$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/656/3lTnMaF2fpU1P4aAfe5jSM4C6UA.roa File: 3lTnMaF2fpU1P4aAfe5jSM4C6UA.roa (raw, json) Hash identifier: DXKhHOoNe+NlZr1IOaKveq+yCoLG8homL40Pu3WWz5E= Subject key identifier: DE:54:E7:31:A1:76:7E:95:35:3F:86:80:7D:EE:63:48:CE:02:E9:40 Certificate issuer: /CN=64DC20D9612C5B77499A6D223A652B2E38B11647 Certificate serial: 1C22 Authority key identifier: 64:DC:20:D9:61:2C:5B:77:49:9A:6D:22:3A:65:2B:2E:38:B1:16:47 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/ZNwg2WEsW3dJmm0iOmUrLjixFkc.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/656/3lTnMaF2fpU1P4aAfe5jSM4C6UA.roa Signing time: Sat 13 Sep 2025 03:06:58 +0000 ROA not before: Sat 13 Sep 2025 03:06:58 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 45090 IP address blocks: 124.220.0.0/14 maxlen: 24 175.178.0.0/16 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/656/ZNwg2WEsW3dJmm0iOmUrLjixFkc.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/656/ZNwg2WEsW3dJmm0iOmUrLjixFkc.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/ZNwg2WEsW3dJmm0iOmUrLjixFkc.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 20 Sep 2025 10:04:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7202 (0x1c22) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=64DC20D9612C5B77499A6D223A652B2E38B11647 Validity Not Before: Sep 13 03:06:58 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=DE54E731A1767E95353F86807DEE6348CE02E940 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d4:9c:d1:f9:0e:df:8f:00:b4:27:7a:44:3a:92: b2:d9:22:f8:5e:79:7a:18:f3:87:21:df:49:40:ee: 84:40:94:96:b5:0f:6b:ab:dc:60:e4:b6:95:82:a7: 8b:59:e1:e4:b9:10:b3:fc:ea:b0:aa:43:f5:d3:a1: 8c:a8:32:39:cb:04:53:82:8c:e4:de:17:ca:ce:36: d3:40:e0:fc:72:d7:28:bf:55:10:ad:27:8d:cd:da: cd:7a:59:83:64:85:73:53:b2:d4:5a:02:bd:23:a9: 16:20:ca:fc:70:e6:04:81:a3:15:5b:63:fc:0b:7e: 10:1e:46:f1:bc:33:26:3f:9b:19:3a:65:3c:64:e8: 6d:e1:cf:3f:42:6b:c5:b8:15:5d:ee:d6:8f:b3:7a: 11:73:ec:70:7e:6c:9d:c2:5b:79:25:6b:0e:08:d3: 9e:04:4d:be:ce:64:d7:9f:2f:83:0c:88:bc:1f:9c: f8:e0:df:c3:4c:8e:c6:1f:a0:c7:95:1c:8b:db:15: d5:cd:36:a3:c1:f5:f5:71:e7:15:9c:ef:12:19:b0: 44:2d:75:4e:8f:0a:08:04:59:9e:6b:0e:79:60:94: 35:93:8a:c6:c7:da:8c:0d:83:05:8b:fc:2e:39:5e: 99:a4:5b:60:48:6f:7f:22:21:04:95:15:f5:c2:30: f4:35 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DE:54:E7:31:A1:76:7E:95:35:3F:86:80:7D:EE:63:48:CE:02:E9:40 X509v3 Authority Key Identifier: keyid:64:DC:20:D9:61:2C:5B:77:49:9A:6D:22:3A:65:2B:2E:38:B1:16:47 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/656/ZNwg2WEsW3dJmm0iOmUrLjixFkc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/ZNwg2WEsW3dJmm0iOmUrLjixFkc.