$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1239/yby75Yhz2kAq1cMvZ1uHmR3qXZo.roa File: yby75Yhz2kAq1cMvZ1uHmR3qXZo.roa (raw, json) Hash identifier: OElGPcvv7JxSRuJ4J/Exx2xKwqcIQ/jbMHPNKhzIwvs= Subject key identifier: C9:BC:BB:E5:88:73:DA:40:2A:D5:C3:2F:67:5B:87:99:1D:EA:5D:9A Certificate issuer: /CN=91989A02AD0D13692FCB6F6F96EA362D7DDCFA4B Certificate serial: 03 Authority key identifier: 91:98:9A:02:AD:0D:13:69:2F:CB:6F:6F:96:EA:36:2D:7D:DC:FA:4B Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/kZiaAq0NE2kvy29vluo2LX3c-ks.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1239/yby75Yhz2kAq1cMvZ1uHmR3qXZo.roa Signing time: Mon 02 Feb 2026 02:52:04 +0000 ROA not before: Mon 02 Feb 2026 02:52:04 +0000 ROA not after: Sat 09 Jan 2027 08:23:18 +0000 asID: 399138 IP address blocks: 45.121.96.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1239/kZiaAq0NE2kvy29vluo2LX3c-ks.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1239/kZiaAq0NE2kvy29vluo2LX3c-ks.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/kZiaAq0NE2kvy29vluo2LX3c-ks.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 02 Mar 2026 05:58:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3 (0x3) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=91989A02AD0D13692FCB6F6F96EA362D7DDCFA4B Validity Not Before: Feb 2 02:52:04 2026 GMT Not After : Jan 9 08:23:18 2027 GMT Subject: CN=C9BCBBE58873DA402AD5C32F675B87991DEA5D9A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e1:79:e2:e5:94:b9:41:af:fb:91:fb:f6:c0:39: 60:fe:4b:d5:26:8e:05:7d:9e:a6:ea:24:2e:00:44: c4:5a:8a:41:5b:d6:08:4f:a1:2e:3f:af:34:83:8a: de:7c:f5:9e:20:5e:97:e4:21:84:e8:eb:ff:2b:d2: 5e:2c:89:65:8c:f2:6a:40:52:57:a8:a7:20:e8:0f: e5:ad:88:85:92:91:59:bb:ff:fb:da:57:55:0a:fb: 3f:10:3e:cd:eb:88:dc:f4:a4:e4:1c:12:02:8a:2b: a5:3a:27:9e:d5:6d:eb:5a:61:bb:c1:1b:83:e9:bb: ca:e6:1d:3c:5b:29:31:1c:35:a9:aa:cb:56:64:ff: c0:42:83:ab:a5:05:36:d5:66:5d:90:48:ce:3c:4e: ae:ad:bb:82:f5:ad:50:6a:2a:91:d2:5d:7d:ec:d8: 35:52:41:27:1a:ac:69:6d:7f:fb:29:38:dd:89:53: 4d:92:35:90:c9:5b:ea:db:c4:58:af:31:02:6a:59: 8b:79:3f:82:af:4e:6e:06:60:9a:60:bd:9a:35:7c: 9f:5a:b0:a8:50:9e:b3:7d:eb:2a:25:0c:65:ea:12: 92:e3:87:27:96:66:69:37:68:53:dc:25:60:07:37: c0:e8:b6:aa:fe:af:12:24:c4:9a:e5:59:08:fe:5f: d4:77 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C9:BC:BB:E5:88:73:DA:40:2A:D5:C3:2F:67:5B:87:99:1D:EA:5D:9A X509v3 Authority Key Identifier: keyid:91:98:9A:02:AD:0D:13:69:2F:CB:6F:6F:96:EA:36:2D:7D:DC:FA:4B X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1239/kZiaAq0NE2kvy29vluo2LX3c-ks.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/kZiaAq0NE2kvy29vluo2LX3c-ks.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1239/yby75Yhz2kAq1cMvZ1uHmR3qXZo.