$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2620/STXcaM9sBT1Trl53pmflsdbfQ-c.roa File: STXcaM9sBT1Trl53pmflsdbfQ-c.roa (raw, json) Hash identifier: C5dtm4Wrh9eNeHYEivcYgOAFM5I5rVwcpZrApXDZWEk= Subject key identifier: 49:35:DC:68:CF:6C:05:3D:53:AE:5E:77:A6:67:E5:B1:D6:DF:43:E7 Certificate issuer: /CN=21DC875965C2BA61D1DACBB48DEE140554AA5AEF Certificate serial: 19EC Authority key identifier: 21:DC:87:59:65:C2:BA:61:D1:DA:CB:B4:8D:EE:14:05:54:AA:5A:EF Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/IdyHWWXCumHR2su0je4UBVSqWu8.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2620/STXcaM9sBT1Trl53pmflsdbfQ-c.roa Signing time: Mon 26 Jan 2026 06:52:57 +0000 ROA not before: Mon 26 Jan 2026 06:52:57 +0000 ROA not after: Sat 09 Jan 2027 08:23:18 +0000 asID: 58593 IP address blocks: 139.217.0.0/17 maxlen: 32 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2620/IdyHWWXCumHR2su0je4UBVSqWu8.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2620/IdyHWWXCumHR2su0je4UBVSqWu8.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/IdyHWWXCumHR2su0je4UBVSqWu8.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 02 Mar 2026 10:58:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6636 (0x19ec) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=21DC875965C2BA61D1DACBB48DEE140554AA5AEF Validity Not Before: Jan 26 06:52:57 2026 GMT Not After : Jan 9 08:23:18 2027 GMT Subject: CN=4935DC68CF6C053D53AE5E77A667E5B1D6DF43E7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:41:2b:3d:7d:0e:9d:40:df:51:32:60:82:d2: 66:f2:e7:18:c5:6c:9d:a9:16:14:13:c2:0d:27:09: 85:52:ec:1f:49:74:26:64:d7:54:12:e7:15:80:2a: fb:b5:80:2e:9f:a5:05:81:ad:b4:ce:88:7d:4b:0a: 75:58:0e:4c:a5:2b:8d:8b:5f:df:3d:cb:da:27:ad: 0d:ff:4c:09:e4:75:0b:30:53:a1:70:2a:dd:ab:29: 31:70:8a:07:d4:ff:2a:bc:14:ab:f5:ad:30:69:c2: a6:b3:db:0f:c6:79:9e:d5:0d:4d:08:6f:a5:d9:79: 1f:2b:68:29:be:21:00:c9:91:57:31:26:ea:07:85: 3e:ca:32:aa:ec:c6:ec:83:8d:ce:a6:ab:95:dc:b0: 53:8e:bd:2b:6d:d7:3c:1f:b7:10:b5:6b:ed:2c:dd: 7b:08:84:9f:ef:34:76:dd:e7:99:c4:90:a7:61:8a: 05:63:f3:ca:eb:28:ab:45:5a:a9:d8:b6:7f:5a:f1: 28:8a:60:76:3e:19:55:3a:0e:c3:de:d5:a7:3a:18: cf:34:ae:11:c4:74:18:c6:22:27:87:18:22:90:f6: 12:17:e0:60:02:64:ff:22:3a:6c:4f:a0:22:29:e1: b5:61:fa:80:90:df:f8:a6:31:0d:80:bd:dd:fc:b0: 07:cb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 49:35:DC:68:CF:6C:05:3D:53:AE:5E:77:A6:67:E5:B1:D6:DF:43:E7 X509v3 Authority Key Identifier: keyid:21:DC:87:59:65:C2:BA:61:D1:DA:CB:B4:8D:EE:14:05:54:AA:5A:EF X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2620/IdyHWWXCumHR2su0je4UBVSqWu8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/IdyHWWXCumHR2su0je4UBVSqWu8.