$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/89256y-OFuaNZAVPS-Eol6VomIQ.roa File: 89256y-OFuaNZAVPS-Eol6VomIQ.roa (raw, json) Hash identifier: bDvlmrdnFJhvCbcQbgqwKymZOt28MdyoXQRfTofiEoI= Subject key identifier: F3:DD:B9:EB:2F:8E:16:E6:8D:64:05:4F:4B:E1:28:97:A5:68:98:84 Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA Certificate serial: 7F8A Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/89256y-OFuaNZAVPS-Eol6VomIQ.roa Signing time: Wed 06 Aug 2025 07:33:12 +0000 ROA not before: Wed 06 Aug 2025 07:33:12 +0000 ROA not after: Fri 03 Apr 2026 08:00:09 +0000 asID: 24426 IP address blocks: 43.246.0.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 14 Aug 2025 14:33:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 32650 (0x7f8a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA Validity Not Before: Aug 6 07:33:12 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=F3DDB9EB2F8E16E68D64054F4BE12897A5689884 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:72:d1:4a:fe:6c:f5:c7:c1:c5:c2:fa:25:7e: eb:e1:3b:95:b4:b5:5d:a3:72:11:af:b9:72:57:c8: f5:ae:ba:8c:de:1b:76:5d:f0:e4:00:45:fc:30:81: 31:90:c5:2c:6f:19:40:c5:aa:c9:d6:15:b0:72:f1: 3d:97:ff:23:e4:61:bf:85:bc:60:3b:eb:45:dd:ee: 08:b3:88:68:74:01:56:59:79:b1:05:ef:fc:aa:df: 81:00:6e:c4:20:fc:ab:13:10:a0:00:73:80:34:27: 53:38:b4:6a:48:20:e0:c5:dd:64:b0:96:f7:81:81: c6:22:bd:ea:41:0c:60:1b:d9:6e:33:35:80:bd:1d: 86:42:71:4f:17:60:e9:c6:86:a8:96:f0:a9:a4:b1: db:57:31:60:85:93:8c:ea:5e:92:3d:08:9a:b1:e1: e9:1b:9d:d8:6e:3b:57:6e:8e:d9:8c:c9:fa:71:4a: 7c:4a:d2:a3:76:3f:8e:2c:4f:2f:25:a3:6d:41:1f: e3:9d:a4:35:51:ec:43:7f:38:ec:82:d8:3a:20:6d: 91:60:44:aa:17:c9:3b:d3:84:1b:18:cb:97:06:39: c9:d0:17:f0:39:3d:79:02:88:33:a8:3b:04:a2:ee: 99:43:d4:47:59:41:55:07:fb:7b:79:4c:3f:18:32: a7:2d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F3:DD:B9:EB:2F:8E:16:E6:8D:64:05:4F:4B:E1:28:97:A5:68:98:84 X509v3 Authority Key Identifier: keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/89256y-OFuaNZAVPS-Eol6VomIQ.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 43.246.0.0/22 Signature Algorithm: sha256WithRSAEncryption 82:d3:21:84:cc:14:c8:28:d6:a7:6c:1e:24:1b:20:ad:fc:d4: d6:dd:62:9f:92:a2:6c:36:80:0c:3d:e6:a7:78:06:53:2b:d5: f5:c5:49:ad:70:b2:63:10:fd:67:74:d9:2a:36:99:7c:af:a0: 29:c1:ae:70:47:97:01:a7:2f:45:89:1d:29:34:73:07:0a:a7: f4:27:bc:55:cd:fa:c3:b9:92:bb:24:a3:3f:e9:cc:5c:d2:28: 65:1e:d0:f3:12:53:e6:58:36:18:e9:15:a9:f7:af:02:0c:6c: 9a:29:13:d2:5e:2a:a0:96:47:78:12:cd:12:da:61:01:df:eb: db:40:e2:ab:11:ea:9c:1f:18:5d:22:36:77:7b:77:2b:fb:ca: d7:04:dd:c2:9d:a3:b1:8a:a8:83:bf:17:b5:09:28:43:9b:0f: 93:a8:7e:78:4b:2d:f8:2b:09:6a:e7:3a:6c:ba:88:a1:4d:db: a5:6b:6e:70:f7:b5:d5:96:ea:3e:7a:42:fd:cb:a1:88:6a:45: 8e:69:7c:7a:7f:e1:22:0f:07:50:99:96:9b:19:3d:85:4b:95: 45:3e:15:e9:7e:cf:da:d9:53:05:ec:de:64:f7:8a:dd:70:e9: b7:15:06:04:7e:9f:ec:09:9e:64:a1:5b:1f:2c:12:a3:d9:61: a0:87:05:fe -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICf4owDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNTA4MDYw NzMzMTJaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKEYzRERCOUVCMkY4RTE2 RTY4RDY0MDU0RjRCRTEyODk3QTU2ODk4ODQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC9ctFK/mz1x8HFwvolfuvhO5W0tV2jchGvuXJXyPWuuozeG3Zd 8OQARfwwgTGQxSxvGUDFqsnWFbBy8T2X/yPkYb+FvGA760Xd7giziGh0AVZZebEF 7/yq34EAbsQg/KsTEKAAc4A0J1M4tGpIIODF3WSwlveBgcYivepBDGAb2W4zNYC9 HYZCcU8XYOnGhqiW8KmksdtXMWCFk4zqXpI9CJqx4ekbndhuO1dujtmMyfpxSnxK 0qN2P44sTy8lo21BH+OdpDVR7EN/OOyC2DogbZFgRKoXyTvThBsYy5cGOcnQF/A5 PXkCiDOoOwSi7plD1EdZQVUH+3t5TD8YMqctAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQU89256y+OFuaNZAVPS+Eol6VomIQwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj 3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3 L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3Lzg5MjU2eS1PRnVhTlpB VlBTLUVvbDZWb21JUS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAIr9gAwDQYJKoZIhvcNAQELBQADggEBAILTIYTMFMgo1qdsHiQbIK381NbdYp+S omw2gAw95qd4BlMr1fXFSa1wsmMQ/Wd02So2mXyvoCnBrnBHlwGnL0WJHSk0cwcK p/QnvFXN+sO5krskoz/pzFzSKGUe0PMSU+ZYNhjpFan3rwIMbJopE9JeKqCWR3gS zRLaYQHf69tA4qsR6pwfGF0iNnd7dyv7ytcE3cKdo7GKqIO/F7UJKEObD5OofnhL LfgrCWrnOmy6iKFN26VrbnD3tdWW6j56Qv3LoYhqRY5pfHp/4SIPB1CZlpsZPYVL lUU+Fel+z9rZUwXs3mT3it1w6bcVBgR+n+wJnmShWx8sEqPZYaCHBf4= -----END CERTIFICATE-----Generated at Thu Aug 14 11:09:24 2025 by rpki-client