$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2620/CekDs25z6vQY5BwZW31nCn-SImU.roa File: CekDs25z6vQY5BwZW31nCn-SImU.roa (raw, json) Hash identifier: OU5wiDIHygwfhvKV5wPAXJxVhO93BO43Uuv2itZVRa8= Subject key identifier: 09:E9:03:B3:6E:73:EA:F4:18:E4:1C:19:5B:7D:67:0A:7F:92:22:65 Certificate issuer: /CN=21DC875965C2BA61D1DACBB48DEE140554AA5AEF Certificate serial: 1A02 Authority key identifier: 21:DC:87:59:65:C2:BA:61:D1:DA:CB:B4:8D:EE:14:05:54:AA:5A:EF Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/IdyHWWXCumHR2su0je4UBVSqWu8.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2620/CekDs25z6vQY5BwZW31nCn-SImU.roa Signing time: Mon 26 Jan 2026 06:53:02 +0000 ROA not before: Mon 26 Jan 2026 06:53:02 +0000 ROA not after: Sat 09 Jan 2027 08:23:18 +0000 asID: 58593 IP address blocks: 52.131.0.0/17 maxlen: 32 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2620/IdyHWWXCumHR2su0je4UBVSqWu8.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2620/IdyHWWXCumHR2su0je4UBVSqWu8.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/IdyHWWXCumHR2su0je4UBVSqWu8.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 02 Mar 2026 10:58:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6658 (0x1a02) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=21DC875965C2BA61D1DACBB48DEE140554AA5AEF Validity Not Before: Jan 26 06:53:02 2026 GMT Not After : Jan 9 08:23:18 2027 GMT Subject: CN=09E903B36E73EAF418E41C195B7D670A7F922265 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:c1:d5:de:d8:08:43:a6:39:e4:22:c7:6a:a2: ad:e0:54:3f:0e:30:9d:8a:52:84:77:8c:7d:f0:d2: ae:b6:97:98:34:2a:e8:63:6b:c4:d6:6c:46:de:ee: 1e:e1:8d:59:94:d8:76:ef:f8:91:6e:55:39:b3:06: 9a:bb:66:8b:35:03:f1:59:de:3e:70:28:17:27:3e: f7:10:f4:35:0e:4f:6a:ba:6b:52:07:68:a9:47:cd: 75:9e:72:27:a3:bc:58:5e:0f:54:73:92:06:ca:1e: 82:31:9f:ff:0c:bd:ec:f3:2d:01:65:db:01:49:be: 23:d4:fc:ee:1f:2b:2b:24:5f:bc:71:e9:3e:8f:f6: cd:e4:ba:65:b6:d2:9a:78:d9:dd:35:86:45:fd:33: 6b:36:ba:66:c1:ae:88:ca:c2:e1:aa:b7:54:5b:4e: da:ae:5f:93:c0:d8:16:9f:4a:da:49:bc:26:2a:71: 84:e0:15:1e:47:1d:3a:e9:7d:64:57:80:58:a5:1e: 15:79:2f:3b:34:aa:59:b7:c9:02:c8:bc:1c:24:fc: dd:17:31:55:42:d3:0b:ab:f8:35:b8:54:a9:07:8c: 19:39:95:34:79:42:3f:5b:5c:2d:ab:6f:68:c5:6f: 45:52:1c:95:29:b8:f1:41:ca:d1:f8:03:0e:18:a0: 69:43 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 09:E9:03:B3:6E:73:EA:F4:18:E4:1C:19:5B:7D:67:0A:7F:92:22:65 X509v3 Authority Key Identifier: keyid:21:DC:87:59:65:C2:BA:61:D1:DA:CB:B4:8D:EE:14:05:54:AA:5A:EF X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2620/IdyHWWXCumHR2su0je4UBVSqWu8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/IdyHWWXCumHR2su0je4UBVSqWu8.