$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3014/QaO1uOm--10kdt4-5Ywst6XwTd8.roa File: QaO1uOm--10kdt4-5Ywst6XwTd8.roa (raw, json) Hash identifier: 3gSGi23/Y8peyymw1F5O43ZVECMUxQzmR+0uedAHXWc= Subject key identifier: 41:A3:B5:B8:E9:BE:FB:5D:24:76:DE:3E:E5:8C:2C:B7:A5:F0:4D:DF Certificate issuer: /CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9 Certificate serial: 15CC Authority key identifier: 3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/QaO1uOm--10kdt4-5Ywst6XwTd8.roa Signing time: Sat 13 Sep 2025 03:06:48 +0000 ROA not before: Sat 13 Sep 2025 03:06:48 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 136907 IP address blocks: 110.41.90.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 18 Sep 2025 03:04:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5580 (0x15cc) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9 Validity Not Before: Sep 13 03:06:48 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=41A3B5B8E9BEFB5D2476DE3EE58C2CB7A5F04DDF Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ea:e5:a7:9d:0f:f3:07:e6:9e:21:c7:9f:9e:fe: b5:a0:c9:e3:a8:53:a2:8a:f2:17:dd:e3:93:1a:22: 1d:03:17:c2:e9:9f:eb:0c:9d:44:1f:74:11:ad:28: 9e:58:62:4e:16:57:ff:8f:a1:09:87:f0:2f:65:5d: a7:ac:80:b4:a3:9b:38:6e:47:59:65:c4:af:34:37: b4:e9:90:0d:cb:82:fe:9c:9f:29:fb:1b:5f:77:1a: ad:d3:f1:11:8c:f3:e2:1e:17:5e:f4:b1:1a:12:a8: 17:ed:3e:b0:20:69:6d:7e:09:04:ca:2f:86:f1:5b: f9:10:7a:d8:a9:69:b0:de:2f:9f:10:b5:58:13:3b: 81:e9:56:9d:0f:a1:02:11:2a:37:db:b5:6f:6f:14: ea:93:c8:2a:f2:51:93:42:e0:ef:b3:2d:17:8d:0d: e2:6a:ab:11:cc:93:00:e9:25:10:12:c4:6c:e1:fa: 65:48:46:76:fa:0c:41:52:9a:22:85:ad:f6:0d:4a: b8:00:af:58:ad:c8:9f:1d:f1:a1:d2:29:8c:ad:17: 00:d6:33:bb:57:32:31:0b:61:d0:40:ac:d9:43:3d: 59:33:b4:56:04:8c:df:f7:6d:ee:66:16:9d:93:8f: 1d:10:49:7b:07:b3:47:a2:69:1a:0e:92:56:e1:b9: 3b:9b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 41:A3:B5:B8:E9:BE:FB:5D:24:76:DE:3E:E5:8C:2C:B7:A5:F0:4D:DF X509v3 Authority Key Identifier: keyid:3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/QaO1uOm--10kdt4-5Ywst6XwTd8.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 110.41.90.0/24 Signature Algorithm: sha256WithRSAEncryption 60:bb:8c:4a:42:19:23:44:ea:e3:f8:1c:4c:60:44:8b:dc:e8: 5f:17:ef:47:c0:44:59:06:11:ca:a5:e5:c3:a6:4c:22:ac:33: 67:4f:9f:19:95:db:c2:7a:58:79:48:a3:b9:1f:91:75:c9:8b: 6d:09:0e:1a:b1:84:3a:0d:ca:8d:c9:49:aa:e5:0a:19:93:b6: 27:e5:6a:9c:b0:bc:f5:b1:3d:c4:fd:b4:47:03:c8:b6:9f:2a: b4:76:19:d0:62:75:d3:44:ee:bb:22:f5:da:44:c8:69:e9:8e: 59:29:10:44:74:68:84:4d:88:dd:28:16:f4:2a:9d:4e:77:b4: 49:10:53:a4:86:90:33:3a:2a:5a:1a:11:f9:04:be:2c:1f:dc: 47:a2:10:e6:a0:8c:ef:e2:a9:9a:42:c5:40:d1:7c:cb:72:40: 7f:8d:8c:3e:9c:f7:5a:54:30:4b:d2:54:8a:12:7c:05:39:24: 06:b2:ef:57:15:f6:59:a6:07:b6:a9:cd:32:23:b6:5d:6d:24: c8:58:88:4c:82:8c:db:80:20:09:3b:89:ae:3f:0a:15:0d:a0: 8b:57:8d:d5:a8:20:04:c3:1c:96:e1:4a:c1:c2:27:2d:25:bf: ba:5f:56:d2:ee:fd:82:8d:9a:68:35:45:bd:ca:0a:5a:ab:2d: a5:84:f1:39 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICFcwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0FD RTEwQzgzODI5MkM2RkM3MDY1ODVCNDQ0RUJBRURDQTJBMTFCOTAeFw0yNTA5MTMw MzA2NDhaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDQxQTNCNUI4RTlCRUZC NUQyNDc2REUzRUU1OEMyQ0I3QTVGMDREREYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDq5aedD/MH5p4hx5+e/rWgyeOoU6KK8hfd45MaIh0DF8Lpn+sM nUQfdBGtKJ5YYk4WV/+PoQmH8C9lXaesgLSjmzhuR1llxK80N7TpkA3Lgv6cnyn7 G193Gq3T8RGM8+IeF170sRoSqBftPrAgaW1+CQTKL4bxW/kQetipabDeL58QtVgT O4HpVp0PoQIRKjfbtW9vFOqTyCryUZNC4O+zLReNDeJqqxHMkwDpJRASxGzh+mVI Rnb6DEFSmiKFrfYNSrgAr1ityJ8d8aHSKYytFwDWM7tXMjELYdBArNlDPVkztFYE jN/3be5mFp2Tjx0QSXsHs0eiaRoOklbhuTubAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUQaO1uOm++10kdt4+5Ywst6XwTd8wHwYDVR0jBBgwFoAUOs4QyDgpLG/HBlhb RE667coqEbkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzAx NC9PczRReURncExHX0hCbGhiUkU2Njdjb3FFYmsuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL09zNFF5RGdwTEdfSEJsaGJSRTY2N2NvcUViay5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwMTQvUWFPMXVPbS0tMTBr ZHQ0LTVZd3N0Nlh3VGQ4LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAG4pWjANBgkqhkiG9w0BAQsFAAOCAQEAYLuMSkIZI0Tq4/gcTGBEi9zoXxfv R8BEWQYRyqXlw6ZMIqwzZ0+fGZXbwnpYeUijuR+RdcmLbQkOGrGEOg3KjclJquUK GZO2J+VqnLC89bE9xP20RwPItp8qtHYZ0GJ100TuuyL12kTIaemOWSkQRHRohE2I 3SgW9CqdTne0SRBTpIaQMzoqWhoR+QS+LB/cR6IQ5qCM7+KpmkLFQNF8y3JAf42M Ppz3WlQwS9JUihJ8BTkkBrLvVxX2WaYHtqnNMiO2XW0kyFiITIKM24AgCTuJrj8K FQ2gi1eN1aggBMMcluFKwcInLSW/ul9W0u79go2aaDVFvcoKWqstpYTxOQ== -----END CERTIFICATE-----Generated at Thu Sep 18 01:51:11 2025 by rpki-client