$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2620/5TxT3MkayH-eXPccrMS5Up3Bo10.roa File: 5TxT3MkayH-eXPccrMS5Up3Bo10.roa (raw, json) Hash identifier: bCWm0bHm0frrZCZJFIuLicfBbmJHYC1KCjRxIyglGQQ= Subject key identifier: E5:3C:53:DC:C9:1A:C8:7F:9E:5C:F7:1C:AC:C4:B9:52:9D:C1:A3:5D Certificate issuer: /CN=21DC875965C2BA61D1DACBB48DEE140554AA5AEF Certificate serial: 19F1 Authority key identifier: 21:DC:87:59:65:C2:BA:61:D1:DA:CB:B4:8D:EE:14:05:54:AA:5A:EF Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/IdyHWWXCumHR2su0je4UBVSqWu8.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2620/5TxT3MkayH-eXPccrMS5Up3Bo10.roa Signing time: Mon 26 Jan 2026 06:52:58 +0000 ROA not before: Mon 26 Jan 2026 06:52:58 +0000 ROA not after: Sat 09 Jan 2027 08:23:18 +0000 asID: 58593 IP address blocks: 52.130.112.0/20 maxlen: 32 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2620/IdyHWWXCumHR2su0je4UBVSqWu8.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2620/IdyHWWXCumHR2su0je4UBVSqWu8.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/IdyHWWXCumHR2su0je4UBVSqWu8.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 02 Mar 2026 10:58:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6641 (0x19f1) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=21DC875965C2BA61D1DACBB48DEE140554AA5AEF Validity Not Before: Jan 26 06:52:58 2026 GMT Not After : Jan 9 08:23:18 2027 GMT Subject: CN=E53C53DCC91AC87F9E5CF71CACC4B9529DC1A35D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:2f:50:00:d7:95:67:9d:55:42:b6:84:c1:e5: a9:bc:cb:17:fd:be:54:34:24:0c:0e:11:65:3b:89: 9d:40:a6:1d:5b:66:ae:d5:85:05:81:b8:f8:33:12: 41:dc:b0:60:43:05:ec:66:98:f8:dd:6b:ed:83:72: f2:ae:c0:d2:bc:4b:5b:33:01:cf:ab:a7:64:d2:2d: 88:cd:cb:26:75:0f:6b:a8:a6:e8:ea:8d:47:1e:25: 12:9a:5a:4b:78:2f:64:7c:1c:ce:09:c7:61:f6:a4: 4d:e1:3f:8c:d7:3c:9f:98:e7:29:ca:0e:b0:f8:71: 4c:54:ed:3a:14:fa:8a:03:a7:93:2a:37:9f:5d:38: 68:b6:a1:2d:97:65:51:0c:3d:75:90:cc:b4:7d:c8: 59:2b:31:d7:df:b9:6f:50:64:b2:cb:54:76:18:09: cb:ee:d5:cc:0a:37:d0:d0:e6:30:be:cb:39:6d:2b: fd:45:e2:b8:66:54:c2:c2:88:17:97:a1:27:33:a7: 28:1c:f6:44:96:38:09:c4:4c:99:67:6b:db:55:ca: 0d:f7:d1:65:69:f8:f9:0d:a9:5d:fe:f3:48:cf:bf: ce:4d:7b:97:90:a9:d3:05:58:8b:15:4f:f0:f2:99: 08:43:9f:b0:b5:bd:0a:15:20:13:77:a2:66:00:17: 80:9d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E5:3C:53:DC:C9:1A:C8:7F:9E:5C:F7:1C:AC:C4:B9:52:9D:C1:A3:5D X509v3 Authority Key Identifier: keyid:21:DC:87:59:65:C2:BA:61:D1:DA:CB:B4:8D:EE:14:05:54:AA:5A:EF X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2620/IdyHWWXCumHR2su0je4UBVSqWu8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/IdyHWWXCumHR2su0je4UBVSqWu8.