$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2620/dtCK1EjXFWYXvcTKS3JoyKwOOgw.roa File: dtCK1EjXFWYXvcTKS3JoyKwOOgw.roa (raw, json) Hash identifier: lhkJ0q8p+wEHMs+h16MaGGdIX5J4f5+rwlOqLwX0Pg8= Subject key identifier: 76:D0:8A:D4:48:D7:15:66:17:BD:C4:CA:4B:72:68:C8:AC:0E:3A:0C Certificate issuer: /CN=CDEF7111DE98BD756D92B34D394DA2D39EFF9B8E Certificate serial: 19FA Authority key identifier: CD:EF:71:11:DE:98:BD:75:6D:92:B3:4D:39:4D:A2:D3:9E:FF:9B:8E Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/ze9xEd6YvXVtkrNNOU2i057_m44.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2620/dtCK1EjXFWYXvcTKS3JoyKwOOgw.roa Signing time: Mon 26 Jan 2026 06:53:03 +0000 ROA not before: Mon 26 Jan 2026 06:53:03 +0000 ROA not after: Sat 09 Jan 2027 08:23:18 +0000 asID: 58593 IP address blocks: 103.9.8.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2620/ze9xEd6YvXVtkrNNOU2i057_m44.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2620/ze9xEd6YvXVtkrNNOU2i057_m44.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/ze9xEd6YvXVtkrNNOU2i057_m44.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 02 Mar 2026 10:58:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6650 (0x19fa) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=CDEF7111DE98BD756D92B34D394DA2D39EFF9B8E Validity Not Before: Jan 26 06:53:03 2026 GMT Not After : Jan 9 08:23:18 2027 GMT Subject: CN=76D08AD448D7156617BDC4CA4B7268C8AC0E3A0C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:e5:1d:53:6b:aa:ad:51:c3:70:05:4b:2e:93: f8:8a:25:34:bb:df:64:3a:18:a9:fd:f3:4b:9e:79: 97:50:06:5e:a1:1d:70:5d:8a:ce:47:89:17:d4:29: 01:d4:e5:91:db:18:53:07:42:34:36:67:b0:af:5e: 88:06:8f:2c:2c:1f:3c:00:52:f8:b8:de:aa:34:2a: a0:aa:49:e5:47:8a:80:87:1a:18:8b:23:34:4b:76: 24:ad:d4:8a:44:fd:a2:c5:ba:6b:14:94:0d:2a:d7: d3:3e:a1:14:95:f4:7d:71:0f:99:06:5f:4f:d6:2c: 81:a9:d3:96:af:24:c5:55:73:4d:e2:a5:5b:52:61: 77:88:84:ee:fd:a1:ec:3d:3e:23:3d:0a:7e:38:2a: f7:0b:1f:3b:f0:bc:76:69:69:ac:58:2b:34:ca:b3: d5:70:04:e6:b2:d6:93:0d:b0:fe:8f:9a:34:de:12: 90:50:9d:bf:c7:d6:9a:d4:f4:0c:e6:d2:fb:7c:66: fc:24:2c:a9:5a:42:d8:7f:d4:fe:09:b2:61:a3:86: 4f:d1:90:f7:82:75:a8:d8:bc:ae:8b:47:7e:c5:4b: f5:95:41:f4:01:ad:21:5f:4d:ab:83:c2:7e:2a:30: a0:8d:c3:a4:79:7d:17:81:17:45:55:96:e6:03:6f: 73:df Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 76:D0:8A:D4:48:D7:15:66:17:BD:C4:CA:4B:72:68:C8:AC:0E:3A:0C X509v3 Authority Key Identifier: keyid:CD:EF:71:11:DE:98:BD:75:6D:92:B3:4D:39:4D:A2:D3:9E:FF:9B:8E X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2620/ze9xEd6YvXVtkrNNOU2i057_m44.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/ze9xEd6YvXVtkrNNOU2i057_m44.