$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/KYNOWWbXrlZErmFVyJeHDrs4NXY.roa File: KYNOWWbXrlZErmFVyJeHDrs4NXY.roa (raw, json) Hash identifier: mQLpNagusTMcWyvEyzcSXT/fkOd1W4lGdNAkB50sCGI= Subject key identifier: 29:83:4E:59:66:D7:AE:56:44:AE:61:55:C8:97:87:0E:BB:38:35:76 Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 1E7B Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/KYNOWWbXrlZErmFVyJeHDrs4NXY.roa Signing time: Sat 13 Sep 2025 03:05:11 +0000 ROA not before: Sat 13 Sep 2025 03:05:11 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 139259 IP address blocks: 103.221.28.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 13:37:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7803 (0x1e7b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Sep 13 03:05:11 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=29834E5966D7AE5644AE6155C897870EBB383576 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:f3:00:a2:d5:cf:21:ae:40:d0:1b:7c:c5:c0: d8:99:f7:fe:6b:5d:78:93:db:77:7b:62:37:05:7f: eb:71:2a:cd:f1:5d:84:48:79:4c:2f:fd:54:ce:58: de:48:bc:42:9c:fe:24:42:b6:dc:03:47:ee:9f:81: 96:bb:97:5d:d6:51:27:fa:85:e3:d5:74:50:6c:9f: 74:b8:78:22:00:2f:cc:47:5e:15:ce:8d:87:e2:b6: 64:b0:8d:b7:74:95:55:f0:81:4d:e9:3d:55:5f:7a: e1:2f:a8:cf:7b:ea:13:a4:93:b9:50:2f:18:83:14: 50:49:08:ae:31:6b:79:58:0e:52:7a:b1:24:ab:c7: ee:9d:4f:56:f9:e6:0a:f1:3c:1d:f7:1f:7d:67:73: af:93:03:6b:7a:1b:bd:83:4b:be:d5:82:8d:d1:16: d7:2a:04:48:d9:cc:f6:be:6b:58:55:54:fd:64:4b: dc:81:4a:7a:83:1b:11:5e:35:b4:c7:e7:15:3b:e4: f4:60:83:78:d5:3d:62:b0:0e:1f:3d:63:9d:ae:42: de:0d:c7:ac:e3:ac:57:7a:86:e3:0e:80:63:92:de: ef:e0:d7:ff:1d:b8:52:1e:c2:11:1a:fc:f7:48:36: 74:c9:22:3f:cc:ca:44:0b:92:ae:99:da:70:dc:91: a4:3d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 29:83:4E:59:66:D7:AE:56:44:AE:61:55:C8:97:87:0E:BB:38:35:76 X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/KYNOWWbXrlZErmFVyJeHDrs4NXY.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.221.28.0/22 Signature Algorithm: sha256WithRSAEncryption 33:6d:fd:9d:11:8f:a2:fd:d1:32:ef:a1:be:cd:14:1f:25:2e: 58:51:12:a9:68:66:b3:2e:9d:dc:44:92:c1:d9:bc:92:6a:3f: d4:c1:1e:d5:0e:16:64:b0:d4:85:56:17:0b:23:bd:2f:f1:f8: 00:c7:5b:f2:3b:75:95:3f:6f:44:68:95:2c:f8:52:80:1b:a7: ff:53:c4:bf:72:9c:3c:37:df:34:a1:dd:a1:28:c2:93:8d:f0: ce:70:f7:3d:44:7d:26:69:c0:dd:fa:ef:be:60:ca:ed:dd:1a: 10:ca:98:a4:d5:e4:7b:60:42:74:30:88:bc:07:b5:73:1b:f1: fc:c8:0c:f4:7c:5f:50:14:00:cd:83:89:72:f1:4d:06:93:76: 14:9c:67:1a:7d:83:27:a8:c1:26:57:c0:70:df:97:72:99:87: a6:91:5a:ff:f8:7d:2e:0f:d3:e9:ce:4f:29:68:0a:5b:be:6d: e6:53:a4:0f:02:c7:b3:9d:4c:3a:27:75:e5:ee:6d:7c:a4:17: ac:8b:bd:c0:d1:c9:3a:0d:ed:04:b2:46:09:f5:7e:11:96:f7: f4:ba:90:f0:60:13:25:3e:39:e8:64:01:69:b5:5b:42:b8:f5: 3a:6f:67:41:5c:28:84:37:47:59:e9:dc:2f:06:64:72:6e:85: 12:61:b9:ab -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICHnswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTA5MTMw MzA1MTFaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDI5ODM0RTU5NjZEN0FF NTY0NEFFNjE1NUM4OTc4NzBFQkIzODM1NzYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCk8wCi1c8hrkDQG3zFwNiZ9/5rXXiT23d7YjcFf+txKs3xXYRI eUwv/VTOWN5IvEKc/iRCttwDR+6fgZa7l13WUSf6hePVdFBsn3S4eCIAL8xHXhXO jYfitmSwjbd0lVXwgU3pPVVfeuEvqM976hOkk7lQLxiDFFBJCK4xa3lYDlJ6sSSr x+6dT1b55grxPB33H31nc6+TA2t6G72DS77Vgo3RFtcqBEjZzPa+a1hVVP1kS9yB SnqDGxFeNbTH5xU75PRgg3jVPWKwDh89Y52uQt4Nx6zjrFd6huMOgGOS3u/g1/8d uFIewhEa/PdINnTJIj/MykQLkq6Z2nDckaQ9AgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUKYNOWWbXrlZErmFVyJeHDrs4NXYwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L0tZTk9XV2JYcmxaRXJt RlZ5SmVIRHJzNE5YWS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAJn3RwwDQYJKoZIhvcNAQELBQADggEBADNt/Z0Rj6L90TLvob7NFB8lLlhREqlo ZrMundxEksHZvJJqP9TBHtUOFmSw1IVWFwsjvS/x+ADHW/I7dZU/b0RolSz4UoAb p/9TxL9ynDw33zSh3aEowpON8M5w9z1EfSZpwN36775gyu3dGhDKmKTV5HtgQnQw iLwHtXMb8fzIDPR8X1AUAM2DiXLxTQaTdhScZxp9gyeowSZXwHDfl3KZh6aRWv/4 fS4P0+nOTyloClu+beZTpA8Cx7OdTDondeXubXykF6yLvcDRyToN7QSyRgn1fhGW 9/S6kPBgEyU+OehkAWm1W0K49TpvZ0FcKIQ3R1np3C8GZHJuhRJhuas= -----END CERTIFICATE-----Generated at Mon Oct 20 13:13:42 2025 by rpki-client