$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2620/Cnzv8biqRJCUuFlcAiPl0R3KlJo.roa File: Cnzv8biqRJCUuFlcAiPl0R3KlJo.roa (raw, json) Hash identifier: 1qi0+IeeeSqpocVU1DkuXZM3/QgnSe8bv3U1spRgll0= Subject key identifier: 0A:7C:EF:F1:B8:AA:44:90:94:B8:59:5C:02:23:E5:D1:1D:CA:94:9A Certificate issuer: /CN=21DC875965C2BA61D1DACBB48DEE140554AA5AEF Certificate serial: 19E8 Authority key identifier: 21:DC:87:59:65:C2:BA:61:D1:DA:CB:B4:8D:EE:14:05:54:AA:5A:EF Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/IdyHWWXCumHR2su0je4UBVSqWu8.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2620/Cnzv8biqRJCUuFlcAiPl0R3KlJo.roa Signing time: Mon 26 Jan 2026 06:52:56 +0000 ROA not before: Mon 26 Jan 2026 06:52:56 +0000 ROA not after: Sat 09 Jan 2027 08:23:18 +0000 asID: 58593 IP address blocks: 40.72.0.0/16 maxlen: 32 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2620/IdyHWWXCumHR2su0je4UBVSqWu8.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2620/IdyHWWXCumHR2su0je4UBVSqWu8.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/IdyHWWXCumHR2su0je4UBVSqWu8.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 02 Mar 2026 10:58:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6632 (0x19e8) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=21DC875965C2BA61D1DACBB48DEE140554AA5AEF Validity Not Before: Jan 26 06:52:56 2026 GMT Not After : Jan 9 08:23:18 2027 GMT Subject: CN=0A7CEFF1B8AA449094B8595C0223E5D11DCA949A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e3:ce:86:8e:b4:94:f7:31:d3:43:28:ae:5c:4f: 01:d3:c9:92:a6:2f:ca:e0:ba:30:ef:73:c0:9d:4f: 89:2c:44:e9:7d:62:97:cf:8c:78:c0:a4:53:02:d0: 9e:b5:7b:cc:be:69:64:63:b9:e7:2b:d8:18:c1:99: 3d:47:50:f2:db:85:e5:0d:cf:41:0d:aa:ee:25:e7: 93:ae:7e:2a:a2:c9:17:10:83:3d:23:0b:9e:a0:e3: 4b:d1:4f:01:3a:ee:29:f5:8d:e3:23:ad:e3:cc:ae: 3d:ad:69:f0:ed:46:3b:d5:e3:59:1e:67:48:d8:ec: 36:6b:e5:bf:76:96:b5:8c:2f:1f:f6:13:79:02:c6: 36:e4:47:21:05:b3:d6:ae:72:b9:8c:05:9d:93:ec: 7b:24:96:64:b7:42:80:e4:28:49:84:99:14:66:9a: 99:03:b3:46:f1:6a:26:3d:83:34:86:8b:7d:0f:cf: 81:6b:18:9d:56:5c:52:76:d4:f4:28:54:d4:73:c2: 1d:e8:4b:9b:cf:cd:c1:63:ad:90:1d:f8:77:59:12: c5:8e:7d:0d:34:65:cd:80:ef:1b:79:95:f0:53:a5: db:db:9c:8b:65:59:59:8f:6f:d2:aa:72:4c:8e:6c: 6c:ca:c3:14:52:43:aa:b5:d9:f3:2a:c8:28:ef:aa: a7:41 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0A:7C:EF:F1:B8:AA:44:90:94:B8:59:5C:02:23:E5:D1:1D:CA:94:9A X509v3 Authority Key Identifier: keyid:21:DC:87:59:65:C2:BA:61:D1:DA:CB:B4:8D:EE:14:05:54:AA:5A:EF X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2620/IdyHWWXCumHR2su0je4UBVSqWu8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/IdyHWWXCumHR2su0je4UBVSqWu8.