$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/817/kVOISZcL9AdZCRgTsbc1TVusov0.roa File: kVOISZcL9AdZCRgTsbc1TVusov0.roa (raw, json) Hash identifier: 52MYqDRBmKh2T6bIW4EyiExUrrHnVCG+dt728Lgpngw= Subject key identifier: 91:53:88:49:97:0B:F4:07:59:09:18:13:B1:B7:35:4D:5B:AC:A2:FD Certificate issuer: /CN=2A711AA7DC60049B0B0D884897E015B1171F37B9 Certificate serial: 2182 Authority key identifier: 2A:71:1A:A7:DC:60:04:9B:0B:0D:88:48:97:E0:15:B1:17:1F:37:B9 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/kVOISZcL9AdZCRgTsbc1TVusov0.roa Signing time: Fri 29 Aug 2025 09:05:25 +0000 ROA not before: Fri 29 Aug 2025 09:05:25 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 59077 IP address blocks: 106.75.144.0/20 maxlen: 20 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/KnEap9xgBJsLDYhIl-AVsRcfN7k.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/KnEap9xgBJsLDYhIl-AVsRcfN7k.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 09 Sep 2025 11:06:22 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8578 (0x2182) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2A711AA7DC60049B0B0D884897E015B1171F37B9 Validity Not Before: Aug 29 09:05:25 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=91538849970BF40759091813B1B7354D5BACA2FD Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:2c:dd:58:ad:31:9e:cd:2f:7b:9a:52:16:fc: 4d:5a:b0:f8:bf:94:62:d6:db:ee:e8:8a:b9:16:97: 7b:1c:fe:4d:a3:da:b8:45:cb:ea:f9:2b:24:01:01: b6:09:39:00:f2:72:a6:bf:11:ec:2a:d7:b1:7a:10: 9c:18:93:32:8f:d7:ce:04:d4:02:c7:85:72:9f:99: 59:98:a9:8a:f9:32:f1:98:a0:16:ed:cb:98:b8:88: b5:40:55:e6:96:f9:54:9a:c9:c5:6b:6a:5b:b1:0e: 18:fc:34:c6:f1:1f:57:2d:01:b4:84:3f:9e:d1:47: 17:be:21:34:91:6d:5b:c5:2d:32:96:52:92:d2:5e: 97:0a:57:f1:2f:f4:67:42:76:ec:62:9d:5c:c2:a8: 6a:b6:d6:0c:b9:ad:b1:38:a8:0f:f4:c4:9a:f3:c0: a2:1b:81:23:ee:e9:fa:28:0a:1c:ea:3b:42:b3:36: 44:ab:4e:2b:a0:a4:b7:2e:43:57:4b:9a:62:b9:a3: 41:5c:0f:40:17:50:ce:6d:81:69:a1:db:f3:54:b2: ed:81:99:33:aa:6a:30:fe:56:13:f7:58:7a:f1:2b: d8:f0:b5:a7:9d:1e:54:6e:0c:68:53:96:5d:ab:42: 8e:04:56:2b:dc:88:e3:9b:a8:79:d9:64:f0:1e:8c: 0c:71 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 91:53:88:49:97:0B:F4:07:59:09:18:13:B1:B7:35:4D:5B:AC:A2:FD X509v3 Authority Key Identifier: keyid:2A:71:1A:A7:DC:60:04:9B:0B:0D:88:48:97:E0:15:B1:17:1F:37:B9 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/KnEap9xgBJsLDYhIl-AVsRcfN7k.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/kVOISZcL9AdZCRgTsbc1TVusov0.