$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3014/AoE-KwiEkXlo17Ft0xQel7aM16g.roa File: AoE-KwiEkXlo17Ft0xQel7aM16g.roa (raw, json) Hash identifier: HZcWA94h9Bk8fKjw+tUz9OCLgxwH15Msosjfx4Pypng= Subject key identifier: 02:81:3E:2B:08:84:91:79:68:D7:B1:6D:D3:14:1E:97:B6:8C:D7:A8 Certificate issuer: /CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9 Certificate serial: 102E Authority key identifier: 3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/AoE-KwiEkXlo17Ft0xQel7aM16g.roa Signing time: Wed 25 Dec 2024 03:25:02 +0000 ROA not before: Wed 25 Dec 2024 03:25:02 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 55990 IP address blocks: 113.47.32.0/19 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 04 Apr 2025 20:05:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4142 (0x102e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9 Validity Not Before: Dec 25 03:25:02 2024 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=02813E2B0884917968D7B16DD3141E97B68CD7A8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:d2:ad:b1:04:d4:30:b9:6b:84:4a:0e:28:45: aa:3c:4f:8f:fa:0b:b0:cf:cc:ec:7a:1b:71:1e:0c: 39:af:e1:b8:d3:cb:87:00:7d:a5:72:5c:bf:f0:4f: 37:d0:5b:b5:5a:a5:8a:2c:4a:bd:b5:93:c7:bc:52: 16:63:fa:71:06:35:c4:6e:b3:4d:d2:d8:6c:21:6f: 9a:61:a9:df:d2:54:cc:4d:de:78:0f:84:6b:d0:98: e0:47:c9:50:73:17:51:8c:3f:25:50:2a:25:76:7b: 5c:2e:33:f5:a2:40:96:76:29:8f:28:36:22:dd:cf: 0e:c0:71:c7:55:3c:11:36:b7:a1:5d:c6:fe:87:c1: cb:a9:95:36:9c:a9:61:b8:da:69:5d:e7:f4:39:d0: 4d:b5:f1:96:94:fc:4e:e9:80:17:ab:cb:18:85:51: 90:f7:71:41:23:b9:75:15:58:c9:f2:05:92:67:95: 3f:8b:04:fc:0a:f8:fc:f1:76:e3:9f:3c:f1:c5:55: 14:71:89:7b:fe:e9:3f:20:16:0a:22:2c:47:1b:ee: f7:b1:f3:fe:09:0d:f5:df:4e:91:f0:80:22:8e:18: 25:0e:f6:94:cf:d3:dd:46:6d:6a:e5:9a:72:63:9b: 17:fd:44:1c:e3:9e:ea:73:de:76:c9:f4:70:a0:0e: ed:53 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 02:81:3E:2B:08:84:91:79:68:D7:B1:6D:D3:14:1E:97:B6:8C:D7:A8 X509v3 Authority Key Identifier: keyid:3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/AoE-KwiEkXlo17Ft0xQel7aM16g.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 113.47.32.0/19 Signature Algorithm: sha256WithRSAEncryption 29:3a:aa:4f:6a:c4:4f:49:28:52:3b:8b:00:92:14:c2:04:32: 1f:5f:ea:80:5e:67:42:4a:db:bf:42:db:42:66:23:aa:7f:17: 8c:63:b9:9a:53:d8:86:0e:e8:3c:ef:6f:73:06:2d:61:07:7b: b8:45:e0:6a:c1:ad:45:5e:55:9d:cb:ad:21:e0:fb:21:2a:6a: 5f:73:df:37:d2:2a:45:ab:b2:02:dc:e0:93:f8:d0:c1:a5:9b: d6:ae:5c:8e:1a:3d:b6:36:22:ba:ab:ae:66:dc:e9:dd:d3:31: 58:43:dc:11:5b:8c:57:4f:fe:ca:5a:7c:27:2c:22:f7:c4:0c: f3:b6:c2:bc:9d:00:92:ed:62:42:3f:14:eb:e2:34:2e:71:91: 40:a3:82:5e:88:ce:3d:34:08:61:70:5d:ae:62:6e:c9:e4:12: f8:d7:5c:7f:6c:58:4b:30:56:da:70:f3:57:9e:4f:f1:81:4a: 41:78:4c:05:18:a6:aa:d6:a1:2d:46:3a:51:e5:c9:ff:5e:68: 83:f0:82:13:5d:93:c5:0c:ab:56:db:f0:53:75:bd:4a:8f:0b: fb:27:6e:13:56:90:3e:ff:e5:33:3f:43:9a:cc:e3:8b:6c:6d: 04:39:62:f1:bc:9d:fc:b4:8b:cd:44:53:56:89:1d:aa:15:75: a0:bf:90:04 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICEC4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0FD RTEwQzgzODI5MkM2RkM3MDY1ODVCNDQ0RUJBRURDQTJBMTFCOTAeFw0yNDEyMjUw MzI1MDJaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDAyODEzRTJCMDg4NDkx Nzk2OEQ3QjE2REQzMTQxRTk3QjY4Q0Q3QTgwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC+0q2xBNQwuWuESg4oRao8T4/6C7DPzOx6G3EeDDmv4bjTy4cA faVyXL/wTzfQW7VapYosSr21k8e8UhZj+nEGNcRus03S2Gwhb5phqd/SVMxN3ngP hGvQmOBHyVBzF1GMPyVQKiV2e1wuM/WiQJZ2KY8oNiLdzw7AccdVPBE2t6Fdxv6H wcuplTacqWG42mld5/Q50E218ZaU/E7pgBeryxiFUZD3cUEjuXUVWMnyBZJnlT+L BPwK+PzxduOfPPHFVRRxiXv+6T8gFgoiLEcb7vex8/4JDfXfTpHwgCKOGCUO9pTP 091GbWrlmnJjmxf9RBzjnupz3nbJ9HCgDu1TAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUAoE+KwiEkXlo17Ft0xQel7aM16gwHwYDVR0jBBgwFoAUOs4QyDgpLG/HBlhb RE667coqEbkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzAx NC9PczRReURncExHX0hCbGhiUkU2Njdjb3FFYmsuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL09zNFF5RGdwTEdfSEJsaGJSRTY2N2NvcUViay5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwMTQvQW9FLUt3aUVrWGxv MTdGdDB4UWVsN2FNMTZnLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEBXEvIDANBgkqhkiG9w0BAQsFAAOCAQEAKTqqT2rET0koUjuLAJIUwgQyH1/q gF5nQkrbv0LbQmYjqn8XjGO5mlPYhg7oPO9vcwYtYQd7uEXgasGtRV5VncutIeD7 ISpqX3PfN9IqRauyAtzgk/jQwaWb1q5cjho9tjYiuquuZtzp3dMxWEPcEVuMV0/+ ylp8Jywi98QM87bCvJ0Aku1iQj8U6+I0LnGRQKOCXojOPTQIYXBdrmJuyeQS+Ndc f2xYSzBW2nDzV55P8YFKQXhMBRimqtahLUY6UeXJ/15og/CCE12TxQyrVtvwU3W9 So8L+yduE1aQPv/lMz9Dmszji2xtBDli8byd/LSLzURTVokdqhV1oL+QBA== -----END CERTIFICATE-----Generated at Fri Apr 4 18:33:18 2025 by rpki-client