$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/190/g1MwaGx9H4NwOPCFJYb2liJmTQ8.roa File: g1MwaGx9H4NwOPCFJYb2liJmTQ8.roa (raw, json) Hash identifier: VlRN3xP9+M4tv10j4BkWZ2KT50NTAuq0fWOXb8MJ0vg= Subject key identifier: 83:53:30:68:6C:7D:1F:83:70:38:F0:85:25:86:F6:96:22:66:4D:0F Certificate issuer: /CN=E48FED76038496AD2AB1972D13468F4D3D403164 Certificate serial: 1968 Authority key identifier: E4:8F:ED:76:03:84:96:AD:2A:B1:97:2D:13:46:8F:4D:3D:40:31:64 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/5I_tdgOElq0qsZctE0aPTT1AMWQ.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/190/g1MwaGx9H4NwOPCFJYb2liJmTQ8.roa Signing time: Mon 26 Jan 2026 06:55:02 +0000 ROA not before: Mon 26 Jan 2026 06:55:02 +0000 ROA not after: Fri 23 Oct 2026 03:01:03 +0000 asID: 24427 IP address blocks: 202.170.217.0/24 maxlen: 32 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/190/5I_tdgOElq0qsZctE0aPTT1AMWQ.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/190/5I_tdgOElq0qsZctE0aPTT1AMWQ.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/5I_tdgOElq0qsZctE0aPTT1AMWQ.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 02 Mar 2026 10:58:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6504 (0x1968) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=E48FED76038496AD2AB1972D13468F4D3D403164 Validity Not Before: Jan 26 06:55:02 2026 GMT Not After : Oct 23 03:01:03 2026 GMT Subject: CN=835330686C7D1F837038F0852586F69622664D0F Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:72:cd:19:e5:ad:65:54:77:49:b3:52:d3:1c: f5:8d:e1:87:94:a4:fa:24:13:13:0a:c8:d2:94:59: c7:bb:76:41:2b:4c:be:83:c2:4c:a6:d2:f7:29:95: 90:69:50:be:51:92:60:03:6d:f0:89:9b:0d:b3:3a: 9a:e8:0d:5b:49:0b:88:8b:25:cc:fb:8f:ae:ef:a2: a6:d0:f8:ef:09:ba:85:27:da:17:b1:b8:09:5c:15: d3:6c:b3:6d:d4:bb:fd:6c:04:48:85:22:22:23:31: 10:da:04:87:09:ff:c8:6c:7a:be:6b:d4:e0:59:b8: 25:8e:ca:99:45:14:b9:50:1e:c3:69:03:03:88:d1: 82:9a:81:f2:0a:d0:60:83:fb:a3:7d:1c:b4:b6:8a: 15:76:35:de:0e:f3:5a:49:2f:0a:d1:41:33:7b:7e: a3:87:6f:1a:d3:f4:01:4f:a1:39:a0:ee:bc:96:ed: 3f:cd:71:52:14:8b:eb:8a:3b:8a:a0:22:28:51:54: d3:52:a2:e6:6b:48:27:88:f9:22:18:b0:6d:67:74: bb:fc:63:6f:61:76:51:e5:c4:ba:a5:91:cb:27:18: 36:5a:70:c5:99:f8:e0:e2:93:ca:43:ef:b1:96:05: 77:a3:26:0c:d2:38:5b:8b:e1:0a:95:30:3f:9c:79: f5:5f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 83:53:30:68:6C:7D:1F:83:70:38:F0:85:25:86:F6:96:22:66:4D:0F X509v3 Authority Key Identifier: keyid:E4:8F:ED:76:03:84:96:AD:2A:B1:97:2D:13:46:8F:4D:3D:40:31:64 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/190/5I_tdgOElq0qsZctE0aPTT1AMWQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/5I_tdgOElq0qsZctE0aPTT1AMWQ.