$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1232/aa876GHrHHGJMnTFj8ux2Nycp6c.roa File: aa876GHrHHGJMnTFj8ux2Nycp6c.roa (raw, json) Hash identifier: wPag+fabUvkmW/4AItw6HDA8p7vz+M4MvSmDoZd1N7I= Subject key identifier: 69:AF:3B:E8:61:EB:1C:71:89:32:74:C5:8F:CB:B1:D8:DC:9C:A7:A7 Certificate issuer: /CN=F1989B406901ADF8810B9DCDC4E0FC9E7E85EEB4 Certificate serial: 0D Authority key identifier: F1:98:9B:40:69:01:AD:F8:81:0B:9D:CD:C4:E0:FC:9E:7E:85:EE:B4 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/8ZibQGkBrfiBC53NxOD8nn6F7rQ.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1232/aa876GHrHHGJMnTFj8ux2Nycp6c.roa Signing time: Fri 22 Aug 2025 06:23:58 +0000 ROA not before: Fri 22 Aug 2025 06:23:58 +0000 ROA not after: Thu 20 Aug 2026 07:49:18 +0000 asID: 139137 IP address blocks: 103.61.63.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1232/8ZibQGkBrfiBC53NxOD8nn6F7rQ.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1232/8ZibQGkBrfiBC53NxOD8nn6F7rQ.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/8ZibQGkBrfiBC53NxOD8nn6F7rQ.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 04:03:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13 (0xd) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=F1989B406901ADF8810B9DCDC4E0FC9E7E85EEB4 Validity Not Before: Aug 22 06:23:58 2025 GMT Not After : Aug 20 07:49:18 2026 GMT Subject: CN=69AF3BE861EB1C71893274C58FCBB1D8DC9CA7A7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e9:07:94:f2:81:b1:df:52:ba:bd:fe:bc:b5:f3: 0c:60:ff:06:ef:ab:fd:25:a8:25:6d:9f:9d:55:ee: 44:df:93:1e:d8:94:0f:91:1f:e6:5b:93:f6:36:b1: b6:c8:5a:5a:d0:80:9c:46:a0:ee:26:c0:8a:51:a0: 0a:79:65:40:79:af:5e:8c:41:12:2e:38:be:bf:c3: d0:e1:ff:66:45:20:34:7b:3c:26:50:da:8b:da:fd: 6e:c3:da:00:a8:97:7b:9a:2f:41:d9:06:5d:56:ec: 01:9e:c9:ba:73:a4:cf:b8:6a:d6:e9:6c:a1:e7:74: 91:87:7d:c3:2e:02:e6:df:cd:6c:21:d1:84:12:3c: 5e:e7:8f:83:d5:68:49:f2:a6:b8:f7:5f:0d:ec:4a: 40:6a:d5:a0:5f:22:99:d6:6f:11:93:e4:75:af:bb: fd:9b:58:71:4d:da:c1:5c:12:61:25:c7:c1:89:81: 6a:5f:3b:07:a1:72:d1:23:4d:62:f1:fc:7b:88:3c: 5f:32:9e:2e:3f:b3:5d:76:ee:e6:ac:e3:d2:6a:06: 5f:e8:26:53:d3:f8:bf:66:cb:7b:a0:86:28:76:29: f8:4e:4b:60:19:9c:15:ea:57:f8:45:b6:06:63:93: 07:3c:e5:31:ff:a6:df:7b:3f:58:7c:29:8f:cb:ae: 21:d5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 69:AF:3B:E8:61:EB:1C:71:89:32:74:C5:8F:CB:B1:D8:DC:9C:A7:A7 X509v3 Authority Key Identifier: keyid:F1:98:9B:40:69:01:AD:F8:81:0B:9D:CD:C4:E0:FC:9E:7E:85:EE:B4 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1232/8ZibQGkBrfiBC53NxOD8nn6F7rQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/8ZibQGkBrfiBC53NxOD8nn6F7rQ.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1232/aa876GHrHHGJMnTFj8ux2Nycp6c.