$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1232/vfsjnDSv-ZBnPJ7gVd9z--fTloY.roa File: vfsjnDSv-ZBnPJ7gVd9z--fTloY.roa (raw, json) Hash identifier: UUCz7OoX39W2xvmBk/vbXFo7V4Ovs7WB9VK3/R6EI5s= Subject key identifier: BD:FB:23:9C:34:AF:F9:90:67:3C:9E:E0:55:DF:73:FB:E7:D3:96:86 Certificate issuer: /CN=F1989B406901ADF8810B9DCDC4E0FC9E7E85EEB4 Certificate serial: 14 Authority key identifier: F1:98:9B:40:69:01:AD:F8:81:0B:9D:CD:C4:E0:FC:9E:7E:85:EE:B4 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/8ZibQGkBrfiBC53NxOD8nn6F7rQ.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1232/vfsjnDSv-ZBnPJ7gVd9z--fTloY.roa Signing time: Fri 22 Aug 2025 06:23:59 +0000 ROA not before: Fri 22 Aug 2025 06:23:59 +0000 ROA not after: Thu 20 Aug 2026 07:49:18 +0000 asID: 12076 IP address blocks: 103.61.62.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1232/8ZibQGkBrfiBC53NxOD8nn6F7rQ.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1232/8ZibQGkBrfiBC53NxOD8nn6F7rQ.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/8ZibQGkBrfiBC53NxOD8nn6F7rQ.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 04:03:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 20 (0x14) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=F1989B406901ADF8810B9DCDC4E0FC9E7E85EEB4 Validity Not Before: Aug 22 06:23:59 2025 GMT Not After : Aug 20 07:49:18 2026 GMT Subject: CN=BDFB239C34AFF990673C9EE055DF73FBE7D39686 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:6b:10:0d:a3:07:3c:d4:4a:e9:d6:1f:86:f8: 67:91:67:30:83:7d:0a:9c:97:47:61:8e:2d:28:45: 89:a0:c7:37:33:df:b5:98:84:74:9e:cd:2a:67:9d: 06:b6:47:66:8d:5a:a5:78:ac:6b:ff:24:37:82:fa: c0:72:f5:98:08:c0:68:31:9e:3b:54:74:23:80:92: d5:cc:fe:dd:a1:38:a5:31:c6:17:db:21:b5:ef:6e: df:c0:a4:80:97:e1:61:27:43:ba:41:cb:4c:de:65: 88:e1:d3:f4:cd:70:c0:3b:c1:bd:ac:4b:8e:61:33: 77:ae:79:e0:d0:d3:49:ab:0a:af:db:f8:ee:36:ed: 2f:21:5e:8b:12:9d:e8:b1:e7:20:df:8d:62:17:6c: 59:ad:25:cd:14:e0:a5:46:7a:cd:c4:52:47:dc:77: 9e:98:1b:00:6a:3d:91:2d:a1:02:d0:e0:15:c1:4b: c9:f1:59:77:0b:48:d3:43:98:eb:ae:87:98:f5:71: 89:12:81:96:71:1a:3d:a4:e9:f5:bd:7b:79:58:33: 81:19:76:f5:f8:74:bf:07:f2:46:c6:b4:09:cc:27: f8:17:a2:61:b2:5c:d4:dd:61:1b:f7:3b:8d:dd:49: 36:43:74:5c:26:1d:25:5f:42:d7:f1:a4:fb:75:cd: 70:67 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BD:FB:23:9C:34:AF:F9:90:67:3C:9E:E0:55:DF:73:FB:E7:D3:96:86 X509v3 Authority Key Identifier: keyid:F1:98:9B:40:69:01:AD:F8:81:0B:9D:CD:C4:E0:FC:9E:7E:85:EE:B4 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1232/8ZibQGkBrfiBC53NxOD8nn6F7rQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/8ZibQGkBrfiBC53NxOD8nn6F7rQ.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1232/vfsjnDSv-ZBnPJ7gVd9z--fTloY.