$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/817/dMg81dJyDLTZAnYJU0WxWdJVUS4.roa File: dMg81dJyDLTZAnYJU0WxWdJVUS4.roa (raw, json) Hash identifier: tooM331r1Rv3XuaGf7Zx8W2ojg4PG/F0bUiAOpl/GwI= Subject key identifier: 74:C8:3C:D5:D2:72:0C:B4:D9:02:76:09:53:45:B1:59:D2:55:51:2E Certificate issuer: /CN=2A711AA7DC60049B0B0D884897E015B1171F37B9 Certificate serial: 2193 Authority key identifier: 2A:71:1A:A7:DC:60:04:9B:0B:0D:88:48:97:E0:15:B1:17:1F:37:B9 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/dMg81dJyDLTZAnYJU0WxWdJVUS4.roa Signing time: Fri 29 Aug 2025 09:05:28 +0000 ROA not before: Fri 29 Aug 2025 09:05:28 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 4808 IP address blocks: 117.50.32.0/19 maxlen: 19 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/KnEap9xgBJsLDYhIl-AVsRcfN7k.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/KnEap9xgBJsLDYhIl-AVsRcfN7k.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 07 Sep 2025 05:34:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8595 (0x2193) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2A711AA7DC60049B0B0D884897E015B1171F37B9 Validity Not Before: Aug 29 09:05:28 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=74C83CD5D2720CB4D90276095345B159D255512E Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:db:c4:4e:34:8e:63:3b:2c:02:49:42:bd:df:36: fc:f1:6f:3c:f9:36:98:9a:83:66:a0:63:3a:b4:d1: 71:c1:cc:65:8d:33:bd:ec:ff:55:65:98:f1:d7:bb: 26:59:77:54:25:ff:b6:e9:ac:a6:63:10:a2:d8:76: 07:fd:63:87:52:21:9a:ae:c1:34:cc:a6:71:06:49: 87:05:5a:e2:bb:b2:da:b9:16:7a:01:00:8f:65:f7: 1a:e2:49:36:e3:14:52:2d:6f:e5:37:d0:bd:5d:33: f3:f7:7f:12:5e:5c:d6:58:c1:02:1b:0c:7e:ab:44: 63:e2:8f:22:f7:0e:42:7d:c0:35:30:5d:9f:76:09: d4:5c:55:9d:db:aa:7a:74:8c:39:87:d8:37:8c:73: 87:9f:3d:be:dc:58:5c:25:91:89:b7:82:af:a5:3e: 7e:31:75:82:f4:06:b2:a9:ff:5c:70:b2:17:63:33: 89:53:99:bf:e8:91:33:1d:c6:37:f9:44:cf:4a:32: 2a:6d:f2:2a:ca:20:c2:5b:3d:49:aa:c8:10:02:7b: 04:b7:ba:aa:6a:64:74:81:96:4f:dc:94:01:91:97: 9f:7d:57:26:ef:e7:dc:21:2d:6c:dc:55:d6:81:a5: 9c:f2:99:11:a3:f4:5e:51:58:57:71:17:b9:58:90: 1d:07 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 74:C8:3C:D5:D2:72:0C:B4:D9:02:76:09:53:45:B1:59:D2:55:51:2E X509v3 Authority Key Identifier: keyid:2A:71:1A:A7:DC:60:04:9B:0B:0D:88:48:97:E0:15:B1:17:1F:37:B9 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/KnEap9xgBJsLDYhIl-AVsRcfN7k.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/dMg81dJyDLTZAnYJU0WxWdJVUS4.