$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3014/lCjpdRGi1In3rcyvqbMW9MPmCro.roa File: lCjpdRGi1In3rcyvqbMW9MPmCro.roa (raw, json) Hash identifier: y9iadCxbqUhsQQIQz7Wv5YAwuSCEPguidkveHZ/7ZA4= Subject key identifier: 94:28:E9:75:11:A2:D4:89:F7:AD:CC:AF:A9:B3:16:F4:C3:E6:0A:BA Certificate issuer: /CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9 Certificate serial: 18D1 Authority key identifier: 3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/lCjpdRGi1In3rcyvqbMW9MPmCro.roa Signing time: Tue 10 Feb 2026 05:00:42 +0000 ROA not before: Tue 10 Feb 2026 05:00:42 +0000 ROA not after: Fri 23 Oct 2026 03:01:03 +0000 asID: 55990 IP address blocks: 115.32.128.0/19 maxlen: 23 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 02 Mar 2026 13:28:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6353 (0x18d1) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9 Validity Not Before: Feb 10 05:00:42 2026 GMT Not After : Oct 23 03:01:03 2026 GMT Subject: CN=9428E97511A2D489F7ADCCAFA9B316F4C3E60ABA Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:07:17:9d:bd:2f:45:f8:e7:26:3b:ad:45:03: 5f:71:f2:74:06:96:8e:cb:3f:64:6a:02:d5:58:51: 5c:8f:2b:2d:d9:2f:5d:45:af:f7:69:3e:64:5d:a3: 86:97:b4:af:76:9b:80:4a:4e:85:45:b0:a1:10:2e: 74:bd:4e:69:64:44:8b:83:b8:43:3a:52:c8:79:4d: 81:79:ed:81:c3:7e:77:22:14:7c:29:7e:e2:2c:05: 1f:e1:9c:40:a4:b4:99:07:f4:38:1b:20:79:e5:4e: b4:3b:c2:bd:7a:5b:ed:6e:f2:6d:ad:52:62:0d:6a: ce:e1:87:23:0d:56:51:07:ec:c8:df:b8:46:a7:9c: e1:ca:3f:95:bb:6a:c8:87:48:aa:ce:52:f1:95:65: d1:a3:64:bf:86:48:a0:72:e7:0e:4d:be:83:dd:71: 91:0a:7e:eb:5f:c2:5f:76:2e:c0:4e:b2:28:af:87: e3:2f:76:9f:3f:35:d1:d4:28:15:3a:7d:95:66:1e: 17:62:7b:ef:6b:23:66:b7:09:03:af:ce:c8:e0:3a: 22:3b:8f:6c:c4:f6:e9:f0:da:b4:fb:bc:6c:15:b2: e6:03:03:e4:37:9c:86:31:55:38:11:af:ea:29:a0: bb:6b:2a:6b:31:b1:d2:9c:12:75:6b:7b:33:64:c0: 9f:a3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 94:28:E9:75:11:A2:D4:89:F7:AD:CC:AF:A9:B3:16:F4:C3:E6:0A:BA X509v3 Authority Key Identifier: keyid:3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/lCjpdRGi1In3rcyvqbMW9MPmCro.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 115.32.128.0/19 Signature Algorithm: sha256WithRSAEncryption 03:ec:07:7f:b6:0b:67:df:90:1d:37:bd:c5:cd:92:af:84:40: 21:57:fa:e3:54:5a:c3:2a:a1:76:7c:08:49:d8:da:86:13:1a: bd:ae:5b:fd:60:f8:f4:38:7e:cd:cb:76:72:63:76:9f:5a:5b: b4:ef:c4:6f:3b:22:af:d3:72:7d:c8:de:42:25:65:b7:06:50: 15:73:94:6e:cc:87:5c:5d:9a:64:c4:42:2e:d3:fe:5f:fb:f8: b3:e7:22:1e:1f:3f:ac:4d:b9:c5:a6:8b:c4:0e:cf:34:31:ef: da:fa:e5:42:b9:4e:c3:a7:2d:0f:44:74:12:85:ab:09:b1:6f: 03:3c:a2:17:34:35:bb:df:bd:2f:26:af:2f:49:2e:24:df:52: c9:fc:10:ee:64:f7:76:6a:2c:04:97:1d:c4:81:9f:98:21:76: f5:39:ee:3f:7d:11:00:af:a7:9d:e7:49:fe:77:60:08:3a:a7: f6:c7:16:6a:17:1f:e7:75:36:61:2a:5d:39:c8:4c:88:0a:53: a1:89:a1:51:47:0e:6c:29:0b:28:e8:0c:1a:ad:5b:61:e9:cc: cb:a5:c0:10:00:ad:f0:1a:ad:78:80:86:01:be:aa:d4:c1:5a: e1:77:e7:84:85:24:22:de:7e:0f:66:f0:96:f2:6f:e8:ad:58: 8e:73:82:ff -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICGNEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0FD RTEwQzgzODI5MkM2RkM3MDY1ODVCNDQ0RUJBRURDQTJBMTFCOTAeFw0yNjAyMTAw NTAwNDJaFw0yNjEwMjMwMzAxMDNaMDMxMTAvBgNVBAMTKDk0MjhFOTc1MTFBMkQ0 ODlGN0FEQ0NBRkE5QjMxNkY0QzNFNjBBQkEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCpBxedvS9F+OcmO61FA19x8nQGlo7LP2RqAtVYUVyPKy3ZL11F r/dpPmRdo4aXtK92m4BKToVFsKEQLnS9TmlkRIuDuEM6Ush5TYF57YHDfnciFHwp fuIsBR/hnECktJkH9DgbIHnlTrQ7wr16W+1u8m2tUmINas7hhyMNVlEH7MjfuEan nOHKP5W7asiHSKrOUvGVZdGjZL+GSKBy5w5NvoPdcZEKfutfwl92LsBOsiivh+Mv dp8/NdHUKBU6fZVmHhdie+9rI2a3CQOvzsjgOiI7j2zE9unw2rT7vGwVsuYDA+Q3 nIYxVTgRr+opoLtrKmsxsdKcEnVrezNkwJ+jAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUlCjpdRGi1In3rcyvqbMW9MPmCrowHwYDVR0jBBgwFoAUOs4QyDgpLG/HBlhb RE667coqEbkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzAx NC9PczRReURncExHX0hCbGhiUkU2Njdjb3FFYmsuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL09zNFF5RGdwTEdfSEJsaGJSRTY2N2NvcUViay5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwMTQvbENqcGRSR2kxSW4z cmN5dnFiTVc5TVBtQ3JvLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEBXMggDANBgkqhkiG9w0BAQsFAAOCAQEAA+wHf7YLZ9+QHTe9xc2Sr4RAIVf6 41RawyqhdnwISdjahhMava5b/WD49Dh+zct2cmN2n1pbtO/Ebzsir9NyfcjeQiVl twZQFXOUbsyHXF2aZMRCLtP+X/v4s+ciHh8/rE25xaaLxA7PNDHv2vrlQrlOw6ct D0R0EoWrCbFvAzyiFzQ1u9+9LyavL0kuJN9SyfwQ7mT3dmosBJcdxIGfmCF29Tnu P30RAK+nnedJ/ndgCDqn9scWahcf53U2YSpdOchMiApToYmhUUcObCkLKOgMGq1b YenMy6XAEACt8BqteICGAb6q1MFa4XfnhIUkIt5+D2bwlvJv6K1YjnOC/w== -----END CERTIFICATE-----Generated at Mon Mar 2 13:09:19 2026 by rpki-client