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/656/3lTnMaF2fpU1P4aAfe5jSM4C6UA.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 124.220.0.0/14 175.178.0.0/16 Signature Algorithm: sha256WithRSAEncryption 49:e0:b6:a2:94:95:2c:d1:6f:f3:42:c4:63:7a:4e:34:c4:d7: a8:d6:77:8b:60:6b:e7:15:ce:17:24:8b:fa:14:77:22:6f:01: 31:8e:ce:76:35:cd:4a:e8:9b:80:b8:59:b8:d5:aa:e5:03:e0: 67:17:b3:c5:44:ae:54:0b:49:48:e7:3f:9f:4a:e0:b5:fc:6d: 25:9c:f2:58:b1:bf:75:e0:e7:a0:cc:62:9d:24:35:dd:2b:19: 5b:61:da:68:4d:45:0a:fb:fe:52:c5:99:b2:7d:6e:c0:7b:6b: a7:25:69:b7:6b:53:4a:9e:94:67:ef:40:6b:2c:fa:8c:29:73: 2d:e6:5b:dd:91:d3:09:d1:67:bb:75:a4:c5:8b:45:23:c8:46: b3:61:b9:f6:e7:5b:1e:15:f4:c0:18:b2:c6:0c:b5:9d:3a:37: bf:39:b0:50:18:ca:19:13:8b:aa:1e:9e:93:61:49:a2:47:af: 34:cb:56:4c:90:94:6d:1b:73:ff:38:08:21:94:b4:6e:6c:26: 45:27:e4:c3:94:e9:cb:12:21:04:7b:71:01:f4:82:b4:06:af: 9c:8c:31:a3:d0:79:f0:26:f5:b4:0d:f0:e5:03:d3:3a:07:6b: 33:d3:8f:c5:c7:e9:3d:bf:09:0e:e0:69:51:b0:48:a0:9a:d1: 67:5d:1e:44 -----BEGIN CERTIFICATE----- MIIE2TCCA8GgAwIBAgICHCIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNjRE QzIwRDk2MTJDNUI3NzQ5OUE2RDIyM0E2NTJCMkUzOEIxMTY0NzAeFw0yNTA5MTMw MzA2NThaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKERFNTRFNzMxQTE3NjdF OTUzNTNGODY4MDdERUU2MzQ4Q0UwMkU5NDAwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDUnNH5Dt+PALQnekQ6krLZIvheeXoY84ch30lA7oRAlJa1D2ur 3GDktpWCp4tZ4eS5ELP86rCqQ/XToYyoMjnLBFOCjOTeF8rONtNA4Pxy1yi/VRCt J43N2s16WYNkhXNTstRaAr0jqRYgyvxw5gSBoxVbY/wLfhAeRvG8MyY/mxk6ZTxk 6G3hzz9Ca8W4FV3u1o+zehFz7HB+bJ3CW3klaw4I054ETb7OZNefL4MMiLwfnPjg 38NMjsYfoMeVHIvbFdXNNqPB9fVx5xWc7xIZsEQtdU6PCggEWZ5rDnlglDWTisbH 2owNgwWL/C45XpmkW2BIb38iIQSVFfXCMPQ1AgMBAAGjggH1MIIB8TAdBgNVHQ4E FgQU3lTnMaF2fpU1P4aAfe5jSM4C6UAwHwYDVR0jBBgwFoAUZNwg2WEsW3dJmm0i OmUrLjixFkcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjU2 L1pOd2cyV0VzVzNkSm1tMGlPbVVyTGppeEZrYy5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvWk53ZzJXRXNXM2RKbW0waU9tVXJMaml4RmtjLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjU2LzNsVG5NYUYyZnBVMVA0 YUFmZTVqU000QzZVQS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwIwYIKwYBBQUHAQcBAf8EFDASMBAEAgABMAoD AwJ83AMDAK+yMA0GCSqGSIb3DQEBCwUAA4IBAQBJ4LailJUs0W/zQsRjek40xNeo 1neLYGvnFc4XJIv6FHcibwExjs52Nc1K6JuAuFm41arlA+BnF7PFRK5UC0lI5z+f SuC1/G0lnPJYsb914OegzGKdJDXdKxlbYdpoTUUK+/5SxZmyfW7Ae2unJWm3a1NK npRn70BrLPqMKXMt5lvdkdMJ0We7daTFi0UjyEazYbn251seFfTAGLLGDLWdOje/ ObBQGMoZE4uqHp6TYUmiR680y1ZMkJRtG3P/OAghlLRubCZFJ+TDlOnLEiEEe3EB 9IK0Bq+cjDGj0HnwJvW0DfDlA9M6B2sz04/Fx+k9vwkO4GlRsEigmtFnXR5E -----END CERTIFICATE-----Generated at Sat Sep 20 08:03:46 2025 by rpki-client