$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/817/KqH1sYmIquLdxvF4H6VYDiuVmQY.roa File: KqH1sYmIquLdxvF4H6VYDiuVmQY.roa (raw, json) Hash identifier: oHGxeWC9BJsgd7Ba9smLKEvbiP2LumuaF0xkYqbbopU= Subject key identifier: 2A:A1:F5:B1:89:88:AA:E2:DD:C6:F1:78:1F:A5:58:0E:2B:95:99:06 Certificate issuer: /CN=2A711AA7DC60049B0B0D884897E015B1171F37B9 Certificate serial: 22E9 Authority key identifier: 2A:71:1A:A7:DC:60:04:9B:0B:0D:88:48:97:E0:15:B1:17:1F:37:B9 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/KqH1sYmIquLdxvF4H6VYDiuVmQY.roa Signing time: Wed 29 Oct 2025 05:21:04 +0000 ROA not before: Wed 29 Oct 2025 05:21:04 +0000 ROA not after: Fri 23 Oct 2026 03:01:03 +0000 asID: 135377 IP address blocks: 101.237.254.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/KnEap9xgBJsLDYhIl-AVsRcfN7k.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/KnEap9xgBJsLDYhIl-AVsRcfN7k.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 05 Nov 2025 09:13:32 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8937 (0x22e9) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2A711AA7DC60049B0B0D884897E015B1171F37B9 Validity Not Before: Oct 29 05:21:04 2025 GMT Not After : Oct 23 03:01:03 2026 GMT Subject: CN=2AA1F5B18988AAE2DDC6F1781FA5580E2B959906 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:83:3f:d4:b7:7c:61:7d:f7:76:44:bc:46:48: 4a:50:79:07:8b:f9:27:b8:1c:86:7f:6a:47:0a:2c: 3c:3c:5f:b2:49:d2:33:3d:25:ed:73:03:31:ec:21: e4:f9:0d:12:5b:c8:35:04:4a:10:53:6f:cd:9e:c8: c0:23:a2:fb:eb:10:8e:48:92:93:a3:e1:c0:00:6b: 85:f1:f0:70:ee:fa:39:6e:33:04:61:0c:9e:46:24: 82:ac:63:7c:a9:eb:8d:f7:13:e2:7d:1e:1a:0b:23: 49:54:5c:51:35:72:f6:03:10:99:dc:30:a8:bf:d9: c5:59:f5:5e:c3:b8:5d:f3:6b:58:25:d5:aa:fc:ef: af:bf:2e:8f:d5:5a:88:fb:2a:32:d0:27:50:a0:03: 71:78:43:0d:ba:0b:f1:ce:a3:d9:c2:03:f1:ef:d7: 71:d4:fd:fd:7b:aa:26:dd:4d:18:00:ee:cf:c3:f4: 61:3a:f5:71:e5:72:f5:7d:1d:12:fe:28:60:45:7d: 01:f4:cd:20:df:ad:66:51:98:ac:2f:ee:c5:2b:6c: 68:f0:f9:a4:dd:33:b5:4a:93:e4:3f:50:45:f1:c3: 0a:c1:cc:1c:1a:63:d5:82:d0:27:74:92:a8:c3:4e: 37:7d:73:cb:7f:b2:61:f3:80:4b:d9:db:a4:85:67: bd:bb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2A:A1:F5:B1:89:88:AA:E2:DD:C6:F1:78:1F:A5:58:0E:2B:95:99:06 X509v3 Authority Key Identifier: keyid:2A:71:1A:A7:DC:60:04:9B:0B:0D:88:48:97:E0:15:B1:17:1F:37:B9 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/KnEap9xgBJsLDYhIl-AVsRcfN7k.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/KqH1sYmIquLdxvF4H6VYDiuVmQY.