$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/190/2ySXPueeKg16gsqHcFsVC9JNs10.roa File: 2ySXPueeKg16gsqHcFsVC9JNs10.roa (raw, json) Hash identifier: kH9hywEObby9n5VG21Syrw8ZzsncChogtO5BPYypB5Q= Subject key identifier: DB:24:97:3E:E7:9E:2A:0D:7A:82:CA:87:70:5B:15:0B:D2:4D:B3:5D Certificate issuer: /CN=E48FED76038496AD2AB1972D13468F4D3D403164 Certificate serial: 196F Authority key identifier: E4:8F:ED:76:03:84:96:AD:2A:B1:97:2D:13:46:8F:4D:3D:40:31:64 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/5I_tdgOElq0qsZctE0aPTT1AMWQ.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/190/2ySXPueeKg16gsqHcFsVC9JNs10.roa Signing time: Mon 26 Jan 2026 06:55:02 +0000 ROA not before: Mon 26 Jan 2026 06:55:02 +0000 ROA not after: Fri 23 Oct 2026 03:01:03 +0000 asID: 24427 IP address blocks: 202.170.219.0/24 maxlen: 32 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/190/5I_tdgOElq0qsZctE0aPTT1AMWQ.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/190/5I_tdgOElq0qsZctE0aPTT1AMWQ.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/5I_tdgOElq0qsZctE0aPTT1AMWQ.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 02 Mar 2026 15:58:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6511 (0x196f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=E48FED76038496AD2AB1972D13468F4D3D403164 Validity Not Before: Jan 26 06:55:02 2026 GMT Not After : Oct 23 03:01:03 2026 GMT Subject: CN=DB24973EE79E2A0D7A82CA87705B150BD24DB35D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:99:08:95:c2:1d:79:63:d7:4c:98:1f:8d:c7:eb: e1:7f:26:52:c4:c8:1f:c8:47:11:7a:69:66:41:2a: 95:a9:25:28:7a:17:76:cf:fd:48:02:68:b2:d6:14: 9b:c4:4d:51:ea:df:73:f0:45:70:16:6f:e8:55:dd: b8:96:c5:c5:ae:b9:ff:a6:11:01:df:db:f9:27:1a: 78:84:8c:4b:42:40:d4:f2:09:34:e5:61:90:e2:7e: c9:c9:3a:88:82:6b:19:75:11:be:a8:7d:7d:de:6c: c2:16:d2:dd:1e:f6:63:ea:ba:69:96:e0:c2:b2:7b: 13:d1:08:b4:f4:bf:65:c1:19:0c:6e:92:f8:30:66: e7:2a:b5:b7:dc:41:73:fa:44:65:79:f6:9e:65:a2: d7:a1:7c:75:05:2f:72:d8:39:f4:b9:58:b9:7e:26: 69:2b:f2:05:78:1d:b5:49:d4:27:6f:48:a4:0f:e8: af:5f:6f:fd:fa:e3:2c:42:cf:58:30:5c:4d:14:f7: 1b:a0:7d:4f:04:b8:c0:34:f8:e5:1c:42:ca:59:9c: de:45:3e:97:44:e4:74:95:b0:ce:aa:6c:b6:eb:06: 7a:6d:a4:00:e8:d6:c8:12:e1:54:9f:e3:0e:44:05: 58:5c:45:2b:f0:0d:3c:b9:72:b8:d1:41:aa:b8:c7: 9c:25 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DB:24:97:3E:E7:9E:2A:0D:7A:82:CA:87:70:5B:15:0B:D2:4D:B3:5D X509v3 Authority Key Identifier: keyid:E4:8F:ED:76:03:84:96:AD:2A:B1:97:2D:13:46:8F:4D:3D:40:31:64 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/190/5I_tdgOElq0qsZctE0aPTT1AMWQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/5I_tdgOElq0qsZctE0aPTT1AMWQ.