$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/Qw65VpafvAKV0-0DyJqQaA2TsdQ.roa File: Qw65VpafvAKV0-0DyJqQaA2TsdQ.roa (raw, json) Hash identifier: 5myDnZrTfpBjIUV3HQvZ67XIaNP5FEgYF1UUAXGUYsE= Subject key identifier: 43:0E:B9:56:96:9F:BC:02:95:D3:ED:03:C8:9A:90:68:0D:93:B1:D4 Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA Certificate serial: 7F93 Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/Qw65VpafvAKV0-0DyJqQaA2TsdQ.roa Signing time: Wed 06 Aug 2025 07:33:16 +0000 ROA not before: Wed 06 Aug 2025 07:33:16 +0000 ROA not after: Fri 03 Apr 2026 08:00:09 +0000 asID: 24426 IP address blocks: 43.246.64.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 14 Aug 2025 14:33:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 32659 (0x7f93) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA Validity Not Before: Aug 6 07:33:16 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=430EB956969FBC0295D3ED03C89A90680D93B1D4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f5:4e:b5:ef:79:f1:3e:2a:a9:d2:c3:a7:00:6c: e5:49:e5:18:15:7c:88:47:af:53:9c:97:bb:65:f0: 3b:d1:21:db:8e:35:ac:8f:56:dd:36:f2:3b:90:3e: a1:ef:6e:f1:5b:37:c6:97:50:0c:01:0f:51:0b:4e: d9:bf:72:b0:67:50:90:23:33:56:85:52:ff:e3:a2: 60:57:21:fb:91:fd:1e:42:9c:a6:7e:2d:31:0d:f6: 79:0e:ab:26:21:73:1c:a9:ab:84:9a:b1:c5:4f:f5: cc:7c:0c:78:3b:e5:ab:16:22:4a:4d:61:de:e9:e2: 85:ad:31:29:4d:1c:81:ce:34:f3:4e:f8:1a:53:3f: 3f:d1:0f:fe:1f:bd:d7:e2:86:a4:10:bd:31:a5:be: 2b:42:d0:51:e4:ab:db:89:3f:29:bb:71:89:e2:36: ef:95:11:2d:f3:08:8f:56:f2:44:26:ea:64:d1:ed: a2:5a:25:df:5a:ab:9a:b7:9c:78:2d:58:2f:d0:a9: 21:1f:63:84:26:86:36:e9:16:0a:dd:81:59:a7:0d: 77:d6:8e:61:82:dd:df:4e:bf:71:eb:a3:45:eb:22: 44:66:1d:45:8f:c7:78:9b:b4:2c:04:ff:56:db:b2: 73:b7:0e:51:d5:05:3a:c5:8d:d0:c7:62:9d:71:8f: cf:d7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 43:0E:B9:56:96:9F:BC:02:95:D3:ED:03:C8:9A:90:68:0D:93:B1:D4 X509v3 Authority Key Identifier: keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/Qw65VpafvAKV0-0DyJqQaA2TsdQ.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 43.246.64.0/22 Signature Algorithm: sha256WithRSAEncryption a5:74:5b:1e:46:e2:8f:75:af:93:7c:bc:5c:6c:be:3b:a1:4e: db:55:a1:94:ef:73:9d:fe:03:da:0c:04:fc:24:f6:d7:5f:7c: 13:00:1a:57:59:df:e3:0b:9c:0a:a3:ce:f9:50:39:82:0e:c6: b9:70:20:d2:a2:2d:7b:03:f0:5e:1b:e5:b8:ea:be:9a:9d:bb: 07:23:7a:c0:7d:65:10:8c:c1:71:fc:dd:55:25:a1:c6:b9:77: 3a:f6:be:20:eb:02:bb:ff:75:ac:7e:34:7f:b9:20:7c:a3:88: 51:0b:a6:e0:1d:37:b0:94:91:af:9d:f7:df:5b:97:8a:6d:04: f4:c8:85:0b:40:87:44:a3:fc:c3:9a:45:01:04:69:16:03:a0: ce:2a:72:49:54:69:0e:a0:51:7e:e4:71:a8:4d:2d:eb:ac:27: f2:f7:75:cc:16:60:75:e5:32:8b:22:40:5a:6c:fb:e3:b3:2a: 77:68:3a:5f:48:62:16:06:49:80:20:cc:43:86:71:7e:31:2e: 94:c1:8f:f0:ce:c3:9f:f7:a9:d0:f0:c4:9b:f9:a0:25:91:91: 10:46:18:e7:0c:4a:00:dc:d9:f3:a1:96:72:e0:e1:83:c7:29: 85:04:c3:0f:33:00:23:cb:3d:5e:91:22:7c:94:c1:2a:1c:65: db:d0:b4:0d -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICf5MwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNTA4MDYw NzMzMTZaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDQzMEVCOTU2OTY5RkJD MDI5NUQzRUQwM0M4OUE5MDY4MEQ5M0IxRDQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQD1TrXvefE+KqnSw6cAbOVJ5RgVfIhHr1Ocl7tl8DvRIduONayP Vt028juQPqHvbvFbN8aXUAwBD1ELTtm/crBnUJAjM1aFUv/jomBXIfuR/R5CnKZ+ LTEN9nkOqyYhcxypq4SascVP9cx8DHg75asWIkpNYd7p4oWtMSlNHIHONPNO+BpT Pz/RD/4fvdfihqQQvTGlvitC0FHkq9uJPym7cYniNu+VES3zCI9W8kQm6mTR7aJa Jd9aq5q3nHgtWC/QqSEfY4QmhjbpFgrdgVmnDXfWjmGC3d9Ov3Hro0XrIkRmHUWP x3ibtCwE/1bbsnO3DlHVBTrFjdDHYp1xj8/XAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUQw65VpafvAKV0+0DyJqQaA2TsdQwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj 3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3 L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1F3NjVWcGFmdkFLVjAt MER5SnFRYUEyVHNkUS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAIr9kAwDQYJKoZIhvcNAQELBQADggEBAKV0Wx5G4o91r5N8vFxsvjuhTttVoZTv c53+A9oMBPwk9tdffBMAGldZ3+MLnAqjzvlQOYIOxrlwINKiLXsD8F4b5bjqvpqd uwcjesB9ZRCMwXH83VUloca5dzr2viDrArv/dax+NH+5IHyjiFELpuAdN7CUka+d 999bl4ptBPTIhQtAh0Sj/MOaRQEEaRYDoM4qcklUaQ6gUX7kcahNLeusJ/L3dcwW YHXlMosiQFps++OzKndoOl9IYhYGSYAgzEOGcX4xLpTBj/DOw5/3qdDwxJv5oCWR kRBGGOcMSgDc2fOhlnLg4YPHKYUEww8zACPLPV6RInyUwSocZdvQtA0= -----END CERTIFICATE-----Generated at Thu Aug 14 11:10:47 2025 by rpki-client