$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/1KVcBic_30OWQLCduun5UFr1jVU.roa File: 1KVcBic_30OWQLCduun5UFr1jVU.roa (raw, json) Hash identifier: HvCRwJ+HyUy7gInD+DcvKsDgL+ZbABuUhDwP+ALArR0= Subject key identifier: D4:A5:5C:06:27:3F:DF:43:96:40:B0:9D:BA:E9:F9:50:5A:F5:8D:55 Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 1DEB Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/1KVcBic_30OWQLCduun5UFr1jVU.roa Signing time: Sat 13 Sep 2025 03:04:42 +0000 ROA not before: Sat 13 Sep 2025 03:04:42 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 139259 IP address blocks: 45.252.100.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 13:37:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7659 (0x1deb) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Sep 13 03:04:42 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=D4A55C06273FDF439640B09DBAE9F9505AF58D55 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:a7:98:ac:ee:f2:80:48:87:73:26:52:86:62: 83:28:d6:93:d5:db:07:ac:34:72:29:19:cb:7b:f1: dd:08:5d:05:20:8b:35:b5:27:f5:20:31:72:8a:ac: 7b:51:86:8d:94:6c:57:7b:9f:dd:21:14:e0:dc:e8: 3a:63:60:f0:c8:bc:bc:54:7a:4e:69:4a:4e:22:6e: dd:23:7c:fe:b6:ac:19:71:2c:6b:fb:a5:62:58:06: fa:73:30:04:8f:c3:5f:c4:8f:16:ba:ea:ff:c8:71: 4a:ce:6d:45:c6:c8:cc:07:58:32:33:95:93:1d:cb: 44:96:33:0b:48:92:69:f4:d3:df:f9:38:2c:74:4b: 98:ec:fe:54:81:77:a8:cc:9f:77:dc:69:20:c5:2d: c5:d2:bc:74:70:ff:dc:52:3b:7f:30:ce:55:03:35: f6:17:e5:33:a8:3b:b8:9d:02:9a:53:eb:7f:23:ba: ad:b7:bc:99:d6:f1:ed:74:13:04:7e:f9:dd:40:95: c9:fa:fd:ad:02:f4:ca:21:fb:08:03:d0:1e:52:2b: 75:3a:f5:ab:7f:b8:66:5d:7f:2d:fc:a9:d5:ad:11: 7a:f5:e1:f9:6d:f4:ca:fd:fb:8a:48:0e:7f:1b:37: c4:ac:65:bb:5f:98:42:59:6d:a6:e5:0a:f6:ad:f3: d3:eb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D4:A5:5C:06:27:3F:DF:43:96:40:B0:9D:BA:E9:F9:50:5A:F5:8D:55 X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/1KVcBic_30OWQLCduun5UFr1jVU.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 45.252.100.0/22 Signature Algorithm: sha256WithRSAEncryption c2:2a:8b:6d:ef:ed:af:64:32:36:ed:b9:e3:10:8d:15:08:3d: 2c:db:c8:b4:e9:01:a3:4f:57:5f:57:0b:ce:b7:81:39:29:c9: c6:a7:6f:a6:30:e7:a5:0e:e6:5c:69:12:27:6b:3b:3b:33:ae: d4:67:64:a6:7e:b2:f6:bf:92:36:e4:1f:68:46:72:20:cd:fd: fa:22:13:83:64:b4:22:8a:b2:07:26:1b:39:f4:aa:47:69:6a: 14:83:20:e4:b3:9b:e7:99:45:08:87:90:8a:87:2b:83:05:93: b9:d1:54:02:7b:1e:2d:04:99:77:99:d6:e4:f6:6c:4a:b1:2d: 83:e2:e2:c9:04:25:79:bf:26:5b:4d:16:54:29:48:5c:bf:f6: 3a:01:cf:57:a2:ed:10:ad:5d:e0:1c:02:ad:45:b2:c4:db:88: 64:d8:65:9f:47:4d:df:17:7c:da:64:ab:c9:39:c0:ac:ba:aa: ac:b5:5e:7f:0f:ae:0a:47:fb:52:66:3d:e3:ff:ce:39:0b:ea: 7f:2f:f6:8e:ea:96:12:f7:f8:c9:60:fb:26:58:ab:96:95:63: 40:21:ff:a4:8e:05:da:0c:c1:41:39:29:03:38:59:eb:c0:ed: 6d:37:43:a9:44:79:1f:a7:07:b7:7a:5c:76:9a:a2:6d:2d:e1: 3a:a5:a1:e9 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICHeswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTA5MTMw MzA0NDJaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKEQ0QTU1QzA2MjczRkRG NDM5NjQwQjA5REJBRTlGOTUwNUFGNThENTUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCup5is7vKASIdzJlKGYoMo1pPV2wesNHIpGct78d0IXQUgizW1 J/UgMXKKrHtRho2UbFd7n90hFODc6DpjYPDIvLxUek5pSk4ibt0jfP62rBlxLGv7 pWJYBvpzMASPw1/Ejxa66v/IcUrObUXGyMwHWDIzlZMdy0SWMwtIkmn009/5OCx0 S5js/lSBd6jMn3fcaSDFLcXSvHRw/9xSO38wzlUDNfYX5TOoO7idAppT638juq23 vJnW8e10EwR++d1Alcn6/a0C9Moh+wgD0B5SK3U69at/uGZdfy38qdWtEXr14flt 9Mr9+4pIDn8bN8SsZbtfmEJZbablCvat89PrAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQU1KVcBic/30OWQLCduun5UFr1jVUwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3LzFLVmNCaWNfMzBPV1FM Q2R1dW41VUZyMWpWVS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAIt/GQwDQYJKoZIhvcNAQELBQADggEBAMIqi23v7a9kMjbtueMQjRUIPSzbyLTp AaNPV19XC863gTkpycanb6Yw56UO5lxpEidrOzszrtRnZKZ+sva/kjbkH2hGciDN /foiE4NktCKKsgcmGzn0qkdpahSDIOSzm+eZRQiHkIqHK4MFk7nRVAJ7Hi0EmXeZ 1uT2bEqxLYPi4skEJXm/JltNFlQpSFy/9joBz1ei7RCtXeAcAq1FssTbiGTYZZ9H Td8XfNpkq8k5wKy6qqy1Xn8PrgpH+1JmPeP/zjkL6n8v9o7qlhL3+Mlg+yZYq5aV Y0Ah/6SOBdoMwUE5KQM4WevA7W03Q6lEeR+nB7d6XHaaom0t4Tqloek= -----END CERTIFICATE-----Generated at Mon Oct 20 13:30:44 2025 by rpki-client