$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2329/KsqHOeCiWS2Kdpys1p-sTUFqm5Y.roa File: KsqHOeCiWS2Kdpys1p-sTUFqm5Y.roa (raw, json) Hash identifier: 7anzXk0SCWozouKyc26QDPQMlgqO7/eiugF+fh4EXQo= Subject key identifier: 2A:CA:87:39:E0:A2:59:2D:8A:76:9C:AC:D6:9F:AC:4D:41:6A:9B:96 Certificate issuer: /CN=EC10C93455759C659D2BB819FB07FF7063CECC32 Certificate serial: 2093 Authority key identifier: EC:10:C9:34:55:75:9C:65:9D:2B:B8:19:FB:07:FF:70:63:CE:CC:32 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/7BDJNFV1nGWdK7gZ-wf_cGPOzDI.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2329/KsqHOeCiWS2Kdpys1p-sTUFqm5Y.roa Signing time: Sat 13 Sep 2025 03:10:29 +0000 ROA not before: Sat 13 Sep 2025 03:10:29 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 140293 IP address blocks: 2404:6380::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2329/7BDJNFV1nGWdK7gZ-wf_cGPOzDI.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2329/7BDJNFV1nGWdK7gZ-wf_cGPOzDI.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/7BDJNFV1nGWdK7gZ-wf_cGPOzDI.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 21 Oct 2025 03:36:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8339 (0x2093) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=EC10C93455759C659D2BB819FB07FF7063CECC32 Validity Not Before: Sep 13 03:10:29 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=2ACA8739E0A2592D8A769CACD69FAC4D416A9B96 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:66:ee:b0:c5:f4:c0:74:4e:6e:7f:d9:86:4b: c0:7b:ce:01:c7:0d:59:23:57:77:d2:f0:b6:83:c2: 79:10:06:ce:0c:92:72:19:f6:18:d4:df:29:23:0a: 79:d0:92:cc:db:ef:8a:a6:44:3d:23:6c:a9:96:db: fc:74:06:77:df:cd:02:a3:1e:3a:fc:3f:ff:11:a2: cd:21:02:83:c5:62:5d:4f:3b:03:22:39:7c:33:94: 74:ba:4b:99:a0:e5:01:37:8f:89:b5:ba:71:c4:b8: f1:2c:b9:b0:a9:e9:3f:d7:9f:56:df:ae:98:ee:ba: 44:bf:4e:56:6d:b4:ab:d5:32:dc:bf:1f:4e:dc:8a: 11:92:3d:1d:34:64:a5:77:9a:6f:a6:0d:59:d1:e6: 1b:bc:5e:d3:b2:d9:c8:42:e5:0a:00:af:11:f8:93: 19:c1:5c:67:38:00:fc:c6:9f:f4:d2:a7:0a:a4:fb: d3:76:d5:46:1f:3f:a0:5c:97:8a:50:40:57:60:03: 9b:70:07:30:69:fd:d3:5e:07:a1:66:87:77:7a:6d: b3:76:ca:58:0c:9a:d5:fb:81:50:83:34:89:96:a6: 33:f8:54:9e:06:b2:cd:6e:b5:f8:69:14:e0:e5:65: 4d:5b:ec:a7:89:c1:47:8b:6d:ea:de:bf:f9:ed:7c: 5b:0d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2A:CA:87:39:E0:A2:59:2D:8A:76:9C:AC:D6:9F:AC:4D:41:6A:9B:96 X509v3 Authority Key Identifier: keyid:EC:10:C9:34:55:75:9C:65:9D:2B:B8:19:FB:07:FF:70:63:CE:CC:32 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2329/7BDJNFV1nGWdK7gZ-wf_cGPOzDI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/7BDJNFV1nGWdK7gZ-wf_cGPOzDI.