$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/357/TKyNWD1BkvQVJhcoExsJPNXZ8RA.roa File: TKyNWD1BkvQVJhcoExsJPNXZ8RA.roa (raw, json) Hash identifier: tt1jtRoSM7ZcVuEJtyj2l/29W5SUIpR0xkxvDDm2Is4= Subject key identifier: 4C:AC:8D:58:3D:41:92:F4:15:26:17:28:13:1B:09:3C:D5:D9:F1:10 Certificate issuer: /CN=B3BA6AEF3B8FA2E5D9B5E43438E0020D426A1ECA Certificate serial: 195A Authority key identifier: B3:BA:6A:EF:3B:8F:A2:E5:D9:B5:E4:34:38:E0:02:0D:42:6A:1E:CA Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/s7pq7zuPouXZteQ0OOACDUJqHso.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/357/TKyNWD1BkvQVJhcoExsJPNXZ8RA.roa Signing time: Sat 13 Sep 2025 03:10:18 +0000 ROA not before: Sat 13 Sep 2025 03:10:18 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 37963 IP address blocks: 112.126.0.0/15 maxlen: 15 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/357/s7pq7zuPouXZteQ0OOACDUJqHso.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/357/s7pq7zuPouXZteQ0OOACDUJqHso.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/s7pq7zuPouXZteQ0OOACDUJqHso.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 18:07:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6490 (0x195a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=B3BA6AEF3B8FA2E5D9B5E43438E0020D426A1ECA Validity Not Before: Sep 13 03:10:18 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=4CAC8D583D4192F415261728131B093CD5D9F110 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:27:2d:4f:5a:ae:dc:62:cf:1d:35:bf:77:18: c6:7d:06:34:0a:3d:3e:6d:e9:04:00:9c:76:0f:7f: 20:0c:fd:43:bf:5e:89:24:67:f6:2e:96:82:ca:96: e9:6d:d3:a9:0b:88:e7:32:50:f7:ff:fc:1a:71:7b: 8a:6d:71:92:1a:ac:70:49:ea:a7:d9:fa:31:91:06: 28:40:92:20:e8:18:18:16:8e:bd:70:3a:d9:ee:1d: f9:03:1d:6b:3d:0c:fc:5b:96:8f:35:a1:a0:1e:c9: a5:a5:ba:6a:6f:80:63:56:7e:5d:95:7a:8f:79:bd: cb:46:7d:ca:d7:f0:42:1e:2a:ca:60:eb:23:2e:e0: 9b:da:02:2f:91:93:d9:91:ed:44:62:c4:0f:9a:cc: f5:86:59:8d:ce:e1:32:96:ee:0d:00:53:ea:1d:f4: 8b:e4:70:99:c2:e8:3b:01:30:dd:e9:21:e2:39:50: d8:ce:7a:7b:77:15:c6:30:24:11:7a:37:56:ab:80: 14:e1:6d:37:75:97:43:79:05:10:71:d3:6e:cb:c3: 6c:db:28:9a:72:d6:48:24:fe:ca:f0:2e:b8:82:48: ef:b6:e9:c1:50:0f:4a:8f:40:75:a6:36:5c:24:88: d1:60:84:cf:bd:1a:e1:a1:04:6a:4b:db:28:09:e2: 85:bd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4C:AC:8D:58:3D:41:92:F4:15:26:17:28:13:1B:09:3C:D5:D9:F1:10 X509v3 Authority Key Identifier: keyid:B3:BA:6A:EF:3B:8F:A2:E5:D9:B5:E4:34:38:E0:02:0D:42:6A:1E:CA X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/357/s7pq7zuPouXZteQ0OOACDUJqHso.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/s7pq7zuPouXZteQ0OOACDUJqHso.