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2620/CekDs25z6vQY5BwZW31nCn-SImU.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 52.131.0.0/17 Signature Algorithm: sha256WithRSAEncryption a0:41:8a:73:76:8e:42:ef:06:c6:16:ed:7c:43:9e:c1:e2:c2: 60:05:d5:33:51:dc:f8:b9:9a:3e:96:ae:79:93:fd:e1:ea:e7: cc:83:28:ed:cd:b3:91:bc:8a:64:79:d1:00:ce:d5:de:07:ce: 0b:1a:68:51:cf:f5:f3:ce:f3:91:af:1a:22:1b:d7:55:8e:13: 8d:bb:67:c1:8c:04:9c:cb:c8:c7:ad:2d:d0:a7:5e:bf:71:4b: 63:45:04:f6:ff:69:05:b4:65:17:dc:06:e7:93:a9:90:6f:e5: 17:c0:06:bd:c2:97:66:39:3e:8e:78:19:96:f7:50:b6:02:d2: 19:d0:53:7e:c0:44:3e:18:67:de:e9:93:f7:e4:73:6b:31:89: b5:07:99:ca:27:6b:5c:b2:29:b5:15:6c:8a:bb:1b:4f:b3:e0: 0f:a1:d9:26:84:27:4c:af:96:55:d6:b0:69:7d:d0:70:d2:4b: 64:5f:a5:c2:38:de:72:39:33:87:98:5d:e1:91:19:bb:3a:a1: f1:f1:4f:af:8c:b5:27:60:1e:94:31:51:68:17:6a:be:a2:2a: 5a:93:fc:ea:93:85:19:3d:32:93:05:86:20:1d:0c:ed:ed:79: 46:bf:52:65:7c:21:a4:51:50:0a:67:e7:c0:11:f6:40:49:14: 09:c7:cb:33 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICGgIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMjFE Qzg3NTk2NUMyQkE2MUQxREFDQkI0OERFRTE0MDU1NEFBNUFFRjAeFw0yNjAxMjYw NjUzMDJaFw0yNzAxMDkwODIzMThaMDMxMTAvBgNVBAMTKDA5RTkwM0IzNkU3M0VB RjQxOEU0MUMxOTVCN0Q2NzBBN0Y5MjIyNjUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCywdXe2AhDpjnkIsdqoq3gVD8OMJ2KUoR3jH3w0q62l5g0Kuhj a8TWbEbe7h7hjVmU2Hbv+JFuVTmzBpq7Zos1A/FZ3j5wKBcnPvcQ9DUOT2q6a1IH aKlHzXWeciejvFheD1RzkgbKHoIxn/8MvezzLQFl2wFJviPU/O4fKyskX7xx6T6P 9s3kumW20pp42d01hkX9M2s2umbBrojKwuGqt1RbTtquX5PA2BafStpJvCYqcYTg FR5HHTrpfWRXgFilHhV5Lzs0qlm3yQLIvBwk/N0XMVVC0wur+DW4VKkHjBk5lTR5 Qj9bXC2rb2jFb0VSHJUpuPFBytH4Aw4YoGlDAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUCekDs25z6vQY5BwZW31nCn+SImUwHwYDVR0jBBgwFoAUIdyHWWXCumHR2su0 je4UBVSqWu8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjYy MC9JZHlIV1dYQ3VtSFIyc3UwamU0VUJWU3FXdTguY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0lkeUhXV1hDdW1IUjJzdTBqZTRVQlZTcVd1OC5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI2MjAvQ2VrRHMyNXo2dlFZ NUJ3WlczMW5Dbi1TSW1VLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEBzSDADANBgkqhkiG9w0BAQsFAAOCAQEAoEGKc3aOQu8GxhbtfEOeweLCYAXV M1Hc+LmaPpaueZP94ernzIMo7c2zkbyKZHnRAM7V3gfOCxpoUc/1887zka8aIhvX VY4TjbtnwYwEnMvIx60t0Kdev3FLY0UE9v9pBbRlF9wG55OpkG/lF8AGvcKXZjk+ jngZlvdQtgLSGdBTfsBEPhhn3umT9+RzazGJtQeZyidrXLIptRVsirsbT7PgD6HZ JoQnTK+WVdawaX3QcNJLZF+lwjjecjkzh5hd4ZEZuzqh8fFPr4y1J2AelDFRaBdq vqIqWpP86pOFGT0ykwWGIB0M7e15Rr9SZXwhpFFQCmfnwBH2QEkUCcfLMw== -----END CERTIFICATE-----Generated at Mon Mar 2 08:40:58 2026 by rpki-client