxLyI1Lgf48byPg3IrTe0rgiBdoJ9z PNbE6EwT6JlmBZ9LaD05AdohBdtZgUpk3W7EReKMajD3L8Haw9B87XwktuFucGAH F0eVaDNb+WQtcxv+lKBjFZjZYBb3efEpnGvtAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUzU7a2fVWQDKLGH9cx55J+K0WGaQwHwYDVR0jBBgwFoAUOs4QyDgpLG/HBlhb RE667coqEbkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzAx NC9PczRReURncExHX0hCbGhiUkU2Njdjb3FFYmsuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL09zNFF5RGdwTEdfSEJsaGJSRTY2N2NvcUViay5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwMTQvelU3YTJmVldRREtM R0g5Y3g1NUotSzBXR2FRLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAXEv6DANBgkqhkiG9w0BAQsFAAOCAQEAgEMJT8yzgxhw0JC7QcBxXJIGdtcv H/q3czpHc6HrjM/MoMjiX9sm4ENBvDa6Pzjl3WXqcjZu9IZ6g94m/VdpWR4NE3ed PDITmqcU0sS9epwCO4afnJs8iI6vYyqUfExc9dD+pImKmXGao0AMlx1XSKbgaWFG b4e8qEKR1PH28Ky24VxtLFBMJJRApazU2sn6in8XNTvwk5CHMhtp1jVbV7MWZnpf COxivebROkOVh/Y9z5r63swrm9ST7QVKD72UgnRG6W/N5pM8oAc7Uk/TOkiXZJbL kkUut81K0yxu3Lp8ZKkpz9BKLdxVI1EDmrrszU3iU09Q5VbPvy55U64kNw== -----END CERTIFICATE-----Generated at Mon Oct 20 19:21:04 2025 by rpki-client