$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2927/KrPweUb8poxWQmE7_awOEyT67Gc.roa File: KrPweUb8poxWQmE7_awOEyT67Gc.roa (raw, json) Hash identifier: s3dVFoe3qVPclEdRNZFKTj1ouy/vges/T+hgAPxNUYc= Subject key identifier: 2A:B3:F0:79:46:FC:A6:8C:56:42:61:3B:FD:AC:0E:13:24:FA:EC:67 Certificate issuer: /CN=73D211D5B210E3B196054DB71892D8E38A4E09EF Certificate serial: 0B Authority key identifier: 73:D2:11:D5:B2:10:E3:B1:96:05:4D:B7:18:92:D8:E3:8A:4E:09:EF Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/c9IR1bIQ47GWBU23GJLY44pOCe8.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2927/KrPweUb8poxWQmE7_awOEyT67Gc.roa Signing time: Wed 25 Jun 2025 02:40:32 +0000 ROA not before: Wed 25 Jun 2025 02:40:32 +0000 ROA not after: Thu 25 Jun 2026 02:35:12 +0000 asID: 134760 IP address blocks: 103.41.2.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2927/c9IR1bIQ47GWBU23GJLY44pOCe8.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2927/c9IR1bIQ47GWBU23GJLY44pOCe8.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/c9IR1bIQ47GWBU23GJLY44pOCe8.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 04 Jul 2025 13:18:22 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 11 (0xb) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=73D211D5B210E3B196054DB71892D8E38A4E09EF Validity Not Before: Jun 25 02:40:32 2025 GMT Not After : Jun 25 02:35:12 2026 GMT Subject: CN=2AB3F07946FCA68C5642613BFDAC0E1324FAEC67 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ed:4e:a8:f2:b1:8f:01:f9:69:ff:ba:14:00:89: 04:0e:a2:d8:16:db:e0:db:3f:c6:dc:4d:c0:1b:dd: fd:29:ee:52:e6:87:60:31:bd:d6:14:7e:f3:2b:63: 55:59:2f:f1:6b:8c:28:ed:51:c0:d6:f5:f9:f5:8b: e5:bd:18:9f:6a:4c:5a:c6:ec:34:9c:4d:6c:63:98: fc:eb:dd:59:9f:07:d6:82:2c:f2:a6:01:33:d6:1a: d4:ff:a4:37:57:b8:5a:db:2d:50:fa:0a:c3:77:f9: 39:b0:ed:d1:c9:f1:88:b6:3f:c2:14:75:44:9c:ee: 82:6b:6c:3e:01:94:3c:ec:53:33:dc:f7:df:77:29: be:6f:ea:d2:d0:5c:5a:d4:f2:09:ec:30:a7:f9:f2: 19:53:87:71:d5:90:f2:39:58:97:96:4c:71:0f:0b: 2d:6d:e2:34:ed:7c:61:de:46:ed:af:3e:5f:40:b1: c9:6a:3a:a7:42:29:14:40:70:2f:cf:da:87:36:07: 4f:f9:7e:1d:3a:96:56:ad:9a:17:79:7b:e1:db:28: aa:69:47:c2:bc:4a:7a:f9:31:af:af:8f:53:44:fd: 04:4f:4e:d9:cf:cd:64:f9:3c:7d:28:3b:3b:66:24: 80:57:c4:82:df:24:2b:01:b3:2a:b9:9e:b1:0d:e4: 5f:59 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2A:B3:F0:79:46:FC:A6:8C:56:42:61:3B:FD:AC:0E:13:24:FA:EC:67 X509v3 Authority Key Identifier: keyid:73:D2:11:D5:B2:10:E3:B1:96:05:4D:B7:18:92:D8:E3:8A:4E:09:EF X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2927/c9IR1bIQ47GWBU23GJLY44pOCe8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/c9IR1bIQ47GWBU23GJLY44pOCe8.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2927/KrPweUb8poxWQmE7_awOEyT67Gc.