$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1646/OW6iAfwRRHHVt12DS1N-x_ibTBM.roa File: OW6iAfwRRHHVt12DS1N-x_ibTBM.roa (raw, json) Hash identifier: luKbZ8aRysLbTsFFTbWnFt3VENVsVo2qhv4TfsEU7TY= Subject key identifier: 39:6E:A2:01:FC:11:44:71:D5:B7:5D:83:4B:53:7E:C7:F8:9B:4C:13 Certificate issuer: /CN=1619C986780A13F380FE45EDC28EF4C842884843 Certificate serial: 0146 Authority key identifier: 16:19:C9:86:78:0A:13:F3:80:FE:45:ED:C2:8E:F4:C8:42:88:48:43 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/FhnJhngKE_OA_kXtwo70yEKISEM.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1646/OW6iAfwRRHHVt12DS1N-x_ibTBM.roa Signing time: Thu 26 Feb 2026 08:21:15 +0000 ROA not before: Thu 26 Feb 2026 08:21:15 +0000 ROA not after: Sat 09 Jan 2027 08:23:18 +0000 asID: 135629 IP address blocks: 52.82.0.0/15 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1646/FhnJhngKE_OA_kXtwo70yEKISEM.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1646/FhnJhngKE_OA_kXtwo70yEKISEM.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/FhnJhngKE_OA_kXtwo70yEKISEM.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 02 Mar 2026 15:59:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 326 (0x146) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1619C986780A13F380FE45EDC28EF4C842884843 Validity Not Before: Feb 26 08:21:15 2026 GMT Not After : Jan 9 08:23:18 2027 GMT Subject: CN=396EA201FC114471D5B75D834B537EC7F89B4C13 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d2:b6:e5:fb:43:64:95:fc:b7:4b:55:11:21:db: 25:01:99:10:6d:2a:fa:1f:1c:1d:90:e9:a7:62:e8: 5f:51:7f:7a:24:aa:d5:d3:c4:e7:88:ac:7a:67:58: 0c:08:1b:09:cb:aa:7c:67:05:f3:d3:20:7e:63:45: e2:82:e4:cc:3a:b7:65:2d:76:a3:2c:95:6a:5e:98: 02:a1:89:6b:ab:43:0a:6d:c3:89:3d:d2:c2:54:27: a6:51:0f:5e:f8:4c:39:e0:fe:d5:b3:aa:54:d5:48: ef:1e:ff:a4:6d:c1:86:92:4d:bf:60:e0:97:ef:3d: 10:4c:32:27:b8:0e:14:25:c9:39:78:27:9c:9e:63: 9c:c8:fc:71:46:3a:b1:4c:a2:33:60:e0:42:e2:10: c2:1c:68:c1:f0:b0:ae:cb:7f:ad:ee:b3:7a:fc:8a: 89:67:c7:fb:ea:62:4d:5e:be:17:47:45:69:c0:47: df:f3:74:db:b2:f8:d0:72:01:f6:f5:08:cb:6b:2a: aa:33:36:7a:06:03:af:b9:eb:c3:d5:03:74:ad:9c: 58:bf:b8:fd:2b:8f:7f:29:d0:f8:80:29:b8:26:1e: 0a:eb:61:16:3e:d3:5a:93:d8:ee:92:e2:40:49:d2: 5c:3b:6d:f4:58:0b:dc:4c:02:36:eb:81:ea:ea:10: e3:19 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 39:6E:A2:01:FC:11:44:71:D5:B7:5D:83:4B:53:7E:C7:F8:9B:4C:13 X509v3 Authority Key Identifier: keyid:16:19:C9:86:78:0A:13:F3:80:FE:45:ED:C2:8E:F4:C8:42:88:48:43 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1646/FhnJhngKE_OA_kXtwo70yEKISEM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/FhnJhngKE_OA_kXtwo70yEKISEM.