$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/316/DpbZafH-uVMo5n7ezralC3j2JtA.roa File: DpbZafH-uVMo5n7ezralC3j2JtA.roa (raw, json) Hash identifier: GhT+pCPLXlD9qKOz1XipOv0gFhQn6nlpvIuA7PTnwE8= Subject key identifier: 0E:96:D9:69:F1:FE:B9:53:28:E6:7E:DE:CE:B6:A5:0B:78:F6:26:D0 Certificate issuer: /CN=4BC6A9B58BBEEAD50DDD48F844782C8294A18B39 Certificate serial: 1BF0 Authority key identifier: 4B:C6:A9:B5:8B:BE:EA:D5:0D:DD:48:F8:44:78:2C:82:94:A1:8B:39 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/S8aptYu-6tUN3Uj4RHgsgpShizk.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/316/DpbZafH-uVMo5n7ezralC3j2JtA.roa Signing time: Mon 26 Jan 2026 07:00:53 +0000 ROA not before: Mon 26 Jan 2026 07:00:53 +0000 ROA not after: Sat 09 Jan 2027 08:23:18 +0000 asID: 38378 IP address blocks: 103.92.88.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/316/S8aptYu-6tUN3Uj4RHgsgpShizk.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/316/S8aptYu-6tUN3Uj4RHgsgpShizk.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/S8aptYu-6tUN3Uj4RHgsgpShizk.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 02 Mar 2026 13:29:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7152 (0x1bf0) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4BC6A9B58BBEEAD50DDD48F844782C8294A18B39 Validity Not Before: Jan 26 07:00:53 2026 GMT Not After : Jan 9 08:23:18 2027 GMT Subject: CN=0E96D969F1FEB95328E67EDECEB6A50B78F626D0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:88:f7:7c:d6:47:ba:a5:b0:30:b7:dd:73:46: f2:1a:83:05:00:6b:21:2e:75:e1:86:4b:28:e0:0d: d3:e9:e7:fd:27:e1:9e:8a:a7:a5:66:dc:80:a2:be: 55:6a:9d:84:5b:b8:69:77:8d:b2:55:da:da:90:8a: 6f:19:e7:2a:f8:c3:e7:56:6e:50:d1:6b:22:b5:ab: 3f:b3:6e:e5:68:ad:2f:53:f5:55:41:b1:3e:6a:c1: b6:84:b3:c8:cc:20:a4:c5:10:b1:c5:d6:4e:96:5e: 3f:ab:51:16:6c:bb:73:11:e4:b2:e6:2c:d2:82:3e: b7:da:6e:77:8d:7d:17:f4:5d:15:f8:d4:21:25:b0: dc:22:c6:01:5e:dc:cb:a8:23:fd:73:4a:8a:4d:c0: 60:30:06:d0:84:d5:5b:aa:61:7f:5c:c9:26:ab:df: 2a:6d:1e:80:6b:3c:a9:03:5a:bb:34:e2:c8:47:46: 51:74:b1:2e:06:b9:fc:e2:13:b7:c1:e4:72:d5:d2: aa:86:d7:ef:24:c0:99:76:4f:27:6c:85:1a:d3:cf: 9c:20:e2:00:f9:ef:b7:d7:01:34:f6:8f:c2:81:9d: 02:ce:e5:8e:b8:6b:da:7f:66:fd:63:8e:d5:b7:57: 68:43:41:9f:16:5d:3e:b8:dd:f5:15:ed:8a:24:a8: 3a:33 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0E:96:D9:69:F1:FE:B9:53:28:E6:7E:DE:CE:B6:A5:0B:78:F6:26:D0 X509v3 Authority Key Identifier: keyid:4B:C6:A9:B5:8B:BE:EA:D5:0D:DD:48:F8:44:78:2C:82:94:A1:8B:39 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/316/S8aptYu-6tUN3Uj4RHgsgpShizk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/S8aptYu-6tUN3Uj4RHgsgpShizk.