$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3044/kgr_tJuAU5aMehi8A24HieBDxYE.roa File: kgr_tJuAU5aMehi8A24HieBDxYE.roa (raw, json) Hash identifier: ++UAW4qrbMj7dzNdeU+MFu8S71u7vkpSDDRcD6UxGsk= Subject key identifier: 92:0A:FF:B4:9B:80:53:96:8C:7A:18:BC:03:6E:07:89:E0:43:C5:81 Certificate issuer: /CN=B08B918D2D45B6371ACB9770743553D1BF224708 Certificate serial: 21D1 Authority key identifier: B0:8B:91:8D:2D:45:B6:37:1A:CB:97:70:74:35:53:D1:BF:22:47:08 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/sIuRjS1Ftjcay5dwdDVT0b8iRwg.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/kgr_tJuAU5aMehi8A24HieBDxYE.roa Signing time: Sat 13 Sep 2025 03:09:01 +0000 ROA not before: Sat 13 Sep 2025 03:09:01 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 4811 IP address blocks: 14.103.96.0/21 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/sIuRjS1Ftjcay5dwdDVT0b8iRwg.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/sIuRjS1Ftjcay5dwdDVT0b8iRwg.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/sIuRjS1Ftjcay5dwdDVT0b8iRwg.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 18:07:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8657 (0x21d1) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=B08B918D2D45B6371ACB9770743553D1BF224708 Validity Not Before: Sep 13 03:09:01 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=920AFFB49B8053968C7A18BC036E0789E043C581 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:b4:f8:c9:e8:e3:af:3d:3b:17:bf:46:5d:f6: 2c:97:51:d2:67:9b:69:fa:6b:e1:e9:20:79:17:39: 58:dc:29:9a:32:54:5c:79:b7:60:4a:bc:28:15:b1: 07:80:d3:d5:df:48:68:d8:4a:61:f4:b9:50:21:fe: 0c:a9:bc:88:8b:67:42:fb:05:90:4f:34:bf:c2:9e: e3:9a:dd:c4:f4:49:41:e0:a1:86:5b:ee:c3:ed:48: 1f:39:e3:d5:cb:32:f9:a7:6a:a9:39:76:53:de:1d: 62:c6:a5:97:c2:79:d2:a9:41:03:6f:90:36:bb:73: f2:2e:1b:2a:e1:aa:b8:a5:78:f2:23:43:55:29:6d: 68:74:8c:62:94:83:83:8c:3f:70:e8:b1:0b:05:e9: 2c:61:42:53:5f:ae:0f:47:48:02:b9:4a:a3:b4:41: f3:70:be:f6:37:7a:5a:0e:eb:f1:58:1c:70:d1:e4: 44:38:68:c1:cb:9b:c9:a3:65:aa:db:53:61:22:dc: 64:9c:84:d7:d5:21:8a:64:08:d2:e1:0a:e0:41:90: 36:f6:7f:bf:1d:23:c6:54:d4:87:d3:2c:1b:be:3b: 02:b9:1a:d1:d4:3c:9c:05:7a:99:68:fd:96:59:4b: 6b:e2:40:b0:44:26:5a:f5:9c:c3:89:70:cc:78:cd: 4b:ad Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 92:0A:FF:B4:9B:80:53:96:8C:7A:18:BC:03:6E:07:89:E0:43:C5:81 X509v3 Authority Key Identifier: keyid:B0:8B:91:8D:2D:45:B6:37:1A:CB:97:70:74:35:53:D1:BF:22:47:08 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/sIuRjS1Ftjcay5dwdDVT0b8iRwg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/sIuRjS1Ftjcay5dwdDVT0b8iRwg.