$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1663/ywCQM1l3K43_E-WiIpSnSbWqOvE.roa File: ywCQM1l3K43_E-WiIpSnSbWqOvE.roa (raw, json) Hash identifier: hgEPrLxxvDkD6XngS/o1Hzja3xdYFuhr99lC4QpzvhQ= Subject key identifier: CB:00:90:33:59:77:2B:8D:FF:13:E5:A2:22:94:A7:49:B5:AA:3A:F1 Certificate issuer: /CN=8AE4CF78B49DF0B2C1D29D32E48A943AE4F41ACC Certificate serial: 5CFB Authority key identifier: 8A:E4:CF:78:B4:9D:F0:B2:C1:D2:9D:32:E4:8A:94:3A:E4:F4:1A:CC Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1663/ywCQM1l3K43_E-WiIpSnSbWqOvE.roa Signing time: Sat 13 Sep 2025 03:06:29 +0000 ROA not before: Sat 13 Sep 2025 03:06:29 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 134762 IP address blocks: 43.226.64.0/21 maxlen: 21 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1663/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1663/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 09:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 23803 (0x5cfb) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8AE4CF78B49DF0B2C1D29D32E48A943AE4F41ACC Validity Not Before: Sep 13 03:06:29 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=CB00903359772B8DFF13E5A22294A749B5AA3AF1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:db:12:27:a9:da:da:d0:37:88:80:f7:90:9d:7b: 8a:5d:0d:d5:7a:81:02:a9:f6:ef:ee:6b:7e:0a:ad: 30:86:8e:b4:db:62:a2:47:43:48:fa:9a:78:5c:ed: f6:c6:cd:41:51:05:a3:0f:f8:35:52:54:5a:e2:38: a0:6c:db:ae:9c:8f:b4:a6:a1:c8:63:7d:76:27:ea: 04:47:74:e1:a8:92:5e:70:8e:73:ae:8f:a3:0a:91: f4:4d:28:c7:f3:9d:9d:7e:07:2c:93:dc:1b:10:51: 1d:fb:81:c0:ce:a3:2c:3f:23:aa:cc:18:8f:4a:c9: b0:b0:18:18:59:2d:2a:f2:d7:a5:00:fc:0c:d1:b2: ac:eb:a8:ad:ca:cc:91:8a:c2:d2:c0:30:b5:f2:79: a2:9b:e9:94:8d:62:d8:dd:f0:d1:35:66:8d:55:c4: 0c:86:01:1d:6a:58:d4:31:73:b9:07:41:0b:4d:df: 88:6e:3d:0e:cc:bd:8b:74:a8:da:45:44:f6:f8:d5: 46:1d:a9:68:2a:87:48:42:40:85:b1:30:6a:44:fc: 92:00:10:32:84:a5:d8:5f:15:31:24:21:8f:de:29: 7a:c2:77:f2:60:0e:0b:6e:45:fa:f3:5c:87:80:13: bc:b3:0b:a2:95:89:da:ee:35:b5:83:f2:e3:2e:3a: 63:d7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CB:00:90:33:59:77:2B:8D:FF:13:E5:A2:22:94:A7:49:B5:AA:3A:F1 X509v3 Authority Key Identifier: keyid:8A:E4:CF:78:B4:9D:F0:B2:C1:D2:9D:32:E4:8A:94:3A:E4:F4:1A:CC X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1663/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1663/ywCQM1l3K43_E-WiIpSnSbWqOvE.