$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/620/AuVbs0H3hpxgHVWFirWbZjktcTo.roa File: AuVbs0H3hpxgHVWFirWbZjktcTo.roa (raw, json) Hash identifier: KOYq4xwAkyE9JCrUaY8UqsAS2Pe10hdMv1FTrXk+vX8= Subject key identifier: 02:E5:5B:B3:41:F7:86:9C:60:1D:55:85:8A:B5:9B:66:39:2D:71:3A Certificate issuer: /CN=309C2A943B28DC0858C39B9208A1609C0973E49A Certificate serial: 023E Authority key identifier: 30:9C:2A:94:3B:28:DC:08:58:C3:9B:92:08:A1:60:9C:09:73:E4:9A Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/MJwqlDso3AhYw5uSCKFgnAlz5Jo.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/620/AuVbs0H3hpxgHVWFirWbZjktcTo.roa Signing time: Thu 24 Apr 2025 08:50:26 +0000 ROA not before: Thu 24 Apr 2025 08:50:26 +0000 ROA not after: Fri 03 Apr 2026 08:00:09 +0000 asID: 142132 IP address blocks: 202.46.32.0/24 maxlen: 32 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/620/MJwqlDso3AhYw5uSCKFgnAlz5Jo.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/620/MJwqlDso3AhYw5uSCKFgnAlz5Jo.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/MJwqlDso3AhYw5uSCKFgnAlz5Jo.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 26 Apr 2025 14:36:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 574 (0x23e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=309C2A943B28DC0858C39B9208A1609C0973E49A Validity Not Before: Apr 24 08:50:26 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=02E55BB341F7869C601D55858AB59B66392D713A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:05:48:72:76:9c:ff:a1:dd:01:75:97:85:19: c5:f7:06:ef:df:8e:a8:72:72:75:58:68:fd:9a:b3: 25:7e:41:87:99:d7:84:6a:a1:ee:58:86:16:5a:2e: c2:2c:c8:f2:fb:41:1d:36:37:27:55:28:68:be:2a: 32:00:c7:c6:f5:72:24:f0:a5:20:81:3d:06:74:c4: fc:01:6f:0a:46:6c:85:ce:ca:bf:c3:35:b0:13:ca: 8e:57:34:3e:c9:9d:52:d1:d3:f2:56:c1:19:f3:3f: 58:16:dd:0f:87:30:77:7e:d4:e2:70:ad:2a:28:5a: bb:a2:b2:99:94:7d:fd:c7:32:1c:77:fd:85:7f:c9: d8:1b:81:6d:29:4b:40:3a:40:48:28:01:2d:54:4d: 01:a6:1e:1f:fc:44:ca:19:24:7d:17:d7:88:f9:47: a3:7d:e3:ad:ec:35:10:d1:b7:e1:ff:90:dd:33:b4: e4:48:da:6b:10:29:7b:fa:32:34:c4:fe:77:12:eb: 8f:cd:5d:41:a0:90:1c:7a:5b:7a:b9:c8:f0:f5:fe: 77:87:95:a4:a6:f9:f2:bf:72:ae:24:6e:06:f3:96: 0f:c1:f9:bd:88:dc:0f:9d:a9:72:19:0b:4f:6f:8e: 94:48:50:40:da:bf:34:2d:4b:0f:56:c7:b7:d1:15: 32:9b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 02:E5:5B:B3:41:F7:86:9C:60:1D:55:85:8A:B5:9B:66:39:2D:71:3A X509v3 Authority Key Identifier: keyid:30:9C:2A:94:3B:28:DC:08:58:C3:9B:92:08:A1:60:9C:09:73:E4:9A X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/620/MJwqlDso3AhYw5uSCKFgnAlz5Jo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/MJwqlDso3AhYw5uSCKFgnAlz5Jo.