$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/119/DXjFrf_OgBlIsDSW_d80nxJDYy0.roa File: DXjFrf_OgBlIsDSW_d80nxJDYy0.roa (raw, json) Hash identifier: I/0Nk3G2UjpS1Dd3jjRv9K9JPA1+5O1V1YsAJ6efLV0= Subject key identifier: 0D:78:C5:AD:FF:CE:80:19:48:B0:34:96:FD:DF:34:9F:12:43:63:2D Certificate issuer: /CN=F556C3AAA1001F89DC0FCED5436A21BB4FF35D7A Certificate serial: 1675 Authority key identifier: F5:56:C3:AA:A1:00:1F:89:DC:0F:CE:D5:43:6A:21:BB:4F:F3:5D:7A Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/9VbDqqEAH4ncD87VQ2ohu0_zXXo.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/119/DXjFrf_OgBlIsDSW_d80nxJDYy0.roa Signing time: Mon 26 Jan 2026 07:00:21 +0000 ROA not before: Mon 26 Jan 2026 07:00:21 +0000 ROA not after: Sat 09 Jan 2027 08:23:18 +0000 asID: 9807 IP address blocks: 219.235.136.0/21 maxlen: 21 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/119/9VbDqqEAH4ncD87VQ2ohu0_zXXo.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/119/9VbDqqEAH4ncD87VQ2ohu0_zXXo.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/9VbDqqEAH4ncD87VQ2ohu0_zXXo.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 02 Mar 2026 05:59:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5749 (0x1675) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=F556C3AAA1001F89DC0FCED5436A21BB4FF35D7A Validity Not Before: Jan 26 07:00:21 2026 GMT Not After : Jan 9 08:23:18 2027 GMT Subject: CN=0D78C5ADFFCE801948B03496FDDF349F1243632D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:21:f8:7a:5b:a8:1c:6c:10:c9:c4:d7:7c:b3: 63:d5:de:93:b0:c1:10:0f:13:04:20:a4:8a:39:39: 95:90:34:c2:c2:4d:73:40:49:39:91:ae:24:43:0d: c3:b1:6d:c8:7b:fe:03:8a:00:87:aa:23:ca:42:62: 3b:83:f9:8c:a6:10:51:2e:9b:79:48:62:99:0a:07: 75:8a:d5:aa:7b:2c:39:b0:b6:ba:b4:5c:09:81:17: a0:5c:e2:50:88:69:49:6b:c2:df:31:62:b2:94:42: ea:bb:a5:8e:97:8e:32:54:4a:31:11:90:8a:f1:7e: fb:7f:b1:64:33:89:52:da:ce:27:c3:0d:9b:7f:2d: 3d:60:bc:b7:a1:84:d0:de:ee:6a:46:19:c6:f1:da: bc:42:b7:1c:54:eb:9e:65:0f:ae:0b:a2:ba:54:5d: 31:7c:c8:d9:83:6d:28:80:a0:e5:c4:d2:f5:57:24: 11:5b:db:40:3a:da:85:a0:99:64:1c:f4:1e:cd:f8: e8:13:bc:f1:70:f6:fa:1b:1a:c9:f4:44:28:d3:5f: 87:af:2d:a8:59:65:a9:f7:fe:ab:2f:57:32:d5:2b: 6a:ff:44:a7:7b:f5:7e:e1:08:9c:18:38:e7:4d:69: ea:46:a5:4a:dd:63:04:a0:04:c3:35:64:fa:e7:b3: ac:41 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0D:78:C5:AD:FF:CE:80:19:48:B0:34:96:FD:DF:34:9F:12:43:63:2D X509v3 Authority Key Identifier: keyid:F5:56:C3:AA:A1:00:1F:89:DC:0F:CE:D5:43:6A:21:BB:4F:F3:5D:7A X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/119/9VbDqqEAH4ncD87VQ2ohu0_zXXo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/9VbDqqEAH4ncD87VQ2ohu0_zXXo.