$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1232/VKEpN3RAbxgmZ9yUSqtTxpBptDg.roa File: VKEpN3RAbxgmZ9yUSqtTxpBptDg.roa (raw, json) Hash identifier: 36ot/7bo1oTTzWAYh4XEWTQP1K1ZBEg//u54hxwHtrQ= Subject key identifier: 54:A1:29:37:74:40:6F:18:26:67:DC:94:4A:AB:53:C6:90:69:B4:38 Certificate issuer: /CN=F1989B406901ADF8810B9DCDC4E0FC9E7E85EEB4 Certificate serial: AF Authority key identifier: F1:98:9B:40:69:01:AD:F8:81:0B:9D:CD:C4:E0:FC:9E:7E:85:EE:B4 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/8ZibQGkBrfiBC53NxOD8nn6F7rQ.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1232/VKEpN3RAbxgmZ9yUSqtTxpBptDg.roa Signing time: Thu 11 Sep 2025 05:56:37 +0000 ROA not before: Thu 11 Sep 2025 05:56:37 +0000 ROA not after: Thu 20 Aug 2026 07:49:18 +0000 asID: 8075 IP address blocks: 103.61.60.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1232/8ZibQGkBrfiBC53NxOD8nn6F7rQ.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1232/8ZibQGkBrfiBC53NxOD8nn6F7rQ.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/8ZibQGkBrfiBC53NxOD8nn6F7rQ.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 19 Oct 2025 23:36:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 175 (0xaf) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=F1989B406901ADF8810B9DCDC4E0FC9E7E85EEB4 Validity Not Before: Sep 11 05:56:37 2025 GMT Not After : Aug 20 07:49:18 2026 GMT Subject: CN=54A1293774406F182667DC944AAB53C69069B438 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:52:be:66:4c:87:f1:85:83:6b:4d:cb:b8:eb: ec:e3:75:36:e3:65:84:ec:4e:3c:96:1f:29:ae:89: 3a:c7:55:39:e0:ea:02:59:48:79:f6:5c:dc:16:17: 43:4c:4a:7b:80:20:75:ad:23:fc:83:b1:89:00:54: 20:d6:82:1e:66:f6:a5:2a:00:4b:ee:3c:23:82:ad: 6a:1f:56:d0:bf:a3:e4:f7:70:f5:4d:dc:31:5f:10: 96:88:88:0e:37:47:97:97:37:0a:64:fb:0d:db:c8: 08:47:db:d7:04:2a:39:ac:07:54:cd:4e:1c:e9:24: 80:04:25:90:92:48:b9:66:36:af:0a:c6:00:30:fe: 8b:b1:f5:e4:d1:fd:fd:b0:d1:a1:81:15:ab:a6:7c: 64:ae:56:3f:8f:e2:5b:ba:b0:ef:b4:82:53:ad:30: b1:4d:1f:5a:90:dd:2d:e4:f8:31:8e:0b:b9:f3:62: 87:01:56:ed:e5:0b:bb:89:28:d4:4a:8d:ff:54:c8: 17:e1:60:8d:9f:e0:7c:fd:30:c7:75:dd:70:3f:4b: c0:d7:86:11:5c:3c:8c:54:ec:fe:82:ff:19:e9:5a: 5e:e2:da:f2:1d:99:aa:90:b2:ad:10:08:f9:43:2f: 07:95:5c:e0:e1:af:41:b8:ce:87:80:a4:af:8f:11: 9c:17 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 54:A1:29:37:74:40:6F:18:26:67:DC:94:4A:AB:53:C6:90:69:B4:38 X509v3 Authority Key Identifier: keyid:F1:98:9B:40:69:01:AD:F8:81:0B:9D:CD:C4:E0:FC:9E:7E:85:EE:B4 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1232/8ZibQGkBrfiBC53NxOD8nn6F7rQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/8ZibQGkBrfiBC53NxOD8nn6F7rQ.