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.61.62.0/24 Signature Algorithm: sha256WithRSAEncryption 53:77:db:1f:ac:02:9a:33:47:39:22:9c:cb:e4:5b:a6:e5:ef: 1a:e6:20:dc:39:87:ff:03:e5:d4:8b:ea:6d:d6:db:ef:e0:46: 84:1b:7d:14:3d:e6:fb:41:6c:73:e1:8b:3e:33:4f:37:89:3d: d1:45:86:48:60:44:3d:80:5d:4f:24:e9:1e:99:14:b5:48:c1: 13:9b:cd:ec:fc:21:0f:51:34:22:00:0b:a9:1a:85:a1:8e:8d: 2e:8d:6a:29:dc:c0:fd:6b:32:d0:92:d3:6a:3a:6f:4c:74:e1: bb:de:cf:d0:64:85:2b:9c:01:dc:b5:de:8f:30:c1:bc:c1:c6: ad:8b:18:66:2a:aa:17:fa:ef:28:66:0d:fa:86:4a:1c:89:11: 1f:8b:cf:8f:46:7a:51:fc:11:09:d6:c6:f6:41:cb:74:76:88: e1:cf:bc:05:68:61:4e:3f:c0:46:75:2d:04:c2:1e:b9:a3:d8: 4d:d4:72:38:1d:72:85:bc:e0:bc:3f:a8:72:1d:6b:f1:38:f2: ae:5c:54:d1:d4:d6:9a:26:16:21:e1:77:e2:e3:34:1a:af:44: 3c:d9:2c:02:64:10:0b:3c:55:a7:c2:f8:84:71:e2:4a:2d:c9: 5b:08:87:56:e9:89:af:2e:65:17:df:57:07:54:48:39:bf:97: 84:e6:dc:4c -----BEGIN CERTIFICATE----- MIIE1jCCA76gAwIBAgIBFDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhGMTk4 OUI0MDY5MDFBREY4ODEwQjlEQ0RDNEUwRkM5RTdFODVFRUI0MB4XDTI1MDgyMjA2 MjM1OVoXDTI2MDgyMDA3NDkxOFowMzExMC8GA1UEAxMoQkRGQjIzOUMzNEFGRjk5 MDY3M0M5RUUwNTVERjczRkJFN0QzOTY4NjCCASIwDQYJKoZIhvcNAQEBBQADggEP ADCCAQoCggEBAL1rEA2jBzzUSunWH4b4Z5FnMIN9CpyXR2GOLShFiaDHNzPftZiE dJ7NKmedBrZHZo1apXisa/8kN4L6wHL1mAjAaDGeO1R0I4CS1cz+3aE4pTHGF9sh te9u38CkgJfhYSdDukHLTN5liOHT9M1wwDvBvaxLjmEzd6554NDTSasKr9v47jbt LyFeixKd6LHnIN+NYhdsWa0lzRTgpUZ6zcRSR9x3npgbAGo9kS2hAtDgFcFLyfFZ dwtI00OY666HmPVxiRKBlnEaPaTp9b17eVgzgRl29fh0vwfyRsa0Ccwn+BeiYbJc 1N1hG/c7jd1JNkN0XCYdJV9C1/Gk+3XNcGcCAwEAAaOCAfMwggHvMB0GA1UdDgQW BBS9+yOcNK/5kGc8nuBV33P759OWhjAfBgNVHSMEGDAWgBTxmJtAaQGt+IELnc3E 4PyefoXutDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMF0GA1UdHwRWMFQwUqBQ oE6GTHJzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC8xMjMy LzhaaWJRR2tCcmZpQkM1M054T0Q4bm42RjdyUS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvOFppYlFHa0JyZmlCQzUzTnhPRDhubjZGN3JRLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZ0GCCsGAQUFBwELBIGQMIGNMFgGCCsGAQUFBzALhkxyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTIzMi92ZnNqbkRTdi1aQm5Q SjdnVmQ5ei0tZlRsb1kucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25u aWMuY24vcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQAZz0+MA0GCSqGSIb3DQEBCwUAA4IBAQBTd9sfrAKaM0c5IpzL5Fum5e8a5iDc OYf/A+XUi+pt1tvv4EaEG30UPeb7QWxz4Ys+M083iT3RRYZIYEQ9gF1PJOkemRS1 SMETm83s/CEPUTQiAAupGoWhjo0ujWop3MD9azLQktNqOm9MdOG73s/QZIUrnAHc td6PMMG8wcatixhmKqoX+u8oZg36hkociREfi8+PRnpR/BEJ1sb2Qct0dojhz7wF aGFOP8BGdS0Ewh65o9hN1HI4HXKFvOC8P6hyHWvxOPKuXFTR1NaaJhYh4Xfi4zQa r0Q82SwCZBALPFWnwviEceJKLclbCIdW6YmvLmUX31cHVEg5v5eE5txM -----END CERTIFICATE-----Generated at Sun Aug 24 02:43:25 2025 by rpki-client