$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/357/4h-LRt98vDXOaWTvbULeZ6UN1Bo.roa File: 4h-LRt98vDXOaWTvbULeZ6UN1Bo.roa (raw, json) Hash identifier: ok9VRiaU8zGdubEx8U4bFwcbntxv+qOMj38yML8Z3+4= Subject key identifier: E2:1F:8B:46:DF:7C:BC:35:CE:69:64:EF:6D:42:DE:67:A5:0D:D4:1A Certificate issuer: /CN=CE0A9CB02937B57DCE66A17FB84216D7ABE76434 Certificate serial: 1952 Authority key identifier: CE:0A:9C:B0:29:37:B5:7D:CE:66:A1:7F:B8:42:16:D7:AB:E7:64:34 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/zgqcsCk3tX3OZqF_uEIW16vnZDQ.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/357/4h-LRt98vDXOaWTvbULeZ6UN1Bo.roa Signing time: Sat 13 Sep 2025 03:10:18 +0000 ROA not before: Sat 13 Sep 2025 03:10:18 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 37963 IP address blocks: 47.113.0.0/16 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/357/zgqcsCk3tX3OZqF_uEIW16vnZDQ.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/357/zgqcsCk3tX3OZqF_uEIW16vnZDQ.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/zgqcsCk3tX3OZqF_uEIW16vnZDQ.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 18:09:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6482 (0x1952) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=CE0A9CB02937B57DCE66A17FB84216D7ABE76434 Validity Not Before: Sep 13 03:10:18 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=E21F8B46DF7CBC35CE6964EF6D42DE67A50DD41A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:91:48:51:4c:38:69:2a:3f:ee:49:52:6f:1e:4c: 40:18:b2:0a:6a:d4:32:d3:f9:8b:37:03:98:16:66: 89:2e:13:ef:91:a3:c0:b8:4f:15:76:f9:76:7d:14: bc:16:86:46:1f:2b:fd:e9:d5:fb:12:2e:2d:41:46: 0b:a0:e0:d7:94:0e:e1:dd:97:38:c8:d3:d4:31:db: a3:87:45:73:a9:29:14:f6:7a:9f:c3:ec:4d:df:5d: 6c:f1:06:47:75:98:95:dd:b6:64:a7:2e:73:79:ae: c7:fd:59:a0:5e:d8:e0:70:d8:81:ea:a4:54:0b:91: f0:c8:09:d6:20:77:f1:4e:51:d5:bd:ce:51:16:fe: 93:6a:18:cd:3d:4c:3f:a6:af:56:62:e8:07:09:1d: e4:11:5c:7c:22:86:1a:7b:d4:ac:e9:32:c9:8e:96: 33:38:e2:64:5f:f6:6c:8c:b8:12:ac:dd:a9:da:e9: 22:96:c2:df:19:27:b7:e8:2e:cc:2b:7f:d3:e0:27: 99:96:93:45:c4:57:89:c4:2e:0e:7b:56:5c:61:36: 4a:28:dd:ca:b4:ca:fb:40:bd:33:2e:4b:1d:9a:93: 2e:3f:01:ec:a7:3f:92:52:e6:8a:77:4a:f8:e0:ab: fe:bc:da:2d:02:cd:49:f1:37:be:ea:24:b2:18:c4: 8d:85 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E2:1F:8B:46:DF:7C:BC:35:CE:69:64:EF:6D:42:DE:67:A5:0D:D4:1A X509v3 Authority Key Identifier: keyid:CE:0A:9C:B0:29:37:B5:7D:CE:66:A1:7F:B8:42:16:D7:AB:E7:64:34 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/357/zgqcsCk3tX3OZqF_uEIW16vnZDQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/zgqcsCk3tX3OZqF_uEIW16vnZDQ.