$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1232/2Zgt7OXjyqBLQoJr-kkG-d7-RfY.roa File: 2Zgt7OXjyqBLQoJr-kkG-d7-RfY.roa (raw, json) Hash identifier: twgMB+tEIixwG5bAwRJpTWBOx0AhGIuiHBDqXleHnDg= Subject key identifier: D9:98:2D:EC:E5:E3:CA:A0:4B:42:82:6B:FA:49:06:F9:DE:FE:45:F6 Certificate issuer: /CN=F1989B406901ADF8810B9DCDC4E0FC9E7E85EEB4 Certificate serial: 19 Authority key identifier: F1:98:9B:40:69:01:AD:F8:81:0B:9D:CD:C4:E0:FC:9E:7E:85:EE:B4 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/8ZibQGkBrfiBC53NxOD8nn6F7rQ.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1232/2Zgt7OXjyqBLQoJr-kkG-d7-RfY.roa Signing time: Fri 22 Aug 2025 06:24:01 +0000 ROA not before: Fri 22 Aug 2025 06:24:01 +0000 ROA not after: Thu 20 Aug 2026 07:49:18 +0000 asID: 63582 IP address blocks: 103.61.62.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1232/8ZibQGkBrfiBC53NxOD8nn6F7rQ.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1232/8ZibQGkBrfiBC53NxOD8nn6F7rQ.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/8ZibQGkBrfiBC53NxOD8nn6F7rQ.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 04:03:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 25 (0x19) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=F1989B406901ADF8810B9DCDC4E0FC9E7E85EEB4 Validity Not Before: Aug 22 06:24:01 2025 GMT Not After : Aug 20 07:49:18 2026 GMT Subject: CN=D9982DECE5E3CAA04B42826BFA4906F9DEFE45F6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:3b:a9:06:85:fc:fb:a5:0f:9f:dd:42:13:4d: 12:21:8f:a5:cf:49:39:33:6b:76:f2:80:d9:17:97: e0:64:08:7d:e1:61:2c:5e:a2:03:6b:cd:8b:b2:1c: a3:14:b2:9b:a1:91:5f:1d:17:e3:63:f9:37:83:37: 75:6d:42:06:ab:9b:78:c7:e1:09:2a:ca:94:45:6d: 40:ef:3e:60:3f:60:47:70:77:76:49:d7:92:45:56: d6:3a:7d:3c:4b:7f:ab:7b:78:6c:07:f8:22:42:19: 02:47:39:8d:6f:e7:e6:99:a6:00:2a:51:e3:d8:e1: 18:4e:d8:2b:d1:77:6b:5e:14:d3:2b:3a:cb:04:1e: fe:a9:35:84:f3:31:60:ba:6e:cc:54:e9:4a:f3:32: 0a:ac:52:8f:90:8b:d8:6e:43:36:f9:79:d3:70:bc: eb:79:53:b4:5e:81:30:64:a5:91:d4:9e:a8:87:35: ee:19:d9:33:48:68:e8:cc:6e:b4:95:58:b4:c2:6f: 2b:ee:57:0a:71:f0:d7:67:1c:35:d6:0b:87:ac:c1: 0f:06:1b:35:c6:56:26:1f:a8:7f:46:d1:f9:a3:bf: 6c:cb:c8:50:2a:4f:8c:6a:69:41:69:f1:c7:37:b4: 3a:60:a1:84:3d:60:b2:24:94:57:e8:e3:b9:28:3c: 76:df Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D9:98:2D:EC:E5:E3:CA:A0:4B:42:82:6B:FA:49:06:F9:DE:FE:45:F6 X509v3 Authority Key Identifier: keyid:F1:98:9B:40:69:01:AD:F8:81:0B:9D:CD:C4:E0:FC:9E:7E:85:EE:B4 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1232/8ZibQGkBrfiBC53NxOD8nn6F7rQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/8ZibQGkBrfiBC53NxOD8nn6F7rQ.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1232/2Zgt7OXjyqBLQoJr-kkG-d7-RfY.