$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1212/aVzNCR3v7HiuGe2nwYVocA3nKD0.roa File: aVzNCR3v7HiuGe2nwYVocA3nKD0.roa (raw, json) Hash identifier: VQYg6X41I9K3bkkDLyRhaxL9qX1DdOXnA2NK8J733MU= Subject key identifier: 69:5C:CD:09:1D:EF:EC:78:AE:19:ED:A7:C1:85:68:70:0D:E7:28:3D Certificate issuer: /CN=2820258AB65FF61FD5D66D95964F48EFA35DCC86 Certificate serial: 18DE Authority key identifier: 28:20:25:8A:B6:5F:F6:1F:D5:D6:6D:95:96:4F:48:EF:A3:5D:CC:86 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KCAlirZf9h_V1m2Vlk9I76NdzIY.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1212/aVzNCR3v7HiuGe2nwYVocA3nKD0.roa Signing time: Mon 26 Jan 2026 06:56:14 +0000 ROA not before: Mon 26 Jan 2026 06:56:14 +0000 ROA not after: Sat 09 Jan 2027 08:23:18 +0000 asID: 149628 IP address blocks: 103.23.164.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1212/KCAlirZf9h_V1m2Vlk9I76NdzIY.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1212/KCAlirZf9h_V1m2Vlk9I76NdzIY.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KCAlirZf9h_V1m2Vlk9I76NdzIY.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 02 Mar 2026 13:30:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6366 (0x18de) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2820258AB65FF61FD5D66D95964F48EFA35DCC86 Validity Not Before: Jan 26 06:56:14 2026 GMT Not After : Jan 9 08:23:18 2027 GMT Subject: CN=695CCD091DEFEC78AE19EDA7C18568700DE7283D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:da:f6:32:21:75:8e:fd:ad:67:ee:4f:1c:fd:de: 0c:09:a8:1a:84:e6:9d:6c:38:55:56:67:72:0a:9b: 5d:16:f1:ed:e7:d4:66:6e:94:58:ba:bf:3f:a6:31: a9:c2:38:1f:70:2b:3c:fb:f8:83:93:15:1f:b6:64: d0:e1:82:e6:a7:a1:30:07:6c:29:29:ab:e2:ca:15: ad:87:b0:46:37:b0:8a:a9:77:2d:c5:40:ea:46:e4: a5:95:62:aa:47:b4:5d:d6:9d:ea:a5:2e:2a:ae:74: cd:56:78:ff:3f:87:18:64:c4:2f:59:5c:f0:2c:d8: 67:1c:17:d6:63:c6:a8:2b:4d:c6:5c:49:9b:ea:29: b6:3c:ed:f0:a0:0a:8d:33:1f:51:f8:4a:0c:87:86: 5d:e5:1d:42:3e:c5:33:0e:f7:80:12:6d:ad:1b:8b: ee:84:b3:ff:2b:e2:fa:b8:30:65:31:ef:7b:9a:36: cd:18:ec:33:28:54:36:4a:84:3a:f6:4b:77:9a:78: b3:06:8a:af:72:4c:16:4b:ee:2a:28:97:00:3e:5e: bd:0c:5a:30:53:f2:68:3d:54:4a:0a:4d:8f:98:95: b0:a4:37:72:0b:59:21:13:f7:e9:c3:81:06:e2:bb: db:a5:d3:8c:3b:c0:7b:80:a4:73:a6:b5:82:38:20: cc:29 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 69:5C:CD:09:1D:EF:EC:78:AE:19:ED:A7:C1:85:68:70:0D:E7:28:3D X509v3 Authority Key Identifier: keyid:28:20:25:8A:B6:5F:F6:1F:D5:D6:6D:95:96:4F:48:EF:A3:5D:CC:86 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1212/KCAlirZf9h_V1m2Vlk9I76NdzIY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KCAlirZf9h_V1m2Vlk9I76NdzIY.