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 45.121.96.0/22 Signature Algorithm: sha256WithRSAEncryption 58:0d:a3:d9:9a:d1:38:59:55:0b:90:f8:67:43:bf:59:30:57: 6c:c7:f8:81:eb:20:11:4d:d6:9c:ce:40:60:6a:33:f2:b1:44: c7:46:e4:80:cb:cd:50:a0:fd:c5:84:de:8f:3a:e4:39:ca:b2: 6f:9c:6c:2a:d1:09:22:87:1e:51:46:4a:18:e0:1d:42:ac:09: f2:d1:d0:f4:14:f6:d7:58:06:61:ec:50:8e:e6:7d:d1:e0:19: 2a:2c:19:05:5c:aa:07:a5:a2:6d:66:fe:0d:f6:71:20:b7:ee: dc:c6:e6:22:fd:9d:e8:5f:f0:fd:af:fe:a3:9f:87:07:44:3b: d4:9a:89:74:69:95:5f:18:97:7f:02:eb:30:0d:90:67:4f:f5: 02:01:e6:1d:60:29:f2:a6:e2:d3:dd:b3:67:ca:2a:83:77:46: f8:9d:9f:b6:f8:30:fe:94:1f:62:b5:df:74:01:7c:65:73:05: d0:71:49:b8:a7:dd:30:40:67:c1:f0:cb:78:e1:15:42:20:4d: 42:87:ea:ef:e0:e8:5b:4a:c1:52:4e:b0:9b:3c:4a:a7:33:13: 7e:63:ec:a6:83:b3:29:f0:e8:36:9d:53:59:1b:d9:41:e3:60: bd:8b:24:16:67:f1:78:5c:54:8b:0e:96:ce:ee:2c:73:81:2d: 35:84:5f:8a -----BEGIN CERTIFICATE----- MIIE1jCCA76gAwIBAgIBAzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5MTk4 OUEwMkFEMEQxMzY5MkZDQjZGNkY5NkVBMzYyRDdERENGQTRCMB4XDTI2MDIwMjAy NTIwNFoXDTI3MDEwOTA4MjMxOFowMzExMC8GA1UEAxMoQzlCQ0JCRTU4ODczREE0 MDJBRDVDMzJGNjc1Qjg3OTkxREVBNUQ5QTCCASIwDQYJKoZIhvcNAQEBBQADggEP ADCCAQoCggEBAOF54uWUuUGv+5H79sA5YP5L1SaOBX2epuokLgBExFqKQVvWCE+h Lj+vNIOK3nz1niBel+QhhOjr/yvSXiyJZYzyakBSV6inIOgP5a2IhZKRWbv/+9pX VQr7PxA+zeuI3PSk5BwSAoorpTonntVt61phu8Ebg+m7yuYdPFspMRw1qarLVmT/ wEKDq6UFNtVmXZBIzjxOrq27gvWtUGoqkdJdfezYNVJBJxqsaW1/+yk43YlTTZI1 kMlb6tvEWK8xAmpZi3k/gq9ObgZgmmC9mjV8n1qwqFCes33rKiUMZeoSkuOHJ5Zm aTdoU9wlYAc3wOi2qv6vEiTEmuVZCP5f1HcCAwEAAaOCAfMwggHvMB0GA1UdDgQW BBTJvLvliHPaQCrVwy9nW4eZHepdmjAfBgNVHSMEGDAWgBSRmJoCrQ0TaS/Lb2+W 6jYtfdz6SzAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMF0GA1UdHwRWMFQwUqBQ oE6GTHJzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC8xMjM5 L2taaWFBcTBORTJrdnkyOXZsdW8yTFgzYy1rcy5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAva1ppYUFxME5FMmt2eTI5dmx1bzJMWDNjLWtzLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZ0GCCsGAQUFBwELBIGQMIGNMFgGCCsGAQUFBzALhkxyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTIzOS95Ynk3NVloejJrQXEx Y012WjF1SG1SM3FYWm8ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25u aWMuY24vcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQCLXlgMA0GCSqGSIb3DQEBCwUAA4IBAQBYDaPZmtE4WVULkPhnQ79ZMFdsx/iB 6yARTdaczkBgajPysUTHRuSAy81QoP3FhN6POuQ5yrJvnGwq0Qkihx5RRkoY4B1C rAny0dD0FPbXWAZh7FCO5n3R4BkqLBkFXKoHpaJtZv4N9nEgt+7cxuYi/Z3oX/D9 r/6jn4cHRDvUmol0aZVfGJd/AuswDZBnT/UCAeYdYCnypuLT3bNnyiqDd0b4nZ+2 +DD+lB9itd90AXxlcwXQcUm4p90wQGfB8Mt44RVCIE1Ch+rv4OhbSsFSTrCbPEqn MxN+Y+ymg7Mp8Og2nVNZG9lB42C9iyQWZ/F4XFSLDpbO7ixzgS01hF+K -----END CERTIFICATE-----Generated at Mon Mar 2 03:57:06 2026 by rpki-client