$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/6oJCwq3huRhuptRwkUvV4orD08M.roa File: 6oJCwq3huRhuptRwkUvV4orD08M.roa (raw, json) Hash identifier: 29C14QBs1Lskn1hNbX+Sv5gQlo/YIeXBaAz7YsJVGj0= Subject key identifier: EA:82:42:C2:AD:E1:B9:18:6E:A6:D4:70:91:4B:D5:E2:8A:C3:D3:C3 Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA Certificate serial: 7F7E Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/6oJCwq3huRhuptRwkUvV4orD08M.roa Signing time: Wed 06 Aug 2025 07:33:10 +0000 ROA not before: Wed 06 Aug 2025 07:33:10 +0000 ROA not after: Fri 03 Apr 2026 08:00:09 +0000 asID: 24426 IP address blocks: 43.246.56.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 14 Aug 2025 14:33:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 32638 (0x7f7e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA Validity Not Before: Aug 6 07:33:10 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=EA8242C2ADE1B9186EA6D470914BD5E28AC3D3C3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:9d:17:42:5c:9c:53:f4:fa:f6:f5:4e:9f:52: 5d:9a:80:54:8f:d8:92:db:ee:b5:52:7a:dc:93:04: dd:5c:0e:57:d1:68:14:3d:cf:0d:88:f2:a8:3d:85: 18:66:d9:75:b1:50:47:76:86:e8:77:ec:cf:0b:ae: 7c:4c:a5:55:e5:bf:b3:38:5d:99:58:7c:1e:35:99: 1f:24:26:14:1b:52:86:a9:77:8f:30:0e:ef:22:07: 4a:40:96:4b:49:4e:03:09:88:49:9f:a6:86:12:db: 23:41:18:18:56:ba:36:4c:7d:57:3e:db:fb:e9:99: 2d:80:74:60:1f:fb:10:78:a6:95:62:5e:cc:3f:ce: 54:4d:69:7f:5a:23:f1:1c:ce:bb:b4:27:73:a3:fd: 8e:1d:04:15:9e:4a:3a:02:5e:bd:e3:35:95:07:52: d2:39:6d:65:70:ef:2e:15:27:56:d5:56:01:1b:c7: 4b:78:77:89:66:18:78:84:28:25:b3:89:15:44:95: c2:3b:af:9b:f0:19:8a:fc:90:75:27:bb:2b:8c:e4: 87:a5:83:e3:61:4a:22:ca:f8:f7:ad:e8:b2:ee:3e: 30:56:d5:ba:f1:2b:e5:20:00:33:10:04:55:e5:ff: da:bd:61:db:49:83:86:71:8d:17:f1:76:ce:d8:52: 7f:03 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EA:82:42:C2:AD:E1:B9:18:6E:A6:D4:70:91:4B:D5:E2:8A:C3:D3:C3 X509v3 Authority Key Identifier: keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/6oJCwq3huRhuptRwkUvV4orD08M.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 43.246.56.0/22 Signature Algorithm: sha256WithRSAEncryption 68:ac:b9:53:03:3c:9c:54:b1:1c:5a:6d:e5:d0:92:9b:a1:74: 96:ea:75:2e:e7:c1:3a:7a:62:ac:84:23:5f:07:c7:e6:4a:ab: 4c:98:d7:f8:02:a1:16:fd:3e:47:f2:bd:dc:10:38:01:c7:27: 27:ff:94:26:66:61:9e:a8:32:04:0c:8a:05:11:59:67:8b:00: a4:dd:81:d7:b8:56:60:64:d9:b1:82:f1:92:68:0f:42:58:c3: 1a:e5:82:cb:0d:cf:2c:56:6b:a6:43:08:bc:57:01:e6:35:84: 3b:1c:4e:09:bf:ed:dc:b4:5c:a8:26:42:ac:35:57:64:f9:72: 35:0e:e3:1d:6f:bc:cc:f8:b5:26:cb:d3:d0:e0:ef:8d:a5:22: dc:7f:d5:23:12:87:8b:51:3c:77:69:85:7a:0e:34:94:11:ae: 8f:e1:d7:b5:b9:ff:9a:e6:3e:2d:1e:a6:66:dd:27:3d:61:c4: de:9b:fe:0e:d3:53:2e:75:a6:80:0d:3d:3c:09:12:ca:10:93: 94:e1:7a:0d:88:40:43:b8:a3:53:f9:a3:a4:80:90:35:07:e0: 80:cf:59:14:da:1f:b0:c4:f0:41:f9:70:81:62:cc:3c:fd:e9: 35:29:91:41:1d:e1:a7:d8:35:94:13:e3:46:b4:d5:73:02:f3: 5e:cc:7b:a9 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICf34wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNTA4MDYw NzMzMTBaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKEVBODI0MkMyQURFMUI5 MTg2RUE2RDQ3MDkxNEJENUUyOEFDM0QzQzMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCunRdCXJxT9Pr29U6fUl2agFSP2JLb7rVSetyTBN1cDlfRaBQ9 zw2I8qg9hRhm2XWxUEd2huh37M8LrnxMpVXlv7M4XZlYfB41mR8kJhQbUoapd48w Du8iB0pAlktJTgMJiEmfpoYS2yNBGBhWujZMfVc+2/vpmS2AdGAf+xB4ppViXsw/ zlRNaX9aI/Eczru0J3Oj/Y4dBBWeSjoCXr3jNZUHUtI5bWVw7y4VJ1bVVgEbx0t4 d4lmGHiEKCWziRVElcI7r5vwGYr8kHUnuyuM5Ielg+NhSiLK+Pet6LLuPjBW1brx K+UgADMQBFXl/9q9YdtJg4ZxjRfxds7YUn8DAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQU6oJCwq3huRhuptRwkUvV4orD08MwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj 3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3 L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzZvSkN3cTNodVJodXB0 UndrVXZWNG9yRDA4TS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAIr9jgwDQYJKoZIhvcNAQELBQADggEBAGisuVMDPJxUsRxabeXQkpuhdJbqdS7n wTp6YqyEI18Hx+ZKq0yY1/gCoRb9PkfyvdwQOAHHJyf/lCZmYZ6oMgQMigURWWeL AKTdgde4VmBk2bGC8ZJoD0JYwxrlgssNzyxWa6ZDCLxXAeY1hDscTgm/7dy0XKgm Qqw1V2T5cjUO4x1vvMz4tSbL09Dg742lItx/1SMSh4tRPHdphXoONJQRro/h17W5 /5rmPi0epmbdJz1hxN6b/g7TUy51poANPTwJEsoQk5Theg2IQEO4o1P5o6SAkDUH 4IDPWRTaH7DE8EH5cIFizDz96TUpkUEd4afYNZQT40a01XMC817Me6k= -----END CERTIFICATE-----Generated at Thu Aug 14 11:07:54 2025 by rpki-client