$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/3JXnXy6rNiFmIZZQPMZ6BwgQVnk.roa File: 3JXnXy6rNiFmIZZQPMZ6BwgQVnk.roa (raw, json) Hash identifier: PDtlpCGRSUE3QdQ/9iYK+EM9l9dOKEXrGFKB1zphtPY= Subject key identifier: DC:95:E7:5F:2E:AB:36:21:66:21:96:50:3C:C6:7A:07:08:10:56:79 Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA Certificate serial: 7FA2 Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/3JXnXy6rNiFmIZZQPMZ6BwgQVnk.roa Signing time: Wed 06 Aug 2025 07:33:19 +0000 ROA not before: Wed 06 Aug 2025 07:33:19 +0000 ROA not after: Fri 03 Apr 2026 08:00:09 +0000 asID: 24426 IP address blocks: 43.246.12.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 14 Aug 2025 14:33:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 32674 (0x7fa2) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA Validity Not Before: Aug 6 07:33:19 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=DC95E75F2EAB3621662196503CC67A0708105679 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d4:f0:81:0d:08:be:2a:87:22:cd:94:ca:09:0d: 03:5f:eb:8b:01:1f:fa:83:d2:0f:7b:57:21:27:d0: 75:d4:f6:03:d3:ac:77:eb:d6:0c:63:41:19:f9:f5: 43:36:64:c3:5a:9d:22:ee:d2:4b:ea:f7:00:6f:fc: 30:e6:d7:34:30:10:69:38:06:a6:82:2c:01:06:54: f4:35:01:6d:e1:80:7f:6e:1d:5b:03:89:00:0c:01: 53:8e:47:a6:8a:b3:df:e0:65:5c:5b:00:77:4a:38: 2f:72:55:d4:79:54:ce:da:7a:66:85:43:97:e8:7c: 17:a9:86:67:b9:16:96:14:9d:b3:37:ac:f7:c8:ab: 0b:3d:cf:e7:86:b8:64:c0:31:40:31:dd:9c:ea:54: d4:c2:54:4b:f3:d4:f2:51:9d:98:31:61:fc:b5:d1: f6:2a:a4:98:d2:ed:92:54:39:26:53:39:5b:d6:ac: dd:a7:42:e9:da:5f:66:01:0e:8f:f0:37:52:f6:70: 00:a3:cc:12:63:f8:55:6d:f2:b7:4c:66:02:6b:f0: 71:6f:c4:6f:5d:7a:ba:40:04:c0:05:46:f4:ec:19: b0:94:9c:92:31:df:45:18:1e:2c:33:2f:e5:e4:8e: ff:86:8b:53:c6:50:49:9e:fc:4e:01:d2:38:97:91: 68:53 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DC:95:E7:5F:2E:AB:36:21:66:21:96:50:3C:C6:7A:07:08:10:56:79 X509v3 Authority Key Identifier: keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/3JXnXy6rNiFmIZZQPMZ6BwgQVnk.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 43.246.12.0/22 Signature Algorithm: sha256WithRSAEncryption 52:6c:51:2d:d2:01:6f:18:10:81:0e:9b:a2:8c:58:6f:d4:2f: 48:f5:43:18:f3:17:75:74:51:5c:eb:3e:7c:88:e4:0e:6b:67: 8f:eb:c4:33:f6:98:75:f4:1f:2e:17:6a:44:0d:8d:2b:a7:49: f7:0c:3d:e4:81:0d:37:51:f3:3d:c0:21:c1:6e:5d:91:52:93: 08:02:9a:65:d7:f9:9b:c1:6e:aa:0e:4b:0a:74:95:67:d7:ad: 5b:28:90:9d:8b:ae:84:d1:4e:ff:35:bb:c9:fb:7e:1a:93:8d: 66:49:42:d1:5a:91:a7:5f:86:19:ae:7a:f0:08:b3:97:37:a4: 23:28:3c:06:ba:5f:1a:80:58:ff:19:93:fd:91:fc:28:b5:8b: 94:b8:3b:78:be:3b:85:41:45:e4:5c:ef:65:3a:c4:6b:06:55: 0e:95:3e:23:3a:30:32:4a:38:9d:0b:12:87:52:b5:1b:79:06: 8c:40:e4:8f:f7:a6:fd:dd:21:c0:99:dd:ff:a2:d8:d4:aa:95: 2f:21:0b:b0:e6:18:e7:7f:30:f9:fa:a1:b1:ba:17:42:73:7d: 76:08:c3:48:09:e3:be:96:6e:ee:d3:8a:f7:cf:00:d7:6c:5a: e1:4e:b4:f5:81:f7:92:07:b3:6a:b0:65:87:a3:11:b3:51:4f: 29:af:a8:53 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICf6IwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNTA4MDYw NzMzMTlaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKERDOTVFNzVGMkVBQjM2 MjE2NjIxOTY1MDNDQzY3QTA3MDgxMDU2NzkwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDU8IENCL4qhyLNlMoJDQNf64sBH/qD0g97VyEn0HXU9gPTrHfr 1gxjQRn59UM2ZMNanSLu0kvq9wBv/DDm1zQwEGk4BqaCLAEGVPQ1AW3hgH9uHVsD iQAMAVOOR6aKs9/gZVxbAHdKOC9yVdR5VM7aemaFQ5fofBephme5FpYUnbM3rPfI qws9z+eGuGTAMUAx3ZzqVNTCVEvz1PJRnZgxYfy10fYqpJjS7ZJUOSZTOVvWrN2n QunaX2YBDo/wN1L2cACjzBJj+FVt8rdMZgJr8HFvxG9derpABMAFRvTsGbCUnJIx 30UYHiwzL+Xkjv+Gi1PGUEme/E4B0jiXkWhTAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQU3JXnXy6rNiFmIZZQPMZ6BwgQVnkwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj 3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3 L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzNKWG5YeTZyTmlGbUla WlFQTVo2QndnUVZuay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAIr9gwwDQYJKoZIhvcNAQELBQADggEBAFJsUS3SAW8YEIEOm6KMWG/UL0j1Qxjz F3V0UVzrPnyI5A5rZ4/rxDP2mHX0Hy4XakQNjSunSfcMPeSBDTdR8z3AIcFuXZFS kwgCmmXX+ZvBbqoOSwp0lWfXrVsokJ2LroTRTv81u8n7fhqTjWZJQtFakadfhhmu evAIs5c3pCMoPAa6XxqAWP8Zk/2R/Ci1i5S4O3i+O4VBReRc72U6xGsGVQ6VPiM6 MDJKOJ0LEodStRt5BoxA5I/3pv3dIcCZ3f+i2NSqlS8hC7DmGOd/MPn6obG6F0Jz fXYIw0gJ476Wbu7TivfPANdsWuFOtPWB95IHs2qwZYejEbNRTymvqFM= -----END CERTIFICATE-----Generated at Thu Aug 14 11:09:20 2025 by rpki-client