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1212/aVzNCR3v7HiuGe2nwYVocA3nKD0.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.23.164.0/22 Signature Algorithm: sha256WithRSAEncryption 8c:17:13:fc:48:37:6c:ab:ed:2f:56:7e:67:6b:5f:38:7a:79: 8a:f1:94:dd:2f:cc:5c:99:7a:40:62:79:76:e4:a8:41:32:f8: 7f:9d:25:89:14:7e:c1:61:90:f8:82:2c:f8:0a:2f:18:e3:c2: 93:92:0a:0f:80:e6:59:04:8f:26:70:f5:2f:dc:bc:2b:19:6d: 61:d0:20:c4:c0:96:f9:c1:23:4b:ee:1e:4d:1e:b2:9d:d9:c5: 12:04:46:38:c7:81:74:b5:9e:06:55:27:1a:a0:b0:ab:a3:81: b5:e0:ce:e1:57:b0:a5:fc:08:cd:a5:a5:28:69:c5:93:3b:4e: 15:92:58:6e:3a:2a:c9:37:18:66:98:91:26:44:96:2a:10:23: 22:f3:66:71:25:1c:a9:37:78:12:f4:05:8b:96:98:0a:9f:1b: 6a:b0:f3:28:47:c7:e0:13:5c:1a:12:1f:57:90:ef:f2:57:f6: e5:b0:38:f2:7d:1c:a0:8d:80:8d:d8:c7:5b:b1:ae:88:ec:91: 8b:e7:16:81:f0:39:d5:a0:8c:8b:d5:2e:0c:22:62:55:4f:b1: 1e:9f:8a:d3:e1:9f:b2:dc:a3:04:23:c2:6e:f6:56:38:22:60: f4:b5:16:2e:6b:f3:9f:80:b7:b3:4c:52:73:ad:f9:bf:45:22: f5:87:f8:a5 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICGN4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMjgy MDI1OEFCNjVGRjYxRkQ1RDY2RDk1OTY0RjQ4RUZBMzVEQ0M4NjAeFw0yNjAxMjYw NjU2MTRaFw0yNzAxMDkwODIzMThaMDMxMTAvBgNVBAMTKDY5NUNDRDA5MURFRkVD NzhBRTE5RURBN0MxODU2ODcwMERFNzI4M0QwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDa9jIhdY79rWfuTxz93gwJqBqE5p1sOFVWZ3IKm10W8e3n1GZu lFi6vz+mManCOB9wKzz7+IOTFR+2ZNDhguanoTAHbCkpq+LKFa2HsEY3sIqpdy3F QOpG5KWVYqpHtF3WneqlLiqudM1WeP8/hxhkxC9ZXPAs2GccF9ZjxqgrTcZcSZvq KbY87fCgCo0zH1H4SgyHhl3lHUI+xTMO94ASba0bi+6Es/8r4vq4MGUx73uaNs0Y 7DMoVDZKhDr2S3eaeLMGiq9yTBZL7ioolwA+Xr0MWjBT8mg9VEoKTY+YlbCkN3IL WSET9+nDgQbiu9ul04w7wHuApHOmtYI4IMwpAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUaVzNCR3v7HiuGe2nwYVocA3nKD0wHwYDVR0jBBgwFoAUKCAlirZf9h/V1m2V lk9I76NdzIYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTIx Mi9LQ0FsaXJaZjloX1YxbTJWbGs5STc2TmR6SVkuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0tDQWxpclpmOWhfVjFtMlZsazlJNzZOZHpJWS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzEyMTIvYVZ6TkNSM3Y3SGl1 R2UybndZVm9jQTNuS0QwLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAmcXpDANBgkqhkiG9w0BAQsFAAOCAQEAjBcT/Eg3bKvtL1Z+Z2tfOHp5ivGU 3S/MXJl6QGJ5duSoQTL4f50liRR+wWGQ+IIs+AovGOPCk5IKD4DmWQSPJnD1L9y8 KxltYdAgxMCW+cEjS+4eTR6yndnFEgRGOMeBdLWeBlUnGqCwq6OBteDO4VewpfwI zaWlKGnFkztOFZJYbjoqyTcYZpiRJkSWKhAjIvNmcSUcqTd4EvQFi5aYCp8barDz KEfH4BNcGhIfV5Dv8lf25bA48n0coI2AjdjHW7GuiOyRi+cWgfA51aCMi9UuDCJi VU+xHp+K0+GfstyjBCPCbvZWOCJg9LUWLmvzn4C3s0xSc635v0Ui9Yf4pQ== -----END CERTIFICATE-----Generated at Mon Mar 2 13:09:46 2026 by rpki-client