$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/YthLqDjiD_roL8ZjQakwVYhdZm0.roa File: YthLqDjiD_roL8ZjQakwVYhdZm0.roa (raw, json) Hash identifier: HP5cmcqgYRONvP3Vl8/il14eyKAI9IW9j+0yzYttN0s= Subject key identifier: 62:D8:4B:A8:38:E2:0F:FA:E8:2F:C6:63:41:A9:30:55:88:5D:66:6D Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA Certificate serial: 7FA3 Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/YthLqDjiD_roL8ZjQakwVYhdZm0.roa Signing time: Wed 06 Aug 2025 07:33:19 +0000 ROA not before: Wed 06 Aug 2025 07:33:19 +0000 ROA not after: Fri 03 Apr 2026 08:00:09 +0000 asID: 24426 IP address blocks: 43.246.36.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 14 Aug 2025 14:33:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 32675 (0x7fa3) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA Validity Not Before: Aug 6 07:33:19 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=62D84BA838E20FFAE82FC66341A93055885D666D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:2f:0c:95:af:f0:54:3f:28:64:2c:8d:14:ce: 49:54:ef:35:24:31:44:42:fc:21:cd:b8:b1:ec:26: f7:76:32:c4:90:40:19:61:c8:46:1c:ab:89:3b:5e: 4b:38:c8:3e:d0:45:13:e4:b3:c6:16:29:83:95:fb: d8:5e:70:22:fa:9e:60:82:5e:54:eb:21:f2:7b:b5: 62:4b:de:cb:4c:2f:5a:78:17:ad:14:cf:90:1d:d7: 5d:b7:46:c2:f7:a3:30:62:de:6a:d1:ef:83:e4:7e: 39:b0:c9:0f:9e:ff:ba:2e:cd:c4:e5:36:8c:a5:b1: 1d:1d:53:fd:1e:de:9c:2d:50:1c:8c:2f:f6:1b:6f: 89:9d:14:03:14:24:f8:96:88:16:32:83:f1:5b:85: 2d:9b:b6:4d:68:aa:32:ef:df:a7:81:d2:e6:35:a3: 8f:f1:f5:68:d8:73:8c:b5:ea:8c:e4:1e:e6:8e:38: 33:fb:45:ed:db:8f:55:a0:19:fd:6d:38:98:29:5e: f1:50:84:89:4d:38:5c:79:1d:5b:1f:a1:e0:dd:3e: 8d:10:fe:5f:a1:97:99:70:b1:fd:1b:4d:68:ba:45: fe:b1:c8:ab:2a:01:60:eb:81:d3:6d:f4:93:fc:88: 82:ad:7e:84:0c:26:f7:de:e2:40:4c:89:7e:d7:6e: 05:1b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 62:D8:4B:A8:38:E2:0F:FA:E8:2F:C6:63:41:A9:30:55:88:5D:66:6D X509v3 Authority Key Identifier: keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/YthLqDjiD_roL8ZjQakwVYhdZm0.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 43.246.36.0/22 Signature Algorithm: sha256WithRSAEncryption bc:44:d0:16:b1:d3:ba:5f:12:09:91:e0:12:9d:d4:3e:70:25: 5d:5c:62:83:10:e8:2c:47:ad:e0:53:1f:c1:44:a1:20:66:5b: 7d:8d:56:88:66:3f:bf:d9:c2:0f:6d:d2:a4:ad:41:bf:29:5e: 97:44:82:a8:54:71:76:b6:00:a1:30:ac:22:96:f9:db:2b:03: fc:09:22:16:3f:55:d2:05:ae:01:7a:e8:32:b4:96:b8:e6:24: 31:80:05:3b:bf:3a:ea:d3:b4:56:56:20:c2:b4:c5:66:7b:74: 78:86:38:ca:18:58:71:8f:c1:96:cc:34:f6:f5:33:1d:fd:d7: 38:5c:b8:31:4e:d8:28:49:f2:39:de:6c:3e:51:37:3a:8c:de: 4a:82:1a:57:86:65:42:9e:4b:3c:04:e8:1a:d2:a5:46:bd:2f: 6f:17:cf:4e:ea:93:89:0a:d1:c4:57:93:e6:6c:c2:30:53:f6: 17:63:fa:ec:ac:77:d8:db:f1:f9:6a:2a:c9:de:69:36:a3:8a: c2:cf:ad:b3:62:0b:0a:05:fe:4f:55:7f:5c:51:8a:0c:fb:a3: 8e:c6:f3:50:cc:8c:f8:23:0a:d1:fd:27:eb:45:49:c9:e1:42: 16:33:d2:23:a4:a0:39:6e:54:ed:80:8c:6c:ec:ca:fc:19:a5: 8d:a8:08:c9 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICf6MwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNTA4MDYw NzMzMTlaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDYyRDg0QkE4MzhFMjBG RkFFODJGQzY2MzQxQTkzMDU1ODg1RDY2NkQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCkLwyVr/BUPyhkLI0UzklU7zUkMURC/CHNuLHsJvd2MsSQQBlh yEYcq4k7Xks4yD7QRRPks8YWKYOV+9hecCL6nmCCXlTrIfJ7tWJL3stML1p4F60U z5Ad1123RsL3ozBi3mrR74PkfjmwyQ+e/7ouzcTlNoylsR0dU/0e3pwtUByML/Yb b4mdFAMUJPiWiBYyg/FbhS2btk1oqjLv36eB0uY1o4/x9WjYc4y16ozkHuaOODP7 Re3bj1WgGf1tOJgpXvFQhIlNOFx5HVsfoeDdPo0Q/l+hl5lwsf0bTWi6Rf6xyKsq AWDrgdNt9JP8iIKtfoQMJvfe4kBMiX7XbgUbAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUYthLqDjiD/roL8ZjQakwVYhdZm0wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj 3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3 L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1l0aExxRGppRF9yb0w4 WmpRYWt3VlloZFptMC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAIr9iQwDQYJKoZIhvcNAQELBQADggEBALxE0Bax07pfEgmR4BKd1D5wJV1cYoMQ 6CxHreBTH8FEoSBmW32NVohmP7/Zwg9t0qStQb8pXpdEgqhUcXa2AKEwrCKW+dsr A/wJIhY/VdIFrgF66DK0lrjmJDGABTu/OurTtFZWIMK0xWZ7dHiGOMoYWHGPwZbM NPb1Mx391zhcuDFO2ChJ8jnebD5RNzqM3kqCGleGZUKeSzwE6BrSpUa9L28Xz07q k4kK0cRXk+ZswjBT9hdj+uysd9jb8flqKsneaTajisLPrbNiCwoF/k9Vf1xRigz7 o47G81DMjPgjCtH9J+tFScnhQhYz0iOkoDluVO2AjGzsyvwZpY2oCMk= -----END CERTIFICATE-----Generated at Thu Aug 14 11:07:58 2025 by rpki-client