$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1212/NLKKhuGRjjycZyTf-_i8mAuCL5Q.roa File: NLKKhuGRjjycZyTf-_i8mAuCL5Q.roa (raw, json) Hash identifier: cLFT6F50dW3SQc3+2AFxXkKj0rBzPHjD9HJqJjyi4lU= Subject key identifier: 34:B2:8A:86:E1:91:8E:3C:9C:67:24:DF:FB:F8:BC:98:0B:82:2F:94 Certificate issuer: /CN=2820258AB65FF61FD5D66D95964F48EFA35DCC86 Certificate serial: 18DF Authority key identifier: 28:20:25:8A:B6:5F:F6:1F:D5:D6:6D:95:96:4F:48:EF:A3:5D:CC:86 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KCAlirZf9h_V1m2Vlk9I76NdzIY.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1212/NLKKhuGRjjycZyTf-_i8mAuCL5Q.roa Signing time: Mon 26 Jan 2026 06:56:15 +0000 ROA not before: Mon 26 Jan 2026 06:56:15 +0000 ROA not after: Sat 09 Jan 2027 08:23:18 +0000 asID: 149628 IP address blocks: 45.116.96.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1212/KCAlirZf9h_V1m2Vlk9I76NdzIY.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1212/KCAlirZf9h_V1m2Vlk9I76NdzIY.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KCAlirZf9h_V1m2Vlk9I76NdzIY.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 02 Mar 2026 00:59:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6367 (0x18df) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2820258AB65FF61FD5D66D95964F48EFA35DCC86 Validity Not Before: Jan 26 06:56:15 2026 GMT Not After : Jan 9 08:23:18 2027 GMT Subject: CN=34B28A86E1918E3C9C6724DFFBF8BC980B822F94 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9a:28:c2:23:2d:70:70:17:d2:3e:51:b9:67:fc: 04:9a:13:be:80:ef:a7:3d:b7:0e:20:c6:82:44:b5: 49:77:40:21:03:4e:74:19:99:3b:7d:ec:aa:2c:0a: 94:e5:e7:b8:dc:94:65:12:58:f2:bd:bb:c6:bc:f3: bc:8b:ea:c0:df:6c:16:44:a5:1c:32:24:7c:09:12: 50:78:9a:9d:07:32:32:de:a0:f7:28:15:88:7d:f5: 0a:c9:c8:86:f5:95:aa:ea:94:14:7f:e2:c8:87:d2: 39:a4:9c:a5:1f:ad:44:a4:85:fe:04:4c:2a:19:43: 89:83:23:ae:0f:fc:e2:4a:ca:ed:63:7e:32:7b:99: 56:43:b6:29:44:5f:34:6a:10:bb:4e:9f:ab:08:f3: ae:4e:23:54:f8:b6:af:22:31:c9:d0:1e:03:0a:ef: ad:a4:52:73:18:3b:12:e6:c0:74:a9:05:1f:c9:67: 6b:c8:ce:09:eb:83:07:ed:dd:3d:a6:ef:c4:4d:e4: d2:18:08:b6:f3:be:ad:0b:60:cf:a1:e0:86:44:69: a9:34:a4:2e:0e:c9:e9:9c:90:28:e4:f1:65:d9:0d: 40:b4:0d:73:f3:a8:ed:b7:e0:a5:6b:f0:eb:33:46: 33:2a:21:86:41:e6:06:3b:62:c8:16:c3:87:0d:0a: 3f:6d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 34:B2:8A:86:E1:91:8E:3C:9C:67:24:DF:FB:F8:BC:98:0B:82:2F:94 X509v3 Authority Key Identifier: keyid:28:20:25:8A:B6:5F:F6:1F:D5:D6:6D:95:96:4F:48:EF:A3:5D:CC:86 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1212/KCAlirZf9h_V1m2Vlk9I76NdzIY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KCAlirZf9h_V1m2Vlk9I76NdzIY.