$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1232/McPtX4Kv5xAtNvk8BsjcUWhkeRg.roa File: McPtX4Kv5xAtNvk8BsjcUWhkeRg.roa (raw, json) Hash identifier: Aa/xBLwQSn06ClBM3ArHzVThrBdErb8UuIQiqiFcZ7E= Subject key identifier: 31:C3:ED:5F:82:AF:E7:10:2D:36:F9:3C:06:C8:DC:51:68:64:79:18 Certificate issuer: /CN=F1989B406901ADF8810B9DCDC4E0FC9E7E85EEB4 Certificate serial: AE Authority key identifier: F1:98:9B:40:69:01:AD:F8:81:0B:9D:CD:C4:E0:FC:9E:7E:85:EE:B4 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/8ZibQGkBrfiBC53NxOD8nn6F7rQ.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1232/McPtX4Kv5xAtNvk8BsjcUWhkeRg.roa Signing time: Thu 11 Sep 2025 05:56:37 +0000 ROA not before: Thu 11 Sep 2025 05:56:37 +0000 ROA not after: Thu 20 Aug 2026 07:49:18 +0000 asID: 8075 IP address blocks: 103.61.61.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1232/8ZibQGkBrfiBC53NxOD8nn6F7rQ.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1232/8ZibQGkBrfiBC53NxOD8nn6F7rQ.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/8ZibQGkBrfiBC53NxOD8nn6F7rQ.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 19 Oct 2025 23:36:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 174 (0xae) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=F1989B406901ADF8810B9DCDC4E0FC9E7E85EEB4 Validity Not Before: Sep 11 05:56:37 2025 GMT Not After : Aug 20 07:49:18 2026 GMT Subject: CN=31C3ED5F82AFE7102D36F93C06C8DC5168647918 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:d2:fc:a3:b6:25:da:75:b8:97:c4:91:b2:e9: ac:5e:85:79:e6:a1:44:88:75:20:15:1a:7d:7c:5f: e4:b1:19:47:56:0f:12:4b:89:b3:b2:bf:a3:00:d9: 11:0c:8d:ab:cf:01:a8:34:52:2d:09:d8:c8:bc:3a: 4c:1f:83:8c:35:8a:b8:66:87:39:5c:97:bc:03:d6: 3f:3a:6c:b6:a8:fe:ba:6f:0f:2f:66:27:3c:6c:08: 28:8a:8d:34:85:93:b0:d1:6e:ed:3b:6d:2a:e1:82: 1f:36:41:81:32:64:60:df:64:29:f3:66:f3:fa:4e: c7:72:04:a6:2f:43:c9:65:6c:8d:1a:8d:29:f4:5d: f8:8b:f2:7e:cf:2e:24:5e:4b:0e:0f:01:5a:b2:80: 4e:f7:db:f6:65:bd:9a:5d:f2:08:cc:de:7e:60:40: 81:b3:a6:fe:fc:d2:5b:56:cc:50:af:08:be:9e:c4: 16:7e:eb:2d:ad:1c:4c:d4:cf:59:48:d7:41:05:1b: 16:b9:52:cc:cc:0a:b6:a3:d7:3f:b0:be:00:f6:be: 61:dd:00:b1:3a:13:fc:a7:54:9c:d4:a9:75:b1:12: 0e:71:f1:12:6d:3b:b2:a3:a7:e1:00:c4:fe:82:72: f1:8a:39:f0:a4:b9:bf:38:4a:66:a9:9e:9f:e5:06: b8:fd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 31:C3:ED:5F:82:AF:E7:10:2D:36:F9:3C:06:C8:DC:51:68:64:79:18 X509v3 Authority Key Identifier: keyid:F1:98:9B:40:69:01:AD:F8:81:0B:9D:CD:C4:E0:FC:9E:7E:85:EE:B4 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1232/8ZibQGkBrfiBC53NxOD8nn6F7rQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/8ZibQGkBrfiBC53NxOD8nn6F7rQ.