$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2620/_Qi0u_xsBCZh0RUOlAHMneI6usk.roa File: _Qi0u_xsBCZh0RUOlAHMneI6usk.roa (raw, json) Hash identifier: tNEGk6IOtihyy/XIhc/2jS3KpSE6LcMgnqkNJrMNKpI= Subject key identifier: FD:08:B4:BB:FC:6C:04:26:61:D1:15:0E:94:01:CC:9D:E2:3A:BA:C9 Certificate issuer: /CN=CDEF7111DE98BD756D92B34D394DA2D39EFF9B8E Certificate serial: 19F9 Authority key identifier: CD:EF:71:11:DE:98:BD:75:6D:92:B3:4D:39:4D:A2:D3:9E:FF:9B:8E Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/ze9xEd6YvXVtkrNNOU2i057_m44.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2620/_Qi0u_xsBCZh0RUOlAHMneI6usk.roa Signing time: Mon 26 Jan 2026 06:53:01 +0000 ROA not before: Mon 26 Jan 2026 06:53:01 +0000 ROA not after: Sat 09 Jan 2027 08:23:18 +0000 asID: 58593 IP address blocks: 2404:7940::/32 maxlen: 64 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2620/ze9xEd6YvXVtkrNNOU2i057_m44.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2620/ze9xEd6YvXVtkrNNOU2i057_m44.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/ze9xEd6YvXVtkrNNOU2i057_m44.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 02 Mar 2026 05:58:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6649 (0x19f9) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=CDEF7111DE98BD756D92B34D394DA2D39EFF9B8E Validity Not Before: Jan 26 06:53:01 2026 GMT Not After : Jan 9 08:23:18 2027 GMT Subject: CN=FD08B4BBFC6C042661D1150E9401CC9DE23ABAC9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f7:18:8a:41:65:c7:12:9b:a4:a1:78:71:b0:03: f2:21:70:d2:69:45:a7:aa:27:34:80:6a:5b:07:62: bd:f1:19:0f:fc:be:3b:88:a4:cf:30:ad:ea:ce:02: b0:45:03:e2:b7:85:75:7e:8a:62:fa:37:09:dc:fa: 30:75:ac:f8:27:55:05:62:46:8b:95:7e:b1:c3:79: f1:c3:f0:73:18:d8:40:6a:8b:9a:fb:83:3c:ac:82: b2:7b:ca:68:74:ef:b2:55:3b:43:15:e6:65:7b:e3: 11:ff:57:55:54:60:7a:ab:2f:79:8e:19:88:21:1b: 56:21:3a:0c:da:26:2b:2c:8f:a8:a4:4a:6f:d4:d4: c9:e1:af:53:82:f1:04:0c:3e:9c:9c:8c:85:d9:bb: 71:ac:88:7c:f6:7d:bd:26:6e:1e:cd:8d:8b:93:c9: 71:44:d8:5f:a8:3f:b5:e3:d9:e8:52:e8:56:fa:3c: 7d:be:b2:95:09:b9:c4:d3:89:cf:f7:ad:bd:96:8f: 25:ba:c8:e0:af:b1:20:e8:ea:8b:53:27:03:f3:df: 42:f8:4a:7f:ac:64:85:af:06:26:46:8f:96:2c:22: cf:af:7a:36:3b:6e:aa:f5:8d:80:8b:45:41:a1:36: ac:17:54:03:60:46:30:64:50:91:f0:81:25:b4:24: 84:6d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FD:08:B4:BB:FC:6C:04:26:61:D1:15:0E:94:01:CC:9D:E2:3A:BA:C9 X509v3 Authority Key Identifier: keyid:CD:EF:71:11:DE:98:BD:75:6D:92:B3:4D:39:4D:A2:D3:9E:FF:9B:8E X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2620/ze9xEd6YvXVtkrNNOU2i057_m44.