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/316/DpbZafH-uVMo5n7ezralC3j2JtA.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.92.88.0/22 Signature Algorithm: sha256WithRSAEncryption 95:6a:fc:b0:e3:a8:a1:a7:82:a6:76:56:02:38:ff:2c:42:35: cf:e0:26:18:54:09:5a:88:14:ce:d2:2b:2a:57:70:c0:60:bd: a6:23:3d:9e:35:ad:63:84:21:f7:75:55:ac:be:4a:b6:1f:83: b8:13:2a:5d:4a:3a:65:e9:bf:a4:75:82:07:73:f3:88:db:71: 4e:00:1b:41:01:0d:3a:31:ef:9d:b9:64:d9:06:8c:51:a9:1d: 7d:9f:df:7c:17:67:43:96:7a:cb:f8:d7:85:f2:6d:f1:4f:e2: 73:e6:d6:c6:2b:fe:8e:ed:24:d5:e1:06:65:e2:01:80:3f:5e: 66:ad:ea:2c:fd:e0:b2:51:9d:2c:62:61:b6:ff:5a:5c:ff:2f: b8:cb:90:0f:51:83:c2:af:ac:84:f9:ee:ee:a4:c4:a3:a8:0e: a2:c9:ad:5d:91:f0:07:c2:84:0d:4b:fc:bc:dd:cc:79:29:3b: dc:0d:1b:8e:57:c7:bc:e2:75:c2:96:b4:5b:ec:f7:8b:ca:3f: d9:a0:38:79:c1:29:0c:14:15:07:de:ea:9d:0c:d4:f5:ce:98: 0e:8b:d5:0c:f8:89:fa:f8:06:5c:df:2e:62:54:a6:b9:f9:38: 00:5d:7f:5b:ad:da:4e:b0:9b:7c:4e:e0:f6:31:b5:26:78:80: d0:12:9c:d8 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICG/AwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNEJD NkE5QjU4QkJFRUFENTBEREQ0OEY4NDQ3ODJDODI5NEExOEIzOTAeFw0yNjAxMjYw NzAwNTNaFw0yNzAxMDkwODIzMThaMDMxMTAvBgNVBAMTKDBFOTZEOTY5RjFGRUI5 NTMyOEU2N0VERUNFQjZBNTBCNzhGNjI2RDAwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCsiPd81ke6pbAwt91zRvIagwUAayEudeGGSyjgDdPp5/0n4Z6K p6Vm3ICivlVqnYRbuGl3jbJV2tqQim8Z5yr4w+dWblDRayK1qz+zbuVorS9T9VVB sT5qwbaEs8jMIKTFELHF1k6WXj+rURZsu3MR5LLmLNKCPrfabneNfRf0XRX41CEl sNwixgFe3MuoI/1zSopNwGAwBtCE1VuqYX9cySar3yptHoBrPKkDWrs04shHRlF0 sS4GufziE7fB5HLV0qqG1+8kwJl2TydshRrTz5wg4gD577fXATT2j8KBnQLO5Y64 a9p/Zv1jjtW3V2hDQZ8WXT643fUV7YokqDozAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUDpbZafH+uVMo5n7ezralC3j2JtAwHwYDVR0jBBgwFoAUS8aptYu+6tUN3Uj4 RHgsgpShizkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzE2 L1M4YXB0WXUtNnRVTjNVajRSSGdzZ3BTaGl6ay5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvUzhhcHRZdS02dFVOM1VqNFJIZ3NncFNoaXprLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzE2L0RwYlphZkgtdVZNbzVu N2V6cmFsQzNqMkp0QS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAJnXFgwDQYJKoZIhvcNAQELBQADggEBAJVq/LDjqKGngqZ2VgI4/yxCNc/gJhhU CVqIFM7SKypXcMBgvaYjPZ41rWOEIfd1Vay+SrYfg7gTKl1KOmXpv6R1ggdz84jb cU4AG0EBDTox7525ZNkGjFGpHX2f33wXZ0OWesv414XybfFP4nPm1sYr/o7tJNXh BmXiAYA/Xmat6iz94LJRnSxiYbb/Wlz/L7jLkA9Rg8KvrIT57u6kxKOoDqLJrV2R 8AfChA1L/LzdzHkpO9wNG45Xx7zidcKWtFvs94vKP9mgOHnBKQwUFQfe6p0M1PXO mA6L1Qz4ifr4BlzfLmJUprn5OABdf1ut2k6wm3xO4PYxtSZ4gNASnNg= -----END CERTIFICATE-----Generated at Mon Mar 2 13:09:40 2026 by rpki-client