$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3130/GKqCyH6iHP15Ex63RAa2VrA60RE.roa File: GKqCyH6iHP15Ex63RAa2VrA60RE.roa (raw, json) Hash identifier: WGCL2kQnzd3Tau8ekTpNy1MMnQ5r9PJs73jjRXxlaSE= Subject key identifier: 18:AA:82:C8:7E:A2:1C:FD:79:13:1E:B7:44:06:B6:56:B0:3A:D1:11 Certificate issuer: /CN=2B0C50542CA87AA3C12F30C32323062C87102221 Certificate serial: 1860 Authority key identifier: 2B:0C:50:54:2C:A8:7A:A3:C1:2F:30:C3:23:23:06:2C:87:10:22:21 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/GKqCyH6iHP15Ex63RAa2VrA60RE.roa Signing time: Fri 06 Jun 2025 13:20:45 +0000 ROA not before: Fri 06 Jun 2025 13:20:45 +0000 ROA not after: Fri 03 Apr 2026 08:00:09 +0000 asID: 398704 IP address blocks: 180.223.124.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 03 Jul 2025 11:13:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6240 (0x1860) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2B0C50542CA87AA3C12F30C32323062C87102221 Validity Not Before: Jun 6 13:20:45 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=18AA82C87EA21CFD79131EB74406B656B03AD111 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:97:c8:4c:3e:b4:8a:f0:98:26:47:ad:90:8e:7d: 69:c4:26:66:f1:0d:dd:e9:07:9c:c9:84:5d:2b:f9: 32:58:20:8f:50:f1:7a:43:cc:d3:bd:5b:8d:7a:bc: 6e:c5:65:12:97:6f:c9:c9:07:ea:13:9a:d3:53:13: 9c:0b:18:2a:1f:36:42:ec:0d:05:6a:26:07:fb:b6: b9:0c:31:a3:ad:59:57:a5:64:df:a3:3c:b4:c4:3e: 83:09:34:10:7b:f4:9a:02:37:94:04:9e:e9:d5:3e: 6d:f1:b8:5f:43:3a:09:1b:54:15:29:3d:c0:35:16: 81:84:12:3d:9f:80:b5:37:9e:49:b2:ab:cb:2c:c0: 6c:6a:d4:32:54:37:1f:6a:4a:9a:01:6c:b8:e7:e7: 16:53:33:e2:e1:33:87:1f:5a:d2:78:20:bb:b2:a6: fd:45:d7:41:a1:99:8e:51:31:aa:30:c9:ef:c6:e7: 7b:92:31:0e:e8:8f:f8:15:e3:93:af:b6:4c:cd:69: 91:52:8a:3d:0a:41:9d:26:88:3b:3e:15:e8:28:28: d0:8f:d1:18:d7:8a:b8:fa:55:73:84:98:a4:68:b1: ef:0f:c7:bb:56:f8:8f:49:a0:ba:50:f4:6e:cb:6f: 77:a8:a6:6b:a0:d9:5f:63:48:e8:2c:aa:91:8d:3b: ab:41 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 18:AA:82:C8:7E:A2:1C:FD:79:13:1E:B7:44:06:B6:56:B0:3A:D1:11 X509v3 Authority Key Identifier: keyid:2B:0C:50:54:2C:A8:7A:A3:C1:2F:30:C3:23:23:06:2C:87:10:22:21 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/GKqCyH6iHP15Ex63RAa2VrA60RE.