$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/VqiBBV-b3i7iECrnzuRfjpYxvio.roa File: VqiBBV-b3i7iECrnzuRfjpYxvio.roa (raw, json) Hash identifier: FRFdxO6TuIzqcetERdcscnhSb+5o8PvLuaDd4kMnN+M= Subject key identifier: 56:A8:81:05:5F:9B:DE:2E:E2:10:2A:E7:CE:E4:5F:8E:96:31:BE:2A Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA Certificate serial: 7F89 Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/VqiBBV-b3i7iECrnzuRfjpYxvio.roa Signing time: Wed 06 Aug 2025 07:33:12 +0000 ROA not before: Wed 06 Aug 2025 07:33:12 +0000 ROA not after: Fri 03 Apr 2026 08:00:09 +0000 asID: 24426 IP address blocks: 43.246.60.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 07 Nov 2025 13:14:47 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 32649 (0x7f89) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA Validity Not Before: Aug 6 07:33:12 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=56A881055F9BDE2EE2102AE7CEE45F8E9631BE2A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:97:29:0e:f8:77:bd:7a:a1:65:38:d4:81:82:00: 69:b8:3e:18:b4:5e:1a:92:1e:7d:43:6a:a5:49:62: 5a:cd:08:4c:3f:93:d5:79:19:20:dd:28:8c:b3:6a: 26:a0:d0:d5:5b:79:5f:5d:4e:eb:57:ab:ce:7d:83: eb:d7:ac:cc:14:21:5f:b0:68:bf:a2:b4:8b:45:dd: 10:43:b3:4e:d5:62:e8:64:18:bb:5c:1f:51:c4:40: 5b:f2:36:21:2f:fe:f2:9c:ac:52:b2:72:08:83:2a: 0c:f9:59:fa:24:0e:d2:e3:a8:70:9c:85:c6:ab:c8: e8:de:74:49:94:a7:ea:ca:74:f5:a5:8e:6e:a6:67: a9:40:54:63:c0:07:66:76:af:3f:86:dc:ec:fc:7b: 8b:e7:d4:50:f8:97:a9:54:d6:3a:8f:08:2f:48:3a: f9:78:eb:38:93:e0:da:75:b6:98:64:d6:e9:b2:d0: 8b:e0:9a:a6:92:61:20:74:83:27:17:55:df:07:77: 9d:74:d3:cc:6b:6d:e9:19:22:6e:b0:54:e3:b4:36: 31:ad:e6:4e:50:fd:ad:ac:ea:a9:77:7f:b8:72:b2: 62:12:f5:8f:41:d2:87:8e:d3:7c:a7:78:ca:7f:c1: 76:f8:79:4a:b9:eb:8a:be:99:25:f9:eb:b7:ae:59: 3f:f3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 56:A8:81:05:5F:9B:DE:2E:E2:10:2A:E7:CE:E4:5F:8E:96:31:BE:2A X509v3 Authority Key Identifier: keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/VqiBBV-b3i7iECrnzuRfjpYxvio.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 43.246.60.0/22 Signature Algorithm: sha256WithRSAEncryption 86:d8:f3:c5:ee:9d:06:f9:51:c6:24:46:f4:8e:19:f0:8b:b8: 3b:e7:6e:a0:49:79:74:71:4e:fd:ea:dd:bb:01:ca:0e:f6:10: 2f:03:92:c0:a6:93:c2:c5:24:ed:3c:02:ee:79:46:d9:cd:dc: 9b:9f:d4:a9:d0:44:7a:00:5a:56:2b:33:0a:4a:c7:e0:2a:de: 41:1f:66:32:c3:fa:73:14:04:bd:19:48:8a:66:41:54:a0:75: 71:5c:c7:01:19:47:c6:5d:e5:3a:18:1a:14:f1:ee:63:b4:dd: 2b:de:72:4d:86:e8:c5:e3:e0:d1:e7:9b:7b:c9:b4:1d:43:4a: 3c:7c:c4:41:b0:ae:00:cd:1e:af:86:55:33:7d:50:c8:70:1a: c3:ec:d2:ec:48:9b:e1:0a:a9:24:5a:0f:ab:e1:20:ed:d1:cf: e5:27:78:e7:08:82:2d:7a:8c:7e:2b:54:4d:e2:f8:2b:21:96: 8d:8d:12:7a:38:d6:9d:09:ac:84:30:04:89:1e:d6:15:c8:3b: 06:91:46:bd:2c:26:ee:1b:c2:92:f5:c1:a2:44:7c:5a:42:24: 6a:83:b6:97:6e:56:9b:f9:ad:99:99:75:da:b8:32:2f:29:58: 5a:42:90:19:72:d9:6d:df:19:97:90:ca:b0:4f:15:4a:f0:5e: cf:c2:ef:e7 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICf4kwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNTA4MDYw NzMzMTJaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDU2QTg4MTA1NUY5QkRF MkVFMjEwMkFFN0NFRTQ1RjhFOTYzMUJFMkEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCXKQ74d716oWU41IGCAGm4Phi0XhqSHn1DaqVJYlrNCEw/k9V5 GSDdKIyzaiag0NVbeV9dTutXq859g+vXrMwUIV+waL+itItF3RBDs07VYuhkGLtc H1HEQFvyNiEv/vKcrFKycgiDKgz5WfokDtLjqHCchcaryOjedEmUp+rKdPWljm6m Z6lAVGPAB2Z2rz+G3Oz8e4vn1FD4l6lU1jqPCC9IOvl46ziT4Np1tphk1umy0Ivg mqaSYSB0gycXVd8Hd51008xrbekZIm6wVOO0NjGt5k5Q/a2s6ql3f7hysmIS9Y9B 0oeO03yneMp/wXb4eUq564q+mSX567euWT/zAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUVqiBBV+b3i7iECrnzuRfjpYxviowHwYDVR0jBBgwFoAUvevthkDLplk9qfmj 3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3 L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1ZxaUJCVi1iM2k3aUVD cm56dVJmanBZeHZpby5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAIr9jwwDQYJKoZIhvcNAQELBQADggEBAIbY88XunQb5UcYkRvSOGfCLuDvnbqBJ eXRxTv3q3bsByg72EC8DksCmk8LFJO08Au55RtnN3Juf1KnQRHoAWlYrMwpKx+Aq 3kEfZjLD+nMUBL0ZSIpmQVSgdXFcxwEZR8Zd5ToYGhTx7mO03Sveck2G6MXj4NHn m3vJtB1DSjx8xEGwrgDNHq+GVTN9UMhwGsPs0uxIm+EKqSRaD6vhIO3Rz+UneOcI gi16jH4rVE3i+Cshlo2NEno41p0JrIQwBIke1hXIOwaRRr0sJu4bwpL1waJEfFpC JGqDtpduVpv5rZmZddq4Mi8pWFpCkBly2W3fGZeQyrBPFUrwXs/C7+c= -----END CERTIFICATE-----Generated at Fri Nov 7 11:51:29 2025 by rpki-client