$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1232/h3UI7WkfydlhIaJHHnEx0hYYDQU.roa File: h3UI7WkfydlhIaJHHnEx0hYYDQU.roa (raw, json) Hash identifier: cWWCF5TYZ6TXMtXIma2WSK07QQ6JODA7Ke5mtxQKEfU= Subject key identifier: 87:75:08:ED:69:1F:C9:D9:61:21:A2:47:1E:71:31:D2:16:18:0D:05 Certificate issuer: /CN=F1989B406901ADF8810B9DCDC4E0FC9E7E85EEB4 Certificate serial: 10 Authority key identifier: F1:98:9B:40:69:01:AD:F8:81:0B:9D:CD:C4:E0:FC:9E:7E:85:EE:B4 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/8ZibQGkBrfiBC53NxOD8nn6F7rQ.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1232/h3UI7WkfydlhIaJHHnEx0hYYDQU.roa Signing time: Fri 22 Aug 2025 06:23:58 +0000 ROA not before: Fri 22 Aug 2025 06:23:58 +0000 ROA not after: Thu 20 Aug 2026 07:49:18 +0000 asID: 139137 IP address blocks: 103.61.60.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1232/8ZibQGkBrfiBC53NxOD8nn6F7rQ.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1232/8ZibQGkBrfiBC53NxOD8nn6F7rQ.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/8ZibQGkBrfiBC53NxOD8nn6F7rQ.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 04:03:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 16 (0x10) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=F1989B406901ADF8810B9DCDC4E0FC9E7E85EEB4 Validity Not Before: Aug 22 06:23:58 2025 GMT Not After : Aug 20 07:49:18 2026 GMT Subject: CN=877508ED691FC9D96121A2471E7131D216180D05 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:a9:26:a0:8c:d5:9b:42:32:cc:02:bf:64:d5: 5a:55:30:2f:87:56:3b:25:f2:71:2c:9f:4e:d9:b6: 2c:94:4f:a7:2d:cd:10:a1:0f:57:4a:0b:f6:38:89: c5:60:6d:45:0b:6f:c7:1f:2e:6e:9a:e8:3c:8f:26: f9:3c:33:d4:fe:c5:38:5e:c1:7e:10:22:78:22:6d: 66:ee:79:1c:39:8d:17:bf:50:6b:19:c9:7a:4f:67: c8:50:f1:31:0d:ec:89:e8:7d:d8:fd:55:5c:1a:b4: 89:2a:e8:d8:d9:e3:f2:57:90:dd:90:b4:90:08:4b: 94:bd:e6:f9:9f:b1:75:63:ea:4a:bb:36:06:04:86: 0f:9d:12:b4:c9:f7:87:4b:b5:1d:0a:ea:dd:92:8b: 91:a5:45:90:41:3c:04:77:dc:2e:94:54:16:e0:cc: 8d:6d:c9:6c:5f:b0:2d:6a:1a:7a:d1:3d:81:93:d4: 97:c1:88:c0:af:c9:27:69:79:32:ac:76:c4:a2:ad: 28:44:4c:49:e8:db:29:54:f7:a0:d5:b8:e2:f1:b5: ad:43:4d:42:13:63:28:27:06:af:10:4e:92:f9:f4: 5a:ed:65:50:7f:e2:10:01:24:38:0c:c0:c2:8f:22: 4d:72:5c:d2:cb:e6:03:73:90:a3:a0:70:7d:cd:dd: 6f:c9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 87:75:08:ED:69:1F:C9:D9:61:21:A2:47:1E:71:31:D2:16:18:0D:05 X509v3 Authority Key Identifier: keyid:F1:98:9B:40:69:01:AD:F8:81:0B:9D:CD:C4:E0:FC:9E:7E:85:EE:B4 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1232/8ZibQGkBrfiBC53NxOD8nn6F7rQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/8ZibQGkBrfiBC53NxOD8nn6F7rQ.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1232/h3UI7WkfydlhIaJHHnEx0hYYDQU.