$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3130/KZj0MXBvEznrpa4cb78Db1apddc.roa File: KZj0MXBvEznrpa4cb78Db1apddc.roa (raw, json) Hash identifier: y5Kg63nPKnOZD2qzNYojeuLO7L6KqIJBRrNgWnCUoUQ= Subject key identifier: 29:98:F4:31:70:6F:13:39:EB:A5:AE:1C:6F:BF:03:6F:56:A9:75:D7 Certificate issuer: /CN=2B0C50542CA87AA3C12F30C32323062C87102221 Certificate serial: 1A95 Authority key identifier: 2B:0C:50:54:2C:A8:7A:A3:C1:2F:30:C3:23:23:06:2C:87:10:22:21 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KZj0MXBvEznrpa4cb78Db1apddc.roa Signing time: Sat 13 Sep 2025 03:07:23 +0000 ROA not before: Sat 13 Sep 2025 03:07:23 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 2914 IP address blocks: 180.223.207.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 08 Oct 2025 13:36:22 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6805 (0x1a95) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2B0C50542CA87AA3C12F30C32323062C87102221 Validity Not Before: Sep 13 03:07:23 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=2998F431706F1339EBA5AE1C6FBF036F56A975D7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f6:80:01:f8:37:9a:e7:6a:52:1f:12:cf:ed:03: e4:7f:13:5d:9a:fc:02:ca:f4:8f:3e:02:68:bb:32: de:77:a8:da:77:a8:87:a9:fe:0e:2a:59:f6:f1:27: 44:a6:66:df:ac:d9:03:7a:19:a9:da:bb:a2:69:53: a9:70:2d:0a:f1:58:b5:9b:63:ad:b8:b1:07:3d:64: f5:bf:4b:aa:28:20:a0:5d:5a:57:56:77:7d:c4:e0: a1:87:52:4f:ed:5b:21:48:14:87:7c:6c:a1:a7:a1: 6d:30:7a:e3:b3:b7:9a:0f:7f:4d:5a:38:f2:3c:de: ef:64:fe:87:31:a7:a9:7d:e0:a2:21:5a:5d:72:42: 16:de:8f:d4:29:90:a2:48:69:14:f4:af:8f:01:71: a4:eb:0d:7d:6d:b0:4e:7e:58:6e:79:29:35:e6:5d: d7:80:f2:52:05:9a:49:50:cb:70:ed:b5:47:9d:ac: 1c:7e:b0:ca:99:a6:17:ca:bd:30:66:85:57:09:fd: d6:33:47:c5:46:ec:dd:3d:7c:90:68:c7:60:1f:81: b9:9e:09:0f:2d:c0:20:62:8e:42:88:e4:9e:1a:3e: 77:41:8b:95:8e:f7:da:57:3a:9e:0d:78:0b:8a:29: fe:3e:ea:47:3f:83:68:a8:35:23:00:96:a2:66:93: 72:a1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 29:98:F4:31:70:6F:13:39:EB:A5:AE:1C:6F:BF:03:6F:56:A9:75:D7 X509v3 Authority Key Identifier: keyid:2B:0C:50:54:2C:A8:7A:A3:C1:2F:30:C3:23:23:06:2C:87:10:22:21 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KZj0MXBvEznrpa4cb78Db1apddc.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 180.223.207.0/24 Signature Algorithm: sha256WithRSAEncryption 7c:cf:10:b7:7f:97:3c:6e:65:de:09:44:5b:0e:f1:6d:ce:11: f4:62:93:27:2e:3f:a1:73:cd:58:f1:29:8f:6a:72:9f:b9:74: bb:30:54:5e:bc:70:e3:53:d1:b6:26:3f:fd:13:b2:4c:92:2f: 07:01:84:81:eb:af:90:4e:35:b7:37:b2:7b:ab:96:cc:83:58: 74:a3:6c:a8:95:1d:2e:b1:1b:90:2c:cb:54:d1:47:a0:fe:f1: 71:67:4a:97:18:fc:02:36:2c:75:56:3a:9c:6e:3a:63:f7:a7: 26:c2:fd:66:75:64:04:f1:60:1b:68:39:d6:7f:ff:09:5b:f8: d6:e9:bc:95:f5:d5:3d:27:2e:4c:50:4d:8f:50:84:82:bc:77: 1f:45:34:62:11:85:7c:81:22:f7:3a:d4:03:70:80:9f:22:c6: d2:07:8d:07:60:c5:f5:69:fc:eb:cc:65:c3:c6:b5:0e:88:38: 72:97:97:4a:96:20:07:0d:fe:fb:b1:bc:b3:4a:6d:cf:b4:81: 2a:a6:e4:6b:18:da:03:5d:26:6e:c3:e1:fb:e6:8a:02:52:47: aa:43:4b:10:80:04:2d:39:c8:2f:68:91:ed:cc:83:11:80:66: 66:f3:48:ea:45:35:31:93:87:35:6d:b1:f4:cb:31:0e:3f:f5: e1:d4:92:97 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICGpUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkIw QzUwNTQyQ0E4N0FBM0MxMkYzMEMzMjMyMzA2MkM4NzEwMjIyMTAeFw0yNTA5MTMw MzA3MjNaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDI5OThGNDMxNzA2RjEz MzlFQkE1QUUxQzZGQkYwMzZGNTZBOTc1RDcwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQD2gAH4N5rnalIfEs/tA+R/E12a/ALK9I8+Ami7Mt53qNp3qIep /g4qWfbxJ0SmZt+s2QN6Ganau6JpU6lwLQrxWLWbY624sQc9ZPW/S6ooIKBdWldW d33E4KGHUk/tWyFIFId8bKGnoW0weuOzt5oPf01aOPI83u9k/ocxp6l94KIhWl1y Qhbej9QpkKJIaRT0r48BcaTrDX1tsE5+WG55KTXmXdeA8lIFmklQy3DttUedrBx+ sMqZphfKvTBmhVcJ/dYzR8VG7N09fJBox2AfgbmeCQ8twCBijkKI5J4aPndBi5WO 99pXOp4NeAuKKf4+6kc/g2ioNSMAlqJmk3KhAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUKZj0MXBvEznrpa4cb78Db1apddcwHwYDVR0jBBgwFoAUKwxQVCyoeqPBLzDD IyMGLIcQIiEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzEz MC9Ld3hRVkN5b2VxUEJMekRESXlNR0xJY1FJaUUuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0t3eFFWQ3lvZXFQQkx6RERJeU1HTEljUUlpRS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMxMzAvS1pqME1YQnZFem5y cGE0Y2I3OERiMWFwZGRjLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEALTfzzANBgkqhkiG9w0BAQsFAAOCAQEAfM8Qt3+XPG5l3glEWw7xbc4R9GKT Jy4/oXPNWPEpj2pyn7l0uzBUXrxw41PRtiY//ROyTJIvBwGEgeuvkE41tzeye6uW zINYdKNsqJUdLrEbkCzLVNFHoP7xcWdKlxj8AjYsdVY6nG46Y/enJsL9ZnVkBPFg G2g51n//CVv41um8lfXVPScuTFBNj1CEgrx3H0U0YhGFfIEi9zrUA3CAnyLG0geN B2DF9Wn868xlw8a1Dog4cpeXSpYgBw3++7G8s0ptz7SBKqbkaxjaA10mbsPh++aK AlJHqkNLEIAELTnIL2iR7cyDEYBmZvNI6kU1MZOHNW2x9MsxDj/14dSSlw== -----END CERTIFICATE-----Generated at Wed Oct 8 11:54:31 2025 by rpki-client