$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2620/af-EHeZo6e596vaEvKVTWaEoJDY.roa File: af-EHeZo6e596vaEvKVTWaEoJDY.roa (raw, json) Hash identifier: 42ybUlFkcRnHHyu/iHLBkUynJTFqDwMneXSD1BVYLas= Subject key identifier: 69:FF:84:1D:E6:68:E9:EE:7D:EA:F6:84:BC:A5:53:59:A1:28:24:36 Certificate issuer: /CN=21DC875965C2BA61D1DACBB48DEE140554AA5AEF Certificate serial: 19FB Authority key identifier: 21:DC:87:59:65:C2:BA:61:D1:DA:CB:B4:8D:EE:14:05:54:AA:5A:EF Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/IdyHWWXCumHR2su0je4UBVSqWu8.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2620/af-EHeZo6e596vaEvKVTWaEoJDY.roa Signing time: Mon 26 Jan 2026 06:53:01 +0000 ROA not before: Mon 26 Jan 2026 06:53:01 +0000 ROA not after: Sat 09 Jan 2027 08:23:18 +0000 asID: 58593 IP address blocks: 52.130.0.0/20 maxlen: 32 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2620/IdyHWWXCumHR2su0je4UBVSqWu8.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2620/IdyHWWXCumHR2su0je4UBVSqWu8.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/IdyHWWXCumHR2su0je4UBVSqWu8.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 02 Mar 2026 15:58:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6651 (0x19fb) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=21DC875965C2BA61D1DACBB48DEE140554AA5AEF Validity Not Before: Jan 26 06:53:01 2026 GMT Not After : Jan 9 08:23:18 2027 GMT Subject: CN=69FF841DE668E9EE7DEAF684BCA55359A1282436 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d4:22:58:6f:07:83:9e:22:7c:13:92:2b:21:79: b0:27:87:33:ac:14:ee:3e:64:99:ab:a2:01:32:7a: 6e:9c:30:17:62:de:8f:1a:ae:4e:a9:2c:d9:d6:89: 37:c3:a2:3f:38:bf:d3:92:3a:4f:2d:17:94:ee:59: a6:2d:20:65:33:25:bc:68:57:b9:7e:5b:b0:b1:e7: e4:b7:ef:62:84:a2:a7:20:ab:82:61:15:72:f4:39: 65:25:3d:b4:f4:d7:99:dd:6d:a9:16:20:31:85:fd: 35:87:c0:b3:15:80:ee:a4:4a:87:fd:f1:49:7b:c7: 79:ea:4d:a7:fe:85:5c:5f:c1:64:cf:43:3b:bf:2a: 13:ec:31:62:1c:71:b8:15:c6:23:93:a4:4e:d2:da: d9:2a:01:fe:e5:aa:af:36:cd:5f:b7:ab:2e:92:5a: 91:6a:9d:06:e5:d5:3c:0b:a9:83:77:41:59:2c:53: 4c:f5:b0:95:6b:19:91:6f:1d:a5:58:aa:1a:0a:c0: 54:4f:ba:ba:d0:45:1f:ab:a8:30:7f:90:1e:0d:6e: 57:76:42:c1:38:39:02:19:64:9f:1e:51:b3:b8:c3: 55:08:38:86:5a:2d:7a:06:5d:f4:ac:86:07:ba:5c: 92:be:f1:34:bd:0f:f0:2b:64:37:b9:9a:e8:2b:16: e9:a3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 69:FF:84:1D:E6:68:E9:EE:7D:EA:F6:84:BC:A5:53:59:A1:28:24:36 X509v3 Authority Key Identifier: keyid:21:DC:87:59:65:C2:BA:61:D1:DA:CB:B4:8D:EE:14:05:54:AA:5A:EF X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2620/IdyHWWXCumHR2su0je4UBVSqWu8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/IdyHWWXCumHR2su0je4UBVSqWu8.