$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/65/KpdbN93XExQEg9p1zcs-ynrnwv0.roa File: KpdbN93XExQEg9p1zcs-ynrnwv0.roa (raw, json) Hash identifier: OxO3p7V0jMFOxBCFFDRvwJVmU0lxXAyeh63xZj+bT/w= Subject key identifier: 2A:97:5B:37:DD:D7:13:14:04:83:DA:75:CD:CB:3E:CA:7A:E7:C2:FD Certificate issuer: /CN=9824C555228B28B698DDE77BC1ADD0E2807B86B9 Certificate serial: 14E2 Authority key identifier: 98:24:C5:55:22:8B:28:B6:98:DD:E7:7B:C1:AD:D0:E2:80:7B:86:B9 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/mCTFVSKLKLaY3ed7wa3Q4oB7hrk.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/65/KpdbN93XExQEg9p1zcs-ynrnwv0.roa Signing time: Thu 11 Sep 2025 07:51:48 +0000 ROA not before: Thu 11 Sep 2025 07:51:48 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 4812 IP address blocks: 120.136.160.0/21 maxlen: 25 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/65/mCTFVSKLKLaY3ed7wa3Q4oB7hrk.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/65/mCTFVSKLKLaY3ed7wa3Q4oB7hrk.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/mCTFVSKLKLaY3ed7wa3Q4oB7hrk.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 18:04:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5346 (0x14e2) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9824C555228B28B698DDE77BC1ADD0E2807B86B9 Validity Not Before: Sep 11 07:51:48 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=2A975B37DDD713140483DA75CDCB3ECA7AE7C2FD Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:4b:9b:20:6a:a0:50:f3:20:47:4f:22:f9:69: f8:ae:86:3e:f6:3e:2e:e7:38:b4:9c:15:ad:cd:83: 51:20:68:1b:e8:6f:dd:59:3f:d8:aa:1a:b9:b9:66: 90:ec:7b:23:a0:4e:ee:b6:fd:2e:3c:63:da:c1:ef: e9:e1:dc:36:db:0f:0a:78:f0:5b:a2:9e:12:7c:33: 55:28:cc:aa:84:ae:5c:10:4b:f9:2c:8d:82:09:4c: 02:5e:d4:24:03:63:56:92:b7:62:4d:b1:8c:4a:16: c3:97:33:ed:0a:98:ab:19:df:ea:6d:81:17:f7:b0: ea:4f:a3:64:09:6a:ca:0f:c6:fe:e1:86:c3:48:ae: 44:83:32:4c:e0:52:d4:f8:cc:99:d1:4d:34:75:16: 18:78:c9:5b:8b:fd:56:8d:db:08:63:00:03:40:e1: 4e:53:28:44:4b:58:1a:77:4e:05:91:04:6c:6b:f7: 86:e8:73:68:43:7a:a5:34:8d:8d:fe:09:87:8d:d6: 5d:3a:e3:5c:e0:6d:56:bc:80:81:95:5d:08:b5:1b: 50:74:41:d2:44:27:34:de:8f:bc:bc:66:77:ad:88: 58:1f:18:86:20:49:6c:be:e1:cb:c8:5f:79:a8:1a: f4:b6:7f:37:a3:58:f3:7b:a5:7f:bf:68:7c:36:65: 89:5d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2A:97:5B:37:DD:D7:13:14:04:83:DA:75:CD:CB:3E:CA:7A:E7:C2:FD X509v3 Authority Key Identifier: keyid:98:24:C5:55:22:8B:28:B6:98:DD:E7:7B:C1:AD:D0:E2:80:7B:86:B9 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/65/mCTFVSKLKLaY3ed7wa3Q4oB7hrk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/mCTFVSKLKLaY3ed7wa3Q4oB7hrk.