$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3258/kzqWu96e_VvExDFswlfnhiC6ZqQ.roa File: kzqWu96e_VvExDFswlfnhiC6ZqQ.roa (raw, json) Hash identifier: +Xx08ZhV0TEUpvIFY/ZWcbmTuF3m2Mx3C3YdGOqdjDc= Subject key identifier: 93:3A:96:BB:DE:9E:FD:5B:C4:C4:31:6C:C2:57:E7:86:20:BA:66:A4 Certificate issuer: /CN=90F30E1DF327D103907F1BE08ED3EA64BFB778E3 Certificate serial: 0BA6 Authority key identifier: 90:F3:0E:1D:F3:27:D1:03:90:7F:1B:E0:8E:D3:EA:64:BF:B7:78:E3 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/kPMOHfMn0QOQfxvgjtPqZL-3eOM.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3258/kzqWu96e_VvExDFswlfnhiC6ZqQ.roa Signing time: Sat 13 Sep 2025 03:09:40 +0000 ROA not before: Sat 13 Sep 2025 03:09:40 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 21859 IP address blocks: 157.10.220.0/24 maxlen: 32 157.10.221.0/24 maxlen: 32 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3258/kPMOHfMn0QOQfxvgjtPqZL-3eOM.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3258/kPMOHfMn0QOQfxvgjtPqZL-3eOM.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/kPMOHfMn0QOQfxvgjtPqZL-3eOM.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 19 Sep 2025 07:00:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2982 (0xba6) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=90F30E1DF327D103907F1BE08ED3EA64BFB778E3 Validity Not Before: Sep 13 03:09:40 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=933A96BBDE9EFD5BC4C4316CC257E78620BA66A4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:bf:28:e5:4c:ca:ff:c8:b7:73:92:87:a0:fc: c0:8c:18:12:32:be:18:84:e9:bb:2d:2f:27:4e:bd: 6e:00:9e:11:a8:c9:51:57:73:25:2f:ab:fd:f2:fc: fc:9a:01:38:60:5a:ba:f3:f8:1f:7f:c3:52:b4:f0: 9a:be:34:83:35:f1:0c:8b:ec:96:36:4a:37:6b:a3: 2c:1f:44:46:b2:27:40:9b:83:0a:c3:23:12:12:a7: a7:bf:89:43:ad:c3:a8:64:e5:f0:52:06:18:81:46: 12:21:da:3b:d9:b5:57:f7:81:46:e0:bf:e9:d7:eb: d6:3c:95:63:21:73:eb:e5:9b:e0:bb:ac:d9:9b:2a: 66:cd:0a:4d:29:2e:69:04:44:84:82:13:d8:ab:77: bd:2c:29:53:54:41:ae:0c:42:63:6f:c9:72:b1:9f: 14:c5:e0:ff:9c:68:8d:6e:5e:ed:ee:fd:a8:dd:cd: 0c:31:9a:ec:c4:b5:10:01:b0:39:54:49:6c:58:dc: f5:0e:60:e9:66:84:4c:9e:ee:56:99:2c:ac:b0:31: a5:8b:3b:a4:f4:1d:c5:85:64:90:18:b1:82:3b:f5: 83:26:17:ad:54:1b:95:91:c4:11:73:17:28:9a:37: e7:32:2c:1c:10:cd:99:3b:27:35:72:ef:38:8a:8f: f3:0d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 93:3A:96:BB:DE:9E:FD:5B:C4:C4:31:6C:C2:57:E7:86:20:BA:66:A4 X509v3 Authority Key Identifier: keyid:90:F3:0E:1D:F3:27:D1:03:90:7F:1B:E0:8E:D3:EA:64:BF:B7:78:E3 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3258/kPMOHfMn0QOQfxvgjtPqZL-3eOM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/kPMOHfMn0QOQfxvgjtPqZL-3eOM.