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2620/af-EHeZo6e596vaEvKVTWaEoJDY.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 52.130.0.0/20 Signature Algorithm: sha256WithRSAEncryption 14:4c:0d:ee:90:30:b1:d5:40:68:d4:cd:b7:59:e2:c3:8b:48: be:8e:40:7d:9f:fb:88:a3:da:0e:ae:fe:bd:28:5e:d9:fd:4a: a9:53:cd:c3:38:18:3c:ab:c2:62:6f:2c:5e:5f:fd:84:37:53: cc:05:28:82:7f:fb:33:ce:56:cf:b1:94:10:7e:5a:0a:6c:1c: f3:17:0f:a0:4f:27:80:2e:9e:7a:d4:54:2e:58:b6:c7:7a:a5: 23:28:bc:1a:f1:7f:d7:0f:f4:5a:d6:cd:ac:3f:7d:fa:8b:c8: b4:21:44:5b:a3:b0:64:97:f7:9b:b7:21:5e:99:ed:fa:d9:b9: aa:ea:04:fe:7d:0e:01:58:4d:cd:06:ca:62:e9:bc:6f:23:c5: 8b:4c:51:18:ae:77:0c:5a:a2:aa:5c:7a:0b:fc:50:38:fa:ea: ba:0e:6f:8f:f7:9b:c9:20:07:6e:5f:04:6b:eb:a3:ea:19:29: b1:74:76:a9:17:7d:6b:96:30:7f:19:b2:5e:90:29:3a:26:74: 4d:9d:03:fa:d6:8c:94:c3:3f:42:bd:56:d5:06:4b:12:26:0c: c5:53:3b:ec:cb:79:72:fc:41:7e:af:20:1c:c6:84:22:76:70: 53:9e:55:a5:9a:c8:8c:b8:fe:50:12:89:3a:12:49:01:65:2c: 80:ae:14:d5 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICGfswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMjFE Qzg3NTk2NUMyQkE2MUQxREFDQkI0OERFRTE0MDU1NEFBNUFFRjAeFw0yNjAxMjYw NjUzMDFaFw0yNzAxMDkwODIzMThaMDMxMTAvBgNVBAMTKDY5RkY4NDFERTY2OEU5 RUU3REVBRjY4NEJDQTU1MzU5QTEyODI0MzYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDUIlhvB4OeInwTkishebAnhzOsFO4+ZJmrogEyem6cMBdi3o8a rk6pLNnWiTfDoj84v9OSOk8tF5TuWaYtIGUzJbxoV7l+W7Cx5+S372KEoqcgq4Jh FXL0OWUlPbT015ndbakWIDGF/TWHwLMVgO6kSof98Ul7x3nqTaf+hVxfwWTPQzu/ KhPsMWIccbgVxiOTpE7S2tkqAf7lqq82zV+3qy6SWpFqnQbl1TwLqYN3QVksU0z1 sJVrGZFvHaVYqhoKwFRPurrQRR+rqDB/kB4Nbld2QsE4OQIZZJ8eUbO4w1UIOIZa LXoGXfSshge6XJK+8TS9D/ArZDe5mugrFumjAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUaf+EHeZo6e596vaEvKVTWaEoJDYwHwYDVR0jBBgwFoAUIdyHWWXCumHR2su0 je4UBVSqWu8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjYy MC9JZHlIV1dYQ3VtSFIyc3UwamU0VUJWU3FXdTguY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0lkeUhXV1hDdW1IUjJzdTBqZTRVQlZTcVd1OC5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI2MjAvYWYtRUhlWm82ZTU5 NnZhRXZLVlRXYUVvSkRZLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEBDSCADANBgkqhkiG9w0BAQsFAAOCAQEAFEwN7pAwsdVAaNTNt1niw4tIvo5A fZ/7iKPaDq7+vShe2f1KqVPNwzgYPKvCYm8sXl/9hDdTzAUogn/7M85Wz7GUEH5a Cmwc8xcPoE8ngC6eetRULli2x3qlIyi8GvF/1w/0WtbNrD99+ovItCFEW6OwZJf3 m7chXpnt+tm5quoE/n0OAVhNzQbKYum8byPFi0xRGK53DFqiqlx6C/xQOPrqug5v j/ebySAHbl8Ea+uj6hkpsXR2qRd9a5YwfxmyXpApOiZ0TZ0D+taMlMM/Qr1W1QZL EiYMxVM77Mt5cvxBfq8gHMaEInZwU55VpZrIjLj+UBKJOhJJAWUsgK4U1Q== -----END CERTIFICATE-----Generated at Mon Mar 2 14:49:48 2026 by rpki-client