$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2927/lu1UgSiwp4RysBIY-lj2wu1sIc8.roa File: lu1UgSiwp4RysBIY-lj2wu1sIc8.roa (raw, json) Hash identifier: Q3irGM0iTdovO+A6esg6rmX7G2AjOKvXUAz5W48cvzQ= Subject key identifier: 96:ED:54:81:28:B0:A7:84:72:B0:12:18:FA:58:F6:C2:ED:6C:21:CF Certificate issuer: /CN=73D211D5B210E3B196054DB71892D8E38A4E09EF Certificate serial: 04F7 Authority key identifier: 73:D2:11:D5:B2:10:E3:B1:96:05:4D:B7:18:92:D8:E3:8A:4E:09:EF Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/c9IR1bIQ47GWBU23GJLY44pOCe8.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2927/lu1UgSiwp4RysBIY-lj2wu1sIc8.roa Signing time: Thu 05 Mar 2026 02:15:26 +0000 ROA not before: Thu 05 Mar 2026 02:15:26 +0000 ROA not after: Sat 09 Jan 2027 08:23:18 +0000 asID: 131574 IP address blocks: 43.249.168.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2927/c9IR1bIQ47GWBU23GJLY44pOCe8.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2927/c9IR1bIQ47GWBU23GJLY44pOCe8.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/c9IR1bIQ47GWBU23GJLY44pOCe8.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 06 Mar 2026 03:59:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1271 (0x4f7) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=73D211D5B210E3B196054DB71892D8E38A4E09EF Validity Not Before: Mar 5 02:15:26 2026 GMT Not After : Jan 9 08:23:18 2027 GMT Subject: CN=96ED548128B0A78472B01218FA58F6C2ED6C21CF Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9e:05:31:92:03:b0:b8:44:f5:d4:36:90:bc:dc: 35:9b:2f:97:13:c8:bd:80:52:d7:41:ae:7b:51:0e: 0e:5d:26:b4:fc:5e:f0:7a:3a:a9:27:e2:40:c2:4e: 40:51:55:54:36:43:1a:a3:46:17:e6:6a:52:73:18: 8b:06:96:0c:7c:24:60:a9:da:13:c6:be:be:ab:d3: 13:7b:b7:93:fb:92:be:0b:92:6d:79:fa:6f:b9:1c: 20:1b:9f:b2:3d:94:f6:c2:a3:65:ec:1f:fc:27:57: 8c:3c:0d:88:fc:fb:c7:05:15:46:c7:ce:76:3b:9a: b6:cb:5e:a9:75:d8:69:d8:77:73:1b:2d:95:bb:e2: 43:00:1c:49:6f:90:82:32:0d:31:94:35:d3:a3:03: 72:e5:db:16:fb:ac:c1:5c:41:4b:12:f0:63:f5:5f: 6e:0c:0d:a6:cf:6f:b7:8f:6c:18:ab:3f:23:30:58: 66:2e:cb:45:03:e4:2c:e9:41:0b:c2:54:b4:0e:29: e4:05:f7:1e:22:d7:25:8a:97:b8:74:c0:44:af:ff: 34:45:4e:1d:c6:32:01:25:20:6a:b3:7b:98:42:12: 25:3a:10:1e:ac:c4:8a:01:e7:28:ef:54:32:0b:49: 4a:3c:18:84:77:c7:96:12:37:bb:7e:40:de:f2:e5: 18:d7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 96:ED:54:81:28:B0:A7:84:72:B0:12:18:FA:58:F6:C2:ED:6C:21:CF X509v3 Authority Key Identifier: keyid:73:D2:11:D5:B2:10:E3:B1:96:05:4D:B7:18:92:D8:E3:8A:4E:09:EF X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2927/c9IR1bIQ47GWBU23GJLY44pOCe8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/c9IR1bIQ47GWBU23GJLY44pOCe8.