$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2620/sXRYBTCKcMpSiWX_yFhSaEpfkyI.roa File: sXRYBTCKcMpSiWX_yFhSaEpfkyI.roa (raw, json) Hash identifier: 8ZOnG7e/zdHiCxRQy4SRsPJUWEv5xkL//vABQV+ATG8= Subject key identifier: B1:74:58:05:30:8A:70:CA:52:89:65:FF:C8:58:52:68:4A:5F:93:22 Certificate issuer: /CN=21DC875965C2BA61D1DACBB48DEE140554AA5AEF Certificate serial: 1A00 Authority key identifier: 21:DC:87:59:65:C2:BA:61:D1:DA:CB:B4:8D:EE:14:05:54:AA:5A:EF Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/IdyHWWXCumHR2su0je4UBVSqWu8.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2620/sXRYBTCKcMpSiWX_yFhSaEpfkyI.roa Signing time: Mon 26 Jan 2026 06:53:02 +0000 ROA not before: Mon 26 Jan 2026 06:53:02 +0000 ROA not after: Sat 09 Jan 2027 08:23:18 +0000 asID: 58593 IP address blocks: 139.219.128.0/17 maxlen: 32 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2620/IdyHWWXCumHR2su0je4UBVSqWu8.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2620/IdyHWWXCumHR2su0je4UBVSqWu8.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/IdyHWWXCumHR2su0je4UBVSqWu8.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 02 Mar 2026 15:58:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6656 (0x1a00) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=21DC875965C2BA61D1DACBB48DEE140554AA5AEF Validity Not Before: Jan 26 06:53:02 2026 GMT Not After : Jan 9 08:23:18 2027 GMT Subject: CN=B1745805308A70CA528965FFC85852684A5F9322 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:5a:ac:bb:71:84:da:38:90:d9:aa:60:f3:3e: 85:3b:df:36:0a:d4:57:6b:e0:29:4b:79:03:30:85: 88:3c:83:71:5e:9f:fe:c6:4a:d3:74:7b:09:27:fa: 50:a5:1f:95:e4:85:dc:a1:0a:bf:94:0a:14:4f:78: b1:90:99:91:5a:55:d2:1f:cc:33:a1:3b:38:11:20: 4b:45:7f:a7:d4:ab:9c:0e:0e:d7:bf:d4:cf:ae:8c: 96:95:f6:77:16:e1:75:e4:62:b9:69:3a:65:15:50: 61:85:46:6a:6b:11:1e:c6:c6:85:a4:c7:c9:fe:a5: c4:ce:41:5a:1f:69:74:9c:3a:c0:f7:6f:56:51:48: a1:fe:4a:19:22:0a:1f:94:c2:c8:2c:0e:c3:8e:73: 6b:b3:e6:b6:1e:41:df:06:4e:95:8b:53:cd:d7:b8: 11:78:42:1f:0d:85:c6:cb:0a:5f:35:62:05:82:3a: 94:c6:f7:be:83:f9:74:09:cf:a7:a9:3d:9b:8c:b8: eb:d3:86:b6:57:45:09:21:2e:36:03:30:64:8a:d2: 81:50:f8:d4:4b:83:a5:e4:65:a5:ac:d3:c9:00:f7: 43:af:af:70:78:ca:e5:b4:36:ec:9f:27:97:d0:1b: 83:8e:d3:04:2b:d4:41:a8:ba:6f:cd:c3:93:dc:6a: c8:b9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B1:74:58:05:30:8A:70:CA:52:89:65:FF:C8:58:52:68:4A:5F:93:22 X509v3 Authority Key Identifier: keyid:21:DC:87:59:65:C2:BA:61:D1:DA:CB:B4:8D:EE:14:05:54:AA:5A:EF X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2620/IdyHWWXCumHR2su0je4UBVSqWu8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/IdyHWWXCumHR2su0je4UBVSqWu8.