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/620/AuVbs0H3hpxgHVWFirWbZjktcTo.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 202.46.32.0/24 Signature Algorithm: sha256WithRSAEncryption a8:8c:92:c8:fb:79:0d:9a:e6:4d:4e:c6:4a:55:c6:05:5a:c7: 57:9c:e9:01:ab:b2:ee:67:ab:8e:c3:49:a9:cb:7b:d0:48:1a: 11:99:ed:38:92:1f:98:69:9b:7f:66:79:08:5c:69:16:de:96: 73:70:7a:ae:ac:49:54:d8:92:ac:4a:ad:fd:90:df:3a:b8:25: ce:41:8e:a2:38:67:53:b6:6b:a2:66:c6:54:64:d3:ae:d3:82: 7a:ab:8e:e2:07:08:cf:28:ef:a4:31:de:19:30:0a:98:13:7e: 74:0b:55:40:92:e3:80:9b:a8:ab:47:26:55:5b:93:0b:d8:36: fd:91:15:8a:d8:f3:c2:bd:f1:cb:ff:83:3d:9d:45:e7:af:ba: af:6b:91:01:1c:a7:f3:0d:8c:a7:d5:85:4c:af:e9:db:bc:91: 4f:7c:29:f7:c1:e8:1c:5b:13:d8:27:8e:2f:12:44:4b:fd:36: 15:d1:14:8d:6c:56:97:f7:d5:37:99:f2:87:f6:9c:c0:92:39: 42:61:1e:ef:a5:81:94:37:8f:4f:7c:2a:6e:fd:78:08:06:87: df:3e:4f:8d:9a:a4:4f:82:58:e4:94:bb:ab:bb:4f:c1:f4:c2: 07:f7:0a:61:8c:6b:d9:98:a5:2e:50:28:fe:ec:a5:e1:76:a7: 5c:3f:f1:31 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICAj4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzA5 QzJBOTQzQjI4REMwODU4QzM5QjkyMDhBMTYwOUMwOTczRTQ5QTAeFw0yNTA0MjQw ODUwMjZaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDAyRTU1QkIzNDFGNzg2 OUM2MDFENTU4NThBQjU5QjY2MzkyRDcxM0EwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDIBUhydpz/od0BdZeFGcX3Bu/fjqhycnVYaP2asyV+QYeZ14Rq oe5YhhZaLsIsyPL7QR02NydVKGi+KjIAx8b1ciTwpSCBPQZ0xPwBbwpGbIXOyr/D NbATyo5XND7JnVLR0/JWwRnzP1gW3Q+HMHd+1OJwrSooWruispmUff3HMhx3/YV/ ydgbgW0pS0A6QEgoAS1UTQGmHh/8RMoZJH0X14j5R6N9463sNRDRt+H/kN0ztORI 2msQKXv6MjTE/ncS64/NXUGgkBx6W3q5yPD1/neHlaSm+fK/cq4kbgbzlg/B+b2I 3A+dqXIZC09vjpRIUEDavzQtSw9Wx7fRFTKbAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUAuVbs0H3hpxgHVWFirWbZjktcTowHwYDVR0jBBgwFoAUMJwqlDso3AhYw5uS CKFgnAlz5JowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjIw L01Kd3FsRHNvM0FoWXc1dVNDS0ZnbkFsejVKby5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvTUp3cWxEc28zQWhZdzV1U0NLRmduQWx6NUpvLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjIwL0F1VmJzMEgzaHB4Z0hW V0ZpcldiWmprdGNUby5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BADKLiAwDQYJKoZIhvcNAQELBQADggEBAKiMksj7eQ2a5k1OxkpVxgVax1ec6QGr su5nq47DSanLe9BIGhGZ7TiSH5hpm39meQhcaRbelnNweq6sSVTYkqxKrf2Q3zq4 Jc5BjqI4Z1O2a6JmxlRk067TgnqrjuIHCM8o76Qx3hkwCpgTfnQLVUCS44CbqKtH JlVbkwvYNv2RFYrY88K98cv/gz2dReevuq9rkQEcp/MNjKfVhUyv6du8kU98KffB 6BxbE9gnji8SREv9NhXRFI1sVpf31TeZ8of2nMCSOUJhHu+lgZQ3j098Km79eAgG h98+T42apE+CWOSUu6u7T8H0wgf3CmGMa9mYpS5QKP7speF2p1w/8TE= -----END CERTIFICATE-----Generated at Sat Apr 26 14:34:09 2025 by rpki-client