$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/0WPOtftbuv6XlKwcQGdJTy2bHA0.roa File: 0WPOtftbuv6XlKwcQGdJTy2bHA0.roa (raw, json) Hash identifier: 9tX1zuaC2IO1pFc6Vgg+czbS5gB1j28C2GhJnMBvnxc= Subject key identifier: D1:63:CE:B5:FB:5B:BA:FE:97:94:AC:1C:40:67:49:4F:2D:9B:1C:0D Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA Certificate serial: 7F9B Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/0WPOtftbuv6XlKwcQGdJTy2bHA0.roa Signing time: Wed 06 Aug 2025 07:33:17 +0000 ROA not before: Wed 06 Aug 2025 07:33:17 +0000 ROA not after: Fri 03 Apr 2026 08:00:09 +0000 asID: 24426 IP address blocks: 43.246.32.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 14 Aug 2025 14:33:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 32667 (0x7f9b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA Validity Not Before: Aug 6 07:33:17 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=D163CEB5FB5BBAFE9794AC1C4067494F2D9B1C0D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:77:5b:bf:8e:99:dd:7e:ed:32:b2:d2:39:80: 1f:2c:06:77:76:23:4e:c9:56:cf:7b:7a:0b:44:e7: 1a:6d:05:71:99:08:b6:66:b6:9e:30:91:c9:7e:73: 1f:ca:e9:39:90:41:5f:87:5e:a0:f6:4e:dc:8e:bd: 5e:69:6a:ce:07:3a:e2:c5:ca:5f:6e:17:f9:e7:09: 5e:98:2e:99:47:39:7f:79:4c:ef:7c:e0:9f:81:76: 76:c6:5c:0c:53:eb:7e:bd:4f:4d:eb:a0:0d:ac:84: 2c:72:25:e9:1e:84:ed:4c:5e:90:6b:da:e6:53:9b: f1:53:79:1b:17:6e:fb:b0:08:82:cd:e8:f7:a2:60: 6f:a7:62:d3:94:35:57:68:46:c6:0f:dc:26:f7:9b: 7f:ce:ef:57:9f:de:87:39:62:55:50:ea:19:18:50: 1d:a0:2c:b4:44:21:0b:9a:1b:e9:cb:8d:dc:69:74: 66:9e:5a:a1:9c:83:5e:ab:b9:86:5a:3e:4d:59:53: 97:eb:67:f6:fb:ef:73:9f:cd:bd:10:38:21:7e:ea: c3:1d:b7:e1:05:96:a1:97:d1:70:00:b2:25:cc:39: 9e:43:33:20:5d:cf:cc:06:da:c0:1a:1c:a4:d4:b4: 9e:bb:ea:a8:e0:a2:56:b6:7e:6d:dc:4a:e2:cc:d5: aa:d1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D1:63:CE:B5:FB:5B:BA:FE:97:94:AC:1C:40:67:49:4F:2D:9B:1C:0D X509v3 Authority Key Identifier: keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/0WPOtftbuv6XlKwcQGdJTy2bHA0.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 43.246.32.0/22 Signature Algorithm: sha256WithRSAEncryption a3:4a:d0:e2:99:e2:89:45:4f:07:4a:92:5f:e1:5b:04:8c:30: 26:4a:ed:6c:76:a3:33:17:49:58:2e:74:b6:43:4e:66:ed:9d: ac:03:8d:c9:05:36:d2:b1:4b:0b:f9:af:88:3e:c9:f8:c0:ba: b6:f2:67:ae:36:8c:9b:7d:c3:db:3e:c0:fa:ec:8f:61:b3:2c: ae:a8:a4:fd:e2:00:62:ed:f1:e1:bc:8e:c6:f7:1a:fc:3e:51: c4:be:68:d8:87:eb:76:3b:3b:f8:52:d3:48:b8:ab:d8:1c:ce: 31:95:0e:62:5d:c6:ed:26:6c:22:e4:77:38:8a:38:3e:c4:1c: 83:d5:da:ec:8e:13:bf:00:5a:d7:4c:0e:d0:76:71:9a:5b:71: 38:78:81:a9:87:e5:81:e2:f5:3a:31:58:16:80:e6:92:9c:58: 97:9f:70:80:72:22:fd:d1:7f:38:10:cf:b8:bb:34:79:ab:be: 6e:e0:18:e7:18:da:95:20:e2:d3:59:2e:af:e7:f3:99:35:c5: cc:da:e0:ec:19:61:8e:48:90:7b:77:7e:40:01:ec:c9:b9:40: fb:24:b3:1c:50:1c:d5:28:57:5b:48:af:04:eb:61:47:d9:cc: 78:38:3d:b9:34:1d:55:d7:5e:5b:72:40:b7:d4:32:e2:a3:56: ce:02:3a:35 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICf5swDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNTA4MDYw NzMzMTdaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKEQxNjNDRUI1RkI1QkJB RkU5Nzk0QUMxQzQwNjc0OTRGMkQ5QjFDMEQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC0d1u/jpndfu0ystI5gB8sBnd2I07JVs97egtE5xptBXGZCLZm tp4wkcl+cx/K6TmQQV+HXqD2TtyOvV5pas4HOuLFyl9uF/nnCV6YLplHOX95TO98 4J+BdnbGXAxT6369T03roA2shCxyJekehO1MXpBr2uZTm/FTeRsXbvuwCILN6Pei YG+nYtOUNVdoRsYP3Cb3m3/O71ef3oc5YlVQ6hkYUB2gLLREIQuaG+nLjdxpdGae WqGcg16ruYZaPk1ZU5frZ/b773Ofzb0QOCF+6sMdt+EFlqGX0XAAsiXMOZ5DMyBd z8wG2sAaHKTUtJ676qjgola2fm3cSuLM1arRAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQU0WPOtftbuv6XlKwcQGdJTy2bHA0wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj 3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3 L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzBXUE90ZnRidXY2WGxL d2NRR2RKVHkyYkhBMC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAIr9iAwDQYJKoZIhvcNAQELBQADggEBAKNK0OKZ4olFTwdKkl/hWwSMMCZK7Wx2 ozMXSVgudLZDTmbtnawDjckFNtKxSwv5r4g+yfjAurbyZ642jJt9w9s+wPrsj2Gz LK6opP3iAGLt8eG8jsb3Gvw+UcS+aNiH63Y7O/hS00i4q9gczjGVDmJdxu0mbCLk dziKOD7EHIPV2uyOE78AWtdMDtB2cZpbcTh4gamH5YHi9ToxWBaA5pKcWJefcIBy Iv3RfzgQz7i7NHmrvm7gGOcY2pUg4tNZLq/n85k1xcza4OwZYY5IkHt3fkAB7Mm5 QPsksxxQHNUoV1tIrwTrYUfZzHg4Pbk0HVXXXltyQLfUMuKjVs4COjU= -----END CERTIFICATE-----Generated at Thu Aug 14 11:06:08 2025 by rpki-client