$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3026/VHg4WcptEIML1tZ_lVaJ5ybbWVE.roa File: VHg4WcptEIML1tZ_lVaJ5ybbWVE.roa (raw, json) Hash identifier: ehQQqc+yIYQ1Ka26I1zkeDqYKm+RlKwsXxYQOtQ12T8= Subject key identifier: 54:78:38:59:CA:6D:10:83:0B:D6:D6:7F:95:56:89:E7:26:DB:59:51 Certificate issuer: /CN=0CB04CC5A6B39B148DD710EF5C6E3F2D9380B455 Certificate serial: 06F6 Authority key identifier: 0C:B0:4C:C5:A6:B3:9B:14:8D:D7:10:EF:5C:6E:3F:2D:93:80:B4:55 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/DLBMxaazmxSN1xDvXG4_LZOAtFU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3026/VHg4WcptEIML1tZ_lVaJ5ybbWVE.roa Signing time: Fri 22 Aug 2025 15:26:28 +0000 ROA not before: Fri 22 Aug 2025 15:26:28 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 55991 IP address blocks: 103.43.134.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3026/DLBMxaazmxSN1xDvXG4_LZOAtFU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3026/DLBMxaazmxSN1xDvXG4_LZOAtFU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/DLBMxaazmxSN1xDvXG4_LZOAtFU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 02:00:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1782 (0x6f6) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0CB04CC5A6B39B148DD710EF5C6E3F2D9380B455 Validity Not Before: Aug 22 15:26:28 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=54783859CA6D10830BD6D67F955689E726DB5951 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:cb:94:bf:32:0e:19:5f:6c:da:75:07:1c:cc: fc:0a:12:34:c9:18:09:f1:91:62:94:46:76:d7:ee: 27:e1:8d:6f:18:51:fc:8c:0b:5f:97:9f:cd:5c:5b: 96:c5:35:63:b9:c5:72:8d:f7:36:7a:a1:58:30:cc: 6b:33:c8:ce:97:aa:8f:41:19:56:29:6c:60:96:9d: 72:05:ac:39:c9:6b:19:b4:33:59:62:51:35:07:e4: c6:02:cc:58:0b:2d:86:b9:6c:ed:a1:91:3b:6f:28: af:fc:5e:d8:e5:af:41:de:53:2b:eb:8d:cf:b9:f9: a0:42:ec:01:c7:20:5d:f5:e9:47:01:85:9f:0f:a8: 81:f0:a1:5a:fa:e5:95:3f:fe:aa:c4:94:6d:e1:2e: 38:0c:7b:09:eb:aa:e8:58:90:7d:22:e4:3c:82:7a: c8:40:7d:7c:9c:40:61:97:ff:cb:c8:4f:95:7d:cd: 55:eb:ab:ca:9a:3e:0f:6b:05:23:60:97:14:7a:db: e0:c6:a1:dc:d7:62:fe:96:60:0b:d1:5a:e8:17:dd: ae:c5:1c:e9:c0:98:f8:da:e3:fc:67:17:13:8f:5e: 16:ec:8b:cc:06:8e:e3:8d:a4:e7:d8:3f:b0:08:bd: e5:2c:b6:aa:70:e3:b1:53:98:a8:b8:05:df:d8:60: d8:03 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 54:78:38:59:CA:6D:10:83:0B:D6:D6:7F:95:56:89:E7:26:DB:59:51 X509v3 Authority Key Identifier: keyid:0C:B0:4C:C5:A6:B3:9B:14:8D:D7:10:EF:5C:6E:3F:2D:93:80:B4:55 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3026/DLBMxaazmxSN1xDvXG4_LZOAtFU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/DLBMxaazmxSN1xDvXG4_LZOAtFU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3026/VHg4WcptEIML1tZ_lVaJ5ybbWVE.