$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2620/lavSXflNsN2mcVZGIwlcHiGWriE.roa File: lavSXflNsN2mcVZGIwlcHiGWriE.roa (raw, json) Hash identifier: KL5BE0HysWO7038j+bAUuw6ihHXAMqSqwnjNMFnpuwA= Subject key identifier: 95:AB:D2:5D:F9:4D:B0:DD:A6:71:56:46:23:09:5C:1E:21:96:AE:21 Certificate issuer: /CN=21DC875965C2BA61D1DACBB48DEE140554AA5AEF Certificate serial: 19FC Authority key identifier: 21:DC:87:59:65:C2:BA:61:D1:DA:CB:B4:8D:EE:14:05:54:AA:5A:EF Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/IdyHWWXCumHR2su0je4UBVSqWu8.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2620/lavSXflNsN2mcVZGIwlcHiGWriE.roa Signing time: Mon 26 Jan 2026 06:53:01 +0000 ROA not before: Mon 26 Jan 2026 06:53:01 +0000 ROA not after: Sat 09 Jan 2027 08:23:18 +0000 asID: 58593 IP address blocks: 40.72.0.0/15 maxlen: 32 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2620/IdyHWWXCumHR2su0je4UBVSqWu8.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2620/IdyHWWXCumHR2su0je4UBVSqWu8.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/IdyHWWXCumHR2su0je4UBVSqWu8.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 02 Mar 2026 10:58:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6652 (0x19fc) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=21DC875965C2BA61D1DACBB48DEE140554AA5AEF Validity Not Before: Jan 26 06:53:01 2026 GMT Not After : Jan 9 08:23:18 2027 GMT Subject: CN=95ABD25DF94DB0DDA671564623095C1E2196AE21 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:74:12:1b:0f:20:15:f1:d8:6c:a5:77:5d:d4: 03:62:8a:a6:92:dd:36:94:0a:92:10:8b:fd:e6:a7: d3:b5:43:55:30:29:a9:dd:ca:9d:a0:e1:10:de:bc: f7:9b:10:2a:be:7f:33:c5:0f:a1:8b:40:6d:84:33: 02:36:01:71:c3:e3:d1:d5:d5:98:87:93:e8:73:eb: bb:49:c5:a1:20:7d:2b:14:83:21:d5:57:ca:a2:fd: ed:98:92:a3:21:89:bf:a6:f9:61:43:90:cd:14:0c: e9:6b:3b:99:09:5a:11:35:31:05:f4:ca:d7:37:2c: 04:8d:e8:55:6c:5b:43:8c:eb:95:8f:42:21:12:0c: 8f:b9:93:75:38:1d:59:9b:4d:c7:e8:d4:9c:5d:14: 94:d1:b3:9d:20:d8:45:e8:f9:6f:5a:7e:e4:5a:8c: 18:84:2e:20:a2:54:c4:b6:44:87:d7:c1:c5:b7:84: ae:40:66:a9:1c:97:84:c9:17:63:66:4b:f0:46:09: 14:92:07:51:67:94:ca:90:66:81:6b:aa:67:70:87: 95:1c:22:01:28:7b:5b:63:ac:51:de:04:5e:ab:c8: 19:b2:b8:83:f4:9a:0b:67:13:1f:7b:cd:c6:ac:ec: c3:02:52:80:6d:43:e9:fb:b6:ab:ce:bf:7e:60:ee: 83:db Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 95:AB:D2:5D:F9:4D:B0:DD:A6:71:56:46:23:09:5C:1E:21:96:AE:21 X509v3 Authority Key Identifier: keyid:21:DC:87:59:65:C2:BA:61:D1:DA:CB:B4:8D:EE:14:05:54:AA:5A:EF X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2620/IdyHWWXCumHR2su0je4UBVSqWu8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/IdyHWWXCumHR2su0je4UBVSqWu8.