$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/KRVB0hUti-vHyMuRu8-HSln7xuY.roa File: KRVB0hUti-vHyMuRu8-HSln7xuY.roa (raw, json) Hash identifier: MqCx9nFv+wbLLWQthmB6wYP+ZvVE4RnyM2rBEUeS8Qw= Subject key identifier: 29:15:41:D2:15:2D:8B:EB:C7:C8:CB:91:BB:CF:87:4A:59:FB:C6:E6 Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 1E5F Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/KRVB0hUti-vHyMuRu8-HSln7xuY.roa Signing time: Sat 13 Sep 2025 03:05:05 +0000 ROA not before: Sat 13 Sep 2025 03:05:05 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 138527 IP address blocks: 103.221.32.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 13:37:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7775 (0x1e5f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Sep 13 03:05:05 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=291541D2152D8BEBC7C8CB91BBCF874A59FBC6E6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f4:04:39:e6:05:13:f7:d9:45:06:74:4f:e3:05: 72:89:df:5b:5c:c5:20:78:d1:de:aa:ff:e7:6a:53: b6:30:2a:ed:64:f1:7e:27:50:97:80:dc:3e:13:bd: 94:7f:a5:e2:da:da:a9:a9:a9:94:aa:b0:10:df:7b: dd:7d:78:fd:d4:bc:57:55:fe:9a:28:5c:4f:e2:87: 89:7e:c8:ea:ba:48:74:2f:50:d0:78:41:37:c1:dd: 78:22:b4:eb:10:61:fa:4e:df:87:2c:07:a7:5e:81: d4:ca:1c:ef:45:96:62:8b:d5:18:fd:dd:9a:e6:b7: 11:10:ee:d2:8a:75:1a:90:7f:e9:0c:58:24:c3:f7: f2:95:78:52:20:31:fe:3e:4b:3e:10:f7:a6:41:e8: 5f:8c:26:e8:64:72:21:0d:9e:75:66:1a:2c:01:89: 2e:2d:d4:d7:71:a4:ce:91:d6:a8:c6:db:54:74:ef: 06:75:b4:73:98:60:db:59:0e:72:84:dd:64:25:64: d4:ba:5e:9f:3a:e4:ad:53:19:42:09:38:38:20:58: 8b:85:e1:5e:f3:2f:93:e2:25:ed:8e:7a:26:fa:07: 3e:02:97:e0:ac:44:5d:3a:b6:84:99:c7:b8:86:a0: ed:f6:74:52:89:61:43:73:7d:bf:cc:34:11:ae:8e: 36:af Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 29:15:41:D2:15:2D:8B:EB:C7:C8:CB:91:BB:CF:87:4A:59:FB:C6:E6 X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/KRVB0hUti-vHyMuRu8-HSln7xuY.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.221.32.0/22 Signature Algorithm: sha256WithRSAEncryption cb:1b:2a:20:64:01:3f:fe:99:50:6a:52:7a:ed:24:79:5f:05: 21:6a:4e:92:16:22:5f:9c:a3:86:05:ec:03:28:be:e9:bc:52: 5c:a3:42:52:26:f3:6b:cd:b2:46:96:ea:b8:d7:9f:be:6f:b3: 84:4d:80:8d:b3:78:7c:0b:08:9a:a0:79:a5:31:87:d2:21:e9: ea:7a:28:29:99:af:4c:a7:84:53:b3:9d:c7:5c:1d:77:f8:28: 26:df:fc:fb:cf:e7:5c:e3:2f:9d:41:cc:a9:88:c2:f3:07:3a: 60:58:d0:c0:9d:63:74:4e:97:43:b3:d1:b3:b1:fa:49:90:40: 89:f9:b2:f1:3e:94:a9:7d:f1:55:76:07:91:bc:05:28:5a:e7: c7:8f:df:2e:0c:45:19:f5:0d:5d:60:99:99:5b:8c:8d:95:25: ef:25:f4:e7:8b:99:17:0c:f9:c6:82:6a:8c:d8:46:0c:92:70: 38:8a:d3:5f:67:d0:f5:d5:c1:3f:f4:44:b6:15:48:b0:d3:e9: f8:ca:18:99:ab:b4:59:bf:96:0f:aa:a5:7e:14:a6:94:b0:7e: 42:b6:65:40:bf:ba:1d:07:75:6f:b9:fc:a9:38:b2:37:2a:f5: 97:6b:a2:bf:da:57:16:25:95:24:27:da:4b:88:92:72:d9:03: c3:5e:76:43 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICHl8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTA5MTMw MzA1MDVaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDI5MTU0MUQyMTUyRDhC RUJDN0M4Q0I5MUJCQ0Y4NzRBNTlGQkM2RTYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQD0BDnmBRP32UUGdE/jBXKJ31tcxSB40d6q/+dqU7YwKu1k8X4n UJeA3D4TvZR/peLa2qmpqZSqsBDfe919eP3UvFdV/pooXE/ih4l+yOq6SHQvUNB4 QTfB3XgitOsQYfpO34csB6degdTKHO9FlmKL1Rj93ZrmtxEQ7tKKdRqQf+kMWCTD 9/KVeFIgMf4+Sz4Q96ZB6F+MJuhkciENnnVmGiwBiS4t1NdxpM6R1qjG21R07wZ1 tHOYYNtZDnKE3WQlZNS6Xp865K1TGUIJODggWIuF4V7zL5PiJe2Oeib6Bz4Cl+Cs RF06toSZx7iGoO32dFKJYUNzfb/MNBGujjavAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUKRVB0hUti+vHyMuRu8+HSln7xuYwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L0tSVkIwaFV0aS12SHlN dVJ1OC1IU2xuN3h1WS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAJn3SAwDQYJKoZIhvcNAQELBQADggEBAMsbKiBkAT/+mVBqUnrtJHlfBSFqTpIW Il+co4YF7AMovum8UlyjQlIm82vNskaW6rjXn75vs4RNgI2zeHwLCJqgeaUxh9Ih 6ep6KCmZr0ynhFOzncdcHXf4KCbf/PvP51zjL51BzKmIwvMHOmBY0MCdY3ROl0Oz 0bOx+kmQQIn5svE+lKl98VV2B5G8BSha58eP3y4MRRn1DV1gmZlbjI2VJe8l9OeL mRcM+caCaozYRgyScDiK019n0PXVwT/0RLYVSLDT6fjKGJmrtFm/lg+qpX4UppSw fkK2ZUC/uh0HdW+5/Kk4sjcq9Zdror/aVxYllSQn2kuIknLZA8NedkM= -----END CERTIFICATE-----Generated at Mon Oct 20 13:13:44 2025 by rpki-client