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1212/NLKKhuGRjjycZyTf-_i8mAuCL5Q.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 45.116.96.0/22 Signature Algorithm: sha256WithRSAEncryption ab:35:0e:94:59:d4:34:d2:63:26:f8:cd:a6:2d:41:7f:a0:e5: 96:54:0e:d8:cd:27:27:d6:b8:a2:ad:50:71:c3:75:b2:f9:b2: 54:4e:e3:54:8a:c2:26:6f:bf:09:5a:6d:19:fc:a6:c4:e4:bc: 59:ef:43:96:f0:2a:2b:5c:12:02:0b:30:6a:67:97:2b:8f:95: d8:5c:66:e7:48:ce:a4:75:76:e9:9b:bc:2e:bb:74:b7:d1:7f: 89:fc:87:b1:ee:01:52:bc:ab:85:06:ad:5a:73:3d:ae:77:c6: 82:92:70:4a:41:ed:b6:d8:40:19:70:9f:77:34:49:b2:f6:f8: ee:b5:11:71:2e:54:7e:2c:ed:42:5f:82:36:9c:d7:3f:3f:f5: 35:0c:22:91:be:aa:22:00:7c:d6:82:7a:e8:5a:3b:e8:79:0c: bc:55:93:db:6b:fc:96:2a:81:87:49:ee:bd:1c:54:e6:44:0b: 43:14:31:b3:dd:c6:92:96:82:0e:b8:9f:49:af:24:cd:48:e2: 13:24:de:38:dc:b1:cb:65:b2:01:13:05:28:9c:44:1a:44:78: 38:4a:1e:42:39:64:70:e4:67:81:32:fd:41:f0:21:f4:5a:44: 0c:7b:d4:dd:41:ed:36:a3:56:40:53:ec:c3:1c:5f:de:75:e3: 68:b9:0a:ab -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICGN8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMjgy MDI1OEFCNjVGRjYxRkQ1RDY2RDk1OTY0RjQ4RUZBMzVEQ0M4NjAeFw0yNjAxMjYw NjU2MTVaFw0yNzAxMDkwODIzMThaMDMxMTAvBgNVBAMTKDM0QjI4QTg2RTE5MThF M0M5QzY3MjRERkZCRjhCQzk4MEI4MjJGOTQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCaKMIjLXBwF9I+Ubln/ASaE76A76c9tw4gxoJEtUl3QCEDTnQZ mTt97KosCpTl57jclGUSWPK9u8a887yL6sDfbBZEpRwyJHwJElB4mp0HMjLeoPco FYh99QrJyIb1larqlBR/4siH0jmknKUfrUSkhf4ETCoZQ4mDI64P/OJKyu1jfjJ7 mVZDtilEXzRqELtOn6sI865OI1T4tq8iMcnQHgMK762kUnMYOxLmwHSpBR/JZ2vI zgnrgwft3T2m78RN5NIYCLbzvq0LYM+h4IZEaak0pC4OyemckCjk8WXZDUC0DXPz qO234KVr8OszRjMqIYZB5gY7YsgWw4cNCj9tAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUNLKKhuGRjjycZyTf+/i8mAuCL5QwHwYDVR0jBBgwFoAUKCAlirZf9h/V1m2V lk9I76NdzIYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTIx Mi9LQ0FsaXJaZjloX1YxbTJWbGs5STc2TmR6SVkuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0tDQWxpclpmOWhfVjFtMlZsazlJNzZOZHpJWS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzEyMTIvTkxLS2h1R1Jqanlj WnlUZi1faThtQXVDTDVRLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAi10YDANBgkqhkiG9w0BAQsFAAOCAQEAqzUOlFnUNNJjJvjNpi1Bf6DlllQO 2M0nJ9a4oq1QccN1svmyVE7jVIrCJm+/CVptGfymxOS8We9DlvAqK1wSAgswameX K4+V2Fxm50jOpHV26Zu8Lrt0t9F/ifyHse4BUryrhQatWnM9rnfGgpJwSkHttthA GXCfdzRJsvb47rURcS5UfiztQl+CNpzXPz/1NQwikb6qIgB81oJ66Fo76HkMvFWT 22v8liqBh0nuvRxU5kQLQxQxs93GkpaCDrifSa8kzUjiEyTeONyxy2WyARMFKJxE GkR4OEoeQjlkcORngTL9QfAh9FpEDHvU3UHtNqNWQFPswxxf3nXjaLkKqw== -----END CERTIFICATE-----Generated at Mon Mar 2 00:19:34 2026 by rpki-client