$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1232/GZvGeVQNtqv8JCgFDXjZONWzSU0.roa File: GZvGeVQNtqv8JCgFDXjZONWzSU0.roa (raw, json) Hash identifier: 3mKPUifufnp/mLe1n4GKh46EZ9uLeB2j0ugHCD5vBAg= Subject key identifier: 19:9B:C6:79:54:0D:B6:AB:FC:24:28:05:0D:78:D9:38:D5:B3:49:4D Certificate issuer: /CN=F1989B406901ADF8810B9DCDC4E0FC9E7E85EEB4 Certificate serial: 23 Authority key identifier: F1:98:9B:40:69:01:AD:F8:81:0B:9D:CD:C4:E0:FC:9E:7E:85:EE:B4 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/8ZibQGkBrfiBC53NxOD8nn6F7rQ.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1232/GZvGeVQNtqv8JCgFDXjZONWzSU0.roa Signing time: Fri 22 Aug 2025 06:27:16 +0000 ROA not before: Fri 22 Aug 2025 06:27:16 +0000 ROA not after: Thu 20 Aug 2026 07:49:18 +0000 asID: 63583 IP address blocks: 45.120.241.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1232/8ZibQGkBrfiBC53NxOD8nn6F7rQ.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1232/8ZibQGkBrfiBC53NxOD8nn6F7rQ.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/8ZibQGkBrfiBC53NxOD8nn6F7rQ.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 04:03:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 35 (0x23) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=F1989B406901ADF8810B9DCDC4E0FC9E7E85EEB4 Validity Not Before: Aug 22 06:27:16 2025 GMT Not After : Aug 20 07:49:18 2026 GMT Subject: CN=199BC679540DB6ABFC2428050D78D938D5B3494D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:50:e4:75:d4:4c:84:11:94:f1:88:8b:40:e0: 17:46:2c:35:26:ae:bf:2c:27:60:41:b9:8b:a6:47: 79:d2:60:cb:f9:9b:0a:77:a5:34:ce:89:20:7f:53: 3f:04:bf:a1:bb:1f:f7:f4:3b:d2:84:31:e4:ef:d9: 49:cd:58:e1:83:b3:9d:fc:27:c7:ea:0e:bf:74:ad: be:13:20:c3:58:e2:ae:6a:cb:15:a0:1d:c1:b3:16: 1c:e7:69:22:73:37:0b:c2:af:d7:74:c6:ea:8a:c6: 2c:df:e2:3d:bc:07:f4:2b:f1:84:00:ef:f8:23:00: 42:e5:90:1f:ca:c6:38:15:b6:59:33:15:1b:8d:b6: e5:ba:89:d5:af:6a:7a:4b:d9:7a:98:71:4b:13:f8: d4:ee:9b:7d:cd:c5:03:c3:4e:32:fd:af:a6:01:80: 5d:12:23:79:2a:8a:e7:5c:fe:02:41:a4:fb:77:1f: 72:a0:7f:28:3a:c2:be:9b:7e:f1:7f:af:a8:c2:69: dc:12:08:d0:b7:83:c3:af:8d:4b:8e:06:fe:64:8b: 8f:79:c7:d7:45:a6:41:3d:67:ff:1f:cc:11:0e:32: 1d:5b:82:17:f4:02:64:d5:15:7e:88:37:23:7f:b6: 85:b2:0f:8e:da:4f:b8:d4:f1:bf:a5:dd:79:70:a5: d7:b7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 19:9B:C6:79:54:0D:B6:AB:FC:24:28:05:0D:78:D9:38:D5:B3:49:4D X509v3 Authority Key Identifier: keyid:F1:98:9B:40:69:01:AD:F8:81:0B:9D:CD:C4:E0:FC:9E:7E:85:EE:B4 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1232/8ZibQGkBrfiBC53NxOD8nn6F7rQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/8ZibQGkBrfiBC53NxOD8nn6F7rQ.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1232/GZvGeVQNtqv8JCgFDXjZONWzSU0.