$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/190/AsXgmXQlnbabI1bW-R0zpcn76tY.roa File: AsXgmXQlnbabI1bW-R0zpcn76tY.roa (raw, json) Hash identifier: /YIZV5ZK2bN7ACdc/DM/VupvHjYd5vv9uQLA5l7obVs= Subject key identifier: 02:C5:E0:99:74:25:9D:B6:9B:23:56:D6:F9:1D:33:A5:C9:FB:EA:D6 Certificate issuer: /CN=E48FED76038496AD2AB1972D13468F4D3D403164 Certificate serial: 196C Authority key identifier: E4:8F:ED:76:03:84:96:AD:2A:B1:97:2D:13:46:8F:4D:3D:40:31:64 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/5I_tdgOElq0qsZctE0aPTT1AMWQ.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/190/AsXgmXQlnbabI1bW-R0zpcn76tY.roa Signing time: Mon 26 Jan 2026 06:55:02 +0000 ROA not before: Mon 26 Jan 2026 06:55:02 +0000 ROA not after: Fri 23 Oct 2026 03:01:03 +0000 asID: 24427 IP address blocks: 202.170.221.0/24 maxlen: 32 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/190/5I_tdgOElq0qsZctE0aPTT1AMWQ.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/190/5I_tdgOElq0qsZctE0aPTT1AMWQ.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/5I_tdgOElq0qsZctE0aPTT1AMWQ.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 02 Mar 2026 10:58:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6508 (0x196c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=E48FED76038496AD2AB1972D13468F4D3D403164 Validity Not Before: Jan 26 06:55:02 2026 GMT Not After : Oct 23 03:01:03 2026 GMT Subject: CN=02C5E09974259DB69B2356D6F91D33A5C9FBEAD6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:f8:5f:71:81:27:7b:4f:23:32:bd:c9:c8:8f: 73:3b:4d:d7:4e:9c:5f:fa:37:1a:b7:53:13:8c:ca: 5e:c2:88:ad:c1:95:ee:3b:cb:fa:32:4b:d1:da:d6: 42:ca:4d:9e:ce:d4:71:2f:d2:cb:98:c4:e3:31:10: 99:5b:82:95:0f:b1:69:7e:2c:8d:ea:01:20:72:ad: 96:13:89:6a:ee:85:7b:e8:02:e7:ed:f2:cd:85:f2: 54:d4:df:3e:ce:5e:8e:be:ef:1b:67:6f:01:d7:c4: 2e:2e:54:ad:69:32:81:d6:1a:70:f0:6d:9b:2c:f8: 4d:93:04:07:2f:90:80:1b:38:1c:8d:03:20:bf:3e: 69:12:7b:40:68:e4:9c:5a:ac:3c:40:9f:05:dc:ef: e5:7e:00:ee:2b:05:16:31:54:3b:8f:dc:47:db:3c: d7:4a:94:80:89:ce:18:9b:df:4b:56:d0:f6:e5:58: 19:19:e3:9e:32:a6:a6:a5:6d:e4:69:c1:03:b2:70: ad:44:21:d2:40:08:e3:68:06:8b:50:34:3b:d1:12: 0f:45:c9:70:1b:fd:24:b4:5f:c3:9b:48:5e:d7:3d: 39:64:31:6f:a0:59:41:f2:1f:ab:65:4d:b4:8b:80: cf:e0:53:a4:72:9f:fc:15:87:47:cd:d3:64:a5:6b: 0f:8d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 02:C5:E0:99:74:25:9D:B6:9B:23:56:D6:F9:1D:33:A5:C9:FB:EA:D6 X509v3 Authority Key Identifier: keyid:E4:8F:ED:76:03:84:96:AD:2A:B1:97:2D:13:46:8F:4D:3D:40:31:64 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/190/5I_tdgOElq0qsZctE0aPTT1AMWQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/5I_tdgOElq0qsZctE0aPTT1AMWQ.