$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2776/60bHviOsET_Vf8_DbJjRc6w43N8.roa File: 60bHviOsET_Vf8_DbJjRc6w43N8.roa (raw, json) Hash identifier: T5b8IcOXmQ/CmW/IN+qCnH8UHN6n56w3kxeNCdfLklg= Subject key identifier: EB:46:C7:BE:23:AC:11:3F:D5:7F:CF:C3:6C:98:D1:73:AC:38:DC:DF Certificate issuer: /CN=86DB0D88746FFC0814E589A139240F2F742D0C56 Certificate serial: 1746 Authority key identifier: 86:DB:0D:88:74:6F:FC:08:14:E5:89:A1:39:24:0F:2F:74:2D:0C:56 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/htsNiHRv_AgU5YmhOSQPL3QtDFY.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2776/60bHviOsET_Vf8_DbJjRc6w43N8.roa Signing time: Sat 13 Sep 2025 03:09:14 +0000 ROA not before: Sat 13 Sep 2025 03:09:14 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 63566 IP address blocks: 103.252.248.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2776/htsNiHRv_AgU5YmhOSQPL3QtDFY.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2776/htsNiHRv_AgU5YmhOSQPL3QtDFY.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/htsNiHRv_AgU5YmhOSQPL3QtDFY.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 18:07:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5958 (0x1746) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=86DB0D88746FFC0814E589A139240F2F742D0C56 Validity Not Before: Sep 13 03:09:14 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=EB46C7BE23AC113FD57FCFC36C98D173AC38DCDF Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f2:3d:aa:d9:a5:43:b0:fd:4d:02:31:f3:06:b2: 09:c5:f3:60:b9:9b:40:8b:24:ed:fd:86:9b:71:53: c7:b3:2e:ca:83:7e:31:5f:ec:34:87:f5:bb:90:05: a4:4f:8d:cd:4c:35:8d:5d:15:f1:ec:e1:18:9c:e8: 00:76:38:4b:d0:4d:4d:d8:86:5a:93:92:b7:2c:ae: f1:90:a3:cc:a7:f6:dd:d6:36:f0:9e:b4:11:b0:5d: 7a:5e:48:e7:a4:cd:43:f6:16:cc:1e:fd:5a:77:fb: a3:92:8b:f9:77:0c:ee:a1:23:e1:dd:72:4c:aa:f7: 51:b4:00:bc:00:4e:29:99:d1:c7:1b:9c:d9:e0:be: 30:18:47:97:26:66:69:fd:dd:04:64:ae:c2:3e:d6: 82:45:df:11:3a:fa:eb:cc:40:b7:a2:4c:2e:79:8d: c0:83:e1:94:c0:0e:0f:20:49:bc:c1:6b:98:f6:68: db:3d:75:6b:23:3a:2a:3b:21:d4:fa:2d:fb:55:28: ab:91:4d:3c:be:67:cd:71:6b:e0:35:30:90:dc:db: 2d:31:21:30:9a:f1:58:e5:43:17:7b:9c:0e:e8:90: 31:cd:ae:01:0d:39:f0:a6:c4:e0:81:48:ee:4e:a4: 57:eb:30:47:27:57:be:e0:0c:5c:92:5d:8a:d7:05: 1c:eb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EB:46:C7:BE:23:AC:11:3F:D5:7F:CF:C3:6C:98:D1:73:AC:38:DC:DF X509v3 Authority Key Identifier: keyid:86:DB:0D:88:74:6F:FC:08:14:E5:89:A1:39:24:0F:2F:74:2D:0C:56 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2776/htsNiHRv_AgU5YmhOSQPL3QtDFY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/htsNiHRv_AgU5YmhOSQPL3QtDFY.