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2620/STXcaM9sBT1Trl53pmflsdbfQ-c.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 139.217.0.0/17 Signature Algorithm: sha256WithRSAEncryption a7:88:86:da:bd:e3:c8:00:85:b4:2b:d2:ef:c2:83:34:85:c1: ee:93:04:86:af:d3:70:cc:cb:26:14:fa:13:b6:70:41:87:54: 41:48:8f:70:40:5c:98:ee:5d:d5:d1:55:5e:37:e4:31:76:b2: af:2b:48:a2:af:6c:c7:d8:0b:3b:10:eb:87:0a:9d:6a:e9:41: 20:25:26:68:e6:e0:5c:d9:10:c4:25:90:cc:18:8b:b5:9e:45: 27:a8:00:17:9c:f4:d3:6b:88:d2:1e:7a:4b:34:25:07:d8:c7: 8d:9d:dc:36:7a:d2:ae:87:ff:60:d3:21:97:43:4a:92:95:9b: 4e:55:92:19:0b:52:9e:f3:05:b3:62:4c:d9:5c:7e:a9:6e:c9: 95:4d:17:8c:af:5b:ca:9c:84:f0:9e:24:ef:8c:40:6c:12:00: f8:b9:15:d9:de:00:49:34:83:b4:46:9f:8a:d5:af:8b:28:10: 08:c4:b3:69:6e:e1:3f:87:74:5c:51:e2:32:2c:f3:9f:3a:f4: e4:b8:c2:25:48:a5:f2:dc:76:ad:ff:17:7e:ec:96:14:37:13: 9d:04:7f:7b:22:84:5f:6f:99:54:35:55:da:68:98:07:16:93: 4d:d0:bb:40:84:00:81:3d:cd:09:fd:e8:a0:11:60:ab:05:38: e8:51:de:f7 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICGewwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMjFE Qzg3NTk2NUMyQkE2MUQxREFDQkI0OERFRTE0MDU1NEFBNUFFRjAeFw0yNjAxMjYw NjUyNTdaFw0yNzAxMDkwODIzMThaMDMxMTAvBgNVBAMTKDQ5MzVEQzY4Q0Y2QzA1 M0Q1M0FFNUU3N0E2NjdFNUIxRDZERjQzRTcwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCoQSs9fQ6dQN9RMmCC0mby5xjFbJ2pFhQTwg0nCYVS7B9JdCZk 11QS5xWAKvu1gC6fpQWBrbTOiH1LCnVYDkylK42LX989y9onrQ3/TAnkdQswU6Fw Kt2rKTFwigfU/yq8FKv1rTBpwqaz2w/GeZ7VDU0Ib6XZeR8raCm+IQDJkVcxJuoH hT7KMqrsxuyDjc6mq5XcsFOOvStt1zwftxC1a+0s3XsIhJ/vNHbd55nEkKdhigVj 88rrKKtFWqnYtn9a8SiKYHY+GVU6DsPe1ac6GM80rhHEdBjGIieHGCKQ9hIX4GAC ZP8iOmxPoCIp4bVh+oCQ3/imMQ2Avd38sAfLAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUSTXcaM9sBT1Trl53pmflsdbfQ+cwHwYDVR0jBBgwFoAUIdyHWWXCumHR2su0 je4UBVSqWu8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjYy MC9JZHlIV1dYQ3VtSFIyc3UwamU0VUJWU3FXdTguY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0lkeUhXV1hDdW1IUjJzdTBqZTRVQlZTcVd1OC5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI2MjAvU1RYY2FNOXNCVDFU cmw1M3BtZmxzZGJmUS1jLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEB4vZADANBgkqhkiG9w0BAQsFAAOCAQEAp4iG2r3jyACFtCvS78KDNIXB7pME hq/TcMzLJhT6E7ZwQYdUQUiPcEBcmO5d1dFVXjfkMXayrytIoq9sx9gLOxDrhwqd aulBICUmaObgXNkQxCWQzBiLtZ5FJ6gAF5z002uI0h56SzQlB9jHjZ3cNnrSrof/ YNMhl0NKkpWbTlWSGQtSnvMFs2JM2Vx+qW7JlU0XjK9bypyE8J4k74xAbBIA+LkV 2d4ASTSDtEafitWviygQCMSzaW7hP4d0XFHiMizznzr05LjCJUil8tx2rf8XfuyW FDcTnQR/eyKEX2+ZVDVV2miYBxaTTdC7QIQAgT3NCf3ooBFgqwU46FHe9w== -----END CERTIFICATE-----Generated at Mon Mar 2 09:57:25 2026 by rpki-client