$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/JmkbA9C4Ve43qq7vdxNTnHY2lSc.roa File: JmkbA9C4Ve43qq7vdxNTnHY2lSc.roa (raw, json) Hash identifier: Eja4/Uz9ntt5ezaTERprjyG28TScDFjCB1FF4thwWH8= Subject key identifier: 26:69:1B:03:D0:B8:55:EE:37:AA:AE:EF:77:13:53:9C:76:36:95:27 Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA Certificate serial: 7F9C Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/JmkbA9C4Ve43qq7vdxNTnHY2lSc.roa Signing time: Wed 06 Aug 2025 07:33:17 +0000 ROA not before: Wed 06 Aug 2025 07:33:17 +0000 ROA not after: Fri 03 Apr 2026 08:00:09 +0000 asID: 24426 IP address blocks: 43.246.72.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 14 Aug 2025 14:33:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 32668 (0x7f9c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA Validity Not Before: Aug 6 07:33:17 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=26691B03D0B855EE37AAAEEF7713539C76369527 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:28:a9:ec:5e:0f:44:0a:1f:9e:ab:d5:d2:ce: 0e:1a:b6:1a:7e:87:51:bc:69:01:dc:86:d7:e2:92: 78:34:cd:25:97:a8:18:c3:95:80:82:9b:02:dc:e9: 4b:cb:7d:3b:54:7c:da:a3:57:31:cf:95:20:ff:53: f3:15:cc:6f:09:27:9c:9f:28:98:da:2e:2b:99:d4: bf:54:fe:c9:2a:f2:e9:92:0f:bc:ad:1c:ab:79:56: f4:a9:9c:6b:21:b1:7a:5c:6b:04:ec:53:e0:87:87: 14:be:6c:35:17:97:58:08:ce:8d:50:78:27:65:a9: 6a:68:e2:7c:f2:03:df:5f:77:45:da:24:8e:ab:7a: ad:c9:83:cf:01:c8:a2:25:97:89:7a:1b:b0:f4:b2: 6b:48:cd:16:62:23:7a:4a:20:7c:d1:92:3d:3d:e3: 22:a5:65:f3:ad:21:08:88:9d:86:b0:97:db:c4:ef: d1:db:ff:49:2c:29:d5:ea:3e:02:5b:bd:61:b0:b6: 2b:cf:82:54:36:a8:01:89:42:21:3b:4f:66:aa:ac: 5d:a3:43:47:1e:68:4b:a4:8b:89:ff:02:86:1c:c6: 35:46:9a:fe:e9:cf:d5:2e:62:95:52:b2:0e:66:ab: 92:b5:7f:b2:07:71:dd:68:d9:fb:56:50:81:34:06: f7:1f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 26:69:1B:03:D0:B8:55:EE:37:AA:AE:EF:77:13:53:9C:76:36:95:27 X509v3 Authority Key Identifier: keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/JmkbA9C4Ve43qq7vdxNTnHY2lSc.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 43.246.72.0/22 Signature Algorithm: sha256WithRSAEncryption 5f:7f:28:c1:a5:b2:1f:b7:fa:94:0d:e8:ee:81:a7:f0:d9:b9: 79:76:3f:81:31:bc:c8:1b:87:20:8f:51:75:a6:23:4a:b2:80: 2a:96:3c:e9:ff:b5:9f:8b:d5:9d:1d:e6:7d:b3:0c:74:7f:84: 7d:cd:2c:5a:76:2c:bd:a9:df:4f:55:90:2b:bb:78:78:21:32: 8c:2c:8c:83:62:42:62:f6:f9:b7:bf:b8:16:aa:da:c6:af:ba: 7d:7a:fd:2c:c8:80:52:f4:e5:3b:b9:43:e1:c9:76:c4:6a:d8: 51:2b:0e:e9:0e:42:62:42:c7:03:78:5d:b4:83:b4:f1:8b:2b: 72:2b:af:22:9d:82:5b:d6:86:96:e6:17:8b:c9:ec:f3:cf:46: 39:68:f3:b1:ef:5f:3f:ef:f6:0d:e1:e1:a1:88:da:a4:f3:34: 64:51:97:6e:a7:46:7c:92:17:c5:99:51:80:2c:60:4d:20:c7: a5:cf:06:05:af:b6:71:65:c2:52:12:fb:6a:c2:27:a4:1f:bd: 4b:78:ed:9d:c2:71:5a:69:4c:a0:38:13:ff:f7:22:29:68:ba: 74:c1:16:e0:00:39:0c:c8:5a:82:56:e2:1a:30:7d:24:87:7e: fa:92:db:3c:01:f1:58:54:3b:41:71:58:f9:9a:67:ad:31:bc: 61:b5:20:50 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICf5wwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNTA4MDYw NzMzMTdaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDI2NjkxQjAzRDBCODU1 RUUzN0FBQUVFRjc3MTM1MzlDNzYzNjk1MjcwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDCKKnsXg9ECh+eq9XSzg4athp+h1G8aQHchtfikng0zSWXqBjD lYCCmwLc6UvLfTtUfNqjVzHPlSD/U/MVzG8JJ5yfKJjaLiuZ1L9U/skq8umSD7yt HKt5VvSpnGshsXpcawTsU+CHhxS+bDUXl1gIzo1QeCdlqWpo4nzyA99fd0XaJI6r eq3Jg88ByKIll4l6G7D0smtIzRZiI3pKIHzRkj094yKlZfOtIQiInYawl9vE79Hb /0ksKdXqPgJbvWGwtivPglQ2qAGJQiE7T2aqrF2jQ0ceaEuki4n/AoYcxjVGmv7p z9UuYpVSsg5mq5K1f7IHcd1o2ftWUIE0BvcfAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUJmkbA9C4Ve43qq7vdxNTnHY2lScwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj 3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3 L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0pta2JBOUM0VmU0M3Fx N3ZkeE5UbkhZMmxTYy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAIr9kgwDQYJKoZIhvcNAQELBQADggEBAF9/KMGlsh+3+pQN6O6Bp/DZuXl2P4Ex vMgbhyCPUXWmI0qygCqWPOn/tZ+L1Z0d5n2zDHR/hH3NLFp2LL2p309VkCu7eHgh MowsjINiQmL2+be/uBaq2savun16/SzIgFL05Tu5Q+HJdsRq2FErDukOQmJCxwN4 XbSDtPGLK3IrryKdglvWhpbmF4vJ7PPPRjlo87HvXz/v9g3h4aGI2qTzNGRRl26n RnySF8WZUYAsYE0gx6XPBgWvtnFlwlIS+2rCJ6QfvUt47Z3CcVppTKA4E//3Iilo unTBFuAAOQzIWoJW4howfSSHfvqS2zwB8VhUO0FxWPmaZ60xvGG1IFA= -----END CERTIFICATE-----Generated at Thu Aug 14 11:09:17 2025 by rpki-client