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2776/60bHviOsET_Vf8_DbJjRc6w43N8.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.252.248.0/24 Signature Algorithm: sha256WithRSAEncryption 15:45:f0:cc:ea:73:d6:76:65:e9:35:71:0a:57:a3:23:9d:b3: f2:ee:1a:4f:14:9d:92:87:ff:c0:44:a1:8b:27:65:bb:bc:a4: e2:06:c9:c5:5c:35:c4:39:51:e3:cb:3e:b6:ef:a3:11:05:af: 38:84:4f:62:74:a3:6f:55:86:29:29:8b:eb:44:03:15:9c:0e: 7f:e8:60:ad:44:82:83:38:08:31:ab:bd:87:7f:73:c3:1c:f4: 98:9d:13:a0:27:5e:17:3b:55:70:ce:e7:64:77:90:1f:23:a7: d4:c5:28:c4:57:fb:6e:98:f6:b3:01:34:3e:91:ec:99:0f:57: 0d:a8:04:b9:1c:70:0f:f7:79:92:57:69:cd:bc:1e:12:88:eb: a4:75:d5:5b:99:e4:67:33:09:4b:e4:99:e5:83:8b:dc:0b:54: ea:6d:6b:47:b0:1b:f1:8b:71:46:c2:3a:a4:e2:a4:97:f7:38: 6d:2b:b9:3f:0b:a1:55:c8:2d:7b:ae:f7:01:52:cb:6c:68:4b: 23:06:d9:b2:bd:a9:7e:ec:e6:82:12:c1:ef:8c:96:6b:a6:ca: 87:6a:18:f7:42:7b:81:3a:56:2e:9c:93:6f:ea:0d:df:a1:84: 3a:16:ee:a8:0a:8d:f0:3b:e1:84:30:ee:b8:75:0f:a3:28:d5: dc:ae:64:fd -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICF0YwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoODZE QjBEODg3NDZGRkMwODE0RTU4OUExMzkyNDBGMkY3NDJEMEM1NjAeFw0yNTA5MTMw MzA5MTRaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKEVCNDZDN0JFMjNBQzEx M0ZENTdGQ0ZDMzZDOThEMTczQUMzOERDREYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDyParZpUOw/U0CMfMGsgnF82C5m0CLJO39hptxU8ezLsqDfjFf 7DSH9buQBaRPjc1MNY1dFfHs4Ric6AB2OEvQTU3YhlqTkrcsrvGQo8yn9t3WNvCe tBGwXXpeSOekzUP2Fswe/Vp3+6OSi/l3DO6hI+Hdckyq91G0ALwATimZ0ccbnNng vjAYR5cmZmn93QRkrsI+1oJF3xE6+uvMQLeiTC55jcCD4ZTADg8gSbzBa5j2aNs9 dWsjOio7IdT6LftVKKuRTTy+Z81xa+A1MJDc2y0xITCa8VjlQxd7nA7okDHNrgEN OfCmxOCBSO5OpFfrMEcnV77gDFySXYrXBRzrAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQU60bHviOsET/Vf8/DbJjRc6w43N8wHwYDVR0jBBgwFoAUhtsNiHRv/AgU5Ymh OSQPL3QtDFYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjc3 Ni9odHNOaUhSdl9BZ1U1WW1oT1NRUEwzUXRERlkuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL2h0c05pSFJ2X0FnVTVZbWhPU1FQTDNRdERGWS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI3NzYvNjBiSHZpT3NFVF9W ZjhfRGJKalJjNnc0M044LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAGf8+DANBgkqhkiG9w0BAQsFAAOCAQEAFUXwzOpz1nZl6TVxClejI52z8u4a TxSdkof/wEShiydlu7yk4gbJxVw1xDlR48s+tu+jEQWvOIRPYnSjb1WGKSmL60QD FZwOf+hgrUSCgzgIMau9h39zwxz0mJ0ToCdeFztVcM7nZHeQHyOn1MUoxFf7bpj2 swE0PpHsmQ9XDagEuRxwD/d5kldpzbweEojrpHXVW5nkZzMJS+SZ5YOL3AtU6m1r R7Ab8YtxRsI6pOKkl/c4bSu5PwuhVcgte673AVLLbGhLIwbZsr2pfuzmghLB74yW a6bKh2oY90J7gTpWLpyTb+oN36GEOhbuqAqN8DvhhDDuuHUPoyjV3K5k/Q== -----END CERTIFICATE-----Generated at Mon Oct 20 17:21:12 2025 by rpki-client