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/190/AsXgmXQlnbabI1bW-R0zpcn76tY.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 202.170.221.0/24 Signature Algorithm: sha256WithRSAEncryption ad:7c:98:db:0c:29:c8:c8:af:a0:2a:1a:d9:4a:98:a1:0f:71: e8:6c:7a:bc:9d:63:1a:1b:c9:f1:68:93:f4:99:7a:60:3d:08: ac:81:38:19:23:1a:7c:33:3e:92:22:e0:34:05:aa:e2:dd:a3: 2f:9e:50:5c:8e:a3:d5:44:39:3b:b0:aa:3e:33:f2:13:e2:d6: d6:7a:68:01:c0:5f:21:07:dc:47:7a:ef:5d:13:bf:da:b9:06: 64:6e:1d:82:2b:bd:7e:8c:cb:9e:93:df:f2:56:8a:5d:73:71: 79:78:23:43:ac:93:f6:06:f9:97:78:d7:dd:78:c4:fa:fc:c3: 63:7d:c2:be:8e:72:21:d6:8f:46:6a:ea:d4:57:cd:f2:32:b7: 1c:3e:8c:08:0e:39:f5:de:43:fc:c5:d0:e3:a4:35:1d:27:92: e5:d1:3c:0c:4d:e7:1a:71:a2:35:19:24:7e:26:59:af:60:e7: 95:57:60:3a:71:f5:32:f9:e3:28:60:49:64:3e:c5:42:d3:69: 60:65:7a:0b:19:a3:e4:f6:ea:7a:a5:ba:72:55:1e:94:8f:4a: 41:bb:5b:56:8a:e0:63:6f:4e:ae:f9:9b:15:d8:37:44:0c:4b: 48:b7:56:ac:81:e9:3e:3d:fa:52:d8:d7:e8:08:e9:dd:a7:65: ef:5f:d4:f6 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICGWwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRTQ4 RkVENzYwMzg0OTZBRDJBQjE5NzJEMTM0NjhGNEQzRDQwMzE2NDAeFw0yNjAxMjYw NjU1MDJaFw0yNjEwMjMwMzAxMDNaMDMxMTAvBgNVBAMTKDAyQzVFMDk5NzQyNTlE QjY5QjIzNTZENkY5MUQzM0E1QzlGQkVBRDYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDM+F9xgSd7TyMyvcnIj3M7TddOnF/6Nxq3UxOMyl7CiK3Ble47 y/oyS9Ha1kLKTZ7O1HEv0suYxOMxEJlbgpUPsWl+LI3qASByrZYTiWruhXvoAuft 8s2F8lTU3z7OXo6+7xtnbwHXxC4uVK1pMoHWGnDwbZss+E2TBAcvkIAbOByNAyC/ PmkSe0Bo5JxarDxAnwXc7+V+AO4rBRYxVDuP3EfbPNdKlICJzhib30tW0PblWBkZ 454ypqalbeRpwQOycK1EIdJACONoBotQNDvREg9FyXAb/SS0X8ObSF7XPTlkMW+g WUHyH6tlTbSLgM/gU6Ryn/wVh0fN02Slaw+NAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUAsXgmXQlnbabI1bW+R0zpcn76tYwHwYDVR0jBBgwFoAU5I/tdgOElq0qsZct E0aPTT1AMWQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTkw LzVJX3RkZ09FbHEwcXNaY3RFMGFQVFQxQU1XUS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvNUlfdGRnT0VscTBxc1pjdEUwYVBUVDFBTVdRLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTkwL0FzWGdtWFFsbmJhYkkx YlctUjB6cGNuNzZ0WS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BADKqt0wDQYJKoZIhvcNAQELBQADggEBAK18mNsMKcjIr6AqGtlKmKEPcehseryd YxobyfFok/SZemA9CKyBOBkjGnwzPpIi4DQFquLdoy+eUFyOo9VEOTuwqj4z8hPi 1tZ6aAHAXyEH3Ed6710Tv9q5BmRuHYIrvX6My56T3/JWil1zcXl4I0Osk/YG+Zd4 1914xPr8w2N9wr6OciHWj0Zq6tRXzfIytxw+jAgOOfXeQ/zF0OOkNR0nkuXRPAxN 5xpxojUZJH4mWa9g55VXYDpx9TL54yhgSWQ+xULTaWBlegsZo+T26nqlunJVHpSP SkG7W1aK4GNvTq75mxXYN0QMS0i3VqyB6T49+lLY1+gI6d2nZe9f1PY= -----END CERTIFICATE-----Generated at Mon Mar 2 09:57:43 2026 by rpki-client