$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2620/XP1TeQZydcphjjmbRXq_HWrP1gk.roa File: XP1TeQZydcphjjmbRXq_HWrP1gk.roa (raw, json) Hash identifier: CVazUv//fRhBLRD8RwC0Fk4j1JYekiFVPvnwGkaXiC8= Subject key identifier: 5C:FD:53:79:06:72:75:CA:61:8E:39:9B:45:7A:BF:1D:6A:CF:D6:09 Certificate issuer: /CN=21DC875965C2BA61D1DACBB48DEE140554AA5AEF Certificate serial: 19F4 Authority key identifier: 21:DC:87:59:65:C2:BA:61:D1:DA:CB:B4:8D:EE:14:05:54:AA:5A:EF Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/IdyHWWXCumHR2su0je4UBVSqWu8.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2620/XP1TeQZydcphjjmbRXq_HWrP1gk.roa Signing time: Mon 26 Jan 2026 06:52:59 +0000 ROA not before: Mon 26 Jan 2026 06:52:59 +0000 ROA not after: Sat 09 Jan 2027 08:23:18 +0000 asID: 58593 IP address blocks: 40.126.64.0/18 maxlen: 32 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2620/IdyHWWXCumHR2su0je4UBVSqWu8.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2620/IdyHWWXCumHR2su0je4UBVSqWu8.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/IdyHWWXCumHR2su0je4UBVSqWu8.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 02 Mar 2026 15:58:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6644 (0x19f4) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=21DC875965C2BA61D1DACBB48DEE140554AA5AEF Validity Not Before: Jan 26 06:52:59 2026 GMT Not After : Jan 9 08:23:18 2027 GMT Subject: CN=5CFD5379067275CA618E399B457ABF1D6ACFD609 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:06:87:4d:20:73:91:0d:9b:6b:9f:56:14:e8: e9:03:3f:c9:01:26:12:7c:2f:27:0d:38:97:53:06: 8a:6e:92:05:f2:79:90:5d:41:01:f0:7c:20:d9:20: 59:b2:da:18:3e:df:47:c7:b7:c7:11:9f:08:76:45: a7:e4:e6:e8:fd:0b:d9:f0:ac:b5:fe:cf:56:2d:fa: 4e:5c:09:f8:c9:e7:ab:34:48:26:61:57:ab:80:c1: f7:e5:e0:d7:39:e8:d7:1f:46:89:ee:ac:f2:40:eb: 0c:94:64:3a:bc:cb:f2:f6:ff:f1:ad:e3:06:f4:52: 15:ab:12:17:e0:f4:d8:64:fa:67:c0:47:ba:fc:e0: 3f:a9:e2:f6:f1:b8:57:5b:fd:03:db:97:76:83:67: f0:0b:99:ba:95:29:22:2b:a5:82:35:a0:f7:a6:de: ab:56:d9:53:d2:56:82:a0:63:4d:13:39:0c:10:bd: b3:d4:f2:ae:87:83:fc:22:d7:0f:49:47:a4:6a:ac: cf:c9:17:21:1e:8e:b9:21:06:f5:48:f6:25:bb:aa: b6:d9:b7:66:b7:7e:a8:c3:0a:dd:0d:6e:8e:d8:e1: 8f:5c:a9:92:35:e7:95:fb:4e:ab:65:47:29:c9:69: 76:e5:b1:50:8b:12:33:7f:3d:62:0d:52:70:27:ce: 2b:bf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5C:FD:53:79:06:72:75:CA:61:8E:39:9B:45:7A:BF:1D:6A:CF:D6:09 X509v3 Authority Key Identifier: keyid:21:DC:87:59:65:C2:BA:61:D1:DA:CB:B4:8D:EE:14:05:54:AA:5A:EF X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2620/IdyHWWXCumHR2su0je4UBVSqWu8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/IdyHWWXCumHR2su0je4UBVSqWu8.