$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1232/9hqe8ODC7NB8ZU6iQ31t9Prx2xI.roa File: 9hqe8ODC7NB8ZU6iQ31t9Prx2xI.roa (raw, json) Hash identifier: DOm/NNgvTmcDPE3d0YZEJFQentUPMQ1vbJ6KPBUiTLA= Subject key identifier: F6:1A:9E:F0:E0:C2:EC:D0:7C:65:4E:A2:43:7D:6D:F4:FA:F1:DB:12 Certificate issuer: /CN=F1989B406901ADF8810B9DCDC4E0FC9E7E85EEB4 Certificate serial: 12 Authority key identifier: F1:98:9B:40:69:01:AD:F8:81:0B:9D:CD:C4:E0:FC:9E:7E:85:EE:B4 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/8ZibQGkBrfiBC53NxOD8nn6F7rQ.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1232/9hqe8ODC7NB8ZU6iQ31t9Prx2xI.roa Signing time: Fri 22 Aug 2025 06:23:59 +0000 ROA not before: Fri 22 Aug 2025 06:23:59 +0000 ROA not after: Thu 20 Aug 2026 07:49:18 +0000 asID: 63582 IP address blocks: 103.61.63.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1232/8ZibQGkBrfiBC53NxOD8nn6F7rQ.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1232/8ZibQGkBrfiBC53NxOD8nn6F7rQ.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/8ZibQGkBrfiBC53NxOD8nn6F7rQ.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 04:03:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 18 (0x12) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=F1989B406901ADF8810B9DCDC4E0FC9E7E85EEB4 Validity Not Before: Aug 22 06:23:59 2025 GMT Not After : Aug 20 07:49:18 2026 GMT Subject: CN=F61A9EF0E0C2ECD07C654EA2437D6DF4FAF1DB12 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:4b:0d:0a:46:a8:92:55:88:22:7b:e4:d8:20: cc:ea:db:d8:fe:93:97:fb:cf:25:0e:9b:9e:6e:27: 6b:70:5c:2b:41:a1:32:54:5b:84:2d:ee:bb:fe:9d: c3:b8:b7:0a:8b:59:c4:d1:84:36:8a:ab:26:4a:79: 48:91:22:6e:d3:82:5f:1b:a1:54:8b:eb:24:6a:51: bb:8d:e7:e3:db:f6:19:98:0a:8e:82:30:68:58:69: c7:66:77:8d:37:8c:c5:04:8e:8a:6d:ba:c8:03:d2: 85:d7:0b:9a:fc:eb:7e:59:cb:33:2c:a3:da:be:7e: 53:41:f4:95:f2:82:a5:55:82:6f:f5:be:aa:c6:01: d5:0a:e6:ef:21:c7:16:a8:68:d2:5e:fa:44:3d:4d: 47:77:1e:50:3a:2c:fb:db:03:01:bb:7b:b8:d3:1c: 0c:75:1a:8e:32:b0:01:64:42:ef:b5:b8:33:41:c4: ba:7b:89:f5:43:ff:c6:9a:3a:a2:20:0e:ca:b8:2a: 39:02:75:45:7f:ba:0a:3e:51:df:61:85:96:2f:8d: 59:b9:6d:c2:15:50:f8:c1:da:db:85:b9:6f:c1:fb: 79:54:f2:5e:1f:3c:be:84:ca:20:b8:30:ef:08:ee: c0:29:54:17:00:cd:ee:37:17:83:f7:dd:1a:e3:02: ef:31 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F6:1A:9E:F0:E0:C2:EC:D0:7C:65:4E:A2:43:7D:6D:F4:FA:F1:DB:12 X509v3 Authority Key Identifier: keyid:F1:98:9B:40:69:01:AD:F8:81:0B:9D:CD:C4:E0:FC:9E:7E:85:EE:B4 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1232/8ZibQGkBrfiBC53NxOD8nn6F7rQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/8ZibQGkBrfiBC53NxOD8nn6F7rQ.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1232/9hqe8ODC7NB8ZU6iQ31t9Prx2xI.