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/190/g1MwaGx9H4NwOPCFJYb2liJmTQ8.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 202.170.217.0/24 Signature Algorithm: sha256WithRSAEncryption a0:2f:e6:e3:78:5c:ce:dc:49:61:1d:2b:46:40:86:f4:f1:d1: 2e:aa:ea:79:86:80:de:c7:ff:f2:1c:a1:7d:8f:25:15:8e:25: db:f7:46:a7:eb:cc:cc:a3:07:c8:7e:6f:b6:89:d5:83:c0:c4: ea:cb:b4:61:e3:93:9d:13:06:47:6d:58:42:c7:1b:15:0d:b7: 87:97:d3:0f:71:ae:a0:9c:54:9b:fe:c7:1a:4a:0e:af:e5:f4: 3a:ef:e4:01:35:6b:fe:fe:30:5b:1d:22:a3:cf:55:4a:48:4e: 4c:fd:b4:d0:be:21:9c:4d:9e:f2:bc:04:a0:d4:f7:f5:69:eb: b0:35:6a:80:59:b7:97:24:68:bc:3f:8d:7c:63:1d:93:09:11: 1f:cb:97:b7:32:0c:a1:21:ef:91:f4:0a:ea:a9:17:55:92:da: 6f:e2:40:8e:10:cf:f9:35:9a:e4:83:4c:64:be:b4:e6:c2:5b: a5:ae:cc:8a:13:38:3c:1e:bb:e1:99:e2:25:c3:aa:0e:0e:67: 29:20:0b:e8:1f:16:e9:d7:21:29:81:58:ee:79:06:54:ee:39: 49:80:9a:ab:f3:a2:a3:a4:db:fe:7e:8d:c4:47:79:bb:94:02: f1:1e:b7:c6:d0:f5:fd:df:02:a7:84:cb:c5:cf:67:1a:4b:f3: 7e:06:01:06 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICGWgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRTQ4 RkVENzYwMzg0OTZBRDJBQjE5NzJEMTM0NjhGNEQzRDQwMzE2NDAeFw0yNjAxMjYw NjU1MDJaFw0yNjEwMjMwMzAxMDNaMDMxMTAvBgNVBAMTKDgzNTMzMDY4NkM3RDFG ODM3MDM4RjA4NTI1ODZGNjk2MjI2NjREMEYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDLcs0Z5a1lVHdJs1LTHPWN4YeUpPokExMKyNKUWce7dkErTL6D wkym0vcplZBpUL5RkmADbfCJmw2zOproDVtJC4iLJcz7j67voqbQ+O8JuoUn2hex uAlcFdNss23Uu/1sBEiFIiIjMRDaBIcJ/8hser5r1OBZuCWOyplFFLlQHsNpAwOI 0YKagfIK0GCD+6N9HLS2ihV2Nd4O81pJLwrRQTN7fqOHbxrT9AFPoTmg7ryW7T/N cVIUi+uKO4qgIihRVNNSouZrSCeI+SIYsG1ndLv8Y29hdlHlxLqlkcsnGDZacMWZ +ODik8pD77GWBXejJgzSOFuL4QqVMD+cefVfAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUg1MwaGx9H4NwOPCFJYb2liJmTQ8wHwYDVR0jBBgwFoAU5I/tdgOElq0qsZct E0aPTT1AMWQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTkw LzVJX3RkZ09FbHEwcXNaY3RFMGFQVFQxQU1XUS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvNUlfdGRnT0VscTBxc1pjdEUwYVBUVDFBTVdRLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTkwL2cxTXdhR3g5SDROd09Q Q0ZKWWIybGlKbVRROC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BADKqtkwDQYJKoZIhvcNAQELBQADggEBAKAv5uN4XM7cSWEdK0ZAhvTx0S6q6nmG gN7H//IcoX2PJRWOJdv3RqfrzMyjB8h+b7aJ1YPAxOrLtGHjk50TBkdtWELHGxUN t4eX0w9xrqCcVJv+xxpKDq/l9Drv5AE1a/7+MFsdIqPPVUpITkz9tNC+IZxNnvK8 BKDU9/Vp67A1aoBZt5ckaLw/jXxjHZMJER/Ll7cyDKEh75H0CuqpF1WS2m/iQI4Q z/k1muSDTGS+tObCW6WuzIoTODweu+GZ4iXDqg4OZykgC+gfFunXISmBWO55BlTu OUmAmqvzoqOk2/5+jcRHebuUAvEet8bQ9f3fAqeEy8XPZxpL834GAQY= -----END CERTIFICATE-----Generated at Mon Mar 2 10:18:09 2026 by rpki-client