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 43.226.64.0/21 Signature Algorithm: sha256WithRSAEncryption 48:07:f6:aa:3e:a5:a2:83:dc:d4:45:90:8e:2b:45:d8:4c:6e: fe:ac:6d:33:e1:5a:a9:5e:75:e5:5a:fb:22:90:8b:33:e5:13: 25:9f:4d:08:00:14:19:27:7e:b1:dd:fe:0e:f8:6f:90:35:43: 7f:15:6a:32:11:9d:4b:44:b5:03:97:22:85:9b:da:c5:7d:e4: ff:b6:72:f8:ee:cb:2a:31:b0:27:1b:03:c6:92:84:b0:a9:6f: ba:33:7a:d0:51:2a:da:43:68:86:f9:83:e7:ea:ad:b1:98:6e: d7:58:a0:e8:7b:e8:7e:cb:94:91:3c:7f:10:8e:3a:6e:af:00: ff:61:c3:48:e0:f8:5c:a7:a4:89:5b:38:6b:c2:a4:9c:f6:3b: 87:b2:de:53:6d:0b:4b:84:60:ff:b1:13:bc:24:80:b9:79:5b: 53:68:a8:f8:bb:05:dc:9b:84:6b:11:53:b8:02:80:51:a9:61: 5e:39:f3:54:84:ca:4e:03:2a:b9:66:1f:49:f8:a9:f5:f3:b6: 60:ac:1c:38:63:88:d0:83:da:70:73:73:b9:83:f2:87:1b:65: 51:ff:e6:e7:0f:78:0d:b9:37:27:9a:ed:a9:73:48:4f:7b:7e: 1c:f0:93:67:32:f9:da:5b:20:62:14:78:83:e9:af:4d:fa:c0: 7e:87:56:b2 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICXPswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOEFF NENGNzhCNDlERjBCMkMxRDI5RDMyRTQ4QTk0M0FFNEY0MUFDQzAeFw0yNTA5MTMw MzA2MjlaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKENCMDA5MDMzNTk3NzJC OERGRjEzRTVBMjIyOTRBNzQ5QjVBQTNBRjEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDbEiep2trQN4iA95Cde4pdDdV6gQKp9u/ua34KrTCGjrTbYqJH Q0j6mnhc7fbGzUFRBaMP+DVSVFriOKBs266cj7SmochjfXYn6gRHdOGokl5wjnOu j6MKkfRNKMfznZ1+ByyT3BsQUR37gcDOoyw/I6rMGI9KybCwGBhZLSry16UA/AzR sqzrqK3KzJGKwtLAMLXyeaKb6ZSNYtjd8NE1Zo1VxAyGAR1qWNQxc7kHQQtN34hu PQ7MvYt0qNpFRPb41UYdqWgqh0hCQIWxMGpE/JIAEDKEpdhfFTEkIY/eKXrCd/Jg DgtuRfrzXIeAE7yzC6KVidruNbWD8uMuOmPXAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUywCQM1l3K43/E+WiIpSnSbWqOvEwHwYDVR0jBBgwFoAUiuTPeLSd8LLB0p0y 5IqUOuT0GswwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTY2 My9pdVRQZUxTZDhMTEIwcDB5NUlxVU91VDBHc3cuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL2l1VFBlTFNkOExMQjBwMHk1SXFVT3VUMEdzdy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzE2NjMveXdDUU0xbDNLNDNf RS1XaUlwU25TYldxT3ZFLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAyviQDANBgkqhkiG9w0BAQsFAAOCAQEASAf2qj6looPc1EWQjitF2Exu/qxt M+FaqV515Vr7IpCLM+UTJZ9NCAAUGSd+sd3+DvhvkDVDfxVqMhGdS0S1A5cihZva xX3k/7Zy+O7LKjGwJxsDxpKEsKlvujN60FEq2kNohvmD5+qtsZhu11ig6HvofsuU kTx/EI46bq8A/2HDSOD4XKekiVs4a8KknPY7h7LeU20LS4Rg/7ETvCSAuXlbU2io +LsF3JuEaxFTuAKAUalhXjnzVITKTgMquWYfSfip9fO2YKwcOGOI0IPacHNzuYPy hxtlUf/m5w94Dbk3J5rtqXNIT3t+HPCTZzL52lsgYhR4g+mvTfrAfodWsg== -----END CERTIFICATE-----Generated at Mon Oct 20 08:42:42 2025 by rpki-client