$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2620/XfQXOTKHpIzrhomPsrkB379Njg0.roa File: XfQXOTKHpIzrhomPsrkB379Njg0.roa (raw, json) Hash identifier: tm28prrsHHIdc/fagSX6t713I2/ncPkbX7nkWOP2hqs= Subject key identifier: 5D:F4:17:39:32:87:A4:8C:EB:86:89:8F:B2:B9:01:DF:BF:4D:8E:0D Certificate issuer: /CN=21DC875965C2BA61D1DACBB48DEE140554AA5AEF Certificate serial: 19FD Authority key identifier: 21:DC:87:59:65:C2:BA:61:D1:DA:CB:B4:8D:EE:14:05:54:AA:5A:EF Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/IdyHWWXCumHR2su0je4UBVSqWu8.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2620/XfQXOTKHpIzrhomPsrkB379Njg0.roa Signing time: Mon 26 Jan 2026 06:53:02 +0000 ROA not before: Mon 26 Jan 2026 06:53:02 +0000 ROA not after: Sat 09 Jan 2027 08:23:18 +0000 asID: 58593 IP address blocks: 139.219.0.0/17 maxlen: 32 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2620/IdyHWWXCumHR2su0je4UBVSqWu8.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2620/IdyHWWXCumHR2su0je4UBVSqWu8.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/IdyHWWXCumHR2su0je4UBVSqWu8.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 02 Mar 2026 10:58:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6653 (0x19fd) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=21DC875965C2BA61D1DACBB48DEE140554AA5AEF Validity Not Before: Jan 26 06:53:02 2026 GMT Not After : Jan 9 08:23:18 2027 GMT Subject: CN=5DF417393287A48CEB86898FB2B901DFBF4D8E0D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:ed:0c:c5:c4:c9:af:43:9a:6d:25:e1:f2:3a: fd:07:02:1b:db:e9:37:9c:52:ff:24:11:89:cf:99: d1:8c:2f:4c:63:73:30:58:56:9f:03:10:f4:05:1c: 60:aa:b5:42:a3:72:a9:02:08:ab:14:cd:40:be:07: d7:a2:ce:6c:a7:3a:c6:19:e5:7b:11:e1:1a:aa:94: 10:94:a1:94:18:c9:b6:10:3c:7c:d3:f7:e7:35:37: c3:99:2f:ef:83:63:a1:c9:65:44:e6:cf:0d:55:27: 21:69:73:8c:01:dc:d4:26:2b:dd:b9:db:7b:ca:6c: fb:68:14:c9:f9:42:53:73:f6:2f:58:75:9d:d2:af: 09:91:74:19:95:86:e2:1a:c6:6b:0c:bb:5d:db:65: 13:65:b0:ec:99:7d:04:16:65:d0:7e:39:86:a5:18: ae:e7:04:05:bc:22:6d:ba:2e:5f:8a:fb:d4:a1:e0: f3:b7:e8:60:aa:a0:15:28:09:b8:11:30:2d:0c:94: de:e2:3b:95:ba:07:52:9b:bf:30:ce:83:8f:17:f8: 4f:79:9f:08:0c:13:d4:70:6f:ca:cb:e5:dc:44:e2: 49:b0:d8:0d:91:1c:cf:82:f4:20:41:bc:c5:61:61: bd:4b:10:12:0c:04:c0:22:30:da:3f:f0:f9:cf:8e: a7:0f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5D:F4:17:39:32:87:A4:8C:EB:86:89:8F:B2:B9:01:DF:BF:4D:8E:0D X509v3 Authority Key Identifier: keyid:21:DC:87:59:65:C2:BA:61:D1:DA:CB:B4:8D:EE:14:05:54:AA:5A:EF X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2620/IdyHWWXCumHR2su0je4UBVSqWu8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/IdyHWWXCumHR2su0je4UBVSqWu8.