$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/33/KQrbdjY6WODTjDcCcWrfAl6hjMs.roa File: KQrbdjY6WODTjDcCcWrfAl6hjMs.roa (raw, json) Hash identifier: AJVHleZ6BxIneRxMEW5UKyACeA4dCm8jrN2DxPNU5Fg= Subject key identifier: 29:0A:DB:76:36:3A:58:E0:D3:8C:37:02:71:6A:DF:02:5E:A1:8C:CB Certificate issuer: /CN=2C0314DFDED41AB611D99F542063982FE38080BA Certificate serial: 0A6B Authority key identifier: 2C:03:14:DF:DE:D4:1A:B6:11:D9:9F:54:20:63:98:2F:E3:80:80:BA Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LAMU397UGrYR2Z9UIGOYL-OAgLo.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/33/KQrbdjY6WODTjDcCcWrfAl6hjMs.roa Signing time: Sat 13 Sep 2025 03:03:18 +0000 ROA not before: Sat 13 Sep 2025 03:03:18 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 7641 IP address blocks: 42.204.0.0/14 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/33/LAMU397UGrYR2Z9UIGOYL-OAgLo.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/33/LAMU397UGrYR2Z9UIGOYL-OAgLo.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LAMU397UGrYR2Z9UIGOYL-OAgLo.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 08:34:44 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2667 (0xa6b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2C0314DFDED41AB611D99F542063982FE38080BA Validity Not Before: Sep 13 03:03:18 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=290ADB76363A58E0D38C3702716ADF025EA18CCB Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:7f:c7:57:04:e9:8e:26:73:3a:f8:34:3c:33: 9d:5b:c6:ef:76:eb:4a:39:a8:74:58:75:1c:db:6c: 49:62:a6:99:06:b3:59:dc:b9:f2:13:4a:12:2e:ca: 9a:0f:46:03:7a:ae:be:e0:95:5f:f5:7e:0a:1f:d0: b5:6a:ea:41:77:bf:0b:9b:db:69:67:1f:03:7b:24: 55:2b:d8:49:80:4d:7e:ea:b7:f7:3f:85:ca:e7:d7: f1:76:f3:1f:fe:5b:5a:bc:e0:97:0d:3d:e4:0e:ca: 65:00:52:cc:ae:7c:9a:4a:fd:a8:b5:60:c4:d5:07: 70:7d:17:75:9e:91:3b:f6:6b:69:e3:58:e3:fa:bc: af:ae:84:36:cd:74:2d:9f:e8:0a:42:ca:ed:cc:15: c6:c6:16:6d:65:d5:c0:af:ef:e8:82:e7:14:fb:24: 2c:ee:90:8b:de:4a:4d:4a:19:a2:ce:96:41:60:ec: 50:f4:35:84:92:ab:5a:29:7e:d2:21:11:23:7c:32: 51:6c:7d:b1:6b:2c:09:c6:ef:e2:8e:11:d0:15:19: 13:3b:79:e6:bb:23:b9:86:8a:46:dc:ea:ea:24:b5: 9c:76:84:69:99:cd:3b:9e:48:54:9e:ab:39:58:64: 1b:fb:57:c1:ed:c1:95:1e:6d:32:ec:83:52:7f:d0: e6:e3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 29:0A:DB:76:36:3A:58:E0:D3:8C:37:02:71:6A:DF:02:5E:A1:8C:CB X509v3 Authority Key Identifier: keyid:2C:03:14:DF:DE:D4:1A:B6:11:D9:9F:54:20:63:98:2F:E3:80:80:BA X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/33/LAMU397UGrYR2Z9UIGOYL-OAgLo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LAMU397UGrYR2Z9UIGOYL-OAgLo.