$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1232/CRZLL97gR00kIlJB3D9vwHpchMw.roa File: CRZLL97gR00kIlJB3D9vwHpchMw.roa (raw, json) Hash identifier: NcAUU59k5aWPauehrU04MDW7W+PyuZEF/KdNQK8M+mI= Subject key identifier: 09:16:4B:2F:DE:E0:47:4D:24:22:52:41:DC:3F:6F:C0:7A:5C:84:CC Certificate issuer: /CN=F1989B406901ADF8810B9DCDC4E0FC9E7E85EEB4 Certificate serial: 32 Authority key identifier: F1:98:9B:40:69:01:AD:F8:81:0B:9D:CD:C4:E0:FC:9E:7E:85:EE:B4 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/8ZibQGkBrfiBC53NxOD8nn6F7rQ.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1232/CRZLL97gR00kIlJB3D9vwHpchMw.roa Signing time: Fri 22 Aug 2025 06:27:18 +0000 ROA not before: Fri 22 Aug 2025 06:27:18 +0000 ROA not after: Thu 20 Aug 2026 07:49:18 +0000 asID: 139140 IP address blocks: 103.61.61.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1232/8ZibQGkBrfiBC53NxOD8nn6F7rQ.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1232/8ZibQGkBrfiBC53NxOD8nn6F7rQ.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/8ZibQGkBrfiBC53NxOD8nn6F7rQ.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 04:03:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 50 (0x32) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=F1989B406901ADF8810B9DCDC4E0FC9E7E85EEB4 Validity Not Before: Aug 22 06:27:18 2025 GMT Not After : Aug 20 07:49:18 2026 GMT Subject: CN=09164B2FDEE0474D24225241DC3F6FC07A5C84CC Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:63:e3:49:8a:b5:8b:d5:4c:fe:67:93:34:4c: 34:3f:9b:1f:02:d6:12:a6:dc:5e:23:49:9c:bb:eb: 1b:6f:fd:e1:1e:bc:bb:b5:e9:d3:ee:ad:4a:b7:b1: be:aa:93:57:89:70:9a:3b:54:c7:18:d8:22:ab:51: f1:43:7e:2e:17:58:e2:a5:0e:5e:8b:05:2a:6c:e9: 9c:54:14:c8:4b:0d:84:f2:0d:08:46:22:6b:ea:37: 49:23:9c:10:dc:ef:7f:a7:a0:7e:84:95:0a:de:82: 5d:bc:47:4c:3f:c9:8b:1f:c7:32:40:13:27:38:ba: 1c:a6:ae:2f:5a:6c:ca:a1:ae:bf:da:77:e4:1d:4d: 81:57:d8:9f:93:62:53:8d:c4:2b:41:37:74:1c:3e: 46:77:1f:d5:1a:99:cd:ff:51:15:f8:52:02:35:bc: 5e:ec:83:0d:1d:d6:75:6b:be:98:42:39:f3:5c:a7: 14:31:69:be:c7:f3:1b:b8:40:d8:a2:60:37:22:b1: 43:47:5b:a4:fa:17:a2:54:81:a9:9b:ae:59:94:10: 51:29:b3:88:e1:0f:ea:b9:9f:e1:28:d9:91:51:6f: 6d:6c:72:f5:0d:26:6d:9b:e0:c4:93:19:35:fd:ad: 94:28:94:b6:7b:91:10:0d:c4:ad:48:bc:94:7d:37: 1c:f3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 09:16:4B:2F:DE:E0:47:4D:24:22:52:41:DC:3F:6F:C0:7A:5C:84:CC X509v3 Authority Key Identifier: keyid:F1:98:9B:40:69:01:AD:F8:81:0B:9D:CD:C4:E0:FC:9E:7E:85:EE:B4 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1232/8ZibQGkBrfiBC53NxOD8nn6F7rQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/8ZibQGkBrfiBC53NxOD8nn6F7rQ.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1232/CRZLL97gR00kIlJB3D9vwHpchMw.