$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/190/nVccl75Q6GAgaykxcjyu72hhAnk.roa File: nVccl75Q6GAgaykxcjyu72hhAnk.roa (raw, json) Hash identifier: r4Mn7fAiQjl4bgZhfH+KmOGsE4ovJ6SP0fGlC4E7WqI= Subject key identifier: 9D:57:1C:97:BE:50:E8:60:20:6B:29:31:72:3C:AE:EF:68:61:02:79 Certificate issuer: /CN=E48FED76038496AD2AB1972D13468F4D3D403164 Certificate serial: 196E Authority key identifier: E4:8F:ED:76:03:84:96:AD:2A:B1:97:2D:13:46:8F:4D:3D:40:31:64 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/5I_tdgOElq0qsZctE0aPTT1AMWQ.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/190/nVccl75Q6GAgaykxcjyu72hhAnk.roa Signing time: Mon 26 Jan 2026 06:55:02 +0000 ROA not before: Mon 26 Jan 2026 06:55:02 +0000 ROA not after: Fri 23 Oct 2026 03:01:03 +0000 asID: 24427 IP address blocks: 202.170.220.0/24 maxlen: 32 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/190/5I_tdgOElq0qsZctE0aPTT1AMWQ.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/190/5I_tdgOElq0qsZctE0aPTT1AMWQ.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/5I_tdgOElq0qsZctE0aPTT1AMWQ.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 02 Mar 2026 10:58:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6510 (0x196e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=E48FED76038496AD2AB1972D13468F4D3D403164 Validity Not Before: Jan 26 06:55:02 2026 GMT Not After : Oct 23 03:01:03 2026 GMT Subject: CN=9D571C97BE50E860206B2931723CAEEF68610279 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:e8:b3:60:d5:13:bc:e5:54:15:77:7c:45:63: d2:dc:8c:1b:04:62:b8:be:67:62:4e:05:bd:12:98: b6:61:71:30:a5:46:35:8b:7f:a6:16:00:ab:16:93: ed:2a:12:4b:6e:34:c4:ba:22:12:ed:ef:6d:53:7f: bf:de:b8:f6:7b:75:92:e8:6f:cd:26:e4:0d:0f:54: 23:0e:b2:6f:38:0f:e0:46:9b:97:ea:35:09:53:98: 6d:48:81:5c:44:7f:90:0b:7a:8d:5a:aa:98:c2:4d: 91:cf:47:d8:83:73:13:28:df:73:b3:72:e0:20:d6: 99:0a:1d:c2:8c:d0:a7:5e:e3:90:53:88:74:31:40: 1c:e9:33:53:b8:c1:bc:c9:2b:c1:ac:e7:ab:61:34: 90:ed:96:5a:9c:6d:0b:a2:1e:26:01:2d:e7:26:b4: 6c:1d:14:8a:1a:86:71:86:31:9d:01:30:6c:6b:72: a8:bc:fa:76:46:2e:6f:b7:ae:53:e2:21:83:e6:63: 93:62:15:e5:e1:9c:1d:b6:6a:9a:ac:88:7a:4b:6a: 5b:ad:7c:59:44:69:26:a6:85:f1:08:ae:b6:ae:c8: 51:1a:8d:d7:4b:f1:f0:8d:48:e2:ee:7a:43:a4:73: 09:71:72:c1:12:e7:ac:4d:ac:e7:21:7e:cd:d3:af: 68:69 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9D:57:1C:97:BE:50:E8:60:20:6B:29:31:72:3C:AE:EF:68:61:02:79 X509v3 Authority Key Identifier: keyid:E4:8F:ED:76:03:84:96:AD:2A:B1:97:2D:13:46:8F:4D:3D:40:31:64 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/190/5I_tdgOElq0qsZctE0aPTT1AMWQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/5I_tdgOElq0qsZctE0aPTT1AMWQ.