$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1232/y7pzP5x-AAClv1MzXgQsII2mBIY.roa File: y7pzP5x-AAClv1MzXgQsII2mBIY.roa (raw, json) Hash identifier: o4Yp6fU3OMGkULIKMd75Ml2a6uU74graj0Kd7BYLVw8= Subject key identifier: CB:BA:73:3F:9C:7E:00:00:A5:BF:53:33:5E:04:2C:20:8D:A6:04:86 Certificate issuer: /CN=F1989B406901ADF8810B9DCDC4E0FC9E7E85EEB4 Certificate serial: 1B Authority key identifier: F1:98:9B:40:69:01:AD:F8:81:0B:9D:CD:C4:E0:FC:9E:7E:85:EE:B4 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/8ZibQGkBrfiBC53NxOD8nn6F7rQ.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1232/y7pzP5x-AAClv1MzXgQsII2mBIY.roa Signing time: Fri 22 Aug 2025 06:24:01 +0000 ROA not before: Fri 22 Aug 2025 06:24:01 +0000 ROA not after: Thu 20 Aug 2026 07:49:18 +0000 asID: 63583 IP address blocks: 103.61.61.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1232/8ZibQGkBrfiBC53NxOD8nn6F7rQ.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1232/8ZibQGkBrfiBC53NxOD8nn6F7rQ.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/8ZibQGkBrfiBC53NxOD8nn6F7rQ.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 04:03:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 27 (0x1b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=F1989B406901ADF8810B9DCDC4E0FC9E7E85EEB4 Validity Not Before: Aug 22 06:24:01 2025 GMT Not After : Aug 20 07:49:18 2026 GMT Subject: CN=CBBA733F9C7E0000A5BF53335E042C208DA60486 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:b7:23:1b:2a:72:18:8e:8b:12:0a:a8:af:e7: b2:96:a7:c6:a4:5b:90:77:49:8f:da:06:5a:d5:4b: f1:d3:b6:1f:38:13:2a:96:14:75:76:44:c9:2e:aa: 71:9f:2d:ba:b7:62:f7:68:c0:84:e8:0f:1a:e9:44: 2e:2e:65:0f:d8:16:09:0a:bb:8b:2d:9d:bc:cf:62: 54:ff:33:cc:46:cc:76:56:2a:ac:c1:e9:20:91:bd: 5e:57:7c:b2:aa:77:d8:b4:43:04:21:a0:23:a7:ef: cc:dd:67:4a:6f:54:74:3d:7d:13:84:b0:79:4a:85: 6c:ac:a8:2c:b9:20:29:ce:3a:f8:46:0e:9a:81:07: 64:a7:74:31:8b:b5:cf:de:82:11:d2:78:db:6a:89: 47:32:40:e4:3a:f5:c0:a5:98:30:29:e9:1e:0c:d0: 6c:41:27:34:1b:52:cc:c7:bd:f3:75:e8:ad:06:3c: 4e:8a:96:fc:1c:f4:49:1a:ab:75:03:bf:78:4f:b8: dc:45:03:70:77:72:31:ff:ad:f0:da:86:38:28:48: dd:30:72:71:40:02:7d:5e:de:fe:a1:2b:53:2e:f4: 6b:91:7c:7e:c8:a1:d4:98:cb:a7:b8:b1:eb:62:d2: df:7e:dc:58:1a:8f:63:16:24:93:a5:12:b2:61:62: f9:31 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CB:BA:73:3F:9C:7E:00:00:A5:BF:53:33:5E:04:2C:20:8D:A6:04:86 X509v3 Authority Key Identifier: keyid:F1:98:9B:40:69:01:AD:F8:81:0B:9D:CD:C4:E0:FC:9E:7E:85:EE:B4 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1232/8ZibQGkBrfiBC53NxOD8nn6F7rQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/8ZibQGkBrfiBC53NxOD8nn6F7rQ.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1232/y7pzP5x-AAClv1MzXgQsII2mBIY.