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/ze9xEd6YvXVtkrNNOU2i057_m44.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2620/_Qi0u_xsBCZh0RUOlAHMneI6usk.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2404:7940::/32 Signature Algorithm: sha256WithRSAEncryption 18:d5:56:b7:31:bf:b6:0d:e9:80:bc:ef:70:c9:0d:ba:26:56: 98:ab:7e:a1:7d:64:22:86:4b:f0:6c:05:3b:0e:86:93:b6:72: 7d:a7:2a:c8:e6:86:64:7f:56:f5:40:27:e8:5a:1f:23:ca:ee: 68:8f:b6:97:c8:e2:b7:b4:bc:75:af:c4:1f:e4:89:ee:f7:65: db:c4:97:6c:85:9d:37:5c:20:33:49:2f:21:c1:4a:e1:f5:bf: 7f:44:f0:ab:55:94:96:94:50:c7:9d:d6:f6:42:5e:11:9e:88: f5:14:e7:81:49:89:b4:ec:a8:ad:af:ba:b8:a6:1d:45:83:8e: 6b:92:77:a2:29:99:d9:ca:22:3e:1a:80:c2:7c:a3:0c:e6:8b: a0:c6:4b:70:c2:dd:4d:5d:5f:f5:36:31:af:0e:b1:e6:eb:f9: 86:8a:f1:13:c8:f6:4e:e1:71:41:d0:b3:7c:f8:52:e3:14:aa: 3b:4f:7e:4f:26:8b:08:f7:be:69:4b:54:f2:e5:0a:39:45:b1: 94:fa:27:d1:47:b9:28:38:c3:eb:57:cf:ae:eb:c3:f9:56:8d: c0:8a:35:5c:24:c6:5e:63:a3:5f:0d:8a:ae:c4:09:d1:e9:a5: 73:f6:2f:58:f5:3a:7f:7c:17:29:1c:b1:4b:cd:07:a6:06:c7: 93:a9:40:15 -----BEGIN CERTIFICATE----- MIIE2DCCA8CgAwIBAgICGfkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQ0RF RjcxMTFERTk4QkQ3NTZEOTJCMzREMzk0REEyRDM5RUZGOUI4RTAeFw0yNjAxMjYw NjUzMDFaFw0yNzAxMDkwODIzMThaMDMxMTAvBgNVBAMTKEZEMDhCNEJCRkM2QzA0 MjY2MUQxMTUwRTk0MDFDQzlERTIzQUJBQzkwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQD3GIpBZccSm6SheHGwA/IhcNJpRaeqJzSAalsHYr3xGQ/8vjuI pM8wrerOArBFA+K3hXV+imL6Nwnc+jB1rPgnVQViRouVfrHDefHD8HMY2EBqi5r7 gzysgrJ7ymh077JVO0MV5mV74xH/V1VUYHqrL3mOGYghG1YhOgzaJissj6ikSm/U 1Mnhr1OC8QQMPpycjIXZu3GsiHz2fb0mbh7NjYuTyXFE2F+oP7Xj2ehS6Fb6PH2+ spUJucTTic/3rb2WjyW6yOCvsSDo6otTJwPz30L4Sn+sZIWvBiZGj5YsIs+vejY7 bqr1jYCLRUGhNqwXVANgRjBkUJHwgSW0JIRtAgMBAAGjggH0MIIB8DAdBgNVHQ4E FgQU/Qi0u/xsBCZh0RUOlAHMneI6uskwHwYDVR0jBBgwFoAUze9xEd6YvXVtkrNN OU2i057/m44wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjYy MC96ZTl4RWQ2WXZYVnRrck5OT1UyaTA1N19tNDQuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL3plOXhFZDZZdlhWdGtyTk5PVTJpMDU3X200NC5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI2MjAvX1FpMHVfeHNCQ1po MFJVT2xBSE1uZUk2dXNrLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIw BwMFACQEeUAwDQYJKoZIhvcNAQELBQADggEBABjVVrcxv7YN6YC873DJDbomVpir fqF9ZCKGS/BsBTsOhpO2cn2nKsjmhmR/VvVAJ+haHyPK7miPtpfI4re0vHWvxB/k ie73ZdvEl2yFnTdcIDNJLyHBSuH1v39E8KtVlJaUUMed1vZCXhGeiPUU54FJibTs qK2vurimHUWDjmuSd6IpmdnKIj4agMJ8owzmi6DGS3DC3U1dX/U2Ma8Osebr+YaK 8RPI9k7hcUHQs3z4UuMUqjtPfk8miwj3vmlLVPLlCjlFsZT6J9FHuSg4w+tXz67r w/lWjcCKNVwkxl5jo18Niq7ECdHppXP2L1j1On98FykcsUvNB6YGx5OpQBU= -----END CERTIFICATE-----Generated at Mon Mar 2 03:36:33 2026 by rpki-client