$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1232/PhT-hg8pubTlUxzhznKPU2rf_hI.roa File: PhT-hg8pubTlUxzhznKPU2rf_hI.roa (raw, json) Hash identifier: h7KjFk+CEhsUML0z20QY7itiyUDSJ2AkZO76J/yXPzU= Subject key identifier: 3E:14:FE:86:0F:29:B9:B4:E5:53:1C:E1:CE:72:8F:53:6A:DF:FE:12 Certificate issuer: /CN=F1989B406901ADF8810B9DCDC4E0FC9E7E85EEB4 Certificate serial: 28 Authority key identifier: F1:98:9B:40:69:01:AD:F8:81:0B:9D:CD:C4:E0:FC:9E:7E:85:EE:B4 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/8ZibQGkBrfiBC53NxOD8nn6F7rQ.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1232/PhT-hg8pubTlUxzhznKPU2rf_hI.roa Signing time: Fri 22 Aug 2025 06:27:17 +0000 ROA not before: Fri 22 Aug 2025 06:27:17 +0000 ROA not after: Thu 20 Aug 2026 07:49:18 +0000 asID: 139140 IP address blocks: 103.61.63.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1232/8ZibQGkBrfiBC53NxOD8nn6F7rQ.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1232/8ZibQGkBrfiBC53NxOD8nn6F7rQ.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/8ZibQGkBrfiBC53NxOD8nn6F7rQ.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 04:03:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 40 (0x28) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=F1989B406901ADF8810B9DCDC4E0FC9E7E85EEB4 Validity Not Before: Aug 22 06:27:17 2025 GMT Not After : Aug 20 07:49:18 2026 GMT Subject: CN=3E14FE860F29B9B4E5531CE1CE728F536ADFFE12 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:7b:c9:45:ba:42:c2:e8:b8:05:d7:12:9e:c1: fc:cb:a9:7c:2f:fc:92:9c:e3:89:d8:f9:6d:dd:f5: 25:e4:dc:2b:89:be:16:d5:1c:ce:f7:b0:9b:88:11: 60:40:5d:7a:b4:e1:ca:58:8b:35:1d:cb:83:a5:d9: ad:bd:07:26:d4:13:47:9b:bf:be:47:83:46:46:ce: 42:c0:8d:0f:66:b3:55:ed:52:a5:ac:bd:b8:59:73: 2a:6d:90:a7:bf:50:8e:de:72:62:84:ea:af:af:ba: 7d:9b:60:d9:b6:69:2a:e2:80:ad:fa:e2:77:3f:0d: 84:26:f7:09:11:a8:71:86:a5:96:30:a3:51:d5:51: ec:98:08:2a:be:be:87:26:e4:5c:d5:43:d3:f4:18: 96:33:4d:72:a0:f8:60:bd:fb:f3:d9:fe:ed:eb:f3: 77:ef:22:b1:ed:3d:b5:fd:7c:66:87:64:63:80:15: 37:68:bd:c1:f3:c8:a3:55:9a:27:70:bc:6b:4e:f9: 0e:8b:7c:a1:0b:7f:e6:ec:24:72:0d:54:38:76:ba: fe:dd:75:88:db:f3:e5:d4:06:c9:1b:fb:6f:f3:81: d9:fd:e4:07:21:f4:51:ab:39:1e:b0:05:eb:9d:1d: b7:bb:61:f9:fd:2d:d8:c8:6d:fe:4e:45:ee:29:d5: 5b:3b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3E:14:FE:86:0F:29:B9:B4:E5:53:1C:E1:CE:72:8F:53:6A:DF:FE:12 X509v3 Authority Key Identifier: keyid:F1:98:9B:40:69:01:AD:F8:81:0B:9D:CD:C4:E0:FC:9E:7E:85:EE:B4 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1232/8ZibQGkBrfiBC53NxOD8nn6F7rQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/8ZibQGkBrfiBC53NxOD8nn6F7rQ.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1232/PhT-hg8pubTlUxzhznKPU2rf_hI.