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 117.50.32.0/19 Signature Algorithm: sha256WithRSAEncryption 1b:d5:cf:24:41:c1:9b:5c:87:00:11:b0:a7:52:3b:5e:21:05: 1f:a3:b2:56:b7:15:e1:8b:8d:f3:75:e9:78:3e:96:cc:58:59: 1d:83:2b:89:31:6f:77:88:06:94:fa:1c:65:2f:de:ce:0b:34: f7:92:78:24:87:48:7b:57:3d:20:c5:18:71:ab:07:f5:e4:5e: 86:93:54:54:0c:67:ab:92:22:55:48:05:b6:b5:3b:5a:53:7e: 41:31:d4:bb:53:c8:28:a6:ca:5d:1a:f9:cc:29:12:52:69:6f: 58:55:5f:52:66:1d:db:86:e8:7a:35:6f:82:db:5c:df:da:fa: a2:9c:42:b4:51:c0:e5:f2:44:e8:31:dc:2e:9d:cf:0d:1c:3e: 74:5c:8d:4c:81:d6:84:6a:85:c4:d6:ff:7a:62:47:b3:92:74: 7d:a9:20:ac:23:db:15:90:a7:14:ba:6c:8c:8d:1e:aa:a6:c6: a5:40:98:a2:86:88:a2:0e:23:55:1d:39:68:97:22:13:30:22: 79:1d:bc:e4:75:7a:c1:b9:a8:d4:af:c6:9f:4d:65:59:47:b4: 6f:67:4d:5c:8c:03:a3:9c:b1:4a:ba:1b:5d:78:f5:b9:ba:af: 68:f1:2f:c3:d4:82:b7:c5:c4:39:f5:e4:d3:50:7b:3d:dc:dd: 2a:c3:8e:3e -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICIZMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkE3 MTFBQTdEQzYwMDQ5QjBCMEQ4ODQ4OTdFMDE1QjExNzFGMzdCOTAeFw0yNTA4Mjkw OTA1MjhaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDc0QzgzQ0Q1RDI3MjBD QjREOTAyNzYwOTUzNDVCMTU5RDI1NTUxMkUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDbxE40jmM7LAJJQr3fNvzxbzz5Npiag2agYzq00XHBzGWNM73s /1VlmPHXuyZZd1Ql/7bprKZjEKLYdgf9Y4dSIZquwTTMpnEGSYcFWuK7stq5FnoB AI9l9xriSTbjFFItb+U30L1dM/P3fxJeXNZYwQIbDH6rRGPijyL3DkJ9wDUwXZ92 CdRcVZ3bqnp0jDmH2DeMc4efPb7cWFwlkYm3gq+lPn4xdYL0BrKp/1xwshdjM4lT mb/okTMdxjf5RM9KMipt8irKIMJbPUmqyBACewS3uqpqZHSBlk/clAGRl599Vybv 59whLWzcVdaBpZzymRGj9F5RWFdxF7lYkB0HAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUdMg81dJyDLTZAnYJU0WxWdJVUS4wHwYDVR0jBBgwFoAUKnEap9xgBJsLDYhI l+AVsRcfN7kwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODE3 L0tuRWFwOXhnQkpzTERZaElsLUFWc1JjZk43ay5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvS25FYXA5eGdCSnNMRFloSWwtQVZzUmNmTjdrLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODE3L2RNZzgxZEp5RExUWkFu WUpVMFd4V2RKVlVTNC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAV1MiAwDQYJKoZIhvcNAQELBQADggEBABvVzyRBwZtchwARsKdSO14hBR+jsla3 FeGLjfN16Xg+lsxYWR2DK4kxb3eIBpT6HGUv3s4LNPeSeCSHSHtXPSDFGHGrB/Xk XoaTVFQMZ6uSIlVIBba1O1pTfkEx1LtTyCimyl0a+cwpElJpb1hVX1JmHduG6Ho1 b4LbXN/a+qKcQrRRwOXyROgx3C6dzw0cPnRcjUyB1oRqhcTW/3piR7OSdH2pIKwj 2xWQpxS6bIyNHqqmxqVAmKKGiKIOI1UdOWiXIhMwInkdvOR1esG5qNSvxp9NZVlH tG9nTVyMA6OcsUq6G1149bm6r2jxL8PUgrfFxDn15NNQez3c3SrDjj4= -----END CERTIFICATE-----Generated at Sun Sep 7 03:30:46 2025 by rpki-client