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1232/McPtX4Kv5xAtNvk8BsjcUWhkeRg.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.61.61.0/24 Signature Algorithm: sha256WithRSAEncryption 2c:a2:a2:d5:59:f7:54:85:ad:b0:07:db:2f:79:7c:40:72:55: 85:9a:46:72:1f:01:94:5d:67:a7:be:cd:8a:0c:4d:ae:19:6b: f7:88:a8:41:05:d3:3a:4c:76:eb:30:7b:bc:76:f3:aa:57:fc: c8:11:5b:06:64:dd:de:29:dc:78:a0:b8:9b:92:55:d3:25:ff: ae:a4:24:19:98:9e:10:e1:50:cb:e2:40:6f:7c:76:c4:9b:fc: ec:6c:18:7f:1d:79:bd:ec:62:a6:be:5b:0b:73:f7:87:ac:22: b7:43:f4:0d:44:74:88:55:f4:52:47:36:b8:6d:d7:68:95:df: 4b:cf:43:b0:f9:df:ec:aa:06:84:53:bc:12:04:0a:f9:83:9b: 0d:42:ef:f8:bb:e4:50:a3:80:0b:46:a9:39:db:f0:61:c2:da: 88:43:3a:3b:22:96:fb:71:9c:68:9c:67:7d:1f:76:74:dd:e0: cc:49:6d:46:99:69:6e:96:5e:dd:2a:80:74:b4:44:08:1e:e9: 50:57:a3:57:77:45:6f:cc:80:3e:94:00:33:24:a7:a6:e9:b5: 4c:94:4e:26:31:ef:8e:49:82:58:bc:54:47:15:a2:17:ce:be: 11:01:e6:76:f5:df:7b:02:5f:37:a3:4d:02:ea:e2:df:e5:b6: 00:5c:1a:54 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICAK4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRjE5 ODlCNDA2OTAxQURGODgxMEI5RENEQzRFMEZDOUU3RTg1RUVCNDAeFw0yNTA5MTEw NTU2MzdaFw0yNjA4MjAwNzQ5MThaMDMxMTAvBgNVBAMTKDMxQzNFRDVGODJBRkU3 MTAyRDM2RjkzQzA2QzhEQzUxNjg2NDc5MTgwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC80vyjtiXadbiXxJGy6axehXnmoUSIdSAVGn18X+SxGUdWDxJL ibOyv6MA2REMjavPAag0Ui0J2Mi8Okwfg4w1irhmhzlcl7wD1j86bLao/rpvDy9m JzxsCCiKjTSFk7DRbu07bSrhgh82QYEyZGDfZCnzZvP6TsdyBKYvQ8llbI0ajSn0 XfiL8n7PLiReSw4PAVqygE732/ZlvZpd8gjM3n5gQIGzpv780ltWzFCvCL6exBZ+ 6y2tHEzUz1lI10EFGxa5UszMCraj1z+wvgD2vmHdALE6E/ynVJzUqXWxEg5x8RJt O7Kjp+EAxP6CcvGKOfCkub84Smapnp/lBrj9AgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUMcPtX4Kv5xAtNvk8BsjcUWhkeRgwHwYDVR0jBBgwFoAU8ZibQGkBrfiBC53N xOD8nn6F7rQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTIz Mi84WmliUUdrQnJmaUJDNTNOeE9EOG5uNkY3clEuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwLzhaaWJRR2tCcmZpQkM1M054T0Q4bm42RjdyUS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzEyMzIvTWNQdFg0S3Y1eEF0 TnZrOEJzamNVV2hrZVJnLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAGc9PTANBgkqhkiG9w0BAQsFAAOCAQEALKKi1Vn3VIWtsAfbL3l8QHJVhZpG ch8BlF1np77NigxNrhlr94ioQQXTOkx26zB7vHbzqlf8yBFbBmTd3inceKC4m5JV 0yX/rqQkGZieEOFQy+JAb3x2xJv87GwYfx15vexipr5bC3P3h6wit0P0DUR0iFX0 Ukc2uG3XaJXfS89DsPnf7KoGhFO8EgQK+YObDULv+LvkUKOAC0apOdvwYcLaiEM6 OyKW+3GcaJxnfR92dN3gzEltRplpbpZe3SqAdLRECB7pUFejV3dFb8yAPpQAMySn pum1TJROJjHvjkmCWLxURxWiF86+EQHmdvXfewJfN6NNAuri3+W2AFwaVA== -----END CERTIFICATE-----Generated at Sun Oct 19 20:20:17 2025 by rpki-client