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 180.223.124.0/24 Signature Algorithm: sha256WithRSAEncryption a6:4d:ec:0f:69:c4:86:38:3e:5e:f9:3d:2f:77:4f:a9:93:2f: 98:ff:ca:1a:f3:35:63:38:36:dc:ad:8d:97:e4:2a:42:02:db: d0:09:db:d9:b6:51:27:c4:34:e2:73:44:ec:d3:5e:12:89:95: bf:52:b1:d3:2c:ba:1b:60:ac:df:7f:05:d2:ac:dc:34:a6:b3: aa:a2:9f:f4:84:50:2a:f3:47:eb:fb:34:fa:9f:48:f7:0e:85: 70:03:f1:c6:a1:54:09:9c:35:52:76:71:b0:d4:51:8e:af:09: 2e:05:c0:67:79:a4:a0:0e:a7:04:c2:77:9c:93:0c:c5:7c:df: 20:0c:47:36:20:50:69:5b:c0:71:7d:22:17:f9:de:3b:76:e3: 63:4c:ad:35:5a:53:a7:07:2e:7b:38:00:e9:28:22:6c:71:e7: 6b:ea:12:7c:a5:9b:94:f6:7c:a9:69:7e:e2:3c:83:da:d9:67: ad:17:6c:68:82:89:d3:87:8f:f4:92:db:1b:22:f1:45:c2:5d: bc:17:c3:1b:e5:15:a3:26:a8:fc:4a:53:7c:fd:1c:e7:61:b1: 8f:ae:5b:d7:40:68:c7:07:f1:aa:9f:e6:02:2d:23:7a:6e:3f: 25:99:fb:67:02:d4:cb:00:62:f8:43:e7:e9:b5:bd:13:a5:5a: d6:2d:5f:9b -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICGGAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkIw QzUwNTQyQ0E4N0FBM0MxMkYzMEMzMjMyMzA2MkM4NzEwMjIyMTAeFw0yNTA2MDYx MzIwNDVaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDE4QUE4MkM4N0VBMjFD RkQ3OTEzMUVCNzQ0MDZCNjU2QjAzQUQxMTEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCXyEw+tIrwmCZHrZCOfWnEJmbxDd3pB5zJhF0r+TJYII9Q8XpD zNO9W416vG7FZRKXb8nJB+oTmtNTE5wLGCofNkLsDQVqJgf7trkMMaOtWVelZN+j PLTEPoMJNBB79JoCN5QEnunVPm3xuF9DOgkbVBUpPcA1FoGEEj2fgLU3nkmyq8ss wGxq1DJUNx9qSpoBbLjn5xZTM+LhM4cfWtJ4ILuypv1F10GhmY5RMaowye/G53uS MQ7oj/gV45OvtkzNaZFSij0KQZ0miDs+FegoKNCP0RjXirj6VXOEmKRose8Px7tW +I9JoLpQ9G7Lb3eopmug2V9jSOgsqpGNO6tBAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUGKqCyH6iHP15Ex63RAa2VrA60REwHwYDVR0jBBgwFoAUKwxQVCyoeqPBLzDD IyMGLIcQIiEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzEz MC9Ld3hRVkN5b2VxUEJMekRESXlNR0xJY1FJaUUuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0t3eFFWQ3lvZXFQQkx6RERJeU1HTEljUUlpRS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMxMzAvR0txQ3lINmlIUDE1 RXg2M1JBYTJWckE2MFJFLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEALTffDANBgkqhkiG9w0BAQsFAAOCAQEApk3sD2nEhjg+Xvk9L3dPqZMvmP/K GvM1Yzg23K2Nl+QqQgLb0Anb2bZRJ8Q04nNE7NNeEomVv1Kx0yy6G2Cs338F0qzc NKazqqKf9IRQKvNH6/s0+p9I9w6FcAPxxqFUCZw1UnZxsNRRjq8JLgXAZ3mkoA6n BMJ3nJMMxXzfIAxHNiBQaVvAcX0iF/neO3bjY0ytNVpTpwcuezgA6SgibHHna+oS fKWblPZ8qWl+4jyD2tlnrRdsaIKJ04eP9JLbGyLxRcJdvBfDG+UVoyao/EpTfP0c 52Gxj65b10Boxwfxqp/mAi0jem4/JZn7ZwLUywBi+EPn6bW9E6Va1i1fmw== -----END CERTIFICATE-----Generated at Thu Jul 3 09:18:35 2025 by rpki-client