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2620/dtCK1EjXFWYXvcTKS3JoyKwOOgw.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.9.8.0/22 Signature Algorithm: sha256WithRSAEncryption 70:d2:b4:51:66:52:3a:17:d8:e3:4c:fb:9b:88:28:1f:85:df: a1:87:ce:ad:46:a2:1a:18:2f:cf:fd:4e:c1:c0:84:1d:5e:c9: f8:74:a8:77:b4:55:12:93:85:68:5b:47:9d:d1:93:60:3b:fe: cf:0e:90:a3:0d:d2:6f:45:27:e4:92:21:08:b8:e7:48:9d:29: 23:a0:7f:e3:c4:49:70:8f:b6:e6:da:03:2c:d7:bc:6b:52:f7: cb:8b:be:7c:12:0b:7e:47:bc:08:6c:c3:ce:cf:9e:ff:07:e9: 0a:10:99:af:c0:3e:79:fd:85:0e:a6:73:b6:7b:66:28:8c:09: 70:df:af:39:bc:b1:13:72:7b:98:26:85:8f:f5:7b:88:8a:7a: a4:8d:09:ea:24:4d:c8:bb:39:ca:18:ec:af:a4:a7:42:5a:3d: 89:89:eb:6d:e6:3e:1a:a5:ca:19:59:dd:07:1b:cf:1b:21:6b: 10:16:68:f9:1a:98:5e:20:85:b1:db:82:f5:84:98:d7:c8:31: 2d:a3:a9:f5:34:8d:a9:fe:22:15:ef:1a:b7:11:74:c4:c7:b5: 29:c1:72:57:eb:27:86:66:34:65:57:3a:8e:65:48:23:fe:0d: c2:8d:4e:4f:26:d9:34:3a:4d:cb:53:7f:70:1a:ed:bf:e7:b2: 8e:8b:f2:9c -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICGfowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQ0RF RjcxMTFERTk4QkQ3NTZEOTJCMzREMzk0REEyRDM5RUZGOUI4RTAeFw0yNjAxMjYw NjUzMDNaFw0yNzAxMDkwODIzMThaMDMxMTAvBgNVBAMTKDc2RDA4QUQ0NDhENzE1 NjYxN0JEQzRDQTRCNzI2OEM4QUMwRTNBMEMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDH5R1Ta6qtUcNwBUsuk/iKJTS732Q6GKn980ueeZdQBl6hHXBd is5HiRfUKQHU5ZHbGFMHQjQ2Z7CvXogGjywsHzwAUvi43qo0KqCqSeVHioCHGhiL IzRLdiSt1IpE/aLFumsUlA0q19M+oRSV9H1xD5kGX0/WLIGp05avJMVVc03ipVtS YXeIhO79oew9PiM9Cn44KvcLHzvwvHZpaaxYKzTKs9VwBOay1pMNsP6PmjTeEpBQ nb/H1prU9Azm0vt8ZvwkLKlaQth/1P4JsmGjhk/RkPeCdajYvK6LR37FS/WVQfQB rSFfTauDwn4qMKCNw6R5fReBF0VVluYDb3PfAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUdtCK1EjXFWYXvcTKS3JoyKwOOgwwHwYDVR0jBBgwFoAUze9xEd6YvXVtkrNN OU2i057/m44wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjYy MC96ZTl4RWQ2WXZYVnRrck5OT1UyaTA1N19tNDQuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL3plOXhFZDZZdlhWdGtyTk5PVTJpMDU3X200NC5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI2MjAvZHRDSzFFalhGV1lY dmNUS1MzSm95S3dPT2d3LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAmcJCDANBgkqhkiG9w0BAQsFAAOCAQEAcNK0UWZSOhfY40z7m4goH4XfoYfO rUaiGhgvz/1OwcCEHV7J+HSod7RVEpOFaFtHndGTYDv+zw6Qow3Sb0Un5JIhCLjn SJ0pI6B/48RJcI+25toDLNe8a1L3y4u+fBILfke8CGzDzs+e/wfpChCZr8A+ef2F DqZztntmKIwJcN+vObyxE3J7mCaFj/V7iIp6pI0J6iRNyLs5yhjsr6SnQlo9iYnr beY+GqXKGVndBxvPGyFrEBZo+RqYXiCFsduC9YSY18gxLaOp9TSNqf4iFe8atxF0 xMe1KcFyV+snhmY0ZVc6jmVII/4Nwo1OTybZNDpNy1N/cBrtv+eyjovynA== -----END CERTIFICATE-----Generated at Mon Mar 2 10:35:03 2026 by rpki-client