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.61.60.0/24 Signature Algorithm: sha256WithRSAEncryption 25:8c:f1:9a:1f:a7:8d:de:f1:76:08:35:d2:8e:13:95:9b:d9: c5:26:a9:cb:2e:aa:c1:15:bd:36:c9:15:c0:c5:85:c0:3f:14: f6:39:ca:84:e7:30:b6:06:fc:60:d9:39:1f:9a:66:76:0b:a4: 8b:93:8b:de:bc:e9:2b:04:e1:b5:71:41:e3:fd:7a:ba:67:dc: 25:ed:9f:8f:d3:04:03:8a:72:25:7e:28:fd:8c:1d:e9:9c:a9: 94:c5:35:5b:7f:eb:4f:b4:bc:f4:ea:7e:cc:3e:d8:2f:10:4c: 95:92:bc:fb:be:b9:75:ac:de:2b:3d:3b:70:84:ff:82:ba:fd: ac:43:83:e1:88:7c:a0:7c:f7:85:30:00:37:d6:24:62:f4:e4: 8d:87:9f:08:96:9c:4a:ac:08:67:23:e8:68:4a:82:36:ca:01: 0b:f3:38:7d:03:dc:b0:0a:0a:ef:c1:dc:f9:1a:aa:05:9e:1b: fe:b6:f8:ed:b9:0b:bf:f2:83:97:a5:13:54:d7:88:1d:fb:9d: 03:bd:4a:52:cd:14:bf:72:15:db:b5:b8:b2:56:25:91:9b:fa: 63:8f:21:d1:3d:35:dd:2b:3e:f2:c9:30:cd:9c:8f:01:db:de: 38:77:34:cb:58:57:be:4f:9d:86:33:0b:7e:d0:75:1e:22:ce: 0c:e7:e5:e9 -----BEGIN CERTIFICATE----- MIIE1jCCA76gAwIBAgIBEDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhGMTk4 OUI0MDY5MDFBREY4ODEwQjlEQ0RDNEUwRkM5RTdFODVFRUI0MB4XDTI1MDgyMjA2 MjM1OFoXDTI2MDgyMDA3NDkxOFowMzExMC8GA1UEAxMoODc3NTA4RUQ2OTFGQzlE OTYxMjFBMjQ3MUU3MTMxRDIxNjE4MEQwNTCCASIwDQYJKoZIhvcNAQEBBQADggEP ADCCAQoCggEBAMupJqCM1ZtCMswCv2TVWlUwL4dWOyXycSyfTtm2LJRPpy3NEKEP V0oL9jiJxWBtRQtvxx8ubproPI8m+Twz1P7FOF7BfhAieCJtZu55HDmNF79QaxnJ ek9nyFDxMQ3sieh92P1VXBq0iSro2Nnj8leQ3ZC0kAhLlL3m+Z+xdWPqSrs2BgSG D50StMn3h0u1HQrq3ZKLkaVFkEE8BHfcLpRUFuDMjW3JbF+wLWoaetE9gZPUl8GI wK/JJ2l5Mqx2xKKtKERMSejbKVT3oNW44vG1rUNNQhNjKCcGrxBOkvn0Wu1lUH/i EAEkOAzAwo8iTXJc0svmA3OQo6Bwfc3db8kCAwEAAaOCAfMwggHvMB0GA1UdDgQW BBSHdQjtaR/J2WEhokcecTHSFhgNBTAfBgNVHSMEGDAWgBTxmJtAaQGt+IELnc3E 4PyefoXutDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMF0GA1UdHwRWMFQwUqBQ oE6GTHJzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC8xMjMy LzhaaWJRR2tCcmZpQkM1M054T0Q4bm42RjdyUS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvOFppYlFHa0JyZmlCQzUzTnhPRDhubjZGN3JRLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZ0GCCsGAQUFBwELBIGQMIGNMFgGCCsGAQUFBzALhkxyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTIzMi9oM1VJN1drZnlkbGhJ YUpISG5FeDBoWVlEUVUucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25u aWMuY24vcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQAZz08MA0GCSqGSIb3DQEBCwUAA4IBAQAljPGaH6eN3vF2CDXSjhOVm9nFJqnL LqrBFb02yRXAxYXAPxT2OcqE5zC2Bvxg2TkfmmZ2C6SLk4vevOkrBOG1cUHj/Xq6 Z9wl7Z+P0wQDinIlfij9jB3pnKmUxTVbf+tPtLz06n7MPtgvEEyVkrz7vrl1rN4r PTtwhP+Cuv2sQ4PhiHygfPeFMAA31iRi9OSNh58IlpxKrAhnI+hoSoI2ygEL8zh9 A9ywCgrvwdz5GqoFnhv+tvjtuQu/8oOXpRNU14gd+50DvUpSzRS/chXbtbiyViWR m/pjjyHRPTXdKz7yyTDNnI8B2944dzTLWFe+T52GMwt+0HUeIs4M5+Xp -----END CERTIFICATE-----Generated at Sun Aug 24 02:38:05 2025 by rpki-client