$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/q7CXJRH13TusfD8L3DVSCTfz70o.roa File: q7CXJRH13TusfD8L3DVSCTfz70o.roa (raw, json) Hash identifier: zCYFqQJBqwdMQBxIBX5zjVeFKyTawBzRbf6jYYpHu4I= Subject key identifier: AB:B0:97:25:11:F5:DD:3B:AC:7C:3F:0B:DC:35:52:09:37:F3:EF:4A Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA Certificate serial: 7F9F Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/q7CXJRH13TusfD8L3DVSCTfz70o.roa Signing time: Wed 06 Aug 2025 07:33:18 +0000 ROA not before: Wed 06 Aug 2025 07:33:18 +0000 ROA not after: Fri 03 Apr 2026 08:00:09 +0000 asID: 24426 IP address blocks: 43.239.32.0/20 maxlen: 20 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 14 Aug 2025 14:33:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 32671 (0x7f9f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA Validity Not Before: Aug 6 07:33:18 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=ABB0972511F5DD3BAC7C3F0BDC35520937F3EF4A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dd:83:c7:4c:45:9b:99:a8:23:61:04:52:41:6d: 47:9c:94:48:b7:e2:d4:0b:44:e6:09:3e:bf:69:c0: cf:46:00:08:c2:2b:05:32:0a:90:8a:21:29:0b:92: ad:ca:93:6c:1e:48:ce:21:ab:97:07:cf:d7:3a:2b: ac:28:7a:c9:c2:25:10:fc:e3:a5:5e:9a:c5:f2:a1: 8c:6b:bb:21:84:25:0a:86:ca:33:d7:67:5b:12:d9: 8d:a9:f8:8d:ce:6a:18:62:89:8c:7b:84:88:fd:71: 81:38:52:36:49:dc:8e:8b:75:78:62:82:ed:db:fa: 8b:f5:b9:94:42:28:56:7a:7c:48:b3:0e:60:ba:82: 04:91:83:54:4f:e3:7b:02:ca:5d:a8:c5:39:47:2a: db:4c:0c:db:f3:51:23:65:6c:9a:3b:cb:86:c2:41: 3a:6a:db:96:3a:7a:27:99:38:e0:04:ae:65:9f:4c: e7:d0:f6:17:22:0f:9d:39:60:3e:ef:ff:9f:05:ee: f7:48:ca:6c:41:5f:eb:ab:e3:b0:9b:9a:85:5a:13: 7a:14:d4:37:28:0a:cc:8e:02:e7:2f:94:d3:cd:ea: 23:7e:3d:c5:c9:ab:da:28:3a:fe:aa:87:4c:aa:b8: 58:64:01:85:85:b4:96:43:c9:ad:b8:b6:c8:0b:23: 34:ef Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AB:B0:97:25:11:F5:DD:3B:AC:7C:3F:0B:DC:35:52:09:37:F3:EF:4A X509v3 Authority Key Identifier: keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/q7CXJRH13TusfD8L3DVSCTfz70o.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 43.239.32.0/20 Signature Algorithm: sha256WithRSAEncryption 45:25:66:b9:a4:20:2d:65:aa:26:90:82:a3:50:81:81:6f:aa: 07:c2:03:4d:1a:ce:62:26:13:8a:18:e3:00:5f:06:25:70:ba: 9f:92:bf:5c:cc:5a:7f:67:2e:f9:54:44:3f:af:6b:54:57:19: 35:65:ab:5a:24:81:de:07:c2:50:65:20:03:62:08:1c:83:75: ee:89:e8:9b:5e:ef:25:94:fc:d6:8b:98:48:c0:88:39:3d:81: e0:93:30:f9:ae:08:9a:e2:c2:0c:2d:29:2d:c3:aa:bb:0d:43: 05:c1:f2:06:e0:fb:59:76:ee:98:b2:8d:e1:f3:41:7d:4b:21: c8:b7:1d:c6:7b:4a:78:05:a3:a2:d7:ed:60:a2:2f:8c:d7:07: 93:b4:de:8c:d5:d5:34:a0:ae:48:b9:cb:ed:cd:90:65:30:bc: 1e:cc:98:b1:c0:2b:96:8f:95:f1:84:e4:78:00:4c:68:78:03: c4:18:1a:2d:dc:19:88:42:31:a7:9b:6a:ff:5d:7e:b2:80:11: 40:fa:c0:c4:68:f8:57:78:eb:94:2d:79:6c:c7:af:02:9e:ef: 9b:a0:e7:55:4d:ac:d9:4d:95:e9:22:fd:9f:19:04:13:97:46: 32:28:59:a7:c6:30:ab:b7:e4:d1:36:62:eb:8d:66:9a:cb:4e: 41:72:5a:b5 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICf58wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNTA4MDYw NzMzMThaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKEFCQjA5NzI1MTFGNURE M0JBQzdDM0YwQkRDMzU1MjA5MzdGM0VGNEEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDdg8dMRZuZqCNhBFJBbUeclEi34tQLROYJPr9pwM9GAAjCKwUy CpCKISkLkq3Kk2weSM4hq5cHz9c6K6woesnCJRD846VemsXyoYxruyGEJQqGyjPX Z1sS2Y2p+I3OahhiiYx7hIj9cYE4UjZJ3I6LdXhigu3b+ov1uZRCKFZ6fEizDmC6 ggSRg1RP43sCyl2oxTlHKttMDNvzUSNlbJo7y4bCQTpq25Y6eieZOOAErmWfTOfQ 9hciD505YD7v/58F7vdIymxBX+ur47CbmoVaE3oU1DcoCsyOAucvlNPN6iN+PcXJ q9ooOv6qh0yquFhkAYWFtJZDya24tsgLIzTvAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUq7CXJRH13TusfD8L3DVSCTfz70owHwYDVR0jBBgwFoAUvevthkDLplk9qfmj 3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3 L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3E3Q1hKUkgxM1R1c2ZE OEwzRFZTQ1Rmejcwby5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAQr7yAwDQYJKoZIhvcNAQELBQADggEBAEUlZrmkIC1lqiaQgqNQgYFvqgfCA00a zmImE4oY4wBfBiVwup+Sv1zMWn9nLvlURD+va1RXGTVlq1okgd4HwlBlIANiCByD de6J6Jte7yWU/NaLmEjAiDk9geCTMPmuCJriwgwtKS3DqrsNQwXB8gbg+1l27piy jeHzQX1LIci3HcZ7SngFo6LX7WCiL4zXB5O03ozV1TSgrki5y+3NkGUwvB7MmLHA K5aPlfGE5HgATGh4A8QYGi3cGYhCMaebav9dfrKAEUD6wMRo+Fd465QteWzHrwKe 75ug51VNrNlNleki/Z8ZBBOXRjIoWafGMKu35NE2YuuNZprLTkFyWrU= -----END CERTIFICATE-----Generated at Thu Aug 14 11:10:51 2025 by rpki-client