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/190/nVccl75Q6GAgaykxcjyu72hhAnk.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 202.170.220.0/24 Signature Algorithm: sha256WithRSAEncryption a0:f6:b6:5d:2d:90:86:57:de:ea:de:15:ff:3b:6d:7f:17:11: c4:46:0f:3a:2c:75:ec:df:bf:de:91:81:cb:87:1f:18:69:58: e7:96:e0:15:1c:1f:39:b3:99:ad:af:c0:63:03:0f:c1:d5:19: b7:74:4b:1c:e1:63:43:ad:0e:10:d0:45:eb:b3:e2:e2:4c:5f: 9a:bb:bb:b4:84:82:25:09:e4:37:9b:55:d6:db:c7:42:64:44: 6d:e9:50:9b:6a:57:03:7e:18:7c:08:cb:07:df:c0:59:9c:2e: 78:3b:30:eb:4b:a7:3e:96:55:48:f7:82:14:15:de:9c:09:6c: 69:bd:9c:43:ef:45:1f:50:c1:ec:6d:4b:fd:d7:b7:b4:63:d8: 5c:50:5e:da:66:3b:d5:aa:8e:4c:b3:f3:94:b1:d4:87:8d:27: 0e:b7:ea:a5:27:e1:d8:b0:e5:e9:51:fb:85:0d:5c:88:30:a8: 53:86:2b:ce:59:f8:e5:80:ff:47:31:8e:8d:a5:05:25:0f:7c: bb:73:73:1d:42:a1:61:9c:43:8b:64:51:99:b4:b7:a4:4e:08: d7:30:13:b0:b5:f7:6d:d5:55:b6:d9:0f:e1:4a:e4:90:dc:bd: da:5c:17:7e:04:01:ac:ae:32:0a:08:ee:fe:e7:d2:2b:7e:9e: 32:4d:bc:42 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICGW4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRTQ4 RkVENzYwMzg0OTZBRDJBQjE5NzJEMTM0NjhGNEQzRDQwMzE2NDAeFw0yNjAxMjYw NjU1MDJaFw0yNjEwMjMwMzAxMDNaMDMxMTAvBgNVBAMTKDlENTcxQzk3QkU1MEU4 NjAyMDZCMjkzMTcyM0NBRUVGNjg2MTAyNzkwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDB6LNg1RO85VQVd3xFY9LcjBsEYri+Z2JOBb0SmLZhcTClRjWL f6YWAKsWk+0qEktuNMS6IhLt721Tf7/euPZ7dZLob80m5A0PVCMOsm84D+BGm5fq NQlTmG1IgVxEf5ALeo1aqpjCTZHPR9iDcxMo33OzcuAg1pkKHcKM0Kde45BTiHQx QBzpM1O4wbzJK8Gs56thNJDtllqcbQuiHiYBLecmtGwdFIoahnGGMZ0BMGxrcqi8 +nZGLm+3rlPiIYPmY5NiFeXhnB22apqsiHpLalutfFlEaSamhfEIrrauyFEajddL 8fCNSOLuekOkcwlxcsES56xNrOchfs3Tr2hpAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUnVccl75Q6GAgaykxcjyu72hhAnkwHwYDVR0jBBgwFoAU5I/tdgOElq0qsZct E0aPTT1AMWQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTkw LzVJX3RkZ09FbHEwcXNaY3RFMGFQVFQxQU1XUS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvNUlfdGRnT0VscTBxc1pjdEUwYVBUVDFBTVdRLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTkwL25WY2NsNzVRNkdBZ2F5 a3hjanl1NzJoaEFuay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BADKqtwwDQYJKoZIhvcNAQELBQADggEBAKD2tl0tkIZX3ureFf87bX8XEcRGDzos dezfv96RgcuHHxhpWOeW4BUcHzmzma2vwGMDD8HVGbd0SxzhY0OtDhDQReuz4uJM X5q7u7SEgiUJ5DebVdbbx0JkRG3pUJtqVwN+GHwIywffwFmcLng7MOtLpz6WVUj3 ghQV3pwJbGm9nEPvRR9QwextS/3Xt7Rj2FxQXtpmO9Wqjkyz85Sx1IeNJw636qUn 4diw5elR+4UNXIgwqFOGK85Z+OWA/0cxjo2lBSUPfLtzcx1CoWGcQ4tkUZm0t6RO CNcwE7C1923VVbbZD+FK5JDcvdpcF34EAayuMgoI7v7n0it+njJNvEI= -----END CERTIFICATE-----Generated at Mon Mar 2 10:18:16 2026 by rpki-client