$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/RxEYtKW6qcUTYdvI3Y4qGmnDjDM.roa File: RxEYtKW6qcUTYdvI3Y4qGmnDjDM.roa (raw, json) Hash identifier: TgBe+m/zxo6tZkyJDyW/qdXzf7gm/P/eGDEVP6kWE9Y= Subject key identifier: 47:11:18:B4:A5:BA:A9:C5:13:61:DB:C8:DD:8E:2A:1A:69:C3:8C:33 Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA Certificate serial: 7F92 Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/RxEYtKW6qcUTYdvI3Y4qGmnDjDM.roa Signing time: Wed 06 Aug 2025 07:33:16 +0000 ROA not before: Wed 06 Aug 2025 07:33:16 +0000 ROA not after: Fri 03 Apr 2026 08:00:09 +0000 asID: 24426 IP address blocks: 43.246.92.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 14 Aug 2025 14:33:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 32658 (0x7f92) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA Validity Not Before: Aug 6 07:33:16 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=471118B4A5BAA9C51361DBC8DD8E2A1A69C38C33 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:6b:e0:66:5a:5f:9f:60:d8:de:72:6c:b0:84: 76:3a:20:c1:ec:1c:89:d5:fa:8a:50:a2:3d:0b:a7: 15:73:34:a3:66:83:58:38:9e:f7:7a:b9:d2:af:ee: 03:70:86:ac:3a:cd:d8:0e:de:93:46:32:21:38:15: 19:a0:a0:20:fa:ac:8d:35:c6:07:ff:0e:19:98:ea: b5:9e:22:b7:f1:28:04:f1:bb:62:fe:20:3a:a7:f2: a0:79:58:bb:c4:13:7e:2b:a6:a4:ab:22:9e:b9:c8: e5:89:21:6e:f1:3f:a7:2e:17:0e:b9:af:30:ca:6f: b2:10:83:89:e4:67:d4:2a:aa:0d:08:7e:60:47:56: 0f:6c:9c:75:ad:53:59:11:13:02:32:6c:4d:3d:24: 85:c5:3f:31:34:75:4a:17:ec:ee:4e:51:e3:2d:46: 72:dc:6a:c0:05:c9:f9:b5:6b:38:a2:14:4d:ef:9a: 46:3c:eb:17:89:85:21:9e:a0:01:08:89:19:86:7f: 6f:87:cf:20:30:f5:03:df:dc:56:ae:d7:df:c7:e5: 0e:60:4f:d2:b1:b4:fa:63:9c:84:05:15:6c:c9:9b: 9e:66:fd:54:2a:dc:d7:30:9c:81:53:70:b5:10:1a: 01:1a:48:9d:df:09:24:21:6f:3d:48:50:23:1e:32: 53:7f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 47:11:18:B4:A5:BA:A9:C5:13:61:DB:C8:DD:8E:2A:1A:69:C3:8C:33 X509v3 Authority Key Identifier: keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/RxEYtKW6qcUTYdvI3Y4qGmnDjDM.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 43.246.92.0/22 Signature Algorithm: sha256WithRSAEncryption 8f:1b:eb:66:77:bb:44:d6:19:50:62:f7:54:bc:e2:cc:3c:17: 39:8c:cb:f7:b4:08:14:2d:6f:2e:c3:4c:60:57:2a:d1:0f:7f: 05:76:64:50:ba:c4:95:17:fc:a7:dc:ed:3d:40:55:be:27:f9: 03:57:80:8f:a4:52:aa:0a:1f:87:3c:2c:c9:a4:2b:41:79:65: 84:7c:24:83:00:18:3b:13:a7:f8:50:82:5f:ce:0b:0c:41:da: 97:41:8b:c9:a8:8b:9a:0e:27:61:b7:fd:75:90:0c:2b:7e:70: 73:48:e2:9d:aa:dd:7b:65:29:83:47:c1:c1:82:ed:17:93:c8: e3:82:b5:d3:57:ca:9e:c4:53:6c:bd:5b:ba:fe:25:ea:0d:6e: d0:d4:73:f0:14:ce:85:d4:62:34:10:31:5a:65:93:a3:b0:b3: 9e:17:64:c6:5c:c4:2a:56:e1:c2:56:4f:02:d6:57:84:93:6a: 6a:10:8d:7c:45:c9:c0:5c:34:04:a4:4c:ac:cc:ac:d2:45:15: b1:a7:ef:e0:25:ea:1a:38:6b:00:07:0e:df:30:02:e6:31:3c: 25:8a:59:e7:eb:14:96:59:15:93:a3:c0:c5:6e:f0:2e:12:14: f5:20:c1:d5:34:67:e9:3b:75:5d:d2:35:e5:8f:e3:45:a7:85: 10:db:c4:c0 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICf5IwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNTA4MDYw NzMzMTZaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDQ3MTExOEI0QTVCQUE5 QzUxMzYxREJDOEREOEUyQTFBNjlDMzhDMzMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC4a+BmWl+fYNjecmywhHY6IMHsHInV+opQoj0LpxVzNKNmg1g4 nvd6udKv7gNwhqw6zdgO3pNGMiE4FRmgoCD6rI01xgf/DhmY6rWeIrfxKATxu2L+ IDqn8qB5WLvEE34rpqSrIp65yOWJIW7xP6cuFw65rzDKb7IQg4nkZ9Qqqg0IfmBH Vg9snHWtU1kREwIybE09JIXFPzE0dUoX7O5OUeMtRnLcasAFyfm1aziiFE3vmkY8 6xeJhSGeoAEIiRmGf2+HzyAw9QPf3Fau19/H5Q5gT9KxtPpjnIQFFWzJm55m/VQq 3NcwnIFTcLUQGgEaSJ3fCSQhbz1IUCMeMlN/AgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQURxEYtKW6qcUTYdvI3Y4qGmnDjDMwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj 3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3 L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1J4RVl0S1c2cWNVVFlk dkkzWTRxR21uRGpETS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAIr9lwwDQYJKoZIhvcNAQELBQADggEBAI8b62Z3u0TWGVBi91S84sw8FzmMy/e0 CBQtby7DTGBXKtEPfwV2ZFC6xJUX/Kfc7T1AVb4n+QNXgI+kUqoKH4c8LMmkK0F5 ZYR8JIMAGDsTp/hQgl/OCwxB2pdBi8moi5oOJ2G3/XWQDCt+cHNI4p2q3XtlKYNH wcGC7ReTyOOCtdNXyp7EU2y9W7r+JeoNbtDUc/AUzoXUYjQQMVplk6Ows54XZMZc xCpW4cJWTwLWV4STamoQjXxFycBcNASkTKzMrNJFFbGn7+Al6ho4awAHDt8wAuYx PCWKWefrFJZZFZOjwMVu8C4SFPUgwdU0Z+k7dV3SNeWP40WnhRDbxMA= -----END CERTIFICATE-----Generated at Thu Aug 14 11:10:57 2025 by rpki-client