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/119/DXjFrf_OgBlIsDSW_d80nxJDYy0.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 219.235.136.0/21 Signature Algorithm: sha256WithRSAEncryption 50:3b:c7:be:18:d9:ff:5a:b7:84:ce:86:43:21:13:45:5c:96: 1f:16:49:bb:c7:b2:31:5c:8f:0e:c8:b7:47:5a:9f:ff:19:11: e2:4e:d6:12:87:d7:3f:59:c4:f0:30:94:b3:c5:f4:a9:25:ac: 10:51:43:7a:c8:5f:2f:7f:ac:e1:27:42:34:7d:01:e5:d5:82: 42:74:76:66:f9:8e:31:78:bf:e2:18:96:c6:9c:4e:32:aa:4b: 14:91:1f:38:04:f3:4b:cb:94:b8:84:03:f2:af:40:5d:3b:34: 5b:b8:64:a0:a9:3b:1a:0a:73:84:8f:ba:2b:74:cc:ef:d8:b6: 7a:35:91:da:34:a9:4d:f2:90:61:0e:a9:14:73:88:f2:5b:de: 00:f7:50:12:2e:9f:4b:ad:ab:40:de:43:dd:38:c1:2f:53:50: 0a:14:a7:57:be:32:45:14:f9:ed:b8:b6:7c:f8:8e:31:47:e0: 53:48:f4:d6:5f:91:a5:59:4f:37:df:8b:7a:2c:cc:e6:bd:ed: e9:c1:85:d2:fa:20:76:39:0d:b1:51:fd:96:ea:d3:29:b5:3f: 93:13:3d:84:ef:b7:36:74:12:81:2c:2f:01:e3:53:bd:60:25: 51:e7:a4:63:3b:5e:4f:83:80:b8:97:b2:e3:d4:de:53:b0:05: ee:4e:c8:c1 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICFnUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRjU1 NkMzQUFBMTAwMUY4OURDMEZDRUQ1NDM2QTIxQkI0RkYzNUQ3QTAeFw0yNjAxMjYw NzAwMjFaFw0yNzAxMDkwODIzMThaMDMxMTAvBgNVBAMTKDBENzhDNUFERkZDRTgw MTk0OEIwMzQ5NkZEREYzNDlGMTI0MzYzMkQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDBIfh6W6gcbBDJxNd8s2PV3pOwwRAPEwQgpIo5OZWQNMLCTXNA STmRriRDDcOxbch7/gOKAIeqI8pCYjuD+YymEFEum3lIYpkKB3WK1ap7LDmwtrq0 XAmBF6Bc4lCIaUlrwt8xYrKUQuq7pY6XjjJUSjERkIrxfvt/sWQziVLazifDDZt/ LT1gvLehhNDe7mpGGcbx2rxCtxxU655lD64LorpUXTF8yNmDbSiAoOXE0vVXJBFb 20A62oWgmWQc9B7N+OgTvPFw9vobGsn0RCjTX4evLahZZan3/qsvVzLVK2r/RKd7 9X7hCJwYOOdNaepGpUrdYwSgBMM1ZPrns6xBAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUDXjFrf/OgBlIsDSW/d80nxJDYy0wHwYDVR0jBBgwFoAU9VbDqqEAH4ncD87V Q2ohu0/zXXowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTE5 LzlWYkRxcUVBSDRuY0Q4N1ZRMm9odTBfelhYby5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvOVZiRHFxRUFING5jRDg3VlEyb2h1MF96WFhvLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTE5L0RYakZyZl9PZ0JsSXNE U1dfZDgwbnhKRFl5MC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAPb64gwDQYJKoZIhvcNAQELBQADggEBAFA7x74Y2f9at4TOhkMhE0Vclh8WSbvH sjFcjw7It0dan/8ZEeJO1hKH1z9ZxPAwlLPF9KklrBBRQ3rIXy9/rOEnQjR9AeXV gkJ0dmb5jjF4v+IYlsacTjKqSxSRHzgE80vLlLiEA/KvQF07NFu4ZKCpOxoKc4SP uit0zO/Ytno1kdo0qU3ykGEOqRRziPJb3gD3UBIun0utq0DeQ904wS9TUAoUp1e+ MkUU+e24tnz4jjFH4FNI9NZfkaVZTzffi3oszOa97enBhdL6IHY5DbFR/Zbq0ym1 P5MTPYTvtzZ0EoEsLwHjU71gJVHnpGM7Xk+DgLiXsuPU3lOwBe5OyME= -----END CERTIFICATE-----Generated at Mon Mar 2 05:54:25 2026 by rpki-client