$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/F40yyzr-rK6Hpf7hTocwOAXCGBI.roa File: F40yyzr-rK6Hpf7hTocwOAXCGBI.roa (raw, json) Hash identifier: eLshj3lyqfRCYc5jfVqKe/soyYADrOvnc3G/RrfmhPQ= Subject key identifier: 17:8D:32:CB:3A:FE:AC:AE:87:A5:FE:E1:4E:87:30:38:05:C2:18:12 Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA Certificate serial: 7F82 Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/F40yyzr-rK6Hpf7hTocwOAXCGBI.roa Signing time: Wed 06 Aug 2025 07:33:11 +0000 ROA not before: Wed 06 Aug 2025 07:33:11 +0000 ROA not after: Fri 03 Apr 2026 08:00:09 +0000 asID: 24426 IP address blocks: 43.246.16.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 14 Aug 2025 14:33:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 32642 (0x7f82) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA Validity Not Before: Aug 6 07:33:11 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=178D32CB3AFEACAE87A5FEE14E87303805C21812 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:3a:55:65:d2:dd:ed:05:4f:75:2a:23:c1:79: a0:d7:5d:cf:96:91:b2:87:46:7c:c2:e2:75:76:ca: 1b:09:40:7a:fc:bf:6b:ae:70:00:d9:b5:aa:3d:1d: 35:e9:2e:32:c7:a2:39:95:77:2b:d5:fa:35:e9:e5: e6:39:7a:14:fa:f6:3f:0d:8a:9d:36:af:ef:bd:9c: 8d:ea:49:12:ef:29:ed:82:44:b5:8a:e0:bd:4c:3c: 22:fe:03:61:75:1b:e0:79:e8:39:7a:2f:2f:55:0b: 63:39:74:99:40:0b:b1:33:50:af:49:46:ad:45:22: 3d:ad:87:e0:33:ae:65:40:f3:b9:ff:17:1b:f2:b9: d7:8f:01:e7:56:30:ce:28:3a:df:93:97:57:81:f2: c0:b5:0c:a2:93:79:75:f5:7a:12:0d:31:3a:fc:76: 84:c2:82:14:ac:53:db:59:b9:2d:71:53:83:3e:23: 13:a5:e2:30:59:03:e3:00:c9:41:a6:d2:92:48:29: e3:87:cd:8e:0f:79:ef:93:65:08:67:db:54:94:ad: 60:ad:02:23:aa:4c:ea:0b:17:30:81:2a:21:75:55: 37:1d:64:77:b8:3a:fc:a1:ab:da:5c:bc:9c:a6:66: 06:5c:25:c9:01:59:fe:3f:d6:0b:e6:24:aa:8e:6c: 25:e9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 17:8D:32:CB:3A:FE:AC:AE:87:A5:FE:E1:4E:87:30:38:05:C2:18:12 X509v3 Authority Key Identifier: keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/F40yyzr-rK6Hpf7hTocwOAXCGBI.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 43.246.16.0/22 Signature Algorithm: sha256WithRSAEncryption 37:63:1d:4a:7f:e2:b9:71:e7:66:e7:52:72:34:70:cf:c8:06: d0:73:5d:fe:17:c4:f9:a5:b2:4b:ce:6f:96:ff:7b:6d:19:d1: a4:34:1f:7e:1e:4e:b1:e8:c3:01:5b:c4:df:91:57:bb:66:b2: 46:09:14:b2:fd:2a:c9:5c:49:6b:d1:1f:15:81:e6:1b:0d:f3: 33:7c:18:97:24:a9:dc:56:dc:f7:53:ed:9b:38:5c:e6:96:e9: e7:08:fa:da:11:c7:47:b5:98:d1:c9:4f:e1:98:7f:b2:92:d9: 10:2f:a4:41:09:26:d9:9f:07:63:19:e9:79:f5:21:41:a9:56: 80:b6:a3:17:7e:8b:32:2f:07:15:48:98:d8:84:fe:8b:2c:6a: 65:22:dd:d3:f3:a2:ba:68:67:d0:38:be:8e:a1:27:3b:6b:69: ac:a3:0b:c6:87:db:7f:6a:68:20:a0:ec:fb:a1:42:51:60:5c: aa:ad:9b:9c:a9:77:19:80:98:45:d5:63:5d:d4:83:44:6e:91: e2:64:78:f3:fd:a9:1d:20:cf:9c:e8:8f:59:c9:4d:f3:87:ce: 28:ea:96:46:13:7c:fd:48:f7:4c:79:5d:39:56:a6:08:b4:90: 7c:4d:8d:df:b5:cf:b8:9a:f2:3b:06:6d:49:39:14:53:4e:dc: 65:b4:cb:b4 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICf4IwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNTA4MDYw NzMzMTFaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDE3OEQzMkNCM0FGRUFD QUU4N0E1RkVFMTRFODczMDM4MDVDMjE4MTIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCzOlVl0t3tBU91KiPBeaDXXc+WkbKHRnzC4nV2yhsJQHr8v2uu cADZtao9HTXpLjLHojmVdyvV+jXp5eY5ehT69j8Nip02r++9nI3qSRLvKe2CRLWK 4L1MPCL+A2F1G+B56Dl6Ly9VC2M5dJlAC7EzUK9JRq1FIj2th+AzrmVA87n/Fxvy udePAedWMM4oOt+Tl1eB8sC1DKKTeXX1ehINMTr8doTCghSsU9tZuS1xU4M+IxOl 4jBZA+MAyUGm0pJIKeOHzY4Pee+TZQhn21SUrWCtAiOqTOoLFzCBKiF1VTcdZHe4 Ovyhq9pcvJymZgZcJckBWf4/1gvmJKqObCXpAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUF40yyzr+rK6Hpf7hTocwOAXCGBIwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj 3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3 L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0Y0MHl5enItcks2SHBm N2hUb2N3T0FYQ0dCSS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAIr9hAwDQYJKoZIhvcNAQELBQADggEBADdjHUp/4rlx52bnUnI0cM/IBtBzXf4X xPmlskvOb5b/e20Z0aQ0H34eTrHowwFbxN+RV7tmskYJFLL9KslcSWvRHxWB5hsN 8zN8GJckqdxW3PdT7Zs4XOaW6ecI+toRx0e1mNHJT+GYf7KS2RAvpEEJJtmfB2MZ 6Xn1IUGpVoC2oxd+izIvBxVImNiE/ossamUi3dPzorpoZ9A4vo6hJztraayjC8aH 239qaCCg7PuhQlFgXKqtm5ypdxmAmEXVY13Ug0RukeJkePP9qR0gz5zoj1nJTfOH zijqlkYTfP1I90x5XTlWpgi0kHxNjd+1z7ia8jsGbUk5FFNO3GW0y7Q= -----END CERTIFICATE-----Generated at Thu Aug 14 11:06:09 2025 by rpki-client