$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/623/uAGh7FGgcHKarpjgi9_4ufufx9w.roa File: uAGh7FGgcHKarpjgi9_4ufufx9w.roa (raw, json) Hash identifier: zuN9vZ+gKEHGRjDeNLRZEfSHxPL9sHZI1vLI81ELqyg= Subject key identifier: B8:01:A1:EC:51:A0:70:72:9A:AE:98:E0:8B:DF:F8:B9:FB:9F:C7:DC Certificate issuer: /CN=DEBFC900EDC34F81DA4827F1F9F63D04E0E2F756 Certificate serial: 0B15 Authority key identifier: DE:BF:C9:00:ED:C3:4F:81:DA:48:27:F1:F9:F6:3D:04:E0:E2:F7:56 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3r_JAO3DT4HaSCfx-fY9BODi91Y.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/623/uAGh7FGgcHKarpjgi9_4ufufx9w.roa Signing time: Mon 27 Oct 2025 02:39:25 +0000 ROA not before: Mon 27 Oct 2025 02:39:25 +0000 ROA not after: Fri 23 Oct 2026 03:01:03 +0000 asID: 58834 IP address blocks: 43.243.246.0/23 maxlen: 23 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/623/3r_JAO3DT4HaSCfx-fY9BODi91Y.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/623/3r_JAO3DT4HaSCfx-fY9BODi91Y.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3r_JAO3DT4HaSCfx-fY9BODi91Y.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 05 Nov 2025 23:43:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2837 (0xb15) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=DEBFC900EDC34F81DA4827F1F9F63D04E0E2F756 Validity Not Before: Oct 27 02:39:25 2025 GMT Not After : Oct 23 03:01:03 2026 GMT Subject: CN=B801A1EC51A070729AAE98E08BDFF8B9FB9FC7DC Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:6a:4e:12:53:82:72:bf:5d:3a:74:8e:01:b4: 37:bb:05:ca:9a:5d:4c:99:8f:b8:7c:52:8b:22:b3: 20:13:37:77:45:32:6e:a9:cb:f8:c9:45:ef:73:d4: 25:c2:df:13:b4:e1:38:02:b7:47:90:65:67:43:22: 4e:50:ea:3e:c4:2a:95:b8:49:4b:ec:61:98:b4:5e: 34:4f:40:2a:63:52:66:b2:fe:1f:50:8c:6e:aa:2b: dc:2b:be:33:ba:16:e4:d9:81:f7:5f:ae:0b:86:69: 1b:85:3c:a4:47:18:dc:72:66:98:fd:11:88:57:c9: df:91:0d:88:9c:bf:cc:ff:c8:ad:a3:5b:02:1e:ac: d6:3e:02:ba:26:40:19:8d:b7:db:60:9e:26:9e:99: 21:1d:ae:56:17:00:9d:31:f8:7e:33:54:2d:4a:cf: db:4a:3e:f9:d0:35:97:f8:89:5d:43:23:72:46:27: 92:d8:25:a3:1c:83:b5:3e:43:27:3b:82:5a:c6:76: 62:63:0e:34:57:31:7f:1d:40:0b:7c:b4:66:ab:20: 18:28:31:2e:16:98:c5:d1:54:1e:b5:dd:b8:ac:18: 3e:c0:c9:78:7b:aa:e4:ac:3d:78:0c:54:b1:c8:09: 76:e5:a9:f3:01:5f:bc:ea:07:83:d4:02:c0:ec:1f: 04:19 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B8:01:A1:EC:51:A0:70:72:9A:AE:98:E0:8B:DF:F8:B9:FB:9F:C7:DC X509v3 Authority Key Identifier: keyid:DE:BF:C9:00:ED:C3:4F:81:DA:48:27:F1:F9:F6:3D:04:E0:E2:F7:56 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/623/3r_JAO3DT4HaSCfx-fY9BODi91Y.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3r_JAO3DT4HaSCfx-fY9BODi91Y.