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.61.62.0/24 Signature Algorithm: sha256WithRSAEncryption 8c:e4:8d:e3:41:4c:cb:5c:b7:19:1f:33:12:4e:93:0b:de:2a: 82:c8:17:3b:93:7b:4c:3a:2c:32:ff:a9:58:28:da:4f:68:cc: fb:44:e0:77:23:44:b2:f8:6c:90:c2:f1:b5:9f:dc:51:61:31: ff:24:e8:9a:03:f1:c9:e4:49:99:63:05:8b:ae:64:10:b7:b2: 1b:f0:10:30:10:b8:a6:01:c3:8c:7a:f8:2f:2b:42:bb:21:21: 9e:be:9d:5b:a4:3a:73:2e:4d:73:e0:64:ca:96:ab:81:9e:3a: ba:bb:90:ff:db:c8:06:ab:be:fd:e1:f4:1b:42:1f:b5:73:13: 4a:83:28:fa:f8:bc:6b:2f:d6:e4:9d:2f:3d:09:27:c1:6b:fe: fd:5f:01:2e:7d:db:9f:2a:45:a9:36:b2:80:9b:57:dd:46:13: 14:7b:64:4d:53:0a:89:4e:75:de:b6:28:04:af:98:a5:f4:bf: bc:f9:71:54:1c:df:c3:a1:c2:74:17:09:34:42:85:0b:7e:33: 53:90:74:2f:35:aa:ca:cc:9b:78:4b:6b:14:02:fd:af:40:e6: cf:e3:2b:5c:22:bf:d8:53:4f:24:fb:20:ae:8c:16:c1:44:c1: 23:34:d3:a7:38:75:9f:88:13:81:0a:b7:73:08:23:2d:c2:0f: cc:4f:86:89 -----BEGIN CERTIFICATE----- MIIE1jCCA76gAwIBAgIBGTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhGMTk4 OUI0MDY5MDFBREY4ODEwQjlEQ0RDNEUwRkM5RTdFODVFRUI0MB4XDTI1MDgyMjA2 MjQwMVoXDTI2MDgyMDA3NDkxOFowMzExMC8GA1UEAxMoRDk5ODJERUNFNUUzQ0FB MDRCNDI4MjZCRkE0OTA2RjlERUZFNDVGNjCCASIwDQYJKoZIhvcNAQEBBQADggEP ADCCAQoCggEBALM7qQaF/PulD5/dQhNNEiGPpc9JOTNrdvKA2ReX4GQIfeFhLF6i A2vNi7IcoxSym6GRXx0X42P5N4M3dW1CBqubeMfhCSrKlEVtQO8+YD9gR3B3dknX kkVW1jp9PEt/q3t4bAf4IkIZAkc5jW/n5pmmACpR49jhGE7YK9F3a14U0ys6ywQe /qk1hPMxYLpuzFTpSvMyCqxSj5CL2G5DNvl503C863lTtF6BMGSlkdSeqIc17hnZ M0ho6MxutJVYtMJvK+5XCnHw12ccNdYLh6zBDwYbNcZWJh+of0bR+aO/bMvIUCpP jGppQWnxxze0OmChhD1gsiSUV+jjuSg8dt8CAwEAAaOCAfMwggHvMB0GA1UdDgQW BBTZmC3s5ePKoEtCgmv6SQb53v5F9jAfBgNVHSMEGDAWgBTxmJtAaQGt+IELnc3E 4PyefoXutDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMF0GA1UdHwRWMFQwUqBQ oE6GTHJzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC8xMjMy LzhaaWJRR2tCcmZpQkM1M054T0Q4bm42RjdyUS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvOFppYlFHa0JyZmlCQzUzTnhPRDhubjZGN3JRLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZ0GCCsGAQUFBwELBIGQMIGNMFgGCCsGAQUFBzALhkxyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTIzMi8yWmd0N09YanlxQkxR b0pyLWtrRy1kNy1SZlkucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25u aWMuY24vcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQAZz0+MA0GCSqGSIb3DQEBCwUAA4IBAQCM5I3jQUzLXLcZHzMSTpML3iqCyBc7 k3tMOiwy/6lYKNpPaMz7ROB3I0Sy+GyQwvG1n9xRYTH/JOiaA/HJ5EmZYwWLrmQQ t7Ib8BAwELimAcOMevgvK0K7ISGevp1bpDpzLk1z4GTKlquBnjq6u5D/28gGq779 4fQbQh+1cxNKgyj6+LxrL9bknS89CSfBa/79XwEufdufKkWpNrKAm1fdRhMUe2RN UwqJTnXetigEr5il9L+8+XFUHN/DocJ0Fwk0QoULfjNTkHQvNarKzJt4S2sUAv2v QObP4ytcIr/YU08k+yCujBbBRMEjNNOnOHWfiBOBCrdzCCMtwg/MT4aJ -----END CERTIFICATE-----Generated at Sun Aug 24 02:41:41 2025 by rpki-client