$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/smtX13zKoaBh5jvgSXUfMywsBtY.roa File: smtX13zKoaBh5jvgSXUfMywsBtY.roa (raw, json) Hash identifier: p3yEJdTvX2XbkA5KCvfLbfqTk4tncsnb6xiZc4/3eqI= Subject key identifier: B2:6B:57:D7:7C:CA:A1:A0:61:E6:3B:E0:49:75:1F:33:2C:2C:06:D6 Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA Certificate serial: 7F98 Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/smtX13zKoaBh5jvgSXUfMywsBtY.roa Signing time: Wed 06 Aug 2025 07:33:17 +0000 ROA not before: Wed 06 Aug 2025 07:33:17 +0000 ROA not after: Fri 03 Apr 2026 08:00:09 +0000 asID: 24426 IP address blocks: 43.246.28.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 14 Aug 2025 14:33:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 32664 (0x7f98) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA Validity Not Before: Aug 6 07:33:17 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=B26B57D77CCAA1A061E63BE049751F332C2C06D6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:c8:bd:78:ab:ba:b3:13:82:76:b6:c9:33:c4: 20:5a:94:39:1c:cc:a2:3b:8a:a2:0d:d5:eb:a6:b8: 51:00:22:c8:c6:3e:10:cf:e7:7c:ec:b1:7d:64:1f: d0:61:a2:e5:15:84:8e:03:9f:0b:ca:a4:87:23:5f: 45:ea:2a:13:2f:6e:0a:43:3f:79:78:8b:2b:37:f4: 3b:18:ac:ea:9b:0d:2d:00:10:f3:26:1f:c7:1f:eb: 10:47:6a:71:00:ae:f0:69:89:47:84:b0:f7:cf:6a: ae:5e:eb:4a:7d:6d:79:f3:44:d6:74:32:63:7b:33: ad:55:de:11:75:9a:e4:53:83:80:4d:1b:ad:1a:cf: eb:1d:be:5d:fd:68:ed:19:b1:06:4d:08:c0:4f:0e: 3a:a0:ad:19:fa:93:c7:01:ff:72:ab:cd:f5:c1:b2: 1a:32:0a:71:29:63:f5:cf:79:b3:a2:c3:2f:82:ce: cf:dd:2a:91:c2:a5:98:db:59:1f:c5:f1:4f:7a:36: 9d:d8:a4:d4:c1:93:67:5a:b2:7c:d1:93:37:e1:8f: 42:b7:5e:53:87:79:86:04:e6:9b:d0:3f:1f:6e:1a: 3e:24:21:ed:7c:9d:bc:90:0f:e2:35:3d:08:93:1e: 88:ef:6d:6a:a8:2a:1c:5b:a3:5e:a1:69:e4:ac:3b: 7d:69 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B2:6B:57:D7:7C:CA:A1:A0:61:E6:3B:E0:49:75:1F:33:2C:2C:06:D6 X509v3 Authority Key Identifier: keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/smtX13zKoaBh5jvgSXUfMywsBtY.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 43.246.28.0/22 Signature Algorithm: sha256WithRSAEncryption 67:ff:92:bb:62:e5:0d:f7:4d:c2:6b:3b:33:ae:ae:e0:4f:c7: c2:5b:88:3e:c4:67:d1:9f:25:04:df:2b:2e:24:af:ee:17:8e: e2:33:30:56:c6:45:12:4f:0a:60:9c:54:a8:cf:de:8e:1e:99: 31:dc:7a:7e:9a:6f:46:0d:29:44:69:74:9a:3b:7f:94:56:73: 52:84:fb:4d:8a:26:64:63:c3:9c:d0:36:be:22:e7:79:b6:8f: af:33:13:fe:b4:cb:87:d6:1a:26:a8:c3:a6:99:9d:ad:e7:70: 21:96:0f:00:c2:b6:6c:57:d1:e4:c4:26:3f:21:be:8e:30:cb: 16:17:b8:f6:85:a8:5a:84:e7:10:6d:4d:81:9b:d0:30:1e:bb: 54:0d:db:69:38:bd:4e:ba:18:1f:3b:d7:18:cf:a7:9a:c9:f7: 6b:f5:5a:7a:e4:36:2f:7f:90:55:91:b4:83:8f:49:d7:2e:66: 68:b0:36:f5:58:22:24:0e:f3:84:dd:2c:ab:d0:0b:8c:d4:60: c8:60:6a:c1:ea:ed:44:8c:cd:4d:28:f1:0f:bf:1e:b7:1b:90: 42:a5:55:78:35:02:b1:27:fa:9f:d5:70:c8:4d:4b:25:9c:0b: 26:f3:29:04:36:bb:96:5f:a5:3e:7b:de:6b:76:41:b8:cd:df: 35:e7:75:d2 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICf5gwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNTA4MDYw NzMzMTdaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKEIyNkI1N0Q3N0NDQUEx QTA2MUU2M0JFMDQ5NzUxRjMzMkMyQzA2RDYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDHyL14q7qzE4J2tskzxCBalDkczKI7iqIN1eumuFEAIsjGPhDP 53zssX1kH9BhouUVhI4DnwvKpIcjX0XqKhMvbgpDP3l4iys39DsYrOqbDS0AEPMm H8cf6xBHanEArvBpiUeEsPfPaq5e60p9bXnzRNZ0MmN7M61V3hF1muRTg4BNG60a z+sdvl39aO0ZsQZNCMBPDjqgrRn6k8cB/3KrzfXBshoyCnEpY/XPebOiwy+Czs/d KpHCpZjbWR/F8U96Np3YpNTBk2dasnzRkzfhj0K3XlOHeYYE5pvQPx9uGj4kIe18 nbyQD+I1PQiTHojvbWqoKhxbo16haeSsO31pAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUsmtX13zKoaBh5jvgSXUfMywsBtYwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj 3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3 L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3NtdFgxM3pLb2FCaDVq dmdTWFVmTXl3c0J0WS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAIr9hwwDQYJKoZIhvcNAQELBQADggEBAGf/krti5Q33TcJrOzOuruBPx8JbiD7E Z9GfJQTfKy4kr+4XjuIzMFbGRRJPCmCcVKjP3o4emTHcen6ab0YNKURpdJo7f5RW c1KE+02KJmRjw5zQNr4i53m2j68zE/60y4fWGiaow6aZna3ncCGWDwDCtmxX0eTE Jj8hvo4wyxYXuPaFqFqE5xBtTYGb0DAeu1QN22k4vU66GB871xjPp5rJ92v1Wnrk Ni9/kFWRtIOPSdcuZmiwNvVYIiQO84TdLKvQC4zUYMhgasHq7USMzU0o8Q+/Hrcb kEKlVXg1ArEn+p/VcMhNSyWcCybzKQQ2u5ZfpT573mt2QbjN3zXnddI= -----END CERTIFICATE-----Generated at Thu Aug 14 11:12:06 2025 by rpki-client