$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/2ykehmXXhoverS1razLaK2Cw9oM.roa File: 2ykehmXXhoverS1razLaK2Cw9oM.roa (raw, json) Hash identifier: BSCO+LsBWKbxlEIZbqfXb6ME3jR325sZ52zJEe8kEzU= Subject key identifier: DB:29:1E:86:65:D7:86:8B:DE:AD:2D:6B:6B:32:DA:2B:60:B0:F6:83 Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA Certificate serial: 7F85 Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/2ykehmXXhoverS1razLaK2Cw9oM.roa Signing time: Wed 06 Aug 2025 07:33:11 +0000 ROA not before: Wed 06 Aug 2025 07:33:11 +0000 ROA not after: Fri 03 Apr 2026 08:00:09 +0000 asID: 24426 IP address blocks: 43.246.40.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 14 Aug 2025 14:33:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 32645 (0x7f85) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA Validity Not Before: Aug 6 07:33:11 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=DB291E8665D7868BDEAD2D6B6B32DA2B60B0F683 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:89:d8:f6:a7:56:f3:73:d7:0b:10:23:f3:47: 02:51:d0:b4:fe:25:9d:47:a9:42:f5:cf:34:5a:0d: b3:d7:5a:e7:de:78:21:c3:a8:50:e9:31:b5:ba:7f: ad:ac:4b:97:38:32:22:58:a5:af:f1:54:ba:99:35: ce:a1:f5:01:9f:58:3e:75:06:53:36:f8:e5:37:85: e3:95:bc:ed:85:c2:9b:2b:2c:b1:54:26:68:0a:57: 2a:f9:07:7d:03:79:9a:2d:ff:63:27:f8:9a:e9:40: 06:66:1e:37:69:73:98:e2:b0:f4:2b:77:b8:9d:39: 6b:ab:4a:e1:81:0f:0e:1c:e6:75:35:a4:23:ff:ae: f8:38:86:85:15:da:ad:ea:66:5f:fd:fa:5b:d2:d6: f1:44:24:24:b2:c0:7b:1b:d7:c6:fd:d6:13:a5:59: 1a:67:31:04:bd:45:1a:f3:24:49:da:77:c9:04:28: 81:a7:0a:72:6e:91:0d:07:0e:2e:82:2b:1c:3a:85: 38:0e:a9:e1:97:65:b8:72:2c:ad:eb:90:ac:7b:7a: 70:f0:c1:e7:db:28:6e:72:00:86:d5:10:cf:e7:7a: 95:c9:42:c5:6d:95:a4:54:f7:69:71:a6:89:08:53: d8:e4:a0:5d:62:c6:fc:25:e6:dc:64:63:44:ea:38: 65:21 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DB:29:1E:86:65:D7:86:8B:DE:AD:2D:6B:6B:32:DA:2B:60:B0:F6:83 X509v3 Authority Key Identifier: keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/2ykehmXXhoverS1razLaK2Cw9oM.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 43.246.40.0/22 Signature Algorithm: sha256WithRSAEncryption 3f:a2:3b:17:71:ec:c2:01:90:3a:0a:53:91:33:34:90:7a:0c: 96:15:fa:2c:a7:da:5d:eb:31:b4:2e:75:e3:0f:66:13:4e:14: b7:69:f5:06:2f:db:d4:75:73:b3:ea:97:8c:f7:35:af:9f:aa: a8:b2:7b:b1:56:b3:d6:ef:f7:c8:10:0c:6c:51:8f:66:1c:01: 1c:a2:d5:da:60:87:f1:49:c6:a0:e5:11:3c:9c:50:52:58:21: cd:f0:57:4e:99:e2:1d:5a:6a:29:14:a9:07:0e:15:73:3e:6f: 34:b6:b7:94:76:77:87:2d:26:51:06:e9:bb:ee:38:78:a9:d8: cf:71:ab:21:15:e0:3f:78:fe:fa:74:7a:1c:3d:60:88:c3:f9: d7:f0:77:d9:70:59:28:35:a3:a5:fe:bf:fb:3f:cc:0a:4f:0b: ce:f8:ca:52:33:2b:29:7a:f0:65:a2:69:ff:ff:c3:f7:36:59: d4:de:46:15:b3:90:11:d8:cf:d5:dd:4a:2d:1f:b4:0f:c0:88: a8:fe:c6:89:27:ec:f8:53:b6:84:ca:59:18:f6:98:24:cf:af: 42:6b:0e:26:cd:75:46:bf:3e:a9:82:ab:46:6a:fc:2f:de:7f: 65:f0:91:aa:a7:62:c3:7c:ae:ee:45:7b:a4:af:41:22:05:b9: d2:fc:d1:bf -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICf4UwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNTA4MDYw NzMzMTFaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKERCMjkxRTg2NjVENzg2 OEJERUFEMkQ2QjZCMzJEQTJCNjBCMEY2ODMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCtidj2p1bzc9cLECPzRwJR0LT+JZ1HqUL1zzRaDbPXWufeeCHD qFDpMbW6f62sS5c4MiJYpa/xVLqZNc6h9QGfWD51BlM2+OU3heOVvO2FwpsrLLFU JmgKVyr5B30DeZot/2Mn+JrpQAZmHjdpc5jisPQrd7idOWurSuGBDw4c5nU1pCP/ rvg4hoUV2q3qZl/9+lvS1vFEJCSywHsb18b91hOlWRpnMQS9RRrzJEnad8kEKIGn CnJukQ0HDi6CKxw6hTgOqeGXZbhyLK3rkKx7enDwwefbKG5yAIbVEM/nepXJQsVt laRU92lxpokIU9jkoF1ixvwl5txkY0TqOGUhAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQU2ykehmXXhoverS1razLaK2Cw9oMwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj 3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3 L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzJ5a2VobVhYaG92ZXJT MXJhekxhSzJDdzlvTS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAIr9igwDQYJKoZIhvcNAQELBQADggEBAD+iOxdx7MIBkDoKU5EzNJB6DJYV+iyn 2l3rMbQudeMPZhNOFLdp9QYv29R1c7Pql4z3Na+fqqiye7FWs9bv98gQDGxRj2Yc ARyi1dpgh/FJxqDlETycUFJYIc3wV06Z4h1aaikUqQcOFXM+bzS2t5R2d4ctJlEG 6bvuOHip2M9xqyEV4D94/vp0ehw9YIjD+dfwd9lwWSg1o6X+v/s/zApPC874ylIz Kyl68GWiaf//w/c2WdTeRhWzkBHYz9XdSi0ftA/AiKj+xokn7PhTtoTKWRj2mCTP r0JrDibNdUa/PqmCq0Zq/C/ef2XwkaqnYsN8ru5Fe6SvQSIFudL80b8= -----END CERTIFICATE-----Generated at Thu Aug 14 11:07:56 2025 by rpki-client