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2620/XP1TeQZydcphjjmbRXq_HWrP1gk.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 40.126.64.0/18 Signature Algorithm: sha256WithRSAEncryption 87:20:2c:6a:28:ff:19:a4:33:c3:9d:c8:1b:02:90:1f:16:72: a6:1f:29:a2:93:39:eb:27:bd:0d:f2:d7:21:5d:bf:b4:c4:99: 38:4c:5e:16:e0:03:66:72:cc:49:5c:7e:82:f2:16:13:b5:f4: 4e:81:37:26:ab:6b:56:4f:c8:44:9f:5c:22:ba:9a:8f:da:aa: ea:7a:14:69:d5:4a:8f:89:11:1f:d6:20:59:c0:59:db:be:6b: 14:74:5a:c9:79:a4:fc:55:1a:3e:8c:e8:a2:60:cd:80:47:a1: 3f:25:2b:41:8b:ed:0d:20:f6:0d:2a:18:c4:a7:1e:ba:7a:d5: 04:c3:6f:ed:df:b7:d5:7e:5a:fa:03:f3:30:6c:c0:19:13:37: fe:c2:04:eb:98:db:29:c8:c0:58:ce:36:4a:a1:c2:72:e8:31: 9a:d1:b3:65:7b:21:3c:6b:86:cb:2f:7f:08:b1:6e:93:f3:dc: 3a:08:b7:ce:4e:26:62:b5:bb:51:e1:cb:43:ea:70:3b:bd:7f: 4c:25:78:cc:74:7c:93:c3:3a:7e:de:fb:55:6e:d0:2b:54:b7: 96:89:86:e4:1e:69:fd:bd:09:84:af:0c:82:c6:85:68:24:71: d5:3f:56:63:27:12:25:81:1e:66:87:83:f5:2e:31:48:e9:a7: a8:ab:1e:58 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICGfQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMjFE Qzg3NTk2NUMyQkE2MUQxREFDQkI0OERFRTE0MDU1NEFBNUFFRjAeFw0yNjAxMjYw NjUyNTlaFw0yNzAxMDkwODIzMThaMDMxMTAvBgNVBAMTKDVDRkQ1Mzc5MDY3Mjc1 Q0E2MThFMzk5QjQ1N0FCRjFENkFDRkQ2MDkwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDEBodNIHORDZtrn1YU6OkDP8kBJhJ8LycNOJdTBopukgXyeZBd QQHwfCDZIFmy2hg+30fHt8cRnwh2Rafk5uj9C9nwrLX+z1Yt+k5cCfjJ56s0SCZh V6uAwffl4Nc56NcfRonurPJA6wyUZDq8y/L2//Gt4wb0UhWrEhfg9Nhk+mfAR7r8 4D+p4vbxuFdb/QPbl3aDZ/ALmbqVKSIrpYI1oPem3qtW2VPSVoKgY00TOQwQvbPU 8q6Hg/wi1w9JR6RqrM/JFyEejrkhBvVI9iW7qrbZt2a3fqjDCt0Nbo7Y4Y9cqZI1 55X7TqtlRynJaXblsVCLEjN/PWINUnAnziu/AgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUXP1TeQZydcphjjmbRXq/HWrP1gkwHwYDVR0jBBgwFoAUIdyHWWXCumHR2su0 je4UBVSqWu8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjYy MC9JZHlIV1dYQ3VtSFIyc3UwamU0VUJWU3FXdTguY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0lkeUhXV1hDdW1IUjJzdTBqZTRVQlZTcVd1OC5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI2MjAvWFAxVGVRWnlkY3Bo amptYlJYcV9IV3JQMWdrLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEBih+QDANBgkqhkiG9w0BAQsFAAOCAQEAhyAsaij/GaQzw53IGwKQHxZyph8p opM56ye9DfLXIV2/tMSZOExeFuADZnLMSVx+gvIWE7X0ToE3JqtrVk/IRJ9cIrqa j9qq6noUadVKj4kRH9YgWcBZ275rFHRayXmk/FUaPozoomDNgEehPyUrQYvtDSD2 DSoYxKceunrVBMNv7d+31X5a+gPzMGzAGRM3/sIE65jbKcjAWM42SqHCcugxmtGz ZXshPGuGyy9/CLFuk/PcOgi3zk4mYrW7UeHLQ+pwO71/TCV4zHR8k8M6ft77VW7Q K1S3lomG5B5p/b0JhK8MgsaFaCRx1T9WYycSJYEeZoeD9S4xSOmnqKseWA== -----END CERTIFICATE-----Generated at Mon Mar 2 13:09:35 2026 by rpki-client