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2620/Cnzv8biqRJCUuFlcAiPl0R3KlJo.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 40.72.0.0/16 Signature Algorithm: sha256WithRSAEncryption af:69:c3:d3:25:5f:23:9c:1b:92:eb:55:27:66:af:6b:90:fe: cd:2a:58:81:03:f1:ea:0d:51:d6:da:1c:0f:5c:54:ac:71:17: 49:8b:9d:f4:fe:8e:d0:cb:cd:6f:54:ba:a6:20:d4:ee:40:54: a2:80:d7:01:e7:de:23:c7:ee:f9:1f:59:09:1e:0f:05:ee:d2: c5:1e:f3:99:d8:a2:92:83:91:47:2d:43:c3:88:5a:5f:59:58: 16:a7:22:ab:9c:46:98:85:4e:f5:e3:be:13:7b:4c:5d:b5:a8: 50:28:43:2f:33:6d:0e:f5:7c:60:0b:aa:84:2b:9a:73:1e:19: 44:8d:9d:8b:08:30:72:3d:f3:c7:ba:b2:fd:2e:b4:d4:1f:cf: 83:38:13:86:1f:8d:47:73:26:57:34:bd:df:dd:f7:8f:64:ea: 0c:c2:30:4b:53:8a:95:61:ce:f7:75:0b:89:43:9f:c8:69:17: ca:a9:36:30:7c:03:8b:5c:a4:02:27:10:18:5b:74:e3:81:56: 1a:5f:5d:b6:f3:35:42:37:27:46:24:6d:7f:98:10:d4:27:5e: 9f:d5:81:89:a2:f0:39:39:ad:6b:e9:a1:43:f9:62:e9:7d:36: 7b:53:ab:4a:6c:2f:fe:f5:a1:1f:53:b9:09:d2:b3:e7:a9:ec: 1d:c0:15:10 -----BEGIN CERTIFICATE----- MIIE1jCCA76gAwIBAgICGegwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMjFE Qzg3NTk2NUMyQkE2MUQxREFDQkI0OERFRTE0MDU1NEFBNUFFRjAeFw0yNjAxMjYw NjUyNTZaFw0yNzAxMDkwODIzMThaMDMxMTAvBgNVBAMTKDBBN0NFRkYxQjhBQTQ0 OTA5NEI4NTk1QzAyMjNFNUQxMURDQTk0OUEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDjzoaOtJT3MdNDKK5cTwHTyZKmL8rgujDvc8CdT4ksROl9YpfP jHjApFMC0J61e8y+aWRjuecr2BjBmT1HUPLbheUNz0ENqu4l55OufiqiyRcQgz0j C56g40vRTwE67in1jeMjrePMrj2tafDtRjvV41keZ0jY7DZr5b92lrWMLx/2E3kC xjbkRyEFs9aucrmMBZ2T7HsklmS3QoDkKEmEmRRmmpkDs0bxaiY9gzSGi30Pz4Fr GJ1WXFJ21PQoVNRzwh3oS5vPzcFjrZAd+HdZEsWOfQ00Zc2A7xt5lfBTpdvbnItl WVmPb9KqckyObGzKwxRSQ6q12fMqyCjvqqdBAgMBAAGjggHyMIIB7jAdBgNVHQ4E FgQUCnzv8biqRJCUuFlcAiPl0R3KlJowHwYDVR0jBBgwFoAUIdyHWWXCumHR2su0 je4UBVSqWu8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjYy MC9JZHlIV1dYQ3VtSFIyc3UwamU0VUJWU3FXdTguY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0lkeUhXV1hDdW1IUjJzdTBqZTRVQlZTcVd1OC5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI2MjAvQ256djhiaXFSSkNV dUZsY0FpUGwwUjNLbEpvLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEw BQMDAChIMA0GCSqGSIb3DQEBCwUAA4IBAQCvacPTJV8jnBuS61UnZq9rkP7NKliB A/HqDVHW2hwPXFSscRdJi530/o7Qy81vVLqmINTuQFSigNcB594jx+75H1kJHg8F 7tLFHvOZ2KKSg5FHLUPDiFpfWVgWpyKrnEaYhU71474Te0xdtahQKEMvM20O9Xxg C6qEK5pzHhlEjZ2LCDByPfPHurL9LrTUH8+DOBOGH41HcyZXNL3f3fePZOoMwjBL U4qVYc73dQuJQ5/IaRfKqTYwfAOLXKQCJxAYW3TjgVYaX1228zVCNydGJG1/mBDU J16f1YGJovA5Oa1r6aFD+WLpfTZ7U6tKbC/+9aEfU7kJ0rPnqewdwBUQ -----END CERTIFICATE-----Generated at Mon Mar 2 10:07:40 2026 by rpki-client