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/357/4h-LRt98vDXOaWTvbULeZ6UN1Bo.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 47.113.0.0/16 Signature Algorithm: sha256WithRSAEncryption 06:68:2d:8f:4b:87:b4:18:55:1e:e4:fa:28:cb:32:90:c9:0f: cc:29:aa:92:a2:0a:5b:38:9b:a8:ef:9f:a6:b7:32:19:5a:30: b0:61:b8:5e:50:f9:70:f1:86:d7:04:7e:2b:06:13:68:84:c4: 08:66:46:15:ba:af:dd:1a:c5:73:0b:44:70:9a:1c:eb:48:9d: fd:68:f6:6d:bb:88:3c:6e:07:bb:1b:ac:55:4e:c7:67:ed:03: e5:b3:e6:50:93:17:12:38:5b:eb:4e:7d:bc:30:31:13:78:97: 04:5c:01:db:da:35:aa:e7:14:53:fc:77:8a:dc:a4:3a:b6:5c: 7f:00:5a:c6:a7:1a:26:37:9c:52:cf:0c:78:41:99:ac:1d:c5: aa:cb:7d:db:c4:12:c5:bb:b2:a2:c1:20:0f:d1:8d:36:bb:4e: 23:ba:61:9e:83:d0:6c:0f:b9:ef:05:0b:21:56:e1:57:37:40: bf:b4:16:78:5e:82:bb:c2:be:5c:9c:ee:a9:38:e2:8e:8d:c6: 16:89:e2:40:a8:fb:de:67:e4:d2:c5:b6:a0:1f:f2:92:f2:10: 9c:54:41:17:b6:98:41:a0:7e:7e:2c:d8:c3:85:a4:7d:e0:89: c2:4a:8f:69:32:ca:d2:d8:de:e7:3f:a9:43:a0:6f:54:2f:50: 90:44:a6:be -----BEGIN CERTIFICATE----- MIIE1DCCA7ygAwIBAgICGVIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQ0Uw QTlDQjAyOTM3QjU3RENFNjZBMTdGQjg0MjE2RDdBQkU3NjQzNDAeFw0yNTA5MTMw MzEwMThaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKEUyMUY4QjQ2REY3Q0JD MzVDRTY5NjRFRjZENDJERTY3QTUwREQ0MUEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCRSFFMOGkqP+5JUm8eTEAYsgpq1DLT+Ys3A5gWZokuE++Ro8C4 TxV2+XZ9FLwWhkYfK/3p1fsSLi1BRgug4NeUDuHdlzjI09Qx26OHRXOpKRT2ep/D 7E3fXWzxBkd1mJXdtmSnLnN5rsf9WaBe2OBw2IHqpFQLkfDICdYgd/FOUdW9zlEW /pNqGM09TD+mr1Zi6AcJHeQRXHwihhp71KzpMsmOljM44mRf9myMuBKs3ana6SKW wt8ZJ7foLswrf9PgJ5mWk0XEV4nELg57VlxhNkoo3cq0yvtAvTMuSx2aky4/Aeyn P5JS5op3Svjgq/682i0CzUnxN77qJLIYxI2FAgMBAAGjggHwMIIB7DAdBgNVHQ4E FgQU4h+LRt98vDXOaWTvbULeZ6UN1BowHwYDVR0jBBgwFoAUzgqcsCk3tX3OZqF/ uEIW16vnZDQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzU3 L3pncWNzQ2szdFgzT1pxRl91RUlXMTZ2blpEUS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvemdxY3NDazN0WDNPWnFGX3VFSVcxNnZuWkRRLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzU3LzRoLUxSdDk4dkRYT2FX VHZiVUxlWjZVTjFCby5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD AwAvcTANBgkqhkiG9w0BAQsFAAOCAQEABmgtj0uHtBhVHuT6KMsykMkPzCmqkqIK WzibqO+fprcyGVowsGG4XlD5cPGG1wR+KwYTaITECGZGFbqv3RrFcwtEcJoc60id /Wj2bbuIPG4HuxusVU7HZ+0D5bPmUJMXEjhb6059vDAxE3iXBFwB29o1qucUU/x3 itykOrZcfwBaxqcaJjecUs8MeEGZrB3Fqst928QSxbuyosEgD9GNNrtOI7phnoPQ bA+57wULIVbhVzdAv7QWeF6Cu8K+XJzuqTjijo3GFoniQKj73mfk0sW2oB/ykvIQ nFRBF7aYQaB+fizYw4WkfeCJwkqPaTLK0tje5z+pQ6BvVC9QkESmvg== -----END CERTIFICATE-----Generated at Mon Oct 20 15:27:02 2025 by rpki-client