$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/119/lI9ajDytEBoqP3nY6k07TCbYYw4.roa File: lI9ajDytEBoqP3nY6k07TCbYYw4.roa (raw, json) Hash identifier: LWyUgAWzaJTkzHAy91TtZ1KUB8GaXK9r6LOFEw6+TPE= Subject key identifier: 94:8F:5A:8C:3C:AD:10:1A:2A:3F:79:D8:EA:4D:3B:4C:26:D8:63:0E Certificate issuer: /CN=F556C3AAA1001F89DC0FCED5436A21BB4FF35D7A Certificate serial: 1674 Authority key identifier: F5:56:C3:AA:A1:00:1F:89:DC:0F:CE:D5:43:6A:21:BB:4F:F3:5D:7A Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/9VbDqqEAH4ncD87VQ2ohu0_zXXo.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/119/lI9ajDytEBoqP3nY6k07TCbYYw4.roa Signing time: Mon 26 Jan 2026 07:00:20 +0000 ROA not before: Mon 26 Jan 2026 07:00:20 +0000 ROA not after: Sat 09 Jan 2027 08:23:18 +0000 asID: 9807 IP address blocks: 219.235.128.0/21 maxlen: 21 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/119/9VbDqqEAH4ncD87VQ2ohu0_zXXo.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/119/9VbDqqEAH4ncD87VQ2ohu0_zXXo.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/9VbDqqEAH4ncD87VQ2ohu0_zXXo.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 02 Mar 2026 05:59:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5748 (0x1674) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=F556C3AAA1001F89DC0FCED5436A21BB4FF35D7A Validity Not Before: Jan 26 07:00:20 2026 GMT Not After : Jan 9 08:23:18 2027 GMT Subject: CN=948F5A8C3CAD101A2A3F79D8EA4D3B4C26D8630E Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:dd:49:a6:22:f3:cb:91:9c:ec:fe:11:5f:90: 07:32:b5:d9:3f:e4:f0:2e:2f:03:1f:68:f5:da:e7: 1d:c5:83:6c:ee:71:a2:e9:63:01:37:fb:2d:35:26: 58:5a:ee:f3:8e:65:a0:b6:3e:e5:b6:ac:af:a0:c3: 86:0b:8b:67:85:aa:4b:02:57:ca:cd:13:8d:ce:03: 22:70:65:2f:46:af:d6:6d:92:b3:d5:ef:d1:64:06: f1:49:2a:9a:72:a2:0f:e3:33:3a:33:7d:73:49:2f: fa:45:f8:30:6a:2b:bb:15:df:b1:1d:55:4d:9b:0f: e8:78:b2:9f:fe:c9:b7:df:91:a5:5e:85:16:f7:fa: 34:23:b3:3c:6d:85:44:bc:bb:17:fd:81:be:34:ff: 7d:82:e4:a3:71:01:2a:d1:2b:d8:be:23:de:93:96: 65:ab:82:69:87:34:63:20:a6:b6:a8:70:de:59:6e: c6:b8:99:92:68:fc:e8:dd:0e:1d:81:58:8c:5d:53: 83:c9:5d:15:f6:ce:1a:81:8e:3e:a3:02:9f:40:00: b9:39:83:02:cb:7b:50:ec:bd:32:b0:d3:ab:66:00: 83:8b:eb:57:3b:b3:37:1e:80:97:2f:d7:be:1c:d7: 13:a6:dd:8a:13:b5:55:8d:5e:1d:84:a7:5a:ba:06: b9:03 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 94:8F:5A:8C:3C:AD:10:1A:2A:3F:79:D8:EA:4D:3B:4C:26:D8:63:0E X509v3 Authority Key Identifier: keyid:F5:56:C3:AA:A1:00:1F:89:DC:0F:CE:D5:43:6A:21:BB:4F:F3:5D:7A X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/119/9VbDqqEAH4ncD87VQ2ohu0_zXXo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/9VbDqqEAH4ncD87VQ2ohu0_zXXo.