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.61.61.0/24 Signature Algorithm: sha256WithRSAEncryption 20:a0:07:c0:61:3e:ec:42:c9:01:4f:c1:09:8a:62:d9:cc:ee: 97:3a:3e:b7:18:d9:1c:61:a9:e6:6d:4d:75:08:16:aa:2c:53: cd:59:10:7c:86:77:bc:02:ea:58:5b:06:7c:57:34:64:b0:51: 59:0f:88:b4:37:c1:5f:7f:60:3a:b8:69:2e:89:1a:01:4d:b9: 2a:cf:2b:1d:48:dc:db:6d:df:37:54:bd:6d:cc:95:88:97:67: f6:14:d6:d9:d1:ec:96:73:ea:29:3a:63:bd:b2:4b:60:0c:c9: 6b:5e:68:67:e4:0b:ae:ec:62:c2:ca:84:20:c2:fd:3c:1a:62: d6:65:90:91:a6:6a:02:4c:d2:4d:47:51:15:f5:6d:14:33:bb: 52:d4:7d:da:64:42:3f:c2:d9:67:b6:0c:b2:56:cc:d9:74:d2: 09:57:22:21:fd:51:0c:1e:fb:bf:11:af:91:fa:61:5f:25:bc: 24:67:9a:39:c3:75:aa:7a:76:b2:8c:ef:6a:ac:c7:eb:a2:29: 24:9f:bd:c3:77:c2:e7:21:a1:2f:84:d9:0a:7c:d0:d0:b7:f0: 49:94:c7:7a:b1:55:cb:57:9f:8d:68:de:67:8c:a3:75:43:63: 15:2f:b1:a1:c6:3f:20:ba:4e:cb:c9:13:dc:40:41:52:45:df: 27:5c:b7:e1 -----BEGIN CERTIFICATE----- MIIE1jCCA76gAwIBAgIBMjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhGMTk4 OUI0MDY5MDFBREY4ODEwQjlEQ0RDNEUwRkM5RTdFODVFRUI0MB4XDTI1MDgyMjA2 MjcxOFoXDTI2MDgyMDA3NDkxOFowMzExMC8GA1UEAxMoMDkxNjRCMkZERUUwNDc0 RDI0MjI1MjQxREMzRjZGQzA3QTVDODRDQzCCASIwDQYJKoZIhvcNAQEBBQADggEP ADCCAQoCggEBAMhj40mKtYvVTP5nkzRMND+bHwLWEqbcXiNJnLvrG2/94R68u7Xp 0+6tSrexvqqTV4lwmjtUxxjYIqtR8UN+LhdY4qUOXosFKmzpnFQUyEsNhPINCEYi a+o3SSOcENzvf6egfoSVCt6CXbxHTD/Jix/HMkATJzi6HKauL1psyqGuv9p35B1N gVfYn5NiU43EK0E3dBw+Rncf1RqZzf9RFfhSAjW8XuyDDR3WdWu+mEI581ynFDFp vsfzG7hA2KJgNyKxQ0dbpPoXolSBqZuuWZQQUSmziOEP6rmf4SjZkVFvbWxy9Q0m bZvgxJMZNf2tlCiUtnuREA3ErUi8lH03HPMCAwEAAaOCAfMwggHvMB0GA1UdDgQW BBQJFksv3uBHTSQiUkHcP2/AelyEzDAfBgNVHSMEGDAWgBTxmJtAaQGt+IELnc3E 4PyefoXutDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMF0GA1UdHwRWMFQwUqBQ oE6GTHJzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC8xMjMy LzhaaWJRR2tCcmZpQkM1M054T0Q4bm42RjdyUS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvOFppYlFHa0JyZmlCQzUzTnhPRDhubjZGN3JRLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZ0GCCsGAQUFBwELBIGQMIGNMFgGCCsGAQUFBzALhkxyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTIzMi9DUlpMTDk3Z1IwMGtJ bEpCM0Q5dndIcGNoTXcucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25u aWMuY24vcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQAZz09MA0GCSqGSIb3DQEBCwUAA4IBAQAgoAfAYT7sQskBT8EJimLZzO6XOj63 GNkcYanmbU11CBaqLFPNWRB8hne8AupYWwZ8VzRksFFZD4i0N8Fff2A6uGkuiRoB TbkqzysdSNzbbd83VL1tzJWIl2f2FNbZ0eyWc+opOmO9sktgDMlrXmhn5Auu7GLC yoQgwv08GmLWZZCRpmoCTNJNR1EV9W0UM7tS1H3aZEI/wtlntgyyVszZdNIJVyIh /VEMHvu/Ea+R+mFfJbwkZ5o5w3WqenayjO9qrMfroikkn73Dd8LnIaEvhNkKfNDQ t/BJlMd6sVXLV5+NaN5njKN1Q2MVL7Ghxj8guk7LyRPcQEFSRd8nXLfh -----END CERTIFICATE-----Generated at Sun Aug 24 02:39:13 2025 by rpki-client