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/kgr_tJuAU5aMehi8A24HieBDxYE.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 14.103.96.0/21 Signature Algorithm: sha256WithRSAEncryption 0b:25:28:96:61:7a:5c:16:29:ec:4a:24:78:15:02:15:5b:89: d8:29:7d:ba:c6:5d:48:cd:48:a3:05:f0:38:bd:3f:1b:c8:53: 03:e7:0f:78:db:c3:56:87:e7:52:4c:f1:a9:80:0d:d4:de:d5: 95:5a:52:79:3a:0e:94:31:09:10:2b:bb:52:08:de:a4:22:11: 05:01:27:74:84:06:92:6d:b4:61:ec:5c:08:21:dd:d4:0a:59: 6f:bb:d9:f1:13:ae:bd:61:bf:6c:5f:95:89:c2:a9:5b:72:fc: db:57:01:56:1e:70:a5:96:b2:1a:27:c1:f8:0f:75:3e:8f:08: 10:9c:3e:4c:df:26:2c:8b:24:99:57:52:34:aa:c7:bc:97:3b: f2:56:fc:68:38:fa:9a:8b:74:87:13:64:4f:35:07:49:b1:2d: 50:53:d6:50:68:68:25:e2:bd:97:66:4f:d3:2d:77:f2:5d:e7: 34:3d:17:72:d6:d0:f4:54:8e:63:c0:9b:a2:f1:cc:97:4c:2f: b9:ac:67:f7:d5:b4:d9:68:5d:60:77:13:0a:1e:7e:85:96:e9: 4e:9d:b4:fe:66:2a:43:13:07:3e:d7:c2:08:2c:51:06:bf:5b: 08:c5:5d:dc:0f:e9:a2:94:32:70:ec:65:d2:54:c0:84:d0:72: 95:8b:56:73 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICIdEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQjA4 QjkxOEQyRDQ1QjYzNzFBQ0I5NzcwNzQzNTUzRDFCRjIyNDcwODAeFw0yNTA5MTMw MzA5MDFaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDkyMEFGRkI0OUI4MDUz OTY4QzdBMThCQzAzNkUwNzg5RTA0M0M1ODEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDHtPjJ6OOvPTsXv0Zd9iyXUdJnm2n6a+HpIHkXOVjcKZoyVFx5 t2BKvCgVsQeA09XfSGjYSmH0uVAh/gypvIiLZ0L7BZBPNL/CnuOa3cT0SUHgoYZb 7sPtSB8549XLMvmnaqk5dlPeHWLGpZfCedKpQQNvkDa7c/IuGyrhqrilePIjQ1Up bWh0jGKUg4OMP3DosQsF6SxhQlNfrg9HSAK5SqO0QfNwvvY3eloO6/FYHHDR5EQ4 aMHLm8mjZarbU2Ei3GSchNfVIYpkCNLhCuBBkDb2f78dI8ZU1IfTLBu+OwK5GtHU PJwFeplo/ZZZS2viQLBEJlr1nMOJcMx4zUutAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUkgr/tJuAU5aMehi8A24HieBDxYEwHwYDVR0jBBgwFoAUsIuRjS1Ftjcay5dw dDVT0b8iRwgwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA0 NC9zSXVSalMxRnRqY2F5NWR3ZERWVDBiOGlSd2cuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL3NJdVJqUzFGdGpjYXk1ZHdkRFZUMGI4aVJ3Zy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwNDQva2dyX3RKdUFVNWFN ZWhpOEEyNEhpZUJEeFlFLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAw5nYDANBgkqhkiG9w0BAQsFAAOCAQEACyUolmF6XBYp7EokeBUCFVuJ2Cl9 usZdSM1IowXwOL0/G8hTA+cPeNvDVofnUkzxqYAN1N7VlVpSeToOlDEJECu7Ugje pCIRBQEndIQGkm20YexcCCHd1ApZb7vZ8ROuvWG/bF+VicKpW3L821cBVh5wpZay GifB+A91Po8IEJw+TN8mLIskmVdSNKrHvJc78lb8aDj6mot0hxNkTzUHSbEtUFPW UGhoJeK9l2ZP0y138l3nND0XctbQ9FSOY8CbovHMl0wvuaxn99W02WhdYHcTCh5+ hZbpTp20/mYqQxMHPtfCCCxRBr9bCMVd3A/popQycOxl0lTAhNBylYtWcw== -----END CERTIFICATE-----Generated at Mon Oct 20 16:22:25 2025 by rpki-client