$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/190/NtDgHgttC4AtVi7WA45dTq6F_XY.roa File: NtDgHgttC4AtVi7WA45dTq6F_XY.roa (raw, json) Hash identifier: MCuyV55Hn2qvs9ldQmrl3XO+GjIyuP6/3rOWt4k3UQU= Subject key identifier: 36:D0:E0:1E:0B:6D:0B:80:2D:56:2E:D6:03:8E:5D:4E:AE:85:FD:76 Certificate issuer: /CN=E48FED76038496AD2AB1972D13468F4D3D403164 Certificate serial: 196A Authority key identifier: E4:8F:ED:76:03:84:96:AD:2A:B1:97:2D:13:46:8F:4D:3D:40:31:64 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/5I_tdgOElq0qsZctE0aPTT1AMWQ.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/190/NtDgHgttC4AtVi7WA45dTq6F_XY.roa Signing time: Mon 26 Jan 2026 06:55:02 +0000 ROA not before: Mon 26 Jan 2026 06:55:02 +0000 ROA not after: Fri 23 Oct 2026 03:01:03 +0000 asID: 24427 IP address blocks: 202.170.218.0/24 maxlen: 32 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/190/5I_tdgOElq0qsZctE0aPTT1AMWQ.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/190/5I_tdgOElq0qsZctE0aPTT1AMWQ.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/5I_tdgOElq0qsZctE0aPTT1AMWQ.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 03 Mar 2026 01:28:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6506 (0x196a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=E48FED76038496AD2AB1972D13468F4D3D403164 Validity Not Before: Jan 26 06:55:02 2026 GMT Not After : Oct 23 03:01:03 2026 GMT Subject: CN=36D0E01E0B6D0B802D562ED6038E5D4EAE85FD76 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:9b:57:c5:b4:e9:59:56:54:20:fb:4e:64:89: 01:13:70:3f:01:5b:5d:08:c8:d4:cc:05:88:18:4c: 1a:51:ad:fb:0b:bd:ed:eb:71:a6:39:cc:85:d4:09: e4:80:a0:ff:dc:dd:76:bc:82:c3:47:05:43:56:d2: ad:06:dd:74:0f:90:a8:9b:f3:1d:61:05:2c:06:7b: ff:64:a7:68:61:55:d4:74:5f:91:c9:e7:2d:cc:3d: 71:5a:7c:69:c3:b4:3e:fa:f3:2d:b5:7a:b8:b6:0c: 1f:d3:45:4a:87:e3:08:4e:82:53:43:61:17:f3:e4: f9:48:0d:4c:60:a2:f8:93:7e:b3:fc:f0:88:70:46: b4:0a:a6:9a:82:ac:7a:19:6d:c3:45:d1:24:d4:a9: 86:2f:00:59:20:9f:2c:7f:0d:2a:50:35:80:cc:b3: a3:02:27:68:c9:55:6d:7e:27:a1:d8:57:0c:4c:31: 21:3a:dd:63:70:16:d2:c9:e6:cb:dd:ff:d1:99:d0: 31:66:ed:69:33:c9:df:cc:de:a0:05:27:56:2c:0d: c9:4a:35:f9:d6:8e:48:7c:5b:75:00:64:80:93:5f: 0e:50:e9:87:f0:50:c2:40:a5:66:22:38:a8:60:02: 4f:7d:39:81:f3:9f:fc:59:1d:4d:ee:2f:f1:6f:d1: 7c:0d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 36:D0:E0:1E:0B:6D:0B:80:2D:56:2E:D6:03:8E:5D:4E:AE:85:FD:76 X509v3 Authority Key Identifier: keyid:E4:8F:ED:76:03:84:96:AD:2A:B1:97:2D:13:46:8F:4D:3D:40:31:64 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/190/5I_tdgOElq0qsZctE0aPTT1AMWQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/5I_tdgOElq0qsZctE0aPTT1AMWQ.