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2620/5TxT3MkayH-eXPccrMS5Up3Bo10.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 52.130.112.0/20 Signature Algorithm: sha256WithRSAEncryption 18:8b:d7:0c:28:f4:ae:bb:9f:6c:b5:91:2a:bd:84:00:c8:c6: 28:49:4b:a4:8d:74:95:9b:09:ff:62:da:e0:91:43:30:49:11: 3a:4e:be:d3:58:ce:05:e0:74:f9:b1:61:06:d8:9d:a1:51:96: 10:66:75:b4:fe:cf:2b:d2:93:b1:6a:c8:9c:26:c7:10:c9:a6: ad:db:3c:70:b2:2e:44:38:05:75:94:25:ee:09:cf:ad:12:3e: 1b:44:23:57:7c:01:e0:1c:09:98:45:87:fe:f3:d6:18:ac:35: 12:ed:50:80:3f:d4:43:1b:91:44:27:c7:c8:d4:5f:e0:62:57: c2:3a:bd:e6:4f:7c:bf:54:22:be:79:c7:dd:f6:9a:30:76:2c: 66:d5:45:8d:3f:57:d7:8c:65:f1:98:a1:8c:6c:94:ce:ee:6c: 08:45:58:c4:0e:dd:e1:6f:b9:4b:9d:ec:03:af:34:55:f9:94: ca:2d:0a:52:ca:70:e3:dc:64:2e:3d:39:c2:8b:e9:79:fe:ed: 67:63:5c:a4:8a:d2:25:04:6d:ca:f8:b7:43:6c:e2:08:89:08: 32:c0:4f:7a:d9:7c:6d:9a:5c:5f:e5:83:77:7d:c3:11:e5:f9: 27:6a:05:a7:38:9f:52:37:81:c5:f2:be:c1:6b:84:82:46:ad: eb:66:5f:e0 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICGfEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMjFE Qzg3NTk2NUMyQkE2MUQxREFDQkI0OERFRTE0MDU1NEFBNUFFRjAeFw0yNjAxMjYw NjUyNThaFw0yNzAxMDkwODIzMThaMDMxMTAvBgNVBAMTKEU1M0M1M0RDQzkxQUM4 N0Y5RTVDRjcxQ0FDQzRCOTUyOURDMUEzNUQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDDL1AA15VnnVVCtoTB5am8yxf9vlQ0JAwOEWU7iZ1Aph1bZq7V hQWBuPgzEkHcsGBDBexmmPjda+2DcvKuwNK8S1szAc+rp2TSLYjNyyZ1D2uopujq jUceJRKaWkt4L2R8HM4Jx2H2pE3hP4zXPJ+Y5ynKDrD4cUxU7ToU+ooDp5MqN59d OGi2oS2XZVEMPXWQzLR9yFkrMdffuW9QZLLLVHYYCcvu1cwKN9DQ5jC+yzltK/1F 4rhmVMLCiBeXoSczpygc9kSWOAnETJlna9tVyg330WVp+PkNqV3+80jPv85Ne5eQ qdMFWIsVT/DymQhDn7C1vQoVIBN3omYAF4CdAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQU5TxT3MkayH+eXPccrMS5Up3Bo10wHwYDVR0jBBgwFoAUIdyHWWXCumHR2su0 je4UBVSqWu8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjYy MC9JZHlIV1dYQ3VtSFIyc3UwamU0VUJWU3FXdTguY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0lkeUhXV1hDdW1IUjJzdTBqZTRVQlZTcVd1OC5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI2MjAvNVR4VDNNa2F5SC1l WFBjY3JNUzVVcDNCbzEwLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEBDSCcDANBgkqhkiG9w0BAQsFAAOCAQEAGIvXDCj0rrufbLWRKr2EAMjGKElL pI10lZsJ/2La4JFDMEkROk6+01jOBeB0+bFhBtidoVGWEGZ1tP7PK9KTsWrInCbH EMmmrds8cLIuRDgFdZQl7gnPrRI+G0QjV3wB4BwJmEWH/vPWGKw1Eu1QgD/UQxuR RCfHyNRf4GJXwjq95k98v1QivnnH3faaMHYsZtVFjT9X14xl8ZihjGyUzu5sCEVY xA7d4W+5S53sA680VfmUyi0KUspw49xkLj05wovpef7tZ2NcpIrSJQRtyvi3Q2zi CIkIMsBPetl8bZpcX+WDd33DEeX5J2oFpzifUjeBxfK+wWuEgkat62Zf4A== -----END CERTIFICATE-----Generated at Mon Mar 2 09:57:53 2026 by rpki-client