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/357/TKyNWD1BkvQVJhcoExsJPNXZ8RA.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 112.126.0.0/15 Signature Algorithm: sha256WithRSAEncryption 38:7a:2a:52:3c:f6:8c:8e:5b:f5:eb:d6:1b:da:7c:2a:c7:91: 81:cc:d4:71:88:2b:8b:3c:64:1c:41:b8:89:6f:81:3e:cb:5b: 0a:d4:d1:9d:22:2d:d2:40:87:e3:d9:39:56:8f:48:26:ba:a1: ea:f2:04:fb:5f:c0:87:6f:05:3b:b1:33:de:19:4b:2e:2f:05: 7f:d0:cb:82:72:d8:75:47:8e:cc:36:5e:1b:a8:9b:b9:14:9f: 34:eb:5d:06:13:6f:f8:7d:d7:22:4b:f4:a8:f0:a5:07:6e:54: 2e:cd:ed:20:9a:37:ea:5c:75:80:f7:73:5e:05:ae:01:a3:02: d2:9a:00:b8:33:1e:f3:bc:57:ae:04:87:d6:37:1d:24:c5:07: 2e:c1:fb:e5:a8:41:7d:45:ea:52:e0:5e:99:22:3b:e3:8d:47: 83:76:a3:d9:e0:2c:df:1b:35:5f:f8:75:00:31:52:e3:2d:a0: 4d:3e:bd:af:e2:35:82:7e:88:f7:df:22:7a:60:f7:2e:59:bc: 33:fa:7b:52:85:f8:11:bc:33:2b:b2:e6:bf:47:38:0e:57:21: f2:92:78:c6:33:6b:e8:fe:f6:de:39:1c:fd:a0:fe:01:92:e5: c9:d3:9f:75:d2:20:88:b0:21:bd:e3:54:0b:b2:f1:c7:21:10: f4:d9:50:02 -----BEGIN CERTIFICATE----- MIIE1DCCA7ygAwIBAgICGVowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQjNC QTZBRUYzQjhGQTJFNUQ5QjVFNDM0MzhFMDAyMEQ0MjZBMUVDQTAeFw0yNTA5MTMw MzEwMThaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDRDQUM4RDU4M0Q0MTky RjQxNTI2MTcyODEzMUIwOTNDRDVEOUYxMTAwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDLJy1PWq7cYs8dNb93GMZ9BjQKPT5t6QQAnHYPfyAM/UO/Xokk Z/YuloLKlult06kLiOcyUPf//Bpxe4ptcZIarHBJ6qfZ+jGRBihAkiDoGBgWjr1w OtnuHfkDHWs9DPxblo81oaAeyaWlumpvgGNWfl2Veo95vctGfcrX8EIeKspg6yMu 4JvaAi+Rk9mR7URixA+azPWGWY3O4TKW7g0AU+od9IvkcJnC6DsBMN3pIeI5UNjO ent3FcYwJBF6N1argBThbTd1l0N5BRBx027Lw2zbKJpy1kgk/srwLriCSO+26cFQ D0qPQHWmNlwkiNFghM+9GuGhBGpL2ygJ4oW9AgMBAAGjggHwMIIB7DAdBgNVHQ4E FgQUTKyNWD1BkvQVJhcoExsJPNXZ8RAwHwYDVR0jBBgwFoAUs7pq7zuPouXZteQ0 OOACDUJqHsowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzU3 L3M3cHE3enVQb3VYWnRlUTBPT0FDRFVKcUhzby5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvczdwcTd6dVBvdVhadGVRME9PQUNEVUpxSHNvLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzU3L1RLeU5XRDFCa3ZRVkpo Y29FeHNKUE5YWjhSQS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD AwFwfjANBgkqhkiG9w0BAQsFAAOCAQEAOHoqUjz2jI5b9evWG9p8KseRgczUcYgr izxkHEG4iW+BPstbCtTRnSIt0kCH49k5Vo9IJrqh6vIE+1/Ah28FO7Ez3hlLLi8F f9DLgnLYdUeOzDZeG6ibuRSfNOtdBhNv+H3XIkv0qPClB25ULs3tIJo36lx1gPdz XgWuAaMC0poAuDMe87xXrgSH1jcdJMUHLsH75ahBfUXqUuBemSI7441Hg3aj2eAs 3xs1X/h1ADFS4y2gTT69r+I1gn6I998iemD3Llm8M/p7UoX4EbwzK7Lmv0c4Dlch 8pJ4xjNr6P723jkc/aD+AZLlydOfddIgiLAhveNUC7LxxyEQ9NlQAg== -----END CERTIFICATE-----Generated at Mon Oct 20 15:27:05 2025 by rpki-client