$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2672/KphQFIus6GoLdXC3qJR21-13bIc.roa File: KphQFIus6GoLdXC3qJR21-13bIc.roa (raw, json) Hash identifier: cjaudN4wECjthBg44Su2WWSgCqRhJLDise4nSjV2ozE= Subject key identifier: 2A:98:50:14:8B:AC:E8:6A:0B:75:70:B7:A8:94:76:D7:ED:77:6C:87 Certificate issuer: /CN=94EFF7392E1EDC1225FC4CFB8FAB6EB617A9D24D Certificate serial: 01A3 Authority key identifier: 94:EF:F7:39:2E:1E:DC:12:25:FC:4C:FB:8F:AB:6E:B6:17:A9:D2:4D Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/lO_3OS4e3BIl_Ez7j6tuthep0k0.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/KphQFIus6GoLdXC3qJR21-13bIc.roa Signing time: Thu 10 Jul 2025 06:36:48 +0000 ROA not before: Thu 10 Jul 2025 06:36:48 +0000 ROA not after: Wed 27 May 2026 07:38:41 +0000 asID: 56046 IP address blocks: 240a:42ae::/31 maxlen: 31 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/lO_3OS4e3BIl_Ez7j6tuthep0k0.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/lO_3OS4e3BIl_Ez7j6tuthep0k0.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/lO_3OS4e3BIl_Ez7j6tuthep0k0.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 05 Nov 2025 18:41:32 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 419 (0x1a3) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=94EFF7392E1EDC1225FC4CFB8FAB6EB617A9D24D Validity Not Before: Jul 10 06:36:48 2025 GMT Not After : May 27 07:38:41 2026 GMT Subject: CN=2A9850148BACE86A0B7570B7A89476D7ED776C87 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:2d:1f:12:6b:c7:fe:72:f4:ae:d8:1d:75:35: 43:10:e7:ce:bc:c4:28:19:3a:4e:4a:67:77:8f:f0: 85:1e:53:57:69:aa:3a:b7:ed:ec:6e:f5:13:ae:ac: 22:13:ae:84:8f:7d:d8:d7:66:c9:c9:94:2d:40:12: ad:fe:c7:2b:b4:68:91:74:ed:38:5f:71:31:80:ff: 67:b7:5b:e9:f2:10:e7:43:93:d2:0e:bf:2a:7b:9f: fc:72:6b:05:2b:02:15:0b:4c:6b:0d:41:4b:6c:12: 17:6d:f1:87:11:c6:bb:c3:67:8d:a5:92:e7:32:e0: 3d:c6:06:d4:a6:44:0a:ef:01:8b:e4:b6:62:80:53: fc:81:5d:dc:81:e8:c4:e6:9a:af:7c:c2:41:69:8e: d2:d7:54:2c:86:ec:24:05:87:c9:7f:5f:38:33:f4: d4:2c:5e:bf:20:d3:1e:7c:b5:ed:ff:53:5c:ac:30: 2d:76:cb:c1:96:7e:ea:fa:ec:31:ce:70:85:84:ea: de:5b:c8:98:80:75:4f:f8:28:76:e8:25:99:13:a3: 15:00:e4:ae:e1:db:54:e7:06:cb:39:79:07:0e:8d: b8:47:ef:5e:39:7b:bd:89:39:20:23:4c:b1:17:59: c9:a7:e0:98:eb:96:ed:1f:e4:a7:fa:f0:aa:23:da: f9:bf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2A:98:50:14:8B:AC:E8:6A:0B:75:70:B7:A8:94:76:D7:ED:77:6C:87 X509v3 Authority Key Identifier: keyid:94:EF:F7:39:2E:1E:DC:12:25:FC:4C:FB:8F:AB:6E:B6:17:A9:D2:4D X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/lO_3OS4e3BIl_Ez7j6tuthep0k0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/lO_3OS4e3BIl_Ez7j6tuthep0k0.