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.61.63.0/24 Signature Algorithm: sha256WithRSAEncryption 42:ad:f6:a7:d8:26:7e:8e:fd:1c:84:eb:82:5b:7f:9b:1f:69: 46:e7:a0:1b:20:5f:4f:7b:30:f6:89:35:b1:72:d0:c5:0b:c3: e2:51:78:d6:93:4d:12:a6:1f:b4:eb:cc:fa:71:4b:c7:3c:ba: da:bf:51:52:51:c3:f3:65:e0:1b:82:63:30:27:a6:34:65:4a: 53:25:fd:ee:88:86:2e:d6:34:ab:00:23:d0:41:3f:fc:13:cb: 34:08:49:fc:ac:d6:69:33:1a:62:af:c7:82:54:a3:90:5a:aa: 22:92:f5:3a:a8:76:ab:9c:57:87:05:aa:f3:27:f8:08:91:5d: 5b:e2:1d:56:7c:2e:44:0d:e0:75:e7:03:35:07:ef:90:1d:e3: a4:5f:1b:66:4c:ab:09:5c:4e:3f:3c:c8:77:37:d7:70:68:74: 98:81:a9:f1:fa:23:c8:f3:eb:e4:09:98:82:ab:5d:00:e5:24: 6d:35:99:a3:0b:ad:4a:22:44:dc:71:66:a9:00:2b:80:21:2e: 7f:94:1d:1d:a5:86:66:66:87:df:a0:b0:27:b7:6f:cb:0a:29: 18:a0:81:3d:56:08:0a:90:f3:f1:80:4c:64:61:fa:ff:7d:93: 64:f5:d8:08:40:2e:6f:ce:90:89:af:8c:86:c5:91:62:69:1b: 4d:0d:6d:aa -----BEGIN CERTIFICATE----- MIIE1jCCA76gAwIBAgIBKDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhGMTk4 OUI0MDY5MDFBREY4ODEwQjlEQ0RDNEUwRkM5RTdFODVFRUI0MB4XDTI1MDgyMjA2 MjcxN1oXDTI2MDgyMDA3NDkxOFowMzExMC8GA1UEAxMoM0UxNEZFODYwRjI5QjlC NEU1NTMxQ0UxQ0U3MjhGNTM2QURGRkUxMjCCASIwDQYJKoZIhvcNAQEBBQADggEP ADCCAQoCggEBAKl7yUW6QsLouAXXEp7B/MupfC/8kpzjidj5bd31JeTcK4m+FtUc zvewm4gRYEBderThyliLNR3Lg6XZrb0HJtQTR5u/vkeDRkbOQsCND2azVe1Spay9 uFlzKm2Qp79Qjt5yYoTqr6+6fZtg2bZpKuKArfridz8NhCb3CRGocYalljCjUdVR 7JgIKr6+hybkXNVD0/QYljNNcqD4YL3789n+7evzd+8ise09tf18ZodkY4AVN2i9 wfPIo1WaJ3C8a075Dot8oQt/5uwkcg1UOHa6/t11iNvz5dQGyRv7b/OB2f3kByH0 Uas5HrAF650dt7th+f0t2Mht/k5F7inVWzsCAwEAAaOCAfMwggHvMB0GA1UdDgQW BBQ+FP6GDym5tOVTHOHOco9Tat/+EjAfBgNVHSMEGDAWgBTxmJtAaQGt+IELnc3E 4PyefoXutDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMF0GA1UdHwRWMFQwUqBQ oE6GTHJzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC8xMjMy LzhaaWJRR2tCcmZpQkM1M054T0Q4bm42RjdyUS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvOFppYlFHa0JyZmlCQzUzTnhPRDhubjZGN3JRLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZ0GCCsGAQUFBwELBIGQMIGNMFgGCCsGAQUFBzALhkxyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTIzMi9QaFQtaGc4cHViVGxV eHpoem5LUFUycmZfaEkucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25u aWMuY24vcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQAZz0/MA0GCSqGSIb3DQEBCwUAA4IBAQBCrfan2CZ+jv0chOuCW3+bH2lG56Ab IF9PezD2iTWxctDFC8PiUXjWk00Sph+068z6cUvHPLrav1FSUcPzZeAbgmMwJ6Y0 ZUpTJf3uiIYu1jSrACPQQT/8E8s0CEn8rNZpMxpir8eCVKOQWqoikvU6qHarnFeH BarzJ/gIkV1b4h1WfC5EDeB15wM1B++QHeOkXxtmTKsJXE4/PMh3N9dwaHSYganx +iPI8+vkCZiCq10A5SRtNZmjC61KIkTccWapACuAIS5/lB0dpYZmZoffoLAnt2/L CikYoIE9VggKkPPxgExkYfr/fZNk9dgIQC5vzpCJr4yGxZFiaRtNDW2q -----END CERTIFICATE-----Generated at Sun Aug 24 02:39:09 2025 by rpki-client