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 106.75.144.0/20 Signature Algorithm: sha256WithRSAEncryption 41:07:f4:45:31:13:a2:98:55:18:7d:fb:00:77:45:5c:59:99: 5b:8d:95:38:54:b7:65:92:a1:0d:b3:f3:7e:23:91:16:9c:2a: 81:0f:35:50:f4:80:e6:4a:7c:1c:8e:ca:9d:f1:4d:a0:fa:c3: 58:03:a2:fd:35:69:3b:b6:b0:d8:4c:a5:eb:34:46:d9:a4:1c: 0b:57:49:8c:30:6f:49:f6:a1:be:18:8a:49:5e:53:35:1d:56: cd:96:9f:eb:a8:50:4f:a2:64:28:01:3a:53:c4:2f:d1:86:34: 48:f4:ce:ef:ef:59:6a:84:23:a4:c8:66:41:b6:18:d4:26:ad: 87:f4:35:73:e8:45:2c:47:f6:a7:12:00:92:a7:5c:c0:6a:0c: f8:5c:7d:c8:9c:35:e7:33:33:1e:b6:2e:4c:ba:60:4b:7f:d9: dd:28:83:d0:29:9a:f3:24:79:cf:89:77:ae:db:c3:33:3e:d6: 3e:de:f7:e4:15:ad:63:fb:9a:d3:77:c6:1e:e2:7e:3c:07:07: 27:20:bd:e9:24:53:16:d9:3d:ce:6e:f4:63:27:28:76:6b:6c: 00:12:5e:d6:6e:4a:19:e4:b6:85:3b:f2:42:f9:a2:37:3c:0b: 00:98:b9:d3:fb:fa:39:e7:12:8c:ad:fa:01:85:af:87:2b:f2: cd:f0:39:67 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICIYIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkE3 MTFBQTdEQzYwMDQ5QjBCMEQ4ODQ4OTdFMDE1QjExNzFGMzdCOTAeFw0yNTA4Mjkw OTA1MjVaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDkxNTM4ODQ5OTcwQkY0 MDc1OTA5MTgxM0IxQjczNTRENUJBQ0EyRkQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDGLN1YrTGezS97mlIW/E1asPi/lGLW2+7oirkWl3sc/k2j2rhF y+r5KyQBAbYJOQDycqa/Eewq17F6EJwYkzKP184E1ALHhXKfmVmYqYr5MvGYoBbt y5i4iLVAVeaW+VSaycVraluxDhj8NMbxH1ctAbSEP57RRxe+ITSRbVvFLTKWUpLS XpcKV/Ev9GdCduxinVzCqGq21gy5rbE4qA/0xJrzwKIbgSPu6fooChzqO0KzNkSr TiugpLcuQ1dLmmK5o0FcD0AXUM5tgWmh2/NUsu2BmTOqajD+VhP3WHrxK9jwtaed HlRuDGhTll2rQo4EVivciOObqHnZZPAejAxxAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUkVOISZcL9AdZCRgTsbc1TVusov0wHwYDVR0jBBgwFoAUKnEap9xgBJsLDYhI l+AVsRcfN7kwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODE3 L0tuRWFwOXhnQkpzTERZaElsLUFWc1JjZk43ay5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvS25FYXA5eGdCSnNMRFloSWwtQVZzUmNmTjdrLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODE3L2tWT0lTWmNMOUFkWkNS Z1RzYmMxVFZ1c292MC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BARqS5AwDQYJKoZIhvcNAQELBQADggEBAEEH9EUxE6KYVRh9+wB3RVxZmVuNlThU t2WSoQ2z834jkRacKoEPNVD0gOZKfByOyp3xTaD6w1gDov01aTu2sNhMpes0Rtmk HAtXSYwwb0n2ob4YikleUzUdVs2Wn+uoUE+iZCgBOlPEL9GGNEj0zu/vWWqEI6TI ZkG2GNQmrYf0NXPoRSxH9qcSAJKnXMBqDPhcfcicNeczMx62Lky6YEt/2d0og9Ap mvMkec+Jd67bwzM+1j7e9+QVrWP7mtN3xh7ifjwHBycgvekkUxbZPc5u9GMnKHZr bAASXtZuShnktoU78kL5ojc8CwCYudP7+jnnEoyt+gGFr4cr8s3wOWc= -----END CERTIFICATE-----Generated at Tue Sep 9 10:44:22 2025 by rpki-client