$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/623/VhQLH9NoMSfW__qaen5m-iHrpwQ.roa File: VhQLH9NoMSfW__qaen5m-iHrpwQ.roa (raw, json) Hash identifier: C0TqZ+diSUv3pKGMQXUJoFoz3k29bbDYs8ZWicQbgkw= Subject key identifier: 56:14:0B:1F:D3:68:31:27:D6:FF:FA:9A:7A:7E:66:FA:21:EB:A7:04 Certificate issuer: /CN=DEBFC900EDC34F81DA4827F1F9F63D04E0E2F756 Certificate serial: 0B0B Authority key identifier: DE:BF:C9:00:ED:C3:4F:81:DA:48:27:F1:F9:F6:3D:04:E0:E2:F7:56 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3r_JAO3DT4HaSCfx-fY9BODi91Y.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/623/VhQLH9NoMSfW__qaen5m-iHrpwQ.roa Signing time: Mon 27 Oct 2025 02:39:23 +0000 ROA not before: Mon 27 Oct 2025 02:39:23 +0000 ROA not after: Fri 23 Oct 2026 03:01:03 +0000 asID: 58834 IP address blocks: 43.243.244.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/623/3r_JAO3DT4HaSCfx-fY9BODi91Y.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/623/3r_JAO3DT4HaSCfx-fY9BODi91Y.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3r_JAO3DT4HaSCfx-fY9BODi91Y.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 06 Nov 2025 01:11:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2827 (0xb0b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=DEBFC900EDC34F81DA4827F1F9F63D04E0E2F756 Validity Not Before: Oct 27 02:39:23 2025 GMT Not After : Oct 23 03:01:03 2026 GMT Subject: CN=56140B1FD3683127D6FFFA9A7A7E66FA21EBA704 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d8:8f:41:80:63:44:fb:9a:72:28:98:ae:1c:34: 0c:81:0a:af:52:11:c9:55:27:69:50:5a:59:7c:85: bd:63:07:59:6f:3b:62:4c:04:ac:e0:9d:f8:ea:b4: 7f:91:20:01:10:cb:3d:46:f2:32:0f:ea:60:c2:4d: e9:ee:36:5e:a5:44:62:45:3a:ae:a8:20:a4:a5:5b: 42:b9:c8:fb:e6:99:7a:fa:21:0f:2d:76:75:f5:92: 7a:cd:94:e4:bb:d0:5b:12:5e:f9:2d:44:88:a6:a7: d0:e9:78:71:71:7f:c4:26:cb:f6:8c:90:38:8d:ec: f9:de:82:14:50:fe:b8:e4:10:ed:c0:04:53:6c:40: c9:7f:b2:68:86:b7:da:ef:b4:e7:68:4f:c3:6c:57: cb:81:d6:fe:18:f6:00:ab:a1:59:d0:9f:09:b0:90: 42:97:c5:19:ce:f0:67:89:a7:7e:41:cb:6a:dc:a6: f3:6f:ac:09:a9:5b:c4:68:90:1e:9c:94:17:30:b5: 79:a8:77:ab:96:18:39:9c:2f:56:17:05:0e:06:27: 54:e5:8a:7e:6e:9d:af:a9:c7:62:9d:da:18:7b:be: 81:cc:55:ba:31:34:7d:4d:6d:d1:03:29:bc:f1:39: b4:80:2f:c3:cb:3d:b3:f6:1a:11:06:bb:8b:3f:b8: a1:b5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 56:14:0B:1F:D3:68:31:27:D6:FF:FA:9A:7A:7E:66:FA:21:EB:A7:04 X509v3 Authority Key Identifier: keyid:DE:BF:C9:00:ED:C3:4F:81:DA:48:27:F1:F9:F6:3D:04:E0:E2:F7:56 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/623/3r_JAO3DT4HaSCfx-fY9BODi91Y.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3r_JAO3DT4HaSCfx-fY9BODi91Y.