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2620/sXRYBTCKcMpSiWX_yFhSaEpfkyI.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 139.219.128.0/17 Signature Algorithm: sha256WithRSAEncryption 0d:34:b6:47:41:fd:54:00:ee:0b:f0:5a:d7:92:5e:cd:17:39: b8:e3:89:ed:7a:e3:23:78:68:0f:2c:34:8f:ea:3e:b9:77:5c: 92:3e:98:0f:ce:aa:af:41:76:f4:db:3e:e3:5e:33:3a:b1:68: c3:a8:c9:3c:7c:69:13:ab:72:8b:dc:0e:c5:88:a3:30:1f:94: 81:83:1e:fa:4e:ff:1f:a6:bf:69:6a:ae:84:61:38:52:85:b9: 6f:5c:1b:e8:be:b5:e1:77:b4:79:e7:76:de:01:14:ac:7e:a4: 35:23:33:2f:52:f8:da:5b:16:16:8c:fb:fa:3d:2e:12:1a:5e: 79:65:0b:17:c3:8a:1c:55:b6:e1:40:dc:5f:59:bb:32:fc:1e: 36:d4:35:01:7b:52:bf:00:c4:b3:5d:17:51:58:8d:32:3f:e1: 8e:5a:ba:51:4b:07:18:b2:a5:66:f7:7e:0d:d1:5c:b0:05:4b: 82:e4:92:ad:42:22:a3:51:bf:9b:21:84:63:ee:36:5e:46:53: fb:f4:a0:66:1e:16:97:c7:39:39:e5:be:3f:c2:92:37:ba:f3: 07:10:96:88:69:a7:dc:0d:b0:f9:83:32:44:c9:ba:43:24:4f: 0e:2b:ae:c5:96:d6:82:53:c0:9b:d7:ea:ce:3c:35:2a:57:07: 19:83:10:63 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICGgAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMjFE Qzg3NTk2NUMyQkE2MUQxREFDQkI0OERFRTE0MDU1NEFBNUFFRjAeFw0yNjAxMjYw NjUzMDJaFw0yNzAxMDkwODIzMThaMDMxMTAvBgNVBAMTKEIxNzQ1ODA1MzA4QTcw Q0E1Mjg5NjVGRkM4NTg1MjY4NEE1RjkzMjIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDHWqy7cYTaOJDZqmDzPoU73zYK1Fdr4ClLeQMwhYg8g3Fen/7G StN0ewkn+lClH5XkhdyhCr+UChRPeLGQmZFaVdIfzDOhOzgRIEtFf6fUq5wODte/ 1M+ujJaV9ncW4XXkYrlpOmUVUGGFRmprER7GxoWkx8n+pcTOQVofaXScOsD3b1ZR SKH+ShkiCh+UwsgsDsOOc2uz5rYeQd8GTpWLU83XuBF4Qh8NhcbLCl81YgWCOpTG 976D+XQJz6epPZuMuOvThrZXRQkhLjYDMGSK0oFQ+NRLg6XkZaWs08kA90Ovr3B4 yuW0NuyfJ5fQG4OO0wQr1EGoum/Nw5Pcasi5AgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUsXRYBTCKcMpSiWX/yFhSaEpfkyIwHwYDVR0jBBgwFoAUIdyHWWXCumHR2su0 je4UBVSqWu8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjYy MC9JZHlIV1dYQ3VtSFIyc3UwamU0VUJWU3FXdTguY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0lkeUhXV1hDdW1IUjJzdTBqZTRVQlZTcVd1OC5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI2MjAvc1hSWUJUQ0tjTXBT aVdYX3lGaFNhRXBma3lJLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEB4vbgDANBgkqhkiG9w0BAQsFAAOCAQEADTS2R0H9VADuC/Ba15JezRc5uOOJ 7XrjI3hoDyw0j+o+uXdckj6YD86qr0F29Ns+414zOrFow6jJPHxpE6tyi9wOxYij MB+UgYMe+k7/H6a/aWquhGE4UoW5b1wb6L614Xe0eed23gEUrH6kNSMzL1L42lsW Foz7+j0uEhpeeWULF8OKHFW24UDcX1m7MvweNtQ1AXtSvwDEs10XUViNMj/hjlq6 UUsHGLKlZvd+DdFcsAVLguSSrUIio1G/myGEY+42XkZT+/SgZh4Wl8c5OeW+P8KS N7rzBxCWiGmn3A2w+YMyRMm6QyRPDiuuxZbWglPAm9fqzjw1KlcHGYMQYw== -----END CERTIFICATE-----Generated at Mon Mar 2 13:09:37 2026 by rpki-client