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/65/KpdbN93XExQEg9p1zcs-ynrnwv0.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 120.136.160.0/21 Signature Algorithm: sha256WithRSAEncryption 67:c5:a5:e6:59:66:f9:3c:fc:e7:99:fc:bd:1b:c7:39:e2:0c: 06:33:b8:45:67:6e:e3:39:88:97:f8:c6:28:8c:a4:a1:5d:db: 18:35:09:d0:7f:16:ab:a4:a1:c0:8b:0b:4d:08:3f:6d:2c:d3: 6f:fd:3d:c7:13:00:1d:6f:2e:e4:14:a2:06:47:44:9b:cd:33: 86:67:4f:bb:13:f5:9a:f1:7f:87:98:a8:ab:c7:94:ae:cc:b9: 2d:a4:c2:2a:41:87:e4:80:d4:49:d0:10:c3:d2:3e:f7:d6:59: 7d:07:3a:0d:63:48:e6:bc:8a:13:40:55:2a:49:6b:db:1c:f8: be:07:1f:d3:d9:29:07:53:81:71:6a:4c:9d:1c:e1:3b:20:4b: 15:df:d2:8a:b7:0f:05:dd:93:4f:59:20:c5:99:76:6a:33:6d: c8:ff:7f:82:07:dd:4e:57:de:0a:05:f1:c6:b2:73:59:20:cb: ba:4a:15:70:3b:1f:32:7b:5b:11:d1:34:23:92:5f:1c:60:46: 01:7a:81:a0:8f:c4:df:13:c4:d3:dc:c4:f1:62:a3:99:c3:f7: d8:76:91:79:28:64:1e:a6:d5:d8:90:e5:b1:e9:b7:9b:1c:e3: 98:17:35:14:d6:1c:11:05:35:15:04:b8:af:b1:d0:d9:6e:e4: f2:1f:58:7d -----BEGIN CERTIFICATE----- MIIE0zCCA7ugAwIBAgICFOIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOTgy NEM1NTUyMjhCMjhCNjk4RERFNzdCQzFBREQwRTI4MDdCODZCOTAeFw0yNTA5MTEw NzUxNDhaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDJBOTc1QjM3RERENzEz MTQwNDgzREE3NUNEQ0IzRUNBN0FFN0MyRkQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC2S5sgaqBQ8yBHTyL5afiuhj72Pi7nOLScFa3Ng1EgaBvob91Z P9iqGrm5ZpDseyOgTu62/S48Y9rB7+nh3DbbDwp48FuinhJ8M1UozKqErlwQS/ks jYIJTAJe1CQDY1aSt2JNsYxKFsOXM+0KmKsZ3+ptgRf3sOpPo2QJasoPxv7hhsNI rkSDMkzgUtT4zJnRTTR1Fhh4yVuL/VaN2whjAANA4U5TKERLWBp3TgWRBGxr94bo c2hDeqU0jY3+CYeN1l0641zgbVa8gIGVXQi1G1B0QdJEJzTej7y8ZnetiFgfGIYg SWy+4cvIX3moGvS2fzejWPN7pX+/aHw2ZYldAgMBAAGjggHvMIIB6zAdBgNVHQ4E FgQUKpdbN93XExQEg9p1zcs+ynrnwv0wHwYDVR0jBBgwFoAUmCTFVSKLKLaY3ed7 wa3Q4oB7hrkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjUv bUNURlZTS0xLTGFZM2VkN3dhM1E0b0I3aHJrLmNybDBjBggrBgEFBQcBAQRXMFUw UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE MDAwMC9tQ1RGVlNLTEtMYVkzZWQ3d2EzUTRvQjdocmsuY2VyMA4GA1UdDwEB/wQE AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC82NS9LcGRiTjkzWEV4UUVnOXAx emNzLXlucm53djAucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu Y24vcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQD eIigMA0GCSqGSIb3DQEBCwUAA4IBAQBnxaXmWWb5PPznmfy9G8c54gwGM7hFZ27j OYiX+MYojKShXdsYNQnQfxarpKHAiwtNCD9tLNNv/T3HEwAdby7kFKIGR0SbzTOG Z0+7E/Wa8X+HmKirx5SuzLktpMIqQYfkgNRJ0BDD0j731ll9BzoNY0jmvIoTQFUq SWvbHPi+Bx/T2SkHU4FxakydHOE7IEsV39KKtw8F3ZNPWSDFmXZqM23I/3+CB91O V94KBfHGsnNZIMu6ShVwOx8ye1sR0TQjkl8cYEYBeoGgj8TfE8TT3MTxYqOZw/fY dpF5KGQeptXYkOWx6bebHOOYFzUU1hwRBTUVBLivsdDZbuTyH1h9 -----END CERTIFICATE-----Generated at Mon Oct 20 17:43:10 2025 by rpki-client