$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/4DU-LJELvAAVgage-9De6WBxyfo.roa File: 4DU-LJELvAAVgage-9De6WBxyfo.roa (raw, json) Hash identifier: Cn37iZuJd5YlTecj+msAdD2+d++n3EN1QkDnelO3l5w= Subject key identifier: E0:35:3E:2C:91:0B:BC:00:15:81:A8:1E:FB:D0:DE:E9:60:71:C9:FA Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA Certificate serial: 7F95 Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/4DU-LJELvAAVgage-9De6WBxyfo.roa Signing time: Wed 06 Aug 2025 07:33:16 +0000 ROA not before: Wed 06 Aug 2025 07:33:16 +0000 ROA not after: Fri 03 Apr 2026 08:00:09 +0000 asID: 24426 IP address blocks: 43.246.68.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 14 Aug 2025 14:33:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 32661 (0x7f95) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA Validity Not Before: Aug 6 07:33:16 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=E0353E2C910BBC001581A81EFBD0DEE96071C9FA Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:81:f9:35:7c:50:32:10:6b:eb:2c:4c:76:ff: 7b:7f:0a:2d:97:c9:f8:a3:90:66:0a:47:18:c6:bc: 3c:2d:0b:a0:6b:53:94:92:31:df:43:55:a8:c3:31: 0e:dd:62:4a:4f:7c:26:bd:19:e1:bd:0f:41:5a:af: d3:6a:25:2b:ec:33:b8:e3:c2:28:01:aa:95:c9:f7: 21:d1:d0:85:82:77:cb:24:1c:ce:b0:3f:47:d6:3d: b2:4e:32:11:d6:0e:d2:05:a2:b3:df:95:bb:c7:ea: 63:2c:ad:5b:12:65:19:ce:df:32:29:6a:e0:16:b5: 7a:4b:0e:69:c0:9b:c6:c6:48:de:31:6e:ba:b3:95: ea:ef:ff:07:cd:2e:59:8c:16:64:df:7e:64:0f:f5: 51:28:2d:9f:f1:9f:ac:c7:c4:62:f6:09:ee:8d:aa: c3:e5:48:af:a7:a7:22:f0:9f:23:85:b0:05:6d:19: d8:53:5e:4e:c0:27:69:b5:a0:ab:04:d6:44:db:8c: 24:8c:d8:2f:53:e5:d5:41:c3:a6:bf:18:15:29:c3: 41:6f:19:97:5f:d5:0b:6b:66:30:f5:0d:01:5a:72: 85:05:fe:ee:8c:b0:58:19:10:56:3b:0e:e4:91:7c: 2c:9c:1d:25:d5:e7:b9:76:ea:d3:f2:dd:fc:f7:86: 43:0b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E0:35:3E:2C:91:0B:BC:00:15:81:A8:1E:FB:D0:DE:E9:60:71:C9:FA X509v3 Authority Key Identifier: keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/4DU-LJELvAAVgage-9De6WBxyfo.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 43.246.68.0/22 Signature Algorithm: sha256WithRSAEncryption 9f:1e:a0:a3:55:f6:4e:25:c5:22:1e:2b:a9:82:d1:64:51:ec: 50:9d:47:f3:65:77:8a:33:7d:d7:cc:41:03:7a:31:76:41:3c: 4c:97:ef:d3:18:ad:5c:47:9f:ec:5c:37:85:bb:de:ec:35:e8: 14:6d:2c:ed:bd:96:47:09:a9:ba:4f:eb:2c:03:95:4c:ca:f1: df:1c:96:9e:41:8a:70:7a:f3:f0:cb:ac:8d:13:14:0b:35:58: 74:9b:2e:52:87:1d:55:01:ab:91:a3:d9:a3:18:87:af:da:ec: aa:ca:f1:e5:6e:43:b0:d5:8b:05:40:41:17:78:36:0d:01:82: 8d:b2:ab:3c:86:e2:5e:b9:2c:41:79:c5:b8:b8:70:6b:be:c7: 47:a5:94:60:58:d8:65:02:bb:c9:dd:df:e5:c5:81:ee:5c:52: 16:ee:be:03:0e:f7:63:cb:10:38:b2:78:8d:78:12:f4:92:b9: 34:0e:fe:b1:26:1d:6b:ce:eb:36:2c:b9:c7:a3:02:d0:85:e5: b5:4a:f7:44:c8:1c:50:a0:72:05:ce:38:2b:86:1f:c0:94:2c: 58:a3:f2:f2:15:6b:6a:1a:da:ad:56:0b:5e:c8:fe:f9:33:7e: b6:79:dd:e2:59:63:c5:74:33:05:e2:0a:95:a5:7c:02:5f:52: 41:1e:c3:35 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICf5UwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNTA4MDYw NzMzMTZaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKEUwMzUzRTJDOTEwQkJD MDAxNTgxQTgxRUZCRDBERUU5NjA3MUM5RkEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC/gfk1fFAyEGvrLEx2/3t/Ci2XyfijkGYKRxjGvDwtC6BrU5SS Md9DVajDMQ7dYkpPfCa9GeG9D0Far9NqJSvsM7jjwigBqpXJ9yHR0IWCd8skHM6w P0fWPbJOMhHWDtIForPflbvH6mMsrVsSZRnO3zIpauAWtXpLDmnAm8bGSN4xbrqz lerv/wfNLlmMFmTffmQP9VEoLZ/xn6zHxGL2Ce6NqsPlSK+npyLwnyOFsAVtGdhT Xk7AJ2m1oKsE1kTbjCSM2C9T5dVBw6a/GBUpw0FvGZdf1QtrZjD1DQFacoUF/u6M sFgZEFY7DuSRfCycHSXV57l26tPy3fz3hkMLAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQU4DU+LJELvAAVgage+9De6WBxyfowHwYDVR0jBBgwFoAUvevthkDLplk9qfmj 3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3 L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzREVS1MSkVMdkFBVmdh Z2UtOURlNldCeHlmby5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAIr9kQwDQYJKoZIhvcNAQELBQADggEBAJ8eoKNV9k4lxSIeK6mC0WRR7FCdR/Nl d4ozfdfMQQN6MXZBPEyX79MYrVxHn+xcN4W73uw16BRtLO29lkcJqbpP6ywDlUzK 8d8clp5BinB68/DLrI0TFAs1WHSbLlKHHVUBq5Gj2aMYh6/a7KrK8eVuQ7DViwVA QRd4Ng0Bgo2yqzyG4l65LEF5xbi4cGu+x0ellGBY2GUCu8nd3+XFge5cUhbuvgMO 92PLEDiyeI14EvSSuTQO/rEmHWvO6zYsucejAtCF5bVK90TIHFCgcgXOOCuGH8CU LFij8vIVa2oa2q1WC17I/vkzfrZ53eJZY8V0MwXiCpWlfAJfUkEewzU= -----END CERTIFICATE-----Generated at Thu Aug 14 11:10:50 2025 by rpki-client