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3258/kzqWu96e_VvExDFswlfnhiC6ZqQ.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 157.10.220.0/23 Signature Algorithm: sha256WithRSAEncryption a8:59:98:a4:42:e6:03:b6:ce:e7:2f:98:d0:8e:23:83:80:d3: 65:93:e5:ed:69:09:3d:ad:b4:41:19:49:4f:87:0d:3b:c4:82: f4:d0:ef:ef:32:35:d2:34:d0:2d:fb:56:d5:5f:08:90:44:77: ec:0c:d6:c7:29:50:de:01:a9:3d:19:62:d9:db:cf:0d:07:c3: d3:c1:95:a6:1d:45:c0:48:bf:67:30:26:ee:30:5b:76:6f:b1: 24:42:05:87:ac:4e:13:d1:df:a3:08:90:08:07:a6:f2:4c:e5: 81:a4:92:7b:63:cf:d3:fb:cc:8e:a9:e2:5f:23:cd:b0:0b:71: d9:32:16:d7:1e:7c:43:98:14:cd:13:57:81:65:45:92:71:5f: 09:6d:8e:24:e5:3f:49:ce:37:56:72:6b:b6:03:64:dd:ac:41: e0:c2:4d:cf:6a:00:ef:04:30:10:1c:96:f7:25:56:63:e4:df: 95:72:54:f5:11:4c:9e:71:43:be:97:ca:e5:cd:3c:c0:36:2a: 3b:50:0e:ff:a4:bb:c6:0a:e3:94:af:79:cd:75:53:c7:26:09: f3:a5:13:40:e9:ab:b4:bb:d9:72:46:2f:54:cc:37:66:19:3e: c4:75:ac:88:85:95:a5:6b:82:c3:b3:5e:a8:34:1f:d4:f2:ab: 33:62:10:b7 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICC6YwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOTBG MzBFMURGMzI3RDEwMzkwN0YxQkUwOEVEM0VBNjRCRkI3NzhFMzAeFw0yNTA5MTMw MzA5NDBaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDkzM0E5NkJCREU5RUZE NUJDNEM0MzE2Q0MyNTdFNzg2MjBCQTY2QTQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC9vyjlTMr/yLdzkoeg/MCMGBIyvhiE6bstLydOvW4AnhGoyVFX cyUvq/3y/PyaAThgWrrz+B9/w1K08Jq+NIM18QyL7JY2SjdroywfREayJ0CbgwrD IxISp6e/iUOtw6hk5fBSBhiBRhIh2jvZtVf3gUbgv+nX69Y8lWMhc+vlm+C7rNmb KmbNCk0pLmkERISCE9ird70sKVNUQa4MQmNvyXKxnxTF4P+caI1uXu3u/ajdzQwx muzEtRABsDlUSWxY3PUOYOlmhEye7laZLKywMaWLO6T0HcWFZJAYsYI79YMmF61U G5WRxBFzFyiaN+cyLBwQzZk7JzVy7ziKj/MNAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUkzqWu96e/VvExDFswlfnhiC6ZqQwHwYDVR0jBBgwFoAUkPMOHfMn0QOQfxvg jtPqZL+3eOMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzI1 OC9rUE1PSGZNbjBRT1FmeHZnanRQcVpMLTNlT00uY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL2tQTU9IZk1uMFFPUWZ4dmdqdFBxWkwtM2VPTS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMyNTgva3pxV3U5NmVfVnZF eERGc3dsZm5oaUM2WnFRLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAZ0K3DANBgkqhkiG9w0BAQsFAAOCAQEAqFmYpELmA7bO5y+Y0I4jg4DTZZPl 7WkJPa20QRlJT4cNO8SC9NDv7zI10jTQLftW1V8IkER37AzWxylQ3gGpPRli2dvP DQfD08GVph1FwEi/ZzAm7jBbdm+xJEIFh6xOE9HfowiQCAem8kzlgaSSe2PP0/vM jqniXyPNsAtx2TIW1x58Q5gUzRNXgWVFknFfCW2OJOU/Sc43VnJrtgNk3axB4MJN z2oA7wQwEByW9yVWY+TflXJU9RFMnnFDvpfK5c08wDYqO1AO/6S7xgrjlK95zXVT xyYJ86UTQOmrtLvZckYvVMw3Zhk+xHWsiIWVpWuCw7NeqDQf1PKrM2IQtw== -----END CERTIFICATE-----Generated at Fri Sep 19 04:24:18 2025 by rpki-client