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.41.2.0/24 Signature Algorithm: sha256WithRSAEncryption 9c:42:c3:41:7b:58:02:4c:a9:41:96:e1:53:3b:36:94:cb:c2: ff:dd:85:b3:1b:f6:f3:6c:c8:9f:52:07:1c:b1:2e:c5:6f:6a: 10:c3:6b:86:2a:e5:e5:7d:1d:56:3f:1c:31:0b:e1:c0:32:e6: 8f:84:d1:90:40:cd:57:bb:13:73:29:f6:56:04:a4:84:68:3e: 16:50:8c:e7:61:4b:1d:77:88:c3:04:92:eb:92:e2:f7:50:31: c9:a7:66:16:4f:b9:a3:71:e5:af:f7:ac:5b:e8:40:b9:b4:95: ee:42:fb:43:5b:a0:11:3e:ce:f5:b7:d5:f7:67:79:ee:b7:5d: d5:9d:da:68:c2:75:34:6a:c2:10:99:7f:22:85:ed:f0:e7:8e: c3:25:cf:96:91:c5:cf:5c:09:d0:4d:19:5d:06:4a:60:c5:17: cb:ac:71:cb:3d:db:04:20:ba:7e:bd:76:3a:1e:43:fe:42:fe: b3:74:34:61:bf:c6:df:4f:d3:d2:9d:91:43:7d:92:13:c9:f6: 2a:eb:12:35:4f:b8:a3:36:d6:e1:2f:24:2c:c5:3a:77:c6:d5: ee:30:21:d1:3e:ed:1a:70:ad:31:cf:af:d5:13:49:8e:0a:23: be:be:15:8c:4e:73:a9:63:cb:4d:55:13:0f:cc:9b:f9:63:0b: 7a:98:ae:f0 -----BEGIN CERTIFICATE----- MIIE1jCCA76gAwIBAgIBCzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3M0Qy MTFENUIyMTBFM0IxOTYwNTREQjcxODkyRDhFMzhBNEUwOUVGMB4XDTI1MDYyNTAy NDAzMloXDTI2MDYyNTAyMzUxMlowMzExMC8GA1UEAxMoMkFCM0YwNzk0NkZDQTY4 QzU2NDI2MTNCRkRBQzBFMTMyNEZBRUM2NzCCASIwDQYJKoZIhvcNAQEBBQADggEP ADCCAQoCggEBAO1OqPKxjwH5af+6FACJBA6i2Bbb4Ns/xtxNwBvd/SnuUuaHYDG9 1hR+8ytjVVkv8WuMKO1RwNb1+fWL5b0Yn2pMWsbsNJxNbGOY/OvdWZ8H1oIs8qYB M9Ya1P+kN1e4WtstUPoKw3f5ObDt0cnxiLY/whR1RJzugmtsPgGUPOxTM9z333cp vm/q0tBcWtTyCewwp/nyGVOHcdWQ8jlYl5ZMcQ8LLW3iNO18Yd5G7a8+X0CxyWo6 p0IpFEBwL8/ahzYHT/l+HTqWVq2aF3l74dsoqmlHwrxKevkxr6+PU0T9BE9O2c/N ZPk8fSg7O2YkgFfEgt8kKwGzKrmesQ3kX1kCAwEAAaOCAfMwggHvMB0GA1UdDgQW BBQqs/B5RvymjFZCYTv9rA4TJPrsZzAfBgNVHSMEGDAWgBRz0hHVshDjsZYFTbcY ktjjik4J7zAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMF0GA1UdHwRWMFQwUqBQ oE6GTHJzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC8yOTI3 L2M5SVIxYklRNDdHV0JVMjNHSkxZNDRwT0NlOC5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvYzlJUjFiSVE0N0dXQlUyM0dKTFk0NHBPQ2U4LmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZ0GCCsGAQUFBwELBIGQMIGNMFgGCCsGAQUFBzALhkxyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjkyNy9LclB3ZVViOHBveFdR bUU3X2F3T0V5VDY3R2Mucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25u aWMuY24vcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQAZykCMA0GCSqGSIb3DQEBCwUAA4IBAQCcQsNBe1gCTKlBluFTOzaUy8L/3YWz G/bzbMifUgccsS7Fb2oQw2uGKuXlfR1WPxwxC+HAMuaPhNGQQM1XuxNzKfZWBKSE aD4WUIznYUsdd4jDBJLrkuL3UDHJp2YWT7mjceWv96xb6EC5tJXuQvtDW6ARPs71 t9X3Z3nut13VndpownU0asIQmX8ihe3w547DJc+WkcXPXAnQTRldBkpgxRfLrHHL PdsEILp+vXY6HkP+Qv6zdDRhv8bfT9PSnZFDfZITyfYq6xI1T7ijNtbhLyQsxTp3 xtXuMCHRPu0acK0xz6/VE0mOCiO+vhWMTnOpY8tNVRMPzJv5Ywt6mK7w -----END CERTIFICATE-----Generated at Fri Jul 4 11:56:03 2025 by rpki-client