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 101.237.254.0/24 Signature Algorithm: sha256WithRSAEncryption 8a:f8:d1:9e:01:50:59:83:18:49:3a:75:89:a8:b3:84:f8:0d: 03:11:95:ad:be:2d:7f:5e:35:71:66:d2:52:ac:c9:19:60:b8: 6d:3c:85:9c:7d:78:5a:26:9d:d8:a3:e0:b6:36:3d:27:d2:e7: 68:b5:3c:16:6b:a3:e4:8c:f1:76:e1:80:1f:5e:73:14:a4:97: 4f:5f:7a:e2:ba:00:9b:c4:33:3f:0f:c3:84:37:33:ac:ac:bc: db:33:cb:45:5d:0a:87:39:93:83:00:14:a6:28:bd:ce:1c:57: 48:8b:42:f2:86:e1:c9:2e:22:7f:64:68:8f:f7:bf:c9:1d:4f: c8:92:10:5a:be:60:77:e8:ff:b6:d1:ba:a1:eb:10:34:55:6c: 31:92:d9:d4:50:94:97:da:55:67:9d:ca:79:2a:b5:31:48:17: 16:7b:44:2b:9a:e8:95:68:bf:2c:09:4c:df:6d:6f:23:b1:3f: e3:76:0d:9c:c6:b8:68:63:4e:53:c6:a8:15:f5:a0:d6:02:ed: 63:40:6f:6f:92:35:09:84:d2:99:cb:76:3d:ad:7c:b9:56:97: 0b:08:5a:7b:bd:34:58:eb:f2:fe:24:99:c1:cb:25:c2:53:32: 83:30:bc:f5:48:f2:d3:c3:76:c8:30:eb:01:a0:cc:16:b9:a7: e7:18:36:27 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICIukwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkE3 MTFBQTdEQzYwMDQ5QjBCMEQ4ODQ4OTdFMDE1QjExNzFGMzdCOTAeFw0yNTEwMjkw NTIxMDRaFw0yNjEwMjMwMzAxMDNaMDMxMTAvBgNVBAMTKDJBQTFGNUIxODk4OEFB RTJEREM2RjE3ODFGQTU1ODBFMkI5NTk5MDYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCxgz/Ut3xhffd2RLxGSEpQeQeL+Se4HIZ/akcKLDw8X7JJ0jM9 Je1zAzHsIeT5DRJbyDUEShBTb82eyMAjovvrEI5IkpOj4cAAa4Xx8HDu+jluMwRh DJ5GJIKsY3yp6433E+J9HhoLI0lUXFE1cvYDEJncMKi/2cVZ9V7DuF3za1gl1ar8 76+/Lo/VWoj7KjLQJ1CgA3F4Qw26C/HOo9nCA/Hv13HU/f17qibdTRgA7s/D9GE6 9XHlcvV9HRL+KGBFfQH0zSDfrWZRmKwv7sUrbGjw+aTdM7VKk+Q/UEXxwwrBzBwa Y9WC0Cd0kqjDTjd9c8t/smHzgEvZ26SFZ727AgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUKqH1sYmIquLdxvF4H6VYDiuVmQYwHwYDVR0jBBgwFoAUKnEap9xgBJsLDYhI l+AVsRcfN7kwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODE3 L0tuRWFwOXhnQkpzTERZaElsLUFWc1JjZk43ay5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvS25FYXA5eGdCSnNMRFloSWwtQVZzUmNmTjdrLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODE3L0txSDFzWW1JcXVMZHh2 RjRINlZZRGl1Vm1RWS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BABl7f4wDQYJKoZIhvcNAQELBQADggEBAIr40Z4BUFmDGEk6dYmos4T4DQMRla2+ LX9eNXFm0lKsyRlguG08hZx9eFomndij4LY2PSfS52i1PBZro+SM8XbhgB9ecxSk l09feuK6AJvEMz8Pw4Q3M6ysvNszy0VdCoc5k4MAFKYovc4cV0iLQvKG4ckuIn9k aI/3v8kdT8iSEFq+YHfo/7bRuqHrEDRVbDGS2dRQlJfaVWedynkqtTFIFxZ7RCua 6JVovywJTN9tbyOxP+N2DZzGuGhjTlPGqBX1oNYC7WNAb2+SNQmE0pnLdj2tfLlW lwsIWnu9NFjr8v4kmcHLJcJTMoMwvPVI8tPDdsgw6wGgzBa5p+cYNic= -----END CERTIFICATE-----Generated at Wed Nov 5 08:08:44 2025 by rpki-client