$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2927/vngUZyTpb2vIiTJqJGIcWBTP5AM.roa File: vngUZyTpb2vIiTJqJGIcWBTP5AM.roa (raw, json) Hash identifier: mnCD/psbdkuG8KujuBLdihNjlwEJvUObk3olUpIz7vE= Subject key identifier: BE:78:14:67:24:E9:6F:6B:C8:89:32:6A:24:62:1C:58:14:CF:E4:03 Certificate issuer: /CN=73D211D5B210E3B196054DB71892D8E38A4E09EF Certificate serial: 9B Authority key identifier: 73:D2:11:D5:B2:10:E3:B1:96:05:4D:B7:18:92:D8:E3:8A:4E:09:EF Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/c9IR1bIQ47GWBU23GJLY44pOCe8.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2927/vngUZyTpb2vIiTJqJGIcWBTP5AM.roa Signing time: Wed 23 Jul 2025 01:36:58 +0000 ROA not before: Wed 23 Jul 2025 01:36:58 +0000 ROA not after: Thu 25 Jun 2026 02:35:12 +0000 asID: 131574 IP address blocks: 43.249.170.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2927/c9IR1bIQ47GWBU23GJLY44pOCe8.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2927/c9IR1bIQ47GWBU23GJLY44pOCe8.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/c9IR1bIQ47GWBU23GJLY44pOCe8.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 14 Aug 2025 13:02:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 155 (0x9b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=73D211D5B210E3B196054DB71892D8E38A4E09EF Validity Not Before: Jul 23 01:36:58 2025 GMT Not After : Jun 25 02:35:12 2026 GMT Subject: CN=BE78146724E96F6BC889326A24621C5814CFE403 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e6:00:2f:95:2c:97:1a:c4:bf:01:c0:74:5c:ff: 1d:9c:91:84:07:10:06:a8:ba:5e:57:9a:1d:1e:b9: 47:06:96:3b:54:73:ad:94:b8:35:39:06:74:3e:95: d9:44:16:1d:44:9e:b2:77:18:1f:ed:8b:0f:48:ff: ab:bf:5b:6e:d2:9e:1e:84:84:e8:17:78:dc:48:3b: ae:82:7b:3f:06:5a:8e:e0:6d:d6:4c:40:4c:a0:da: 7f:0b:6c:ba:ae:b0:28:c5:ab:bf:fe:75:0c:89:b1: 74:e9:b7:d2:3b:e0:c9:f0:b6:4e:72:40:39:75:37: fc:41:09:35:a2:da:33:1b:98:79:64:dd:d4:b6:ec: 2b:46:b7:21:fb:04:2f:b1:82:ad:61:78:2c:96:1b: 6a:de:37:6f:eb:79:71:d7:26:b5:42:7d:00:82:ef: 25:b0:84:4e:77:97:15:45:4e:1e:ba:82:fe:de:8c: f0:98:7f:ec:e3:79:89:e2:22:f3:6d:fb:90:11:44: ab:ec:99:f8:f5:92:a5:44:50:96:4d:0d:e8:75:cb: aa:5c:2c:4c:bb:56:31:59:18:16:96:90:40:bf:8b: 98:90:4f:f4:46:a6:7c:02:eb:f8:65:72:92:24:a8: 61:bc:60:30:96:b1:53:7d:04:d1:5d:3f:71:6a:64: 6d:ad Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BE:78:14:67:24:E9:6F:6B:C8:89:32:6A:24:62:1C:58:14:CF:E4:03 X509v3 Authority Key Identifier: keyid:73:D2:11:D5:B2:10:E3:B1:96:05:4D:B7:18:92:D8:E3:8A:4E:09:EF X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2927/c9IR1bIQ47GWBU23GJLY44pOCe8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/c9IR1bIQ47GWBU23GJLY44pOCe8.