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/33/KQrbdjY6WODTjDcCcWrfAl6hjMs.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 42.204.0.0/14 Signature Algorithm: sha256WithRSAEncryption 7a:53:45:ab:b8:62:e4:67:81:f1:a0:02:b0:56:be:26:11:ca: 9e:78:ef:28:04:2b:2c:d9:1e:77:64:25:91:23:1d:b8:95:16: 5e:11:d7:ef:5a:81:9e:38:61:00:a7:2c:3d:dc:5a:ad:06:89: f0:a0:aa:d7:21:c7:31:81:84:38:bb:dc:f5:fe:81:96:ad:42: af:48:75:8b:92:27:cb:84:d6:b8:ea:8f:ca:1f:26:c1:73:2b: ec:e8:56:b4:52:3e:25:f0:6c:af:7c:4d:d6:85:a5:a3:16:58: 22:3f:2f:85:15:1b:3c:9c:a3:d4:f8:dc:25:a3:57:43:d8:04: 01:21:2b:e0:76:0f:7f:d6:54:b7:ec:18:14:c5:90:a1:8c:72: 26:c1:f3:86:be:19:54:85:d7:fe:7c:a9:7d:56:79:e2:13:25: 45:45:8e:7f:d1:43:6d:8c:40:ec:86:5f:de:39:c8:c6:62:09: 86:e0:b5:c3:dd:50:17:a0:81:06:9f:3a:27:1a:f4:d9:e0:fa: 3e:cf:f6:35:30:30:a6:e4:a2:56:f9:5d:02:7e:3e:c6:cc:9d: 18:60:a8:f4:6f:e7:5d:29:01:42:e7:06:3b:32:e5:61:1e:88: 7f:b9:ba:da:79:2a:17:a1:b4:23:b8:54:da:4e:82:50:24:cf: 20:6f:82:d0 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgICCmswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkMw MzE0REZERUQ0MUFCNjExRDk5RjU0MjA2Mzk4MkZFMzgwODBCQTAeFw0yNTA5MTMw MzAzMThaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDI5MEFEQjc2MzYzQTU4 RTBEMzhDMzcwMjcxNkFERjAyNUVBMThDQ0IwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDLf8dXBOmOJnM6+DQ8M51bxu9260o5qHRYdRzbbElippkGs1nc ufITShIuypoPRgN6rr7glV/1fgof0LVq6kF3vwub22lnHwN7JFUr2EmATX7qt/c/ hcrn1/F28x/+W1q84JcNPeQOymUAUsyufJpK/ai1YMTVB3B9F3WekTv2a2njWOP6 vK+uhDbNdC2f6ApCyu3MFcbGFm1l1cCv7+iC5xT7JCzukIveSk1KGaLOlkFg7FD0 NYSSq1opftIhESN8MlFsfbFrLAnG7+KOEdAVGRM7eea7I7mGikbc6uoktZx2hGmZ zTueSFSeqzlYZBv7V8HtwZUebTLsg1J/0ObjAgMBAAGjggHuMIIB6jAdBgNVHQ4E FgQUKQrbdjY6WODTjDcCcWrfAl6hjMswHwYDVR0jBBgwFoAULAMU397UGrYR2Z9U IGOYL+OAgLowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzMv TEFNVTM5N1VHcllSMlo5VUlHT1lMLU9BZ0xvLmNybDBjBggrBgEFBQcBAQRXMFUw UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE MDAwMC9MQU1VMzk3VUdyWVIyWjlVSUdPWUwtT0FnTG8uY2VyMA4GA1UdDwEB/wQE AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC8zMy9LUXJiZGpZNldPRFRqRGND Y1dyZkFsNmhqTXMucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMC KswwDQYJKoZIhvcNAQELBQADggEBAHpTRau4YuRngfGgArBWviYRyp547ygEKyzZ HndkJZEjHbiVFl4R1+9agZ44YQCnLD3cWq0GifCgqtchxzGBhDi73PX+gZatQq9I dYuSJ8uE1rjqj8ofJsFzK+zoVrRSPiXwbK98TdaFpaMWWCI/L4UVGzyco9T43CWj V0PYBAEhK+B2D3/WVLfsGBTFkKGMcibB84a+GVSF1/58qX1WeeITJUVFjn/RQ22M QOyGX945yMZiCYbgtcPdUBeggQafOica9Nng+j7P9jUwMKbkolb5XQJ+PsbMnRhg qPRv510pAULnBjsy5WEeiH+5utp5KhehtCO4VNpOglAkzyBvgtA= -----END CERTIFICATE-----Generated at Mon Oct 20 08:28:36 2025 by rpki-client