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/190/NtDgHgttC4AtVi7WA45dTq6F_XY.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 202.170.218.0/24 Signature Algorithm: sha256WithRSAEncryption 65:8e:28:1c:5b:d8:38:e4:55:3b:fb:85:33:36:72:73:87:82: d8:ce:db:cf:be:37:e8:13:3a:14:89:f8:1e:9e:5a:7e:c8:3d: ba:e0:57:96:0f:5f:fc:a9:10:30:89:61:da:c9:ea:a6:f2:73: 5e:8e:4b:bf:76:2c:ce:eb:39:72:71:75:9e:d9:8c:31:5e:71: d9:f3:08:ab:67:b2:33:55:37:a9:b1:d2:6b:2a:73:a1:09:d1: 5f:a2:33:ac:1e:fe:d1:3d:4b:3c:2e:d6:4f:c4:e4:00:f8:97: 14:14:ca:68:3c:13:eb:87:56:4a:ad:74:97:ce:05:27:cc:e5: bb:65:a8:ff:01:1b:36:ca:13:94:cd:b8:be:70:03:3a:67:9a: 49:b4:43:7f:93:5c:7e:8c:08:14:a7:90:f8:c1:52:b6:41:c1: b2:02:0c:94:d7:f2:56:a9:67:0e:1a:d7:88:52:10:94:58:01: b5:30:a0:d5:cf:41:08:52:13:d5:1e:48:ff:31:82:47:e3:79: 84:d9:df:d3:3f:a8:1f:3c:cb:9a:cd:10:7b:7c:e7:6b:5a:61: cb:9f:1c:c4:dc:8c:8c:14:da:88:14:e9:4f:94:28:f3:d8:d4: 56:02:a1:cc:81:e6:07:46:20:59:a6:83:3c:d1:7a:25:cb:a6: e1:d3:d8:12 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICGWowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRTQ4 RkVENzYwMzg0OTZBRDJBQjE5NzJEMTM0NjhGNEQzRDQwMzE2NDAeFw0yNjAxMjYw NjU1MDJaFw0yNjEwMjMwMzAxMDNaMDMxMTAvBgNVBAMTKDM2RDBFMDFFMEI2RDBC ODAyRDU2MkVENjAzOEU1RDRFQUU4NUZENzYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC/m1fFtOlZVlQg+05kiQETcD8BW10IyNTMBYgYTBpRrfsLve3r caY5zIXUCeSAoP/c3Xa8gsNHBUNW0q0G3XQPkKib8x1hBSwGe/9kp2hhVdR0X5HJ 5y3MPXFafGnDtD768y21eri2DB/TRUqH4whOglNDYRfz5PlIDUxgoviTfrP88Ihw RrQKppqCrHoZbcNF0STUqYYvAFkgnyx/DSpQNYDMs6MCJ2jJVW1+J6HYVwxMMSE6 3WNwFtLJ5svd/9GZ0DFm7Wkzyd/M3qAFJ1YsDclKNfnWjkh8W3UAZICTXw5Q6Yfw UMJApWYiOKhgAk99OYHzn/xZHU3uL/Fv0XwNAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUNtDgHgttC4AtVi7WA45dTq6F/XYwHwYDVR0jBBgwFoAU5I/tdgOElq0qsZct E0aPTT1AMWQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTkw LzVJX3RkZ09FbHEwcXNaY3RFMGFQVFQxQU1XUS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvNUlfdGRnT0VscTBxc1pjdEUwYVBUVDFBTVdRLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTkwL050RGdIZ3R0QzRBdFZp N1dBNDVkVHE2Rl9YWS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BADKqtowDQYJKoZIhvcNAQELBQADggEBAGWOKBxb2DjkVTv7hTM2cnOHgtjO28++ N+gTOhSJ+B6eWn7IPbrgV5YPX/ypEDCJYdrJ6qbyc16OS792LM7rOXJxdZ7ZjDFe cdnzCKtnsjNVN6mx0msqc6EJ0V+iM6we/tE9Szwu1k/E5AD4lxQUymg8E+uHVkqt dJfOBSfM5btlqP8BGzbKE5TNuL5wAzpnmkm0Q3+TXH6MCBSnkPjBUrZBwbICDJTX 8lapZw4a14hSEJRYAbUwoNXPQQhSE9UeSP8xgkfjeYTZ39M/qB88y5rNEHt852ta YcufHMTcjIwU2ogU6U+UKPPY1FYCocyB5gdGIFmmgzzReiXLpuHT2BI= -----END CERTIFICATE-----Generated at Tue Mar 3 00:54:17 2026 by rpki-client