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.61.63.0/24 Signature Algorithm: sha256WithRSAEncryption 44:3f:2e:8a:84:25:c7:ea:39:68:dc:39:74:c2:88:7f:28:e3: 54:4e:8a:9c:af:71:e9:ba:bf:d5:fb:a9:7a:a6:57:2f:e3:a1: 80:06:7b:5b:0c:a6:26:62:01:4c:e5:71:98:97:17:be:81:cb: 91:4e:13:da:0b:2a:9f:84:34:aa:f9:0d:88:96:cf:dc:b0:1b: 8c:f2:62:ae:a5:e3:a8:df:30:fd:c6:a2:f5:e6:47:10:27:5a: b8:ed:e9:6b:82:ad:96:4f:d2:08:ad:0c:5d:c9:15:3e:59:8c: 83:72:37:71:17:3b:5a:74:15:85:d0:bf:96:e3:54:8f:67:a4: b8:93:63:c3:12:ce:f5:fb:c5:b2:5c:51:39:24:f4:19:49:1f: fb:83:11:01:92:5b:9b:0c:ca:60:05:53:10:c0:08:b1:6d:1b: b7:bb:19:47:31:44:1f:5a:aa:8a:a1:ec:dd:b2:b7:e2:ac:3a: 0f:7a:99:47:ef:68:0f:06:0c:a4:00:96:be:16:98:8e:48:f5: d9:7a:83:a2:fb:72:c9:c8:97:1c:69:bf:71:2b:ca:89:9c:8a: 0f:de:fb:d0:69:14:67:03:d5:46:bd:a1:3a:f7:ac:af:ce:bc: 18:37:e3:ea:ce:14:57:67:27:9d:c1:a2:26:27:25:98:72:cf: d6:c5:eb:c5 -----BEGIN CERTIFICATE----- MIIE1jCCA76gAwIBAgIBDTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhGMTk4 OUI0MDY5MDFBREY4ODEwQjlEQ0RDNEUwRkM5RTdFODVFRUI0MB4XDTI1MDgyMjA2 MjM1OFoXDTI2MDgyMDA3NDkxOFowMzExMC8GA1UEAxMoNjlBRjNCRTg2MUVCMUM3 MTg5MzI3NEM1OEZDQkIxRDhEQzlDQTdBNzCCASIwDQYJKoZIhvcNAQEBBQADggEP ADCCAQoCggEBAOkHlPKBsd9Sur3+vLXzDGD/Bu+r/SWoJW2fnVXuRN+THtiUD5Ef 5luT9jaxtshaWtCAnEag7ibAilGgCnllQHmvXoxBEi44vr/D0OH/ZkUgNHs8JlDa i9r9bsPaAKiXe5ovQdkGXVbsAZ7JunOkz7hq1ulsoed0kYd9wy4C5t/NbCHRhBI8 XuePg9VoSfKmuPdfDexKQGrVoF8imdZvEZPkda+7/ZtYcU3awVwSYSXHwYmBal87 B6Fy0SNNYvH8e4g8XzKeLj+zXXbu5qzj0moGX+gmU9P4v2bLe6CGKHYp+E5LYBmc FepX+EW2BmOTBzzlMf+m33s/WHwpj8uuIdUCAwEAAaOCAfMwggHvMB0GA1UdDgQW BBRprzvoYesccYkydMWPy7HY3JynpzAfBgNVHSMEGDAWgBTxmJtAaQGt+IELnc3E 4PyefoXutDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMF0GA1UdHwRWMFQwUqBQ oE6GTHJzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC8xMjMy LzhaaWJRR2tCcmZpQkM1M054T0Q4bm42RjdyUS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvOFppYlFHa0JyZmlCQzUzTnhPRDhubjZGN3JRLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZ0GCCsGAQUFBwELBIGQMIGNMFgGCCsGAQUFBzALhkxyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTIzMi9hYTg3NkdIckhIR0pN blRGajh1eDJOeWNwNmMucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25u aWMuY24vcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQAZz0/MA0GCSqGSIb3DQEBCwUAA4IBAQBEPy6KhCXH6jlo3Dl0woh/KONUToqc r3Hpur/V+6l6plcv46GABntbDKYmYgFM5XGYlxe+gcuRThPaCyqfhDSq+Q2Ils/c sBuM8mKupeOo3zD9xqL15kcQJ1q47elrgq2WT9IIrQxdyRU+WYyDcjdxFztadBWF 0L+W41SPZ6S4k2PDEs71+8WyXFE5JPQZSR/7gxEBklubDMpgBVMQwAixbRu3uxlH MUQfWqqKoezdsrfirDoPeplH72gPBgykAJa+FpiOSPXZeoOi+3LJyJccab9xK8qJ nIoP3vvQaRRnA9VGvaE696yvzrwYN+PqzhRXZyedwaImJyWYcs/WxevF -----END CERTIFICATE-----Generated at Sun Aug 24 02:33:19 2025 by rpki-client