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/623/VhQLH9NoMSfW__qaen5m-iHrpwQ.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 43.243.244.0/22 Signature Algorithm: sha256WithRSAEncryption 88:78:dc:a0:7a:89:7a:5e:06:9a:fd:84:7a:73:99:6d:a6:e7: a2:20:be:45:43:1a:b3:da:81:e0:71:51:35:7d:92:96:ef:68: d5:a1:db:4d:34:be:e9:35:66:78:c8:31:c8:ce:80:13:81:94: 0d:2c:85:29:6b:eb:21:3d:b8:63:d0:d2:22:f6:2f:ba:73:c0: 9f:9f:a6:2d:c1:81:7f:44:89:c2:74:7c:cb:71:b0:3a:ab:e9: 16:44:2d:26:70:ff:89:4b:9d:4f:67:97:1a:1a:94:4b:30:62: 3e:4a:10:75:11:bb:f6:57:5a:35:49:98:32:2b:78:11:99:56: 1a:3b:9a:83:1f:1d:a4:46:03:dd:53:12:04:ff:53:1a:0e:9a: 25:b8:ef:ed:dc:53:44:a1:14:33:cd:67:ff:41:6d:b1:2c:7b: ea:56:25:23:7a:32:a7:78:34:0a:12:14:c2:e0:3f:c1:33:78: d6:f8:22:64:53:6c:09:83:d3:15:7e:08:89:53:78:a9:39:2b: 5a:2f:ee:8b:58:fa:18:d3:d1:56:15:b4:2f:14:4e:71:81:88: 4a:de:71:c0:26:22:f8:59:73:09:6d:66:13:26:22:af:43:32: 69:7d:3a:bb:80:7c:c5:69:54:46:7a:62:76:e6:49:3f:9a:84: 30:1e:11:84 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICCwswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoREVC RkM5MDBFREMzNEY4MURBNDgyN0YxRjlGNjNEMDRFMEUyRjc1NjAeFw0yNTEwMjcw MjM5MjNaFw0yNjEwMjMwMzAxMDNaMDMxMTAvBgNVBAMTKDU2MTQwQjFGRDM2ODMx MjdENkZGRkE5QTdBN0U2NkZBMjFFQkE3MDQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDYj0GAY0T7mnIomK4cNAyBCq9SEclVJ2lQWll8hb1jB1lvO2JM BKzgnfjqtH+RIAEQyz1G8jIP6mDCTenuNl6lRGJFOq6oIKSlW0K5yPvmmXr6IQ8t dnX1knrNlOS70FsSXvktRIimp9DpeHFxf8Qmy/aMkDiN7PneghRQ/rjkEO3ABFNs QMl/smiGt9rvtOdoT8NsV8uB1v4Y9gCroVnQnwmwkEKXxRnO8GeJp35By2rcpvNv rAmpW8RokB6clBcwtXmod6uWGDmcL1YXBQ4GJ1Tlin5una+px2Kd2hh7voHMVbox NH1NbdEDKbzxObSAL8PLPbP2GhEGu4s/uKG1AgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUVhQLH9NoMSfW//qaen5m+iHrpwQwHwYDVR0jBBgwFoAU3r/JAO3DT4HaSCfx +fY9BODi91YwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjIz LzNyX0pBTzNEVDRIYVNDZngtZlk5Qk9EaTkxWS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvM3JfSkFPM0RUNEhhU0NmeC1mWTlCT0RpOTFZLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjIzL1ZoUUxIOU5vTVNmV19f cWFlbjVtLWlIcnB3US5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAIr8/QwDQYJKoZIhvcNAQELBQADggEBAIh43KB6iXpeBpr9hHpzmW2m56IgvkVD GrPageBxUTV9kpbvaNWh2000vuk1ZnjIMcjOgBOBlA0shSlr6yE9uGPQ0iL2L7pz wJ+fpi3BgX9EicJ0fMtxsDqr6RZELSZw/4lLnU9nlxoalEswYj5KEHURu/ZXWjVJ mDIreBGZVho7moMfHaRGA91TEgT/UxoOmiW47+3cU0ShFDPNZ/9BbbEse+pWJSN6 Mqd4NAoSFMLgP8EzeNb4ImRTbAmD0xV+CIlTeKk5K1ov7otY+hjT0VYVtC8UTnGB iEreccAmIvhZcwltZhMmIq9DMml9OruAfMVpVEZ6YnbmST+ahDAeEYQ= -----END CERTIFICATE-----Generated at Wed Nov 5 23:58:21 2025 by rpki-client