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.61.61.0/24 Signature Algorithm: sha256WithRSAEncryption 8f:61:04:28:6f:72:a3:9b:92:48:2e:8c:cf:63:79:4c:62:c2: 68:15:f8:60:96:cc:f8:73:dc:a9:fe:e7:48:01:e7:ff:e7:15: 8b:74:58:d1:b2:18:dc:39:59:48:bb:0b:fc:9a:2e:a4:0c:de: d4:84:24:62:d6:d9:08:22:76:3f:73:18:fa:70:0c:14:9c:52: 15:fa:38:bc:23:19:8c:f5:73:40:ee:17:40:32:5d:bf:ed:e0: 7f:c6:94:98:e3:f0:a4:63:f5:72:88:fd:cf:cb:08:d4:e3:77: 11:63:f2:72:f0:d2:03:1a:d8:be:07:80:9a:ac:ca:53:ac:f6: ae:46:99:f2:04:26:07:0e:bd:1d:c4:53:c0:a0:63:6f:7c:a3: 72:42:b6:3b:27:52:16:db:e4:ad:90:01:41:52:30:89:30:87: 26:9e:5a:d4:ff:7c:da:23:68:84:5a:58:52:30:85:6d:e2:ec: 39:e3:00:ba:2a:04:7a:7e:3a:65:fc:82:10:c1:67:fd:af:d0: 41:ae:51:4e:4f:0a:2e:cd:aa:55:2b:95:8c:d9:65:08:a2:f2: 92:6f:f9:80:bc:e5:c3:9d:d4:3a:6a:d3:54:3e:69:f8:0e:c4: 16:3c:e2:39:a3:10:8c:44:33:51:f7:b7:d7:ed:cc:57:47:7b: 3a:36:3e:23 -----BEGIN CERTIFICATE----- MIIE1jCCA76gAwIBAgIBGzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhGMTk4 OUI0MDY5MDFBREY4ODEwQjlEQ0RDNEUwRkM5RTdFODVFRUI0MB4XDTI1MDgyMjA2 MjQwMVoXDTI2MDgyMDA3NDkxOFowMzExMC8GA1UEAxMoQ0JCQTczM0Y5QzdFMDAw MEE1QkY1MzMzNUUwNDJDMjA4REE2MDQ4NjCCASIwDQYJKoZIhvcNAQEBBQADggEP ADCCAQoCggEBANC3IxsqchiOixIKqK/nspanxqRbkHdJj9oGWtVL8dO2HzgTKpYU dXZEyS6qcZ8turdi92jAhOgPGulELi5lD9gWCQq7iy2dvM9iVP8zzEbMdlYqrMHp IJG9Xld8sqp32LRDBCGgI6fvzN1nSm9UdD19E4SweUqFbKyoLLkgKc46+EYOmoEH ZKd0MYu1z96CEdJ422qJRzJA5Dr1wKWYMCnpHgzQbEEnNBtSzMe983XorQY8ToqW /Bz0SRqrdQO/eE+43EUDcHdyMf+t8NqGOChI3TBycUACfV7e/qErUy70a5F8fsih 1JjLp7ix62LS337cWBqPYxYkk6USsmFi+TECAwEAAaOCAfMwggHvMB0GA1UdDgQW BBTLunM/nH4AAKW/UzNeBCwgjaYEhjAfBgNVHSMEGDAWgBTxmJtAaQGt+IELnc3E 4PyefoXutDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMF0GA1UdHwRWMFQwUqBQ oE6GTHJzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC8xMjMy LzhaaWJRR2tCcmZpQkM1M054T0Q4bm42RjdyUS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvOFppYlFHa0JyZmlCQzUzTnhPRDhubjZGN3JRLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZ0GCCsGAQUFBwELBIGQMIGNMFgGCCsGAQUFBzALhkxyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTIzMi95N3B6UDV4LUFBQ2x2 MU16WGdRc0lJMm1CSVkucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25u aWMuY24vcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQAZz09MA0GCSqGSIb3DQEBCwUAA4IBAQCPYQQob3Kjm5JILozPY3lMYsJoFfhg lsz4c9yp/udIAef/5xWLdFjRshjcOVlIuwv8mi6kDN7UhCRi1tkIInY/cxj6cAwU nFIV+ji8IxmM9XNA7hdAMl2/7eB/xpSY4/CkY/VyiP3PywjU43cRY/Jy8NIDGti+ B4CarMpTrPauRpnyBCYHDr0dxFPAoGNvfKNyQrY7J1IW2+StkAFBUjCJMIcmnlrU /3zaI2iEWlhSMIVt4uw54wC6KgR6fjpl/IIQwWf9r9BBrlFOTwouzapVK5WM2WUI ovKSb/mAvOXDndQ6atNUPmn4DsQWPOI5oxCMRDNR97fX7cxXR3s6Nj4j -----END CERTIFICATE-----Generated at Sun Aug 24 02:40:45 2025 by rpki-client