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/190/2ySXPueeKg16gsqHcFsVC9JNs10.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 202.170.219.0/24 Signature Algorithm: sha256WithRSAEncryption aa:c3:a3:d3:49:23:90:a3:d0:99:59:41:86:29:77:d8:f0:c6: 42:9d:f9:77:26:46:2e:83:6c:19:23:c0:aa:f2:94:67:98:bb: 5a:a8:9c:9e:84:95:1e:79:02:16:2b:d9:f6:2c:61:fe:bb:ca: 8e:49:88:95:79:67:f8:ba:7f:29:a7:dd:c1:4c:0d:a8:48:e7: 27:1c:16:a9:2a:a5:da:6f:dc:47:1d:68:36:96:c3:18:43:dc: 9a:da:d4:13:83:84:5d:96:cf:09:05:51:d0:91:68:c2:45:2e: c9:5a:75:a3:b0:e6:32:ca:0a:9b:2f:c6:56:5b:f8:98:23:64: 95:2d:d6:81:33:56:25:23:a8:be:5a:cf:b5:0a:4c:b2:03:ce: 86:72:1f:ad:4c:a4:a1:8e:63:9b:63:f8:15:a0:0b:82:90:a2: ad:1a:4b:e8:d7:bf:d7:da:ff:01:f5:71:99:01:5c:c2:c4:8f: 83:f1:dd:1c:81:9e:1e:2a:e8:17:84:bc:10:ed:74:fd:86:97: 14:23:da:b5:a6:87:e0:30:5b:bc:8b:fd:bf:33:81:8c:85:f7: 30:56:c0:20:58:a1:fa:61:b2:d5:76:c3:6f:dd:a0:c1:d2:c5: 32:b5:f5:a2:7f:56:e8:13:b7:5e:2d:0d:ff:0b:7e:14:fb:07: bc:bd:66:c2 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICGW8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRTQ4 RkVENzYwMzg0OTZBRDJBQjE5NzJEMTM0NjhGNEQzRDQwMzE2NDAeFw0yNjAxMjYw NjU1MDJaFw0yNjEwMjMwMzAxMDNaMDMxMTAvBgNVBAMTKERCMjQ5NzNFRTc5RTJB MEQ3QTgyQ0E4NzcwNUIxNTBCRDI0REIzNUQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCZCJXCHXlj10yYH43H6+F/JlLEyB/IRxF6aWZBKpWpJSh6F3bP /UgCaLLWFJvETVHq33PwRXAWb+hV3biWxcWuuf+mEQHf2/knGniEjEtCQNTyCTTl YZDifsnJOoiCaxl1Eb6ofX3ebMIW0t0e9mPqummW4MKyexPRCLT0v2XBGQxukvgw ZucqtbfcQXP6RGV59p5lotehfHUFL3LYOfS5WLl+Jmkr8gV4HbVJ1CdvSKQP6K9f b/364yxCz1gwXE0U9xugfU8EuMA0+OUcQspZnN5FPpdE5HSVsM6qbLbrBnptpADo 1sgS4VSf4w5EBVhcRSvwDTy5crjRQaq4x5wlAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQU2ySXPueeKg16gsqHcFsVC9JNs10wHwYDVR0jBBgwFoAU5I/tdgOElq0qsZct E0aPTT1AMWQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTkw LzVJX3RkZ09FbHEwcXNaY3RFMGFQVFQxQU1XUS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvNUlfdGRnT0VscTBxc1pjdEUwYVBUVDFBTVdRLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTkwLzJ5U1hQdWVlS2cxNmdz cUhjRnNWQzlKTnMxMC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BADKqtswDQYJKoZIhvcNAQELBQADggEBAKrDo9NJI5Cj0JlZQYYpd9jwxkKd+Xcm Ri6DbBkjwKrylGeYu1qonJ6ElR55AhYr2fYsYf67yo5JiJV5Z/i6fymn3cFMDahI 5yccFqkqpdpv3EcdaDaWwxhD3Jra1BODhF2WzwkFUdCRaMJFLsladaOw5jLKCpsv xlZb+JgjZJUt1oEzViUjqL5az7UKTLIDzoZyH61MpKGOY5tj+BWgC4KQoq0aS+jX v9fa/wH1cZkBXMLEj4Px3RyBnh4q6BeEvBDtdP2GlxQj2rWmh+AwW7yL/b8zgYyF 9zBWwCBYofphstV2w2/doMHSxTK19aJ/VugTt14tDf8LfhT7B7y9ZsI= -----END CERTIFICATE-----Generated at Mon Mar 2 13:07:52 2026 by rpki-client