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2620/lavSXflNsN2mcVZGIwlcHiGWriE.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 40.72.0.0/15 Signature Algorithm: sha256WithRSAEncryption 09:c0:8f:ff:90:5a:86:4f:48:c4:42:75:56:6f:a3:ac:9a:e8: 37:8b:0c:78:cf:81:bf:e6:d7:8e:69:7d:f6:92:74:ef:79:6c: 34:b9:a8:bd:3f:a9:b9:4c:77:38:43:53:84:5e:7f:61:19:fb: 07:cf:e4:df:e8:ea:86:b4:1c:88:db:96:c9:83:5e:41:76:e5: 3e:19:09:4a:8e:97:a7:56:c7:18:a5:44:dc:7a:79:79:71:30: 80:a9:ca:f9:f0:05:30:3e:50:82:74:bf:1d:0e:95:da:a8:63: 40:09:24:48:b8:6c:c4:30:ba:52:2d:5c:8b:4b:7e:ff:0c:da: cc:84:93:51:48:ef:09:81:5e:0c:10:07:18:de:03:55:92:63: 85:71:93:4d:d3:03:7b:6e:a4:d8:7a:08:47:e1:e7:7f:29:4b: e1:f9:50:a2:52:5f:71:07:17:16:5f:dd:75:06:9d:aa:ac:74: 4f:93:01:f6:2b:e0:72:eb:4b:50:71:02:1a:40:45:2b:50:11: 34:e7:d3:b9:40:6c:0b:d0:ea:f5:05:24:d0:06:de:18:9a:b3: 66:28:73:28:62:34:df:b2:63:45:3f:f6:0c:64:fd:bf:81:24: 92:8f:3c:b2:cf:95:1b:3f:8e:a5:68:02:c0:d4:5b:70:27:41: d3:c4:02:8d -----BEGIN CERTIFICATE----- MIIE1jCCA76gAwIBAgICGfwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMjFE Qzg3NTk2NUMyQkE2MUQxREFDQkI0OERFRTE0MDU1NEFBNUFFRjAeFw0yNjAxMjYw NjUzMDFaFw0yNzAxMDkwODIzMThaMDMxMTAvBgNVBAMTKDk1QUJEMjVERjk0REIw RERBNjcxNTY0NjIzMDk1QzFFMjE5NkFFMjEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC4dBIbDyAV8dhspXdd1ANiiqaS3TaUCpIQi/3mp9O1Q1UwKand yp2g4RDevPebECq+fzPFD6GLQG2EMwI2AXHD49HV1ZiHk+hz67tJxaEgfSsUgyHV V8qi/e2YkqMhib+m+WFDkM0UDOlrO5kJWhE1MQX0ytc3LASN6FVsW0OM65WPQiES DI+5k3U4HVmbTcfo1JxdFJTRs50g2EXo+W9afuRajBiELiCiVMS2RIfXwcW3hK5A Zqkcl4TJF2NmS/BGCRSSB1FnlMqQZoFrqmdwh5UcIgEoe1tjrFHeBF6ryBmyuIP0 mgtnEx97zcas7MMCUoBtQ+n7tqvOv35g7oPbAgMBAAGjggHyMIIB7jAdBgNVHQ4E FgQUlavSXflNsN2mcVZGIwlcHiGWriEwHwYDVR0jBBgwFoAUIdyHWWXCumHR2su0 je4UBVSqWu8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjYy MC9JZHlIV1dYQ3VtSFIyc3UwamU0VUJWU3FXdTguY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0lkeUhXV1hDdW1IUjJzdTBqZTRVQlZTcVd1OC5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI2MjAvbGF2U1hmbE5zTjJt Y1ZaR0l3bGNIaUdXcmlFLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEw BQMDAShIMA0GCSqGSIb3DQEBCwUAA4IBAQAJwI//kFqGT0jEQnVWb6Osmug3iwx4 z4G/5teOaX32knTveWw0uai9P6m5THc4Q1OEXn9hGfsHz+Tf6OqGtByI25bJg15B duU+GQlKjpenVscYpUTcenl5cTCAqcr58AUwPlCCdL8dDpXaqGNACSRIuGzEMLpS LVyLS37/DNrMhJNRSO8JgV4MEAcY3gNVkmOFcZNN0wN7bqTYeghH4ed/KUvh+VCi Ul9xBxcWX911Bp2qrHRPkwH2K+By60tQcQIaQEUrUBE059O5QGwL0Or1BSTQBt4Y mrNmKHMoYjTfsmNFP/YMZP2/gSSSjzyyz5UbP46laALA1FtwJ0HTxAKN -----END CERTIFICATE-----Generated at Mon Mar 2 08:22:59 2026 by rpki-client