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 45.120.241.0/24 Signature Algorithm: sha256WithRSAEncryption 44:a1:ce:33:a0:c6:69:8b:90:1d:00:3b:9d:ea:a0:99:17:11: f2:36:9c:3c:ed:a7:6b:44:54:84:23:33:84:0b:d4:76:fc:4c: 8b:94:be:e5:f2:a2:11:f1:1b:6a:c4:c1:02:70:11:25:24:0b: 0d:45:d8:da:29:32:92:b0:f3:94:f2:eb:d6:b4:20:4b:59:c2: 07:af:c1:fe:4b:1c:a2:12:f7:ea:6c:5a:57:e9:a6:6f:9d:4b: 98:a8:72:26:30:e5:30:cb:2c:78:4f:f5:34:8c:2d:54:8f:df: 15:f0:f8:22:bf:b7:2f:cc:9c:ad:90:9e:49:27:e1:a1:6a:d5: 3a:56:27:04:ca:62:ac:7e:9c:d7:fb:93:ae:e2:99:ff:f1:d8: ee:69:0f:49:8a:02:5a:9a:85:d0:da:df:31:57:e9:96:eb:63: 61:af:9d:7b:b2:57:00:24:fb:3a:a8:24:36:71:1f:34:94:5b: fa:a2:b5:c4:2d:4e:0b:5c:cd:86:a0:31:3a:a4:7e:1a:32:79: f4:73:28:ca:e5:1e:0a:29:f2:f8:a4:ae:a1:e5:f9:f6:ef:11: 55:93:91:22:67:03:ac:a0:cc:c9:68:f8:fe:46:96:b5:02:9e: 97:ca:dd:81:27:ff:bc:d6:df:6c:b6:f6:19:28:a9:06:89:48: b6:c9:6f:b6 -----BEGIN CERTIFICATE----- MIIE1jCCA76gAwIBAgIBIzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhGMTk4 OUI0MDY5MDFBREY4ODEwQjlEQ0RDNEUwRkM5RTdFODVFRUI0MB4XDTI1MDgyMjA2 MjcxNloXDTI2MDgyMDA3NDkxOFowMzExMC8GA1UEAxMoMTk5QkM2Nzk1NDBEQjZB QkZDMjQyODA1MEQ3OEQ5MzhENUIzNDk0RDCCASIwDQYJKoZIhvcNAQEBBQADggEP ADCCAQoCggEBAKtQ5HXUTIQRlPGIi0DgF0YsNSauvywnYEG5i6ZHedJgy/mbCnel NM6JIH9TPwS/obsf9/Q70oQx5O/ZSc1Y4YOznfwnx+oOv3StvhMgw1jirmrLFaAd wbMWHOdpInM3C8Kv13TG6orGLN/iPbwH9CvxhADv+CMAQuWQH8rGOBW2WTMVG422 5bqJ1a9qekvZephxSxP41O6bfc3FA8NOMv2vpgGAXRIjeSqK51z+AkGk+3cfcqB/ KDrCvpt+8X+vqMJp3BII0LeDw6+NS44G/mSLj3nH10WmQT1n/x/MEQ4yHVuCF/QC ZNUVfog3I3+2hbIPjtpPuNTxv6XdeXCl17cCAwEAAaOCAfMwggHvMB0GA1UdDgQW BBQZm8Z5VA22q/wkKAUNeNk41bNJTTAfBgNVHSMEGDAWgBTxmJtAaQGt+IELnc3E 4PyefoXutDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMF0GA1UdHwRWMFQwUqBQ oE6GTHJzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC8xMjMy LzhaaWJRR2tCcmZpQkM1M054T0Q4bm42RjdyUS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvOFppYlFHa0JyZmlCQzUzTnhPRDhubjZGN3JRLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZ0GCCsGAQUFBwELBIGQMIGNMFgGCCsGAQUFBzALhkxyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTIzMi9HWnZHZVZRTnRxdjhK Q2dGRFhqWk9OV3pTVTAucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25u aWMuY24vcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQALXjxMA0GCSqGSIb3DQEBCwUAA4IBAQBEoc4zoMZpi5AdADud6qCZFxHyNpw8 7adrRFSEIzOEC9R2/EyLlL7l8qIR8RtqxMECcBElJAsNRdjaKTKSsPOU8uvWtCBL WcIHr8H+SxyiEvfqbFpX6aZvnUuYqHImMOUwyyx4T/U0jC1Uj98V8Pgiv7cvzJyt kJ5JJ+GhatU6VicEymKsfpzX+5Ou4pn/8djuaQ9JigJamoXQ2t8xV+mW62Nhr517 slcAJPs6qCQ2cR80lFv6orXELU4LXM2GoDE6pH4aMnn0cyjK5R4KKfL4pK6h5fn2 7xFVk5EiZwOsoMzJaPj+Rpa1Ap6Xyt2BJ/+81t9stvYZKKkGiUi2yW+2 -----END CERTIFICATE-----Generated at Sun Aug 24 02:31:49 2025 by rpki-client