$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2620/4LSqAFYo-egbk1WcU7dL8LU_7V0.roa File: 4LSqAFYo-egbk1WcU7dL8LU_7V0.roa (raw, json) Hash identifier: PsV66nuXalt7velT5yXgPHNl6L6BeqDzdTdAlkcBL1E= Subject key identifier: E0:B4:AA:00:56:28:F9:E8:1B:93:55:9C:53:B7:4B:F0:B5:3F:ED:5D Certificate issuer: /CN=21DC875965C2BA61D1DACBB48DEE140554AA5AEF Certificate serial: 19ED Authority key identifier: 21:DC:87:59:65:C2:BA:61:D1:DA:CB:B4:8D:EE:14:05:54:AA:5A:EF Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/IdyHWWXCumHR2su0je4UBVSqWu8.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2620/4LSqAFYo-egbk1WcU7dL8LU_7V0.roa Signing time: Mon 26 Jan 2026 06:52:57 +0000 ROA not before: Mon 26 Jan 2026 06:52:57 +0000 ROA not after: Sat 09 Jan 2027 08:23:18 +0000 asID: 58593 IP address blocks: 52.130.128.0/18 maxlen: 32 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2620/IdyHWWXCumHR2su0je4UBVSqWu8.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2620/IdyHWWXCumHR2su0je4UBVSqWu8.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/IdyHWWXCumHR2su0je4UBVSqWu8.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 02 Mar 2026 15:58:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6637 (0x19ed) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=21DC875965C2BA61D1DACBB48DEE140554AA5AEF Validity Not Before: Jan 26 06:52:57 2026 GMT Not After : Jan 9 08:23:18 2027 GMT Subject: CN=E0B4AA005628F9E81B93559C53B74BF0B53FED5D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:7d:df:9f:ed:99:cf:fd:ba:32:a0:d8:d9:cc: 3d:f9:95:1e:79:c6:c2:39:36:8e:81:80:7b:ee:44: 7d:dc:75:03:bf:5c:f4:91:c8:e7:70:f7:07:df:4e: 9f:c7:8c:b3:c5:aa:ae:17:60:1b:7e:d5:27:cc:df: e5:e8:b4:3f:9d:91:40:f7:f7:65:85:54:6d:5f:31: de:a4:4d:85:6f:55:7d:87:fd:46:6c:92:ae:e5:11: e9:36:3e:34:e5:a5:1e:a8:f3:fc:02:e5:e1:33:8a: e5:49:a4:c0:3a:5c:75:4b:77:10:85:b5:5f:f6:20: 8a:00:0f:51:95:d3:34:15:15:38:5e:0b:18:75:d3: e7:11:f1:1a:d3:90:aa:db:90:ec:a9:18:79:c2:eb: c2:c7:3f:13:78:40:e8:62:95:76:26:f6:4b:7a:29: 6c:bf:34:69:71:7b:13:bd:36:25:8f:75:b5:47:f2: 11:8e:a7:0d:e7:88:0d:93:2d:cf:16:ba:2c:6f:60: 8d:26:8c:79:67:f4:d8:dd:84:8c:2e:53:58:02:b8: e9:9f:f1:0d:a0:f2:5b:fd:c7:e0:25:9d:f7:10:1f: 70:c0:95:bb:19:bf:68:c0:63:2c:1c:a8:2e:a3:f4: b4:d4:a6:ef:5c:92:41:73:1f:a1:45:82:99:3e:77: a7:1b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E0:B4:AA:00:56:28:F9:E8:1B:93:55:9C:53:B7:4B:F0:B5:3F:ED:5D X509v3 Authority Key Identifier: keyid:21:DC:87:59:65:C2:BA:61:D1:DA:CB:B4:8D:EE:14:05:54:AA:5A:EF X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2620/IdyHWWXCumHR2su0je4UBVSqWu8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/IdyHWWXCumHR2su0je4UBVSqWu8.