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2329/KsqHOeCiWS2Kdpys1p-sTUFqm5Y.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2404:6380::/32 Signature Algorithm: sha256WithRSAEncryption 12:17:36:d2:af:c9:03:61:86:45:be:fd:9d:70:91:ae:77:48: 8a:1f:6b:c5:94:cf:01:4b:72:84:6f:1c:7f:25:2d:46:f2:ca: 03:03:63:fd:59:b1:e0:cb:6e:33:45:f4:93:58:80:e4:ec:72: d2:21:15:fe:b4:9a:b0:7f:8f:58:f2:b1:6c:be:1c:cb:36:18: cd:31:e4:4d:e8:1a:46:0e:ee:66:3a:eb:4f:6e:04:9d:b2:3f: c3:e9:82:9f:89:55:22:86:3c:59:67:f5:e4:57:99:c5:9d:e6: b7:1f:31:1e:ed:4d:32:b3:0f:ee:96:20:5c:23:b8:a2:51:c3: 80:a3:ab:a4:28:d5:e9:2f:65:55:a0:f9:03:52:98:5b:ab:41: 9a:ba:d4:a0:5a:b5:49:db:ea:60:1b:c8:54:25:3b:eb:e7:69: 54:8a:b6:51:8d:31:e2:68:55:d2:ca:9d:2e:0a:32:55:a8:34: ed:a5:64:07:65:d8:e3:cf:d6:9d:21:93:53:0c:cd:22:c6:7c: 6f:5f:ed:bc:ba:14:39:c1:33:13:09:49:29:cd:e6:d1:5f:12: 57:45:3f:7e:de:8b:be:8d:42:ac:75:a0:90:ff:41:c7:96:5a: 37:f3:d4:e9:22:ad:45:97:f4:9d:f6:5d:d6:56:62:36:89:79: 46:de:8c:0c -----BEGIN CERTIFICATE----- MIIE2DCCA8CgAwIBAgICIJMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUMx MEM5MzQ1NTc1OUM2NTlEMkJCODE5RkIwN0ZGNzA2M0NFQ0MzMjAeFw0yNTA5MTMw MzEwMjlaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDJBQ0E4NzM5RTBBMjU5 MkQ4QTc2OUNBQ0Q2OUZBQzRENDE2QTlCOTYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCoZu6wxfTAdE5uf9mGS8B7zgHHDVkjV3fS8LaDwnkQBs4MknIZ 9hjU3ykjCnnQkszb74qmRD0jbKmW2/x0BnffzQKjHjr8P/8Ros0hAoPFYl1POwMi OXwzlHS6S5mg5QE3j4m1unHEuPEsubCp6T/Xn1bfrpjuukS/TlZttKvVMty/H07c ihGSPR00ZKV3mm+mDVnR5hu8XtOy2chC5QoArxH4kxnBXGc4APzGn/TSpwqk+9N2 1UYfP6Bcl4pQQFdgA5twBzBp/dNeB6Fmh3d6bbN2ylgMmtX7gVCDNImWpjP4VJ4G ss1utfhpFODlZU1b7KeJwUeLberev/ntfFsNAgMBAAGjggH0MIIB8DAdBgNVHQ4E FgQUKsqHOeCiWS2Kdpys1p+sTUFqm5YwHwYDVR0jBBgwFoAU7BDJNFV1nGWdK7gZ +wf/cGPOzDIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjMy OS83QkRKTkZWMW5HV2RLN2daLXdmX2NHUE96REkuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwLzdCREpORlYxbkdXZEs3Z1otd2ZfY0dQT3pESS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzIzMjkvS3NxSE9lQ2lXUzJL ZHB5czFwLXNUVUZxbTVZLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIw BwMFACQEY4AwDQYJKoZIhvcNAQELBQADggEBABIXNtKvyQNhhkW+/Z1wka53SIof a8WUzwFLcoRvHH8lLUbyygMDY/1ZseDLbjNF9JNYgOTsctIhFf60mrB/j1jysWy+ HMs2GM0x5E3oGkYO7mY6609uBJ2yP8Ppgp+JVSKGPFln9eRXmcWd5rcfMR7tTTKz D+6WIFwjuKJRw4Cjq6Qo1ekvZVWg+QNSmFurQZq61KBatUnb6mAbyFQlO+vnaVSK tlGNMeJoVdLKnS4KMlWoNO2lZAdl2OPP1p0hk1MMzSLGfG9f7by6FDnBMxMJSSnN 5tFfEldFP37ei76NQqx1oJD/QceWWjfz1OkirUWX9J32XdZWYjaJeUbejAw= -----END CERTIFICATE-----Generated at Tue Oct 21 01:27:24 2025 by rpki-client