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/623/uAGh7FGgcHKarpjgi9_4ufufx9w.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 43.243.246.0/23 Signature Algorithm: sha256WithRSAEncryption 7d:c6:ed:5e:13:9e:6d:34:ab:19:38:c4:6f:ea:d8:c3:e8:dd: ff:e5:af:bf:9b:49:66:bd:d3:ae:e5:c3:63:4b:84:96:64:0e: a7:a7:df:8b:83:b6:2b:cf:f0:80:1e:ec:4c:9c:c3:79:5c:ae: eb:05:10:ee:e5:d0:56:9d:16:48:44:38:e7:ec:2b:74:1e:34: 82:c8:89:f9:1e:1a:29:37:19:00:53:c0:21:6c:65:4a:a8:43: 5d:a3:3d:a7:e4:66:43:e9:d4:29:5c:66:f5:4c:c3:bc:05:94: 4c:14:64:33:50:f2:c5:24:4b:fe:cf:4f:08:4f:f1:5a:a0:89: c0:e3:ae:07:33:95:ff:68:08:96:01:ea:63:ea:6d:89:3e:62: 58:70:87:32:74:a1:96:3e:e1:9a:ad:47:52:ee:93:4b:fd:5d: 28:b8:6c:21:0d:ae:5f:80:70:66:f3:c2:57:06:fe:08:1c:7b: ea:22:db:7f:03:f3:e5:10:f9:dd:2f:f5:49:61:a2:43:33:62: 7b:c8:0f:2e:3f:32:17:1f:87:95:ea:a7:17:bb:37:b4:8a:4d: 4e:14:79:48:b0:b9:3b:d0:c3:5c:f4:4e:40:a2:17:7c:4a:7b: 13:7d:fb:c9:9c:65:59:f3:f4:26:91:db:72:af:30:5f:27:94: 3d:cc:e7:3e -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICCxUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoREVC RkM5MDBFREMzNEY4MURBNDgyN0YxRjlGNjNEMDRFMEUyRjc1NjAeFw0yNTEwMjcw MjM5MjVaFw0yNjEwMjMwMzAxMDNaMDMxMTAvBgNVBAMTKEI4MDFBMUVDNTFBMDcw NzI5QUFFOThFMDhCREZGOEI5RkI5RkM3REMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCoak4SU4Jyv106dI4BtDe7BcqaXUyZj7h8UosisyATN3dFMm6p y/jJRe9z1CXC3xO04TgCt0eQZWdDIk5Q6j7EKpW4SUvsYZi0XjRPQCpjUmay/h9Q jG6qK9wrvjO6FuTZgfdfrguGaRuFPKRHGNxyZpj9EYhXyd+RDYicv8z/yK2jWwIe rNY+AromQBmNt9tgniaemSEdrlYXAJ0x+H4zVC1Kz9tKPvnQNZf4iV1DI3JGJ5LY JaMcg7U+Qyc7glrGdmJjDjRXMX8dQAt8tGarIBgoMS4WmMXRVB613bisGD7AyXh7 quSsPXgMVLHICXblqfMBX7zqB4PUAsDsHwQZAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUuAGh7FGgcHKarpjgi9/4ufufx9wwHwYDVR0jBBgwFoAU3r/JAO3DT4HaSCfx +fY9BODi91YwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjIz LzNyX0pBTzNEVDRIYVNDZngtZlk5Qk9EaTkxWS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvM3JfSkFPM0RUNEhhU0NmeC1mWTlCT0RpOTFZLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjIzL3VBR2g3RkdnY0hLYXJw amdpOV80dWZ1Zng5dy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAEr8/YwDQYJKoZIhvcNAQELBQADggEBAH3G7V4Tnm00qxk4xG/q2MPo3f/lr7+b SWa9067lw2NLhJZkDqen34uDtivP8IAe7Eycw3lcrusFEO7l0FadFkhEOOfsK3Qe NILIifkeGik3GQBTwCFsZUqoQ12jPafkZkPp1ClcZvVMw7wFlEwUZDNQ8sUkS/7P TwhP8VqgicDjrgczlf9oCJYB6mPqbYk+YlhwhzJ0oZY+4ZqtR1Luk0v9XSi4bCEN rl+AcGbzwlcG/ggce+oi238D8+UQ+d0v9UlhokMzYnvIDy4/Mhcfh5Xqpxe7N7SK TU4UeUiwuTvQw1z0TkCiF3xKexN9+8mcZVnz9CaR23KvMF8nlD3M5z4= -----END CERTIFICATE-----Generated at Wed Nov 5 22:30:19 2025 by rpki-client