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1646/OW6iAfwRRHHVt12DS1N-x_ibTBM.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 52.82.0.0/15 Signature Algorithm: sha256WithRSAEncryption 78:0d:b0:fa:bf:5b:a3:ce:b4:31:25:51:b7:28:ec:8d:24:52: 37:26:16:e9:9a:b8:d0:8a:fd:5f:5c:33:d0:35:6f:4a:af:e6: a1:50:b2:3f:9c:9b:23:5f:b7:fd:8b:8a:1a:92:e5:8a:2f:d4: e4:aa:63:35:f4:e4:0b:27:aa:15:8a:b7:d7:b7:f1:b0:be:23: 8c:9e:0c:45:14:e4:a7:fb:7c:cd:e1:16:a5:b4:53:87:8f:08: c6:31:27:2d:fd:d1:c4:05:92:9f:0c:16:d7:fa:2a:c3:c7:a3: a1:eb:b0:46:05:d8:76:91:c5:27:07:25:94:3f:64:d4:df:9a: b9:0d:2f:36:6e:59:7c:0d:2e:5f:03:db:ee:22:d3:09:7b:7f: c1:ac:c0:3b:42:75:e3:e8:62:99:85:ae:6c:f2:3f:2b:1f:44: 13:ff:b8:0a:d2:e7:61:9c:e8:15:58:14:4e:83:a2:47:df:0e: 24:46:6d:4a:d9:f6:1a:f8:de:88:72:ed:d3:d5:c9:e8:30:1e: 5d:70:de:b7:43:9f:dc:bd:d2:c7:94:dd:b5:c3:c1:c0:0d:20: 4c:ba:bf:90:75:ff:ab:b7:15:bf:7f:fe:76:60:88:48:ca:92: ae:d2:67:66:d2:5f:dc:c5:6a:f0:80:b7:24:f5:e4:4b:26:bf: 12:b7:5e:e0 -----BEGIN CERTIFICATE----- MIIE1jCCA76gAwIBAgICAUYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMTYx OUM5ODY3ODBBMTNGMzgwRkU0NUVEQzI4RUY0Qzg0Mjg4NDg0MzAeFw0yNjAyMjYw ODIxMTVaFw0yNzAxMDkwODIzMThaMDMxMTAvBgNVBAMTKDM5NkVBMjAxRkMxMTQ0 NzFENUI3NUQ4MzRCNTM3RUM3Rjg5QjRDMTMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDStuX7Q2SV/LdLVREh2yUBmRBtKvofHB2Q6adi6F9Rf3okqtXT xOeIrHpnWAwIGwnLqnxnBfPTIH5jReKC5Mw6t2UtdqMslWpemAKhiWurQwptw4k9 0sJUJ6ZRD174TDng/tWzqlTVSO8e/6RtwYaSTb9g4JfvPRBMMie4DhQlyTl4J5ye Y5zI/HFGOrFMojNg4ELiEMIcaMHwsK7Lf63us3r8iolnx/vqYk1evhdHRWnAR9/z dNuy+NByAfb1CMtrKqozNnoGA6+568PVA3StnFi/uP0rj38p0PiAKbgmHgrrYRY+ 01qT2O6S4kBJ0lw7bfRYC9xMAjbrgerqEOMZAgMBAAGjggHyMIIB7jAdBgNVHQ4E FgQUOW6iAfwRRHHVt12DS1N+x/ibTBMwHwYDVR0jBBgwFoAUFhnJhngKE/OA/kXt wo70yEKISEMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTY0 Ni9GaG5KaG5nS0VfT0Ffa1h0d283MHlFS0lTRU0uY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0ZobkpobmdLRV9PQV9rWHR3bzcweUVLSVNFTS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzE2NDYvT1c2aUFmd1JSSEhW dDEyRFMxTi14X2liVEJNLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEw BQMDATRSMA0GCSqGSIb3DQEBCwUAA4IBAQB4DbD6v1ujzrQxJVG3KOyNJFI3Jhbp mrjQiv1fXDPQNW9Kr+ahULI/nJsjX7f9i4oakuWKL9TkqmM19OQLJ6oVirfXt/Gw viOMngxFFOSn+3zN4RaltFOHjwjGMSct/dHEBZKfDBbX+irDx6Oh67BGBdh2kcUn ByWUP2TU35q5DS82bll8DS5fA9vuItMJe3/BrMA7QnXj6GKZha5s8j8rH0QT/7gK 0udhnOgVWBROg6JH3w4kRm1K2fYa+N6Icu3T1cnoMB5dcN63Q5/cvdLHlN21w8HA DSBMur+Qdf+rtxW/f/52YIhIypKu0mdm0l/cxWrwgLck9eRLJr8St17g -----END CERTIFICATE-----Generated at Mon Mar 2 14:51:24 2026 by rpki-client