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.61.63.0/24 Signature Algorithm: sha256WithRSAEncryption 7f:4f:72:cc:0d:07:38:34:e0:b6:b8:34:67:29:c5:49:96:de: 36:c2:2c:91:5d:e8:17:6d:8c:0d:6c:fb:e6:ac:cd:c5:be:12: f5:01:fc:11:79:ed:87:90:95:ec:dc:17:ee:50:78:74:10:28: 29:58:f0:33:8d:a9:8f:74:23:bc:45:d4:d4:b5:92:98:f3:7b: db:98:c1:5b:44:2f:5f:d4:29:1a:1e:ba:d0:2f:6f:b8:ab:91: f9:16:45:41:6f:d0:71:ff:aa:67:a7:a3:15:fa:08:8a:13:a2: 08:09:3a:c5:1d:6e:93:36:d0:9e:65:bc:52:99:7a:23:bb:97: 39:ff:02:fd:2f:a8:9b:9d:bf:86:20:78:db:2b:10:09:0f:a3: 9a:2c:f4:65:d4:3a:e4:20:61:85:e5:3e:03:e9:bb:ea:c0:dc: 7b:01:1f:c0:76:60:e5:51:1e:a2:ec:37:d8:70:21:fd:52:ce: 06:5f:b8:c9:87:7c:9f:b2:cf:8f:d0:a3:60:1a:a1:d1:96:4e: 41:e0:ce:65:a9:e3:48:1a:c2:50:97:ed:9d:8d:d8:d2:7b:36: 77:f7:7c:f2:a4:3f:bd:8f:80:81:91:be:1e:44:c4:56:57:e5: e1:7a:f6:84:16:0d:9f:ce:db:92:6a:6f:2a:00:61:a6:63:e6: fe:a6:8f:8d -----BEGIN CERTIFICATE----- MIIE1jCCA76gAwIBAgIBEjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhGMTk4 OUI0MDY5MDFBREY4ODEwQjlEQ0RDNEUwRkM5RTdFODVFRUI0MB4XDTI1MDgyMjA2 MjM1OVoXDTI2MDgyMDA3NDkxOFowMzExMC8GA1UEAxMoRjYxQTlFRjBFMEMyRUNE MDdDNjU0RUEyNDM3RDZERjRGQUYxREIxMjCCASIwDQYJKoZIhvcNAQEBBQADggEP ADCCAQoCggEBALhLDQpGqJJViCJ75NggzOrb2P6Tl/vPJQ6bnm4na3BcK0GhMlRb hC3uu/6dw7i3CotZxNGENoqrJkp5SJEibtOCXxuhVIvrJGpRu43n49v2GZgKjoIw aFhpx2Z3jTeMxQSOim26yAPShdcLmvzrflnLMyyj2r5+U0H0lfKCpVWCb/W+qsYB 1Qrm7yHHFqho0l76RD1NR3ceUDos+9sDAbt7uNMcDHUajjKwAWRC77W4M0HEunuJ 9UP/xpo6oiAOyrgqOQJ1RX+6Cj5R32GFli+NWbltwhVQ+MHa24W5b8H7eVTyXh88 voTKILgw7wjuwClUFwDN7jcXg/fdGuMC7zECAwEAAaOCAfMwggHvMB0GA1UdDgQW BBT2Gp7w4MLs0HxlTqJDfW30+vHbEjAfBgNVHSMEGDAWgBTxmJtAaQGt+IELnc3E 4PyefoXutDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMF0GA1UdHwRWMFQwUqBQ oE6GTHJzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC8xMjMy LzhaaWJRR2tCcmZpQkM1M054T0Q4bm42RjdyUS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvOFppYlFHa0JyZmlCQzUzTnhPRDhubjZGN3JRLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZ0GCCsGAQUFBwELBIGQMIGNMFgGCCsGAQUFBzALhkxyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTIzMi85aHFlOE9EQzdOQjha VTZpUTMxdDlQcngyeEkucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25u aWMuY24vcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQAZz0/MA0GCSqGSIb3DQEBCwUAA4IBAQB/T3LMDQc4NOC2uDRnKcVJlt42wiyR XegXbYwNbPvmrM3FvhL1AfwRee2HkJXs3BfuUHh0ECgpWPAzjamPdCO8RdTUtZKY 83vbmMFbRC9f1CkaHrrQL2+4q5H5FkVBb9Bx/6pnp6MV+giKE6IICTrFHW6TNtCe ZbxSmXoju5c5/wL9L6ibnb+GIHjbKxAJD6OaLPRl1DrkIGGF5T4D6bvqwNx7AR/A dmDlUR6i7DfYcCH9Us4GX7jJh3yfss+P0KNgGqHRlk5B4M5lqeNIGsJQl+2djdjS ezZ393zypD+9j4CBkb4eRMRWV+XhevaEFg2fztuSam8qAGGmY+b+po+N -----END CERTIFICATE-----Generated at Sun Aug 24 02:38:47 2025 by rpki-client