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2927/lu1UgSiwp4RysBIY-lj2wu1sIc8.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 43.249.168.0/23 Signature Algorithm: sha256WithRSAEncryption c0:ba:f6:0a:cf:42:e6:46:da:20:e8:73:b2:2e:51:ca:4f:02: ea:81:d5:4c:0e:b2:3a:8d:a3:66:93:6d:97:72:6f:d9:ae:83: f3:83:78:c2:f0:96:69:ca:76:8a:19:80:c0:3c:a5:bc:c7:30: 52:43:b2:35:04:c0:53:8c:99:67:6e:17:a6:6a:09:92:ca:b1: 08:93:cb:ce:52:cc:e4:22:e6:36:56:5e:b4:76:ea:b8:38:17: 79:b1:8a:57:22:f6:a8:e9:58:5f:4d:be:5f:74:04:13:43:d3: e0:29:29:e0:a2:7c:cd:fe:78:f1:11:ff:7e:99:07:84:df:a5: 96:a5:12:d3:55:39:ee:69:f2:65:6f:93:b0:72:60:95:99:bf: 29:f2:29:01:1c:48:95:9b:e8:41:b8:4a:f8:34:8d:a9:cc:f1: 9f:e4:c5:37:74:b6:25:c7:9c:da:7d:80:13:ef:37:31:fb:69: 48:28:ca:ad:ef:d3:e8:84:38:ff:8d:0e:cd:4d:6b:a0:28:fe: 0d:52:bc:87:17:cf:9c:4a:23:ed:b4:f7:8f:cc:d8:92:72:f0: 37:76:2e:bb:51:a3:91:d4:59:c3:15:c9:be:85:8b:62:b6:56: fc:f6:a3:9e:70:c9:bb:45:d5:8a:17:56:12:94:87:1e:35:98: cc:8f:7f:37 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICBPcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzNE MjExRDVCMjEwRTNCMTk2MDU0REI3MTg5MkQ4RTM4QTRFMDlFRjAeFw0yNjAzMDUw MjE1MjZaFw0yNzAxMDkwODIzMThaMDMxMTAvBgNVBAMTKDk2RUQ1NDgxMjhCMEE3 ODQ3MkIwMTIxOEZBNThGNkMyRUQ2QzIxQ0YwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCeBTGSA7C4RPXUNpC83DWbL5cTyL2AUtdBrntRDg5dJrT8XvB6 Oqkn4kDCTkBRVVQ2QxqjRhfmalJzGIsGlgx8JGCp2hPGvr6r0xN7t5P7kr4Lkm15 +m+5HCAbn7I9lPbCo2XsH/wnV4w8DYj8+8cFFUbHznY7mrbLXql12GnYd3MbLZW7 4kMAHElvkIIyDTGUNdOjA3Ll2xb7rMFcQUsS8GP1X24MDabPb7ePbBirPyMwWGYu y0UD5CzpQQvCVLQOKeQF9x4i1yWKl7h0wESv/zRFTh3GMgElIGqze5hCEiU6EB6s xIoB5yjvVDILSUo8GIR3x5YSN7t+QN7y5RjXAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUlu1UgSiwp4RysBIY+lj2wu1sIc8wHwYDVR0jBBgwFoAUc9IR1bIQ47GWBU23 GJLY44pOCe8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjky Ny9jOUlSMWJJUTQ3R1dCVTIzR0pMWTQ0cE9DZTguY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL2M5SVIxYklRNDdHV0JVMjNHSkxZNDRwT0NlOC5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI5MjcvbHUxVWdTaXdwNFJ5 c0JJWS1sajJ3dTFzSWM4LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEASv5qDANBgkqhkiG9w0BAQsFAAOCAQEAwLr2Cs9C5kbaIOhzsi5Ryk8C6oHV TA6yOo2jZpNtl3Jv2a6D84N4wvCWacp2ihmAwDylvMcwUkOyNQTAU4yZZ24XpmoJ ksqxCJPLzlLM5CLmNlZetHbquDgXebGKVyL2qOlYX02+X3QEE0PT4Ckp4KJ8zf54 8RH/fpkHhN+llqUS01U57mnyZW+TsHJglZm/KfIpARxIlZvoQbhK+DSNqczxn+TF N3S2Jcec2n2AE+83MftpSCjKre/T6IQ4/40OzU1roCj+DVK8hxfPnEoj7bT3j8zY knLwN3Yuu1GjkdRZwxXJvoWLYrZW/PajnnDJu0XVihdWEpSHHjWYzI9/Nw== -----END CERTIFICATE-----Generated at Fri Mar 6 02:24:58 2026 by rpki-client