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2927/vngUZyTpb2vIiTJqJGIcWBTP5AM.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 43.249.170.0/24 Signature Algorithm: sha256WithRSAEncryption 59:be:64:67:44:83:27:07:25:c9:7b:3f:7a:d4:b6:0f:64:23: 50:a1:5a:f5:26:31:48:7d:20:7f:4d:95:14:f4:f5:1a:33:46: 34:b8:a0:c0:a0:26:2c:d5:da:7d:bf:62:ef:f5:d6:a2:1b:ac: a8:a5:26:61:f9:e3:41:a7:95:75:be:de:fa:6d:7b:f7:bf:a9: e8:23:25:2d:e6:19:93:dc:03:77:7e:b1:be:52:fe:a8:c0:6b: ac:c2:80:5d:3c:b9:5e:e3:28:e0:49:88:e7:85:a1:aa:0b:e2: 25:28:bd:cd:08:db:d8:05:ff:bc:68:8e:6b:26:0a:a3:85:bc: 68:63:01:77:24:7c:9c:2c:88:03:19:18:ae:fd:a3:a0:70:60: b1:89:5b:a2:cc:4a:d7:b9:20:b4:94:5e:a1:8c:00:2f:b9:ab: 22:6d:39:52:26:fe:73:c9:7f:46:bd:50:fa:fd:18:23:4c:d1: db:4e:ce:14:43:85:bf:91:cd:02:9d:7c:64:c1:77:39:bb:c5: 87:e2:61:67:95:8f:6b:2b:80:d2:8f:46:5e:5c:16:58:cc:9b: c2:ee:79:18:bd:b5:7a:fc:d4:2d:9c:79:2e:83:20:de:4f:48: 34:38:2c:4f:68:ca:36:a4:82:60:cb:fe:b5:62:6b:a6:6f:de: 69:62:c5:96 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICAJswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzNE MjExRDVCMjEwRTNCMTk2MDU0REI3MTg5MkQ4RTM4QTRFMDlFRjAeFw0yNTA3MjMw MTM2NThaFw0yNjA2MjUwMjM1MTJaMDMxMTAvBgNVBAMTKEJFNzgxNDY3MjRFOTZG NkJDODg5MzI2QTI0NjIxQzU4MTRDRkU0MDMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDmAC+VLJcaxL8BwHRc/x2ckYQHEAaoul5Xmh0euUcGljtUc62U uDU5BnQ+ldlEFh1EnrJ3GB/tiw9I/6u/W27Snh6EhOgXeNxIO66Cez8GWo7gbdZM QEyg2n8LbLqusCjFq7/+dQyJsXTpt9I74Mnwtk5yQDl1N/xBCTWi2jMbmHlk3dS2 7CtGtyH7BC+xgq1heCyWG2reN2/reXHXJrVCfQCC7yWwhE53lxVFTh66gv7ejPCY f+zjeYniIvNt+5ARRKvsmfj1kqVEUJZNDeh1y6pcLEy7VjFZGBaWkEC/i5iQT/RG pnwC6/hlcpIkqGG8YDCWsVN9BNFdP3FqZG2tAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUvngUZyTpb2vIiTJqJGIcWBTP5AMwHwYDVR0jBBgwFoAUc9IR1bIQ47GWBU23 GJLY44pOCe8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjky Ny9jOUlSMWJJUTQ3R1dCVTIzR0pMWTQ0cE9DZTguY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL2M5SVIxYklRNDdHV0JVMjNHSkxZNDRwT0NlOC5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI5Mjcvdm5nVVp5VHBiMnZJ aVRKcUpHSWNXQlRQNUFNLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEACv5qjANBgkqhkiG9w0BAQsFAAOCAQEAWb5kZ0SDJwclyXs/etS2D2QjUKFa 9SYxSH0gf02VFPT1GjNGNLigwKAmLNXafb9i7/XWohusqKUmYfnjQaeVdb7e+m17 97+p6CMlLeYZk9wDd36xvlL+qMBrrMKAXTy5XuMo4EmI54WhqgviJSi9zQjb2AX/ vGiOayYKo4W8aGMBdyR8nCyIAxkYrv2joHBgsYlbosxK17kgtJReoYwAL7mrIm05 Uib+c8l/Rr1Q+v0YI0zR207OFEOFv5HNAp18ZMF3ObvFh+JhZ5WPayuA0o9GXlwW WMybwu55GL21evzULZx5LoMg3k9INDgsT2jKNqSCYMv+tWJrpm/eaWLFlg== -----END CERTIFICATE-----Generated at Thu Aug 14 11:07:28 2025 by rpki-client