$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/3Aa64CqAUu4VctzjV-HEd-5sjOc.roa File: 3Aa64CqAUu4VctzjV-HEd-5sjOc.roa (raw, json) Hash identifier: +rJs5Y4CV30BvEg0p7knwIUR8YdOPuJqeBk+rTjdZvM= Subject key identifier: DC:06:BA:E0:2A:80:52:EE:15:72:DC:E3:57:E1:C4:77:EE:6C:8C:E7 Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 1ECB Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/3Aa64CqAUu4VctzjV-HEd-5sjOc.roa Signing time: Sat 13 Sep 2025 03:05:29 +0000 ROA not before: Sat 13 Sep 2025 03:05:29 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 139259 IP address blocks: 45.252.32.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 21 Oct 2025 00:35:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7883 (0x1ecb) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Sep 13 03:05:29 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=DC06BAE02A8052EE1572DCE357E1C477EE6C8CE7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:d2:e6:46:ce:7e:a5:10:86:b8:16:55:e7:ef: ea:66:85:67:13:25:1a:be:be:ce:0e:e9:e8:05:45: d1:f6:1a:72:19:84:31:5d:c8:c9:f8:f6:6f:74:1a: d3:ce:46:80:de:92:8c:d6:16:ee:b4:73:1c:0a:5f: 53:32:af:61:2b:c8:70:8a:93:a8:ad:0d:dc:2f:83: 1e:14:c3:6c:ed:44:6e:6b:0a:d7:d1:5b:4a:f3:17: 22:20:90:b2:b1:bc:c6:b3:d1:65:3c:17:c2:43:71: eb:7e:83:7a:c6:28:55:2d:ff:12:c2:33:27:5d:cf: cc:a0:6d:07:ff:99:f9:08:73:a9:8e:29:3f:c2:74: 91:04:5f:25:da:97:45:90:b3:c0:29:61:e2:39:2b: 13:99:81:02:80:10:f2:ce:2c:9e:b0:ec:a0:32:2d: be:dd:36:a9:4a:71:96:35:fa:59:70:f4:53:77:09: f0:cc:56:1a:e3:fd:e7:b9:12:18:0d:5b:68:d4:a1: 57:bf:9a:de:0e:d1:bb:00:c2:f5:47:67:4c:2f:e2: aa:b0:a9:b3:5f:12:13:00:dd:46:14:3d:0d:0e:f5: 1d:b4:09:a4:b7:69:17:0f:ea:f4:9e:f4:c2:73:11: fd:53:8e:b0:cf:dd:36:cc:40:dd:0d:db:cd:fd:f1: 64:db Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DC:06:BA:E0:2A:80:52:EE:15:72:DC:E3:57:E1:C4:77:EE:6C:8C:E7 X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/3Aa64CqAUu4VctzjV-HEd-5sjOc.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 45.252.32.0/22 Signature Algorithm: sha256WithRSAEncryption b7:1d:80:c4:45:6d:11:c5:94:7f:ff:15:c8:f7:06:a5:86:71: 9b:f9:a2:9c:40:93:15:46:e6:64:41:49:7f:b0:66:c0:03:d1: 81:96:0f:57:df:99:7a:25:b1:93:61:16:93:bc:40:91:be:85: 76:5c:43:be:b1:39:9e:cf:8a:0c:81:5c:75:5d:9c:d6:d8:59: 21:cd:28:12:a0:8c:eb:9b:04:c0:0c:df:6d:7a:a7:57:ae:58: 2d:cb:f2:49:a2:0a:99:58:af:38:63:c1:ce:5d:8c:a3:23:e9: 00:56:3e:b1:ae:f9:a4:11:89:ba:e7:a5:e9:cb:c0:28:bd:d7: e8:7f:ca:cb:96:44:d4:a7:d4:f5:0e:1e:5b:7d:2a:82:5a:fb: 2a:da:32:a4:6a:51:75:a9:b5:c1:76:3f:7b:a8:ce:65:75:65: 97:3d:b7:85:0d:78:54:68:e6:7c:f7:94:e1:ae:1f:25:5d:1a: c0:1b:09:b0:e4:96:43:54:a1:09:f7:2d:93:6a:b6:0e:8e:27: a5:2c:d2:17:66:27:db:8d:70:d8:4b:c0:47:f7:a6:90:c5:0c: 38:6a:9e:60:de:c9:a2:44:09:67:38:fb:56:10:42:4c:6f:9d: a5:57:25:90:fe:a4:e5:7e:2d:9f:58:7f:64:7f:e3:80:60:2c: 26:10:e3:aa -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICHsswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTA5MTMw MzA1MjlaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKERDMDZCQUUwMkE4MDUy RUUxNTcyRENFMzU3RTFDNDc3RUU2QzhDRTcwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC90uZGzn6lEIa4FlXn7+pmhWcTJRq+vs4O6egFRdH2GnIZhDFd yMn49m90GtPORoDekozWFu60cxwKX1Myr2EryHCKk6itDdwvgx4Uw2ztRG5rCtfR W0rzFyIgkLKxvMaz0WU8F8JDcet+g3rGKFUt/xLCMyddz8ygbQf/mfkIc6mOKT/C dJEEXyXal0WQs8ApYeI5KxOZgQKAEPLOLJ6w7KAyLb7dNqlKcZY1+llw9FN3CfDM Vhrj/ee5EhgNW2jUoVe/mt4O0bsAwvVHZ0wv4qqwqbNfEhMA3UYUPQ0O9R20CaS3 aRcP6vSe9MJzEf1TjrDP3TbMQN0N28398WTbAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQU3Aa64CqAUu4VctzjV+HEd+5sjOcwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3LzNBYTY0Q3FBVXU0VmN0 empWLUhFZC01c2pPYy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAIt/CAwDQYJKoZIhvcNAQELBQADggEBALcdgMRFbRHFlH//Fcj3BqWGcZv5opxA kxVG5mRBSX+wZsAD0YGWD1ffmXolsZNhFpO8QJG+hXZcQ76xOZ7PigyBXHVdnNbY WSHNKBKgjOubBMAM3216p1euWC3L8kmiCplYrzhjwc5djKMj6QBWPrGu+aQRibrn penLwCi91+h/ysuWRNSn1PUOHlt9KoJa+yraMqRqUXWptcF2P3uozmV1ZZc9t4UN eFRo5nz3lOGuHyVdGsAbCbDklkNUoQn3LZNqtg6OJ6Us0hdmJ9uNcNhLwEf3ppDF DDhqnmDeyaJECWc4+1YQQkxvnaVXJZD+pOV+LZ9Yf2R/44BgLCYQ46o= -----END CERTIFICATE-----Generated at Mon Oct 20 23:27:31 2025 by rpki-client