$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1228/22EffpS7GnnifhXrI4tAbrDDc-g.roa File: 22EffpS7GnnifhXrI4tAbrDDc-g.roa (raw, json) Hash identifier: 4E/yKu43inQAr1L9cp/ACPCiEVmbOTFL687c79yRLyA= Subject key identifier: DB:61:1F:7E:94:BB:1A:79:E2:7E:15:EB:23:8B:40:6E:B0:C3:73:E8 Certificate issuer: /CN=ADD2726DD6FF9F5A459AE5B0A9EE8E7DDFC7F07C Certificate serial: B9 Authority key identifier: AD:D2:72:6D:D6:FF:9F:5A:45:9A:E5:B0:A9:EE:8E:7D:DF:C7:F0:7C Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/rdJybdb_n1pFmuWwqe6Ofd_H8Hw.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1228/22EffpS7GnnifhXrI4tAbrDDc-g.roa Signing time: Mon 16 Jun 2025 12:19:10 +0000 ROA not before: Mon 16 Jun 2025 12:19:10 +0000 ROA not after: Sat 16 May 2026 10:06:17 +0000 asID: 62468 IP address blocks: 43.254.192.0/22 maxlen: 32 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1228/rdJybdb_n1pFmuWwqe6Ofd_H8Hw.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1228/rdJybdb_n1pFmuWwqe6Ofd_H8Hw.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/rdJybdb_n1pFmuWwqe6Ofd_H8Hw.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 15:04:24 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 185 (0xb9) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ADD2726DD6FF9F5A459AE5B0A9EE8E7DDFC7F07C Validity Not Before: Jun 16 12:19:10 2025 GMT Not After : May 16 10:06:17 2026 GMT Subject: CN=DB611F7E94BB1A79E27E15EB238B406EB0C373E8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:65:cf:62:20:1f:70:0d:16:35:86:16:76:dc: aa:2f:00:44:bc:77:1a:5c:46:88:b8:92:85:7e:ee: 03:5b:09:c9:10:c8:13:3b:1c:70:d6:42:ca:96:10: 53:7a:47:d8:75:7e:a8:b9:88:d6:49:49:a3:97:cd: 7e:33:e5:d8:15:e8:00:ce:bc:18:f4:64:53:85:52: da:d9:de:62:68:b5:83:d2:c4:f7:3f:c3:23:cf:9d: 46:c5:c4:6b:d9:45:e9:61:4c:af:d8:fd:6a:52:58: 6f:e4:c2:8d:15:30:b9:90:d5:63:3e:ef:2f:f0:84: f3:86:3d:8e:85:c2:ae:5a:bd:0d:b5:68:be:48:76: 62:bb:63:2e:97:d7:ab:11:b6:04:dd:9c:17:10:84: ac:f6:dd:a7:20:67:08:ec:a3:5b:56:6d:8a:0b:a6: 76:4f:04:81:af:f8:33:9f:70:bc:de:be:11:51:ca: 74:49:e0:83:69:de:dc:29:4b:f8:e1:95:2d:69:f3: 13:6b:34:53:11:12:ed:46:23:9b:e5:23:73:7e:34: bb:47:4a:83:fc:69:37:9e:7f:33:a9:61:19:22:16: b9:54:de:74:8d:b4:ae:72:54:2f:32:77:1f:22:c3: 4d:e5:c8:37:fb:1f:9c:8b:e3:09:93:64:b1:d3:9f: ee:a1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DB:61:1F:7E:94:BB:1A:79:E2:7E:15:EB:23:8B:40:6E:B0:C3:73:E8 X509v3 Authority Key Identifier: keyid:AD:D2:72:6D:D6:FF:9F:5A:45:9A:E5:B0:A9:EE:8E:7D:DF:C7:F0:7C X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1228/rdJybdb_n1pFmuWwqe6Ofd_H8Hw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/rdJybdb_n1pFmuWwqe6Ofd_H8Hw.