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2620/XfQXOTKHpIzrhomPsrkB379Njg0.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 139.219.0.0/17 Signature Algorithm: sha256WithRSAEncryption 51:37:45:a4:d2:97:e1:63:3c:80:39:a9:96:10:02:db:41:db: 3f:2c:68:c9:7d:0e:22:ac:7c:79:3d:7d:ed:fe:9c:fc:f6:56: 3c:ff:2d:81:c9:c4:6f:8c:ec:47:84:02:5f:2a:ac:fd:d6:e5: 88:e4:3c:bb:28:da:6f:c7:e4:3f:ce:ee:90:38:5c:9c:06:db: ac:ea:5b:75:2d:7a:cd:1b:2b:cd:17:6a:1f:11:f2:f8:68:7d: 82:4f:25:76:76:28:06:0e:33:09:f6:6d:02:4d:b8:f6:ee:9c: 7c:8f:d8:9c:94:8a:85:32:8d:9f:42:6c:31:7e:de:3a:d4:1f: 46:d1:32:db:b1:76:30:68:3d:6d:e5:df:c7:f3:76:b5:43:d8: 50:6e:b4:95:e2:48:df:8d:0d:fa:e7:10:3a:b0:93:cb:4b:20: 77:1d:d4:5f:a5:02:f5:31:b0:d1:69:67:0b:d8:1c:c4:27:ef: 5f:e4:2c:83:f7:aa:ab:c0:e9:1d:0b:d8:30:bc:f0:33:2d:45: a8:31:b8:a3:e6:b9:05:ee:3d:28:b1:b3:c2:a9:89:d9:fd:7a: 8f:e9:9a:34:db:8d:ec:36:e9:46:5f:92:1c:27:3a:b4:4c:c9: 62:ad:bb:90:e8:d2:18:4c:23:61:4c:e5:9a:5c:03:ca:8f:b2: 88:2c:d4:1d -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICGf0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMjFE Qzg3NTk2NUMyQkE2MUQxREFDQkI0OERFRTE0MDU1NEFBNUFFRjAeFw0yNjAxMjYw NjUzMDJaFw0yNzAxMDkwODIzMThaMDMxMTAvBgNVBAMTKDVERjQxNzM5MzI4N0E0 OENFQjg2ODk4RkIyQjkwMURGQkY0RDhFMEQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDO7QzFxMmvQ5ptJeHyOv0HAhvb6TecUv8kEYnPmdGML0xjczBY Vp8DEPQFHGCqtUKjcqkCCKsUzUC+B9eizmynOsYZ5XsR4RqqlBCUoZQYybYQPHzT 9+c1N8OZL++DY6HJZUTmzw1VJyFpc4wB3NQmK92523vKbPtoFMn5QlNz9i9YdZ3S rwmRdBmVhuIaxmsMu13bZRNlsOyZfQQWZdB+OYalGK7nBAW8Im26Ll+K+9Sh4PO3 6GCqoBUoCbgRMC0MlN7iO5W6B1KbvzDOg48X+E95nwgME9Rwb8rL5dxE4kmw2A2R HM+C9CBBvMVhYb1LEBIMBMAiMNo/8PnPjqcPAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUXfQXOTKHpIzrhomPsrkB379Njg0wHwYDVR0jBBgwFoAUIdyHWWXCumHR2su0 je4UBVSqWu8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjYy MC9JZHlIV1dYQ3VtSFIyc3UwamU0VUJWU3FXdTguY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0lkeUhXV1hDdW1IUjJzdTBqZTRVQlZTcVd1OC5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI2MjAvWGZRWE9US0hwSXpy aG9tUHNya0IzNzlOamcwLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEB4vbADANBgkqhkiG9w0BAQsFAAOCAQEAUTdFpNKX4WM8gDmplhAC20HbPyxo yX0OIqx8eT197f6c/PZWPP8tgcnEb4zsR4QCXyqs/dbliOQ8uyjab8fkP87ukDhc nAbbrOpbdS16zRsrzRdqHxHy+Gh9gk8ldnYoBg4zCfZtAk249u6cfI/YnJSKhTKN n0JsMX7eOtQfRtEy27F2MGg9beXfx/N2tUPYUG60leJI340N+ucQOrCTy0sgdx3U X6UC9TGw0WlnC9gcxCfvX+Qsg/eqq8DpHQvYMLzwMy1FqDG4o+a5Be49KLGzwqmJ 2f16j+maNNuN7DbpRl+SHCc6tEzJYq27kOjSGEwjYUzlmlwDyo+yiCzUHQ== -----END CERTIFICATE-----Generated at Mon Mar 2 08:41:35 2026 by rpki-client