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1232/VKEpN3RAbxgmZ9yUSqtTxpBptDg.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.61.60.0/24 Signature Algorithm: sha256WithRSAEncryption 7d:e1:b4:d7:17:36:aa:33:fd:e6:c8:f9:9b:92:95:da:5c:2b: 9a:f0:40:c0:e2:9b:0e:64:59:fe:7c:c2:1e:b2:e4:a8:1d:d0: a2:13:a0:f8:48:87:c4:39:f6:62:33:69:a4:a7:d5:79:3f:f4: 45:94:8c:9b:4f:a1:98:25:c7:de:e8:d6:f8:b9:51:71:71:da: b7:b8:9a:8a:ad:b8:41:ba:ae:7e:46:04:c0:25:d1:b7:cf:58: bf:bf:cc:fd:05:06:35:c5:40:b4:19:4c:87:3f:78:35:03:a2: 15:88:21:4b:16:c1:c7:c1:a7:47:99:27:43:2d:05:48:ed:09: 77:56:dc:b4:4a:7b:51:bc:11:3f:ab:c8:f0:4e:fe:d5:25:36: 61:a3:05:5a:2f:c5:34:97:f4:5e:13:44:15:2d:30:64:ae:96: 47:b1:48:9c:d8:46:69:59:3e:03:81:5c:ee:4c:03:87:a3:0c: e2:15:39:90:df:eb:8b:4b:69:4f:33:ed:c7:de:b5:d5:46:3c: ff:e4:4c:7a:19:dd:39:ba:09:94:0b:6c:b8:4c:04:c2:f5:52: d1:ce:86:c8:2c:fd:89:2c:8a:68:f5:46:bb:e3:82:dd:b2:f5: cf:54:2a:d5:67:c8:2f:f0:37:bf:c4:78:cd:f1:e7:10:c5:6d: 4e:80:05:15 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICAK8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRjE5 ODlCNDA2OTAxQURGODgxMEI5RENEQzRFMEZDOUU3RTg1RUVCNDAeFw0yNTA5MTEw NTU2MzdaFw0yNjA4MjAwNzQ5MThaMDMxMTAvBgNVBAMTKDU0QTEyOTM3NzQ0MDZG MTgyNjY3REM5NDRBQUI1M0M2OTA2OUI0MzgwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDFUr5mTIfxhYNrTcu46+zjdTbjZYTsTjyWHymuiTrHVTng6gJZ SHn2XNwWF0NMSnuAIHWtI/yDsYkAVCDWgh5m9qUqAEvuPCOCrWofVtC/o+T3cPVN 3DFfEJaIiA43R5eXNwpk+w3byAhH29cEKjmsB1TNThzpJIAEJZCSSLlmNq8KxgAw /oux9eTR/f2w0aGBFaumfGSuVj+P4lu6sO+0glOtMLFNH1qQ3S3k+DGOC7nzYocB Vu3lC7uJKNRKjf9UyBfhYI2f4Hz9MMd13XA/S8DXhhFcPIxU7P6C/xnpWl7i2vId maqQsq0QCPlDLweVXODhr0G4zoeApK+PEZwXAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUVKEpN3RAbxgmZ9yUSqtTxpBptDgwHwYDVR0jBBgwFoAU8ZibQGkBrfiBC53N xOD8nn6F7rQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTIz Mi84WmliUUdrQnJmaUJDNTNOeE9EOG5uNkY3clEuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwLzhaaWJRR2tCcmZpQkM1M054T0Q4bm42RjdyUS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzEyMzIvVktFcE4zUkFieGdt Wjl5VVNxdFR4cEJwdERnLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAGc9PDANBgkqhkiG9w0BAQsFAAOCAQEAfeG01xc2qjP95sj5m5KV2lwrmvBA wOKbDmRZ/nzCHrLkqB3QohOg+EiHxDn2YjNppKfVeT/0RZSMm0+hmCXH3ujW+LlR cXHat7iaiq24QbqufkYEwCXRt89Yv7/M/QUGNcVAtBlMhz94NQOiFYghSxbBx8Gn R5knQy0FSO0Jd1bctEp7UbwRP6vI8E7+1SU2YaMFWi/FNJf0XhNEFS0wZK6WR7FI nNhGaVk+A4Fc7kwDh6MM4hU5kN/ri0tpTzPtx9611UY8/+RMehndOboJlAtsuEwE wvVS0c6GyCz9iSyKaPVGu+OC3bL1z1Qq1WfIL/A3v8R4zfHnEMVtToAFFQ== -----END CERTIFICATE-----Generated at Sun Oct 19 20:20:18 2025 by rpki-client