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2620/4LSqAFYo-egbk1WcU7dL8LU_7V0.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 52.130.128.0/18 Signature Algorithm: sha256WithRSAEncryption 6a:4c:12:11:2e:2e:c6:ce:aa:cd:54:db:1a:a3:38:da:e9:b8: 15:6b:e0:41:a0:18:df:23:e6:d5:13:fc:c9:42:9c:4a:51:44: 22:68:f4:30:71:83:b5:17:0f:72:4e:4d:ba:55:3a:28:9e:03: 03:d2:cc:61:86:8d:ad:23:4a:6f:6d:52:d5:cb:17:8e:83:8c: 56:a0:f4:36:94:03:2a:a0:f0:80:2a:46:cb:51:5b:89:6e:48: cc:8e:46:45:44:39:eb:ae:f1:59:2a:eb:8f:7f:af:c0:61:de: de:3f:fc:8e:9a:0a:2a:b9:21:82:ed:b9:3a:86:84:9f:b7:3d: d2:27:8c:9f:d3:53:04:bd:50:a0:e6:80:c2:62:b1:b1:87:d9: f3:b3:eb:94:d4:3b:9d:c5:47:0c:24:b8:b9:4b:c1:7e:cd:1c: bb:57:3f:9a:d9:8a:37:c9:b3:ae:d1:5d:0f:b3:47:f7:61:3e: e3:cd:b5:39:59:17:1b:c3:c0:cd:18:be:9d:c5:c5:c5:65:bf: 89:d9:f0:9e:ba:7a:73:87:6b:4a:6c:66:45:97:a5:0b:b1:c9: 98:a1:6b:9b:c8:55:39:fa:06:24:43:0f:31:54:88:f0:65:15: 88:c1:cd:79:84:d7:6a:15:68:f9:09:85:e4:a7:ee:4a:a6:6d: 2d:0c:5a:3e -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICGe0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMjFE Qzg3NTk2NUMyQkE2MUQxREFDQkI0OERFRTE0MDU1NEFBNUFFRjAeFw0yNjAxMjYw NjUyNTdaFw0yNzAxMDkwODIzMThaMDMxMTAvBgNVBAMTKEUwQjRBQTAwNTYyOEY5 RTgxQjkzNTU5QzUzQjc0QkYwQjUzRkVENUQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCmfd+f7ZnP/boyoNjZzD35lR55xsI5No6BgHvuRH3cdQO/XPSR yOdw9wffTp/HjLPFqq4XYBt+1SfM3+XotD+dkUD392WFVG1fMd6kTYVvVX2H/UZs kq7lEek2PjTlpR6o8/wC5eEziuVJpMA6XHVLdxCFtV/2IIoAD1GV0zQVFTheCxh1 0+cR8RrTkKrbkOypGHnC68LHPxN4QOhilXYm9kt6KWy/NGlxexO9NiWPdbVH8hGO pw3niA2TLc8WuixvYI0mjHln9NjdhIwuU1gCuOmf8Q2g8lv9x+AlnfcQH3DAlbsZ v2jAYywcqC6j9LTUpu9ckkFzH6FFgpk+d6cbAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQU4LSqAFYo+egbk1WcU7dL8LU/7V0wHwYDVR0jBBgwFoAUIdyHWWXCumHR2su0 je4UBVSqWu8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjYy MC9JZHlIV1dYQ3VtSFIyc3UwamU0VUJWU3FXdTguY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0lkeUhXV1hDdW1IUjJzdTBqZTRVQlZTcVd1OC5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI2MjAvNExTcUFGWW8tZWdi azFXY1U3ZEw4TFVfN1YwLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEBjSCgDANBgkqhkiG9w0BAQsFAAOCAQEAakwSES4uxs6qzVTbGqM42um4FWvg QaAY3yPm1RP8yUKcSlFEImj0MHGDtRcPck5NulU6KJ4DA9LMYYaNrSNKb21S1csX joOMVqD0NpQDKqDwgCpGy1FbiW5IzI5GRUQ5667xWSrrj3+vwGHe3j/8jpoKKrkh gu25OoaEn7c90ieMn9NTBL1QoOaAwmKxsYfZ87PrlNQ7ncVHDCS4uUvBfs0cu1c/ mtmKN8mzrtFdD7NH92E+4821OVkXG8PAzRi+ncXFxWW/idnwnrp6c4drSmxmRZel C7HJmKFrm8hVOfoGJEMPMVSI8GUViMHNeYTXahVo+QmF5KfuSqZtLQxaPg== -----END CERTIFICATE-----Generated at Mon Mar 2 13:09:17 2026 by rpki-client