$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/fn06Y1Bm-KeePI6AAJySEwvAaY0.roa File: fn06Y1Bm-KeePI6AAJySEwvAaY0.roa (raw, json) Hash identifier: zzYSr88nFNz+P5uXb8vBbXcZU/idj3/rIigYlBhSi2M= Subject key identifier: 7E:7D:3A:63:50:66:F8:A7:9E:3C:8E:80:00:9C:92:13:0B:C0:69:8D Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA Certificate serial: 7F8E Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/fn06Y1Bm-KeePI6AAJySEwvAaY0.roa Signing time: Wed 06 Aug 2025 07:33:14 +0000 ROA not before: Wed 06 Aug 2025 07:33:14 +0000 ROA not after: Fri 03 Apr 2026 08:00:09 +0000 asID: 24426 IP address blocks: 43.246.20.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 14 Aug 2025 14:33:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 32654 (0x7f8e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA Validity Not Before: Aug 6 07:33:14 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=7E7D3A635066F8A79E3C8E80009C92130BC0698D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:db:46:85:09:03:1a:47:c3:9f:34:05:9d:90:fe: 46:0c:b5:5f:fb:db:16:db:52:30:bc:59:ed:3a:a1: fc:2c:16:10:3b:a4:10:ed:e1:21:b9:bc:ab:d2:b2: 2c:ba:b6:5b:af:78:a8:e3:64:92:9a:1c:7b:4b:7a: 4f:51:00:5c:ff:de:6d:04:df:ac:2b:db:f8:fc:0f: 65:4a:3d:80:4e:22:69:5b:5e:70:9d:a1:22:ba:34: c0:61:68:8a:cc:bb:79:c7:ba:f7:6c:bc:ff:f4:38: f3:6a:10:51:cf:00:87:4a:eb:bc:8f:74:2e:4f:6a: 8b:1d:9b:47:7f:66:05:32:47:e3:e1:80:25:ea:d1: ba:ca:a1:90:ec:a1:b0:60:b0:95:95:a3:ce:bc:c6: 8c:a9:5b:3e:03:b1:f5:a2:71:fc:b7:f6:3b:49:2a: 12:2c:f8:c8:0b:1f:8a:51:01:f0:97:73:09:30:fd: c1:9d:da:ec:ca:d9:80:9c:66:57:a5:9a:6f:7b:c8: 8a:a7:62:1a:f5:f4:51:a0:da:c0:d8:a6:8a:7c:a5: bf:0f:47:ac:73:25:d6:47:1e:6a:ae:59:bc:e1:4c: 52:59:08:cb:29:80:81:b7:b3:7c:06:04:90:1c:b8: 72:6d:7e:7c:b2:74:75:85:13:d0:93:8e:c4:b6:74: 4d:ad Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7E:7D:3A:63:50:66:F8:A7:9E:3C:8E:80:00:9C:92:13:0B:C0:69:8D X509v3 Authority Key Identifier: keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/fn06Y1Bm-KeePI6AAJySEwvAaY0.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 43.246.20.0/22 Signature Algorithm: sha256WithRSAEncryption 4f:5c:1f:d0:11:d8:7c:fb:09:19:3d:da:13:41:29:98:e3:87: 14:c0:59:75:2c:53:6a:e0:66:b6:b9:80:fb:63:4e:bb:59:e3: 6e:5f:d5:3d:4f:c6:9f:b0:7e:a9:8b:5b:97:ae:fd:f0:ef:b9: 80:3e:f6:c0:97:98:30:f0:2f:44:22:9a:01:53:e2:20:7d:b7: a1:fb:c9:96:3c:bc:23:61:1b:a7:d5:c8:6f:9d:2d:ab:1d:18: 43:05:85:83:b3:9b:bd:0a:b3:b8:73:3f:1d:5a:1f:92:21:e3: 7d:0f:a9:0e:d6:83:d9:f2:59:68:77:34:f2:d1:da:e5:37:a7: 10:cc:21:09:a0:47:31:60:36:bf:ce:d6:7a:e3:d8:86:39:f2: cb:f4:5b:4d:89:d9:99:43:6c:9d:22:07:dd:22:cc:da:a4:55: 75:da:b3:1a:3e:2a:99:fc:f7:2d:62:99:3c:c5:a5:97:7b:07: 4d:4d:33:b6:f2:99:52:c5:d1:55:4e:89:e9:8b:a1:aa:4b:7d: ea:8e:99:d2:41:87:ee:05:98:9c:3b:6f:6c:aa:e0:7c:4d:c4: dd:eb:00:83:41:a5:bb:ae:a3:f8:ef:64:ed:ad:bb:33:77:f4: e5:2c:05:b1:2f:29:b0:eb:9f:c6:60:84:d6:5a:a6:f5:dd:f5: e3:34:c0:97 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICf44wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNTA4MDYw NzMzMTRaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDdFN0QzQTYzNTA2NkY4 QTc5RTNDOEU4MDAwOUM5MjEzMEJDMDY5OEQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDbRoUJAxpHw580BZ2Q/kYMtV/72xbbUjC8We06ofwsFhA7pBDt 4SG5vKvSsiy6tluveKjjZJKaHHtLek9RAFz/3m0E36wr2/j8D2VKPYBOImlbXnCd oSK6NMBhaIrMu3nHuvdsvP/0OPNqEFHPAIdK67yPdC5Paosdm0d/ZgUyR+PhgCXq 0brKoZDsobBgsJWVo868xoypWz4DsfWicfy39jtJKhIs+MgLH4pRAfCXcwkw/cGd 2uzK2YCcZlelmm97yIqnYhr19FGg2sDYpop8pb8PR6xzJdZHHmquWbzhTFJZCMsp gIG3s3wGBJAcuHJtfnyydHWFE9CTjsS2dE2tAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUfn06Y1Bm+KeePI6AAJySEwvAaY0wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj 3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3 L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2ZuMDZZMUJtLUtlZVBJ NkFBSnlTRXd2QWFZMC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAIr9hQwDQYJKoZIhvcNAQELBQADggEBAE9cH9AR2Hz7CRk92hNBKZjjhxTAWXUs U2rgZra5gPtjTrtZ425f1T1Pxp+wfqmLW5eu/fDvuYA+9sCXmDDwL0QimgFT4iB9 t6H7yZY8vCNhG6fVyG+dLasdGEMFhYOzm70Ks7hzPx1aH5Ih430PqQ7Wg9nyWWh3 NPLR2uU3pxDMIQmgRzFgNr/O1nrj2IY58sv0W02J2ZlDbJ0iB90izNqkVXXasxo+ Kpn89y1imTzFpZd7B01NM7bymVLF0VVOiemLoapLfeqOmdJBh+4FmJw7b2yq4HxN xN3rAINBpbuuo/jvZO2tuzN39OUsBbEvKbDrn8ZghNZapvXd9eM0wJc= -----END CERTIFICATE-----Generated at Thu Aug 14 11:10:55 2025 by rpki-client