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.43.134.0/24 Signature Algorithm: sha256WithRSAEncryption 61:bd:6b:a1:e3:ad:42:03:e1:5d:0a:a2:43:41:46:31:8e:57: 5a:1c:da:ae:1b:fb:7e:28:b0:bb:f2:5c:98:ae:bb:fc:d3:cc: 02:2f:14:87:50:f9:2b:56:f8:5b:13:2b:c8:52:88:24:25:43: 32:93:73:b6:fa:1b:14:8d:0d:5f:05:48:b7:01:81:dc:9a:ba: 94:d1:6f:46:c3:1f:5e:e8:7a:49:70:4d:8c:9e:ef:8b:1e:5a: 94:ac:07:fc:f4:4c:bf:ed:8a:42:0b:84:17:08:97:71:77:3f: 8e:0e:e6:7e:9c:0f:dd:76:c4:38:3f:4c:d1:28:66:f4:0d:43: 63:0d:da:6d:45:37:76:db:b9:71:4b:b3:3c:a8:be:fa:79:3c: e8:b0:a6:48:dc:8d:89:f9:d6:6b:57:cd:33:64:f5:47:d6:b3: f2:60:5f:f8:38:e2:2b:4c:c3:9f:cf:37:87:4b:e0:0d:24:c8: f4:fb:85:fa:f0:68:7d:65:c2:de:b5:9b:51:ce:e7:5a:b0:53: ac:90:9b:0c:8f:bd:0e:5a:da:28:0c:9e:47:2f:c3:a4:0e:e2: e2:02:76:34:45:47:6b:49:c4:f3:38:ad:d6:4f:86:93:af:ed: 98:b9:ff:dd:4d:5d:1d:ac:fd:b6:e6:e0:3e:39:02:50:c0:47: 5e:70:7d:a7 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICBvYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMENC MDRDQzVBNkIzOUIxNDhERDcxMEVGNUM2RTNGMkQ5MzgwQjQ1NTAeFw0yNTA4MjIx NTI2MjhaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDU0NzgzODU5Q0E2RDEw ODMwQkQ2RDY3Rjk1NTY4OUU3MjZEQjU5NTEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC1y5S/Mg4ZX2zadQcczPwKEjTJGAnxkWKURnbX7ifhjW8YUfyM C1+Xn81cW5bFNWO5xXKN9zZ6oVgwzGszyM6Xqo9BGVYpbGCWnXIFrDnJaxm0M1li UTUH5MYCzFgLLYa5bO2hkTtvKK/8Xtjlr0HeUyvrjc+5+aBC7AHHIF316UcBhZ8P qIHwoVr65ZU//qrElG3hLjgMewnrquhYkH0i5DyCeshAfXycQGGX/8vIT5V9zVXr q8qaPg9rBSNglxR62+DGodzXYv6WYAvRWugX3a7FHOnAmPja4/xnFxOPXhbsi8wG juONpOfYP7AIveUstqpw47FTmKi4Bd/YYNgDAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUVHg4WcptEIML1tZ/lVaJ5ybbWVEwHwYDVR0jBBgwFoAUDLBMxaazmxSN1xDv XG4/LZOAtFUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzAy Ni9ETEJNeGFhem14U04xeER2WEc0X0xaT0F0RlUuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0RMQk14YWF6bXhTTjF4RHZYRzRfTFpPQXRGVS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwMjYvVkhnNFdjcHRFSU1M MXRaX2xWYUo1eWJiV1ZFLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAGcrhjANBgkqhkiG9w0BAQsFAAOCAQEAYb1roeOtQgPhXQqiQ0FGMY5XWhza rhv7fiiwu/JcmK67/NPMAi8Uh1D5K1b4WxMryFKIJCVDMpNztvobFI0NXwVItwGB 3Jq6lNFvRsMfXuh6SXBNjJ7vix5alKwH/PRMv+2KQguEFwiXcXc/jg7mfpwP3XbE OD9M0Shm9A1DYw3abUU3dtu5cUuzPKi++nk86LCmSNyNifnWa1fNM2T1R9az8mBf +DjiK0zDn883h0vgDSTI9PuF+vBofWXC3rWbUc7nWrBTrJCbDI+9DlraKAyeRy/D pA7i4gJ2NEVHa0nE8zit1k+Gk6/tmLn/3U1dHaz9tubgPjkCUMBHXnB9pw== -----END CERTIFICATE-----Generated at Sun Aug 24 01:03:09 2025 by rpki-client