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/KphQFIus6GoLdXC3qJR21-13bIc.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 240a:42ae::/31 Signature Algorithm: sha256WithRSAEncryption 4a:92:46:ac:83:8c:9b:69:15:d3:d2:f9:95:06:6d:9e:b3:d1: a1:0a:e0:32:48:7b:e7:30:6e:5d:7c:ca:71:56:d0:28:ac:92: 82:68:14:43:7b:98:4e:99:8b:af:0b:62:21:57:fb:b5:d3:7e: 5c:21:08:ef:4b:58:6f:1c:ac:8c:78:a7:78:ea:b7:8e:97:02: bd:35:ba:e5:e6:81:1e:f1:f4:a3:37:81:b2:d5:da:7c:cd:53: eb:ed:e7:2a:8d:48:96:ee:99:12:eb:dc:dd:44:54:73:da:74: 1f:56:0b:bd:6f:8f:3c:f2:6d:52:58:33:9d:04:25:64:47:e4: f3:3c:03:08:4a:87:9f:8b:52:88:bc:a2:76:ec:9f:42:4d:50: e3:fa:fd:3c:7c:30:9b:26:7a:ac:f2:6e:d6:6e:94:05:ca:61: bb:9c:c3:7b:e7:32:9f:6d:af:b4:bd:ab:60:97:32:b4:2e:ba: a5:f6:e0:1d:08:36:14:48:27:1f:dd:43:f9:80:a0:30:5a:42: 63:d0:12:5a:fe:f2:35:dc:37:e7:df:78:15:38:67:fa:6e:1e: 55:63:9c:83:49:3e:12:2e:c2:e7:0c:69:b4:76:bf:28:13:20: 11:24:60:ba:80:1f:59:60:16:5a:31:b6:e5:2d:51:ad:93:11: 7a:70:d8:16 -----BEGIN CERTIFICATE----- MIIE2DCCA8CgAwIBAgICAaMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOTRF RkY3MzkyRTFFREMxMjI1RkM0Q0ZCOEZBQjZFQjYxN0E5RDI0RDAeFw0yNTA3MTAw NjM2NDhaFw0yNjA1MjcwNzM4NDFaMDMxMTAvBgNVBAMTKDJBOTg1MDE0OEJBQ0U4 NkEwQjc1NzBCN0E4OTQ3NkQ3RUQ3NzZDODcwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDCLR8Sa8f+cvSu2B11NUMQ5868xCgZOk5KZ3eP8IUeU1dpqjq3 7exu9ROurCITroSPfdjXZsnJlC1AEq3+xyu0aJF07ThfcTGA/2e3W+nyEOdDk9IO vyp7n/xyawUrAhULTGsNQUtsEhdt8YcRxrvDZ42lkucy4D3GBtSmRArvAYvktmKA U/yBXdyB6MTmmq98wkFpjtLXVCyG7CQFh8l/Xzgz9NQsXr8g0x58te3/U1ysMC12 y8GWfur67DHOcIWE6t5byJiAdU/4KHboJZkToxUA5K7h21TnBss5eQcOjbhH7145 e72JOSAjTLEXWcmn4Jjrlu0f5Kf68Koj2vm/AgMBAAGjggH0MIIB8DAdBgNVHQ4E FgQUKphQFIus6GoLdXC3qJR21+13bIcwHwYDVR0jBBgwFoAUlO/3OS4e3BIl/Ez7 j6tuthep0k0wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjY3 Mi9sT18zT1M0ZTNCSWxfRXo3ajZ0dXRoZXAwazAuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL2xPXzNPUzRlM0JJbF9FejdqNnR1dGhlcDBrMC5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI2NzIvS3BoUUZJdXM2R29M ZFhDM3FKUjIxLTEzYkljLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIw BwMFASQKQq4wDQYJKoZIhvcNAQELBQADggEBAEqSRqyDjJtpFdPS+ZUGbZ6z0aEK 4DJIe+cwbl18ynFW0CiskoJoFEN7mE6Zi68LYiFX+7XTflwhCO9LWG8crIx4p3jq t46XAr01uuXmgR7x9KM3gbLV2nzNU+vt5yqNSJbumRLr3N1EVHPadB9WC71vjzzy bVJYM50EJWRH5PM8AwhKh5+LUoi8onbsn0JNUOP6/Tx8MJsmeqzybtZulAXKYbuc w3vnMp9tr7S9q2CXMrQuuqX24B0INhRIJx/dQ/mAoDBaQmPQElr+8jXcN+ffeBU4 Z/puHlVjnINJPhIuwucMabR2vygTIBEkYLqAH1lgFloxtuUtUa2TEXpw2BY= -----END CERTIFICATE-----Generated at Wed Nov 5 16:48:39 2025 by rpki-client