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1228/22EffpS7GnnifhXrI4tAbrDDc-g.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 43.254.192.0/22 Signature Algorithm: sha256WithRSAEncryption 20:7a:ac:aa:d1:5a:a9:59:8e:90:e2:c8:0e:1f:50:11:2b:bd: 08:d6:da:66:cc:2e:b2:0f:b0:9b:06:0a:f4:47:63:71:53:58: 89:5e:d4:54:00:ac:fe:ba:22:ef:43:c1:7e:2e:de:76:e4:cf: 0e:c5:b4:87:38:c6:93:b4:bc:7d:7d:79:ac:78:6e:8e:26:c1: b4:42:52:76:f1:c3:3b:b0:87:36:e8:3a:d8:8f:5f:7d:21:fe: 24:d1:0a:02:85:de:ec:34:4b:13:47:b2:fa:b2:63:27:c2:7c: 18:93:54:25:6a:29:38:d7:50:9e:4a:52:1e:35:27:9e:aa:a5: c7:4c:85:e4:1c:41:b1:b7:cb:b5:09:4a:24:85:4f:d5:1e:45: 38:a0:3e:c6:92:70:b1:5e:63:39:75:76:7b:4e:a1:5b:57:3a: 77:ae:aa:e3:2e:bb:75:94:6a:b7:b1:46:8e:ff:dd:6d:65:2f: 39:8f:a9:21:fe:9e:08:3c:25:c4:f2:40:ba:60:bd:05:4f:f8: 59:9c:dd:76:6b:c5:23:89:75:a5:22:bf:83:32:02:d2:d7:d2: c6:0f:b3:61:03:61:92:78:91:d6:47:df:08:b3:bf:a9:33:7c: 09:7a:e3:ab:3b:d1:8c:b0:8b:7a:6d:79:9c:70:ed:88:f4:87: eb:e7:25:41 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICALkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQURE MjcyNkRENkZGOUY1QTQ1OUFFNUIwQTlFRThFN0RERkM3RjA3QzAeFw0yNTA2MTYx MjE5MTBaFw0yNjA1MTYxMDA2MTdaMDMxMTAvBgNVBAMTKERCNjExRjdFOTRCQjFB NzlFMjdFMTVFQjIzOEI0MDZFQjBDMzczRTgwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDEZc9iIB9wDRY1hhZ23KovAES8dxpcRoi4koV+7gNbCckQyBM7 HHDWQsqWEFN6R9h1fqi5iNZJSaOXzX4z5dgV6ADOvBj0ZFOFUtrZ3mJotYPSxPc/ wyPPnUbFxGvZRelhTK/Y/WpSWG/kwo0VMLmQ1WM+7y/whPOGPY6Fwq5avQ21aL5I dmK7Yy6X16sRtgTdnBcQhKz23acgZwjso1tWbYoLpnZPBIGv+DOfcLzevhFRynRJ 4INp3twpS/jhlS1p8xNrNFMREu1GI5vlI3N+NLtHSoP8aTeefzOpYRkiFrlU3nSN tK5yVC8ydx8iw03lyDf7H5yL4wmTZLHTn+6hAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQU22EffpS7GnnifhXrI4tAbrDDc+gwHwYDVR0jBBgwFoAUrdJybdb/n1pFmuWw qe6Ofd/H8HwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTIy OC9yZEp5YmRiX24xcEZtdVd3cWU2T2ZkX0g4SHcuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL3JkSnliZGJfbjFwRm11V3dxZTZPZmRfSDhIdy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzEyMjgvMjJFZmZwUzdHbm5p ZmhYckk0dEFickREYy1nLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAiv+wDANBgkqhkiG9w0BAQsFAAOCAQEAIHqsqtFaqVmOkOLIDh9QESu9CNba Zswusg+wmwYK9EdjcVNYiV7UVACs/roi70PBfi7eduTPDsW0hzjGk7S8fX15rHhu jibBtEJSdvHDO7CHNug62I9ffSH+JNEKAoXe7DRLE0ey+rJjJ8J8GJNUJWopONdQ nkpSHjUnnqqlx0yF5BxBsbfLtQlKJIVP1R5FOKA+xpJwsV5jOXV2e06hW1c6d66q 4y67dZRqt7FGjv/dbWUvOY+pIf6eCDwlxPJAumC9BU/4WZzddmvFI4l1pSK/gzIC 0tfSxg+zYQNhkniR1kffCLO/qTN8CXrjqzvRjLCLem15nHDtiPSH6+clQQ== -----END CERTIFICATE-----Generated at Mon Oct 20 13:51:06 2025 by rpki-client