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/119/lI9ajDytEBoqP3nY6k07TCbYYw4.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 219.235.128.0/21 Signature Algorithm: sha256WithRSAEncryption 4e:45:37:0a:ff:22:0e:04:51:42:ad:a7:99:31:ef:2c:15:b4: 0c:98:62:ef:55:c3:7a:d7:bf:84:30:95:d3:8d:c3:24:c4:70: 1f:ac:f4:73:cc:9d:19:20:d4:5f:ee:3a:f0:5e:fa:8c:ec:44: 72:ea:24:4e:d8:d1:3d:1f:19:4f:50:88:b4:ae:7c:42:b4:3f: ce:51:d7:95:f0:73:4c:4e:e9:a6:a3:ce:18:cb:5b:59:ce:16: 8c:8e:f3:4b:18:67:fe:70:0e:48:aa:49:ec:0e:23:8f:10:c0: cf:30:f9:a1:84:31:38:69:99:e0:52:20:9f:8b:a1:11:0c:5b: 7e:aa:54:0c:58:5d:ed:08:cd:6f:26:41:36:7b:e9:ac:42:41: 93:3f:5c:2a:9c:16:c0:67:3f:d9:02:04:d3:40:bb:f1:35:a0: a5:d0:93:5b:66:9d:d6:e9:d5:d8:f0:8f:1e:01:7b:4b:83:19: 50:b9:a7:4a:82:6c:43:d0:39:2a:58:5d:f7:7d:08:c6:28:3f: 00:05:0e:36:51:db:96:15:4f:79:2c:eb:a4:77:82:0a:17:23: 9a:c3:02:67:23:7b:d2:eb:ad:7a:76:5f:ac:a6:6d:3f:ae:43: e0:35:41:b6:7f:2a:6c:71:af:4f:db:93:56:a8:03:43:b2:33: 9d:3c:ca:a7 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICFnQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRjU1 NkMzQUFBMTAwMUY4OURDMEZDRUQ1NDM2QTIxQkI0RkYzNUQ3QTAeFw0yNjAxMjYw NzAwMjBaFw0yNzAxMDkwODIzMThaMDMxMTAvBgNVBAMTKDk0OEY1QThDM0NBRDEw MUEyQTNGNzlEOEVBNEQzQjRDMjZEODYzMEUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCt3UmmIvPLkZzs/hFfkAcytdk/5PAuLwMfaPXa5x3Fg2zucaLp YwE3+y01Jlha7vOOZaC2PuW2rK+gw4YLi2eFqksCV8rNE43OAyJwZS9Gr9ZtkrPV 79FkBvFJKppyog/jMzozfXNJL/pF+DBqK7sV37EdVU2bD+h4sp/+ybffkaVehRb3 +jQjszxthUS8uxf9gb40/32C5KNxASrRK9i+I96TlmWrgmmHNGMgpraocN5Zbsa4 mZJo/OjdDh2BWIxdU4PJXRX2zhqBjj6jAp9AALk5gwLLe1DsvTKw06tmAIOL61c7 szcegJcv174c1xOm3YoTtVWNXh2Ep1q6BrkDAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUlI9ajDytEBoqP3nY6k07TCbYYw4wHwYDVR0jBBgwFoAU9VbDqqEAH4ncD87V Q2ohu0/zXXowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTE5 LzlWYkRxcUVBSDRuY0Q4N1ZRMm9odTBfelhYby5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvOVZiRHFxRUFING5jRDg3VlEyb2h1MF96WFhvLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTE5L2xJOWFqRHl0RUJvcVAz blk2azA3VENiWVl3NC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAPb64AwDQYJKoZIhvcNAQELBQADggEBAE5FNwr/Ig4EUUKtp5kx7ywVtAyYYu9V w3rXv4QwldONwyTEcB+s9HPMnRkg1F/uOvBe+ozsRHLqJE7Y0T0fGU9QiLSufEK0 P85R15Xwc0xO6aajzhjLW1nOFoyO80sYZ/5wDkiqSewOI48QwM8w+aGEMThpmeBS IJ+LoREMW36qVAxYXe0IzW8mQTZ76axCQZM/XCqcFsBnP9kCBNNAu/E1oKXQk1tm ndbp1djwjx4Be0uDGVC5p0qCbEPQOSpYXfd9CMYoPwAFDjZR25YVT3ks66R3ggoX I5rDAmcje9LrrXp2X6ymbT+uQ+A1QbZ/Kmxxr0/bk1aoA0OyM508yqc= -----END CERTIFICATE-----Generated at Mon Mar 2 05:54:24 2026 by rpki-client