$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3246/QI7hCYlUpEmZ9XP7jFytqOC2BuA.roa File: QI7hCYlUpEmZ9XP7jFytqOC2BuA.roa (raw, json) Hash identifier: B2VQAR+V2rhUi27sQmZcUtpp8hpz/dZWRrNQEVQ6oSI= Subject key identifier: 40:8E:E1:09:89:54:A4:49:99:F5:73:FB:8C:5C:AD:A8:E0:B6:06:E0 Certificate issuer: /CN=7FFE6EB152FAF96D18BFC69FD3E3BF99862AA9F1 Certificate serial: 0F2A Authority key identifier: 7F:FE:6E:B1:52:FA:F9:6D:18:BF:C6:9F:D3:E3:BF:99:86:2A:A9:F1 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/f_5usVL6-W0Yv8af0-O_mYYqqfE.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3246/QI7hCYlUpEmZ9XP7jFytqOC2BuA.roa Signing time: Mon 26 Jan 2026 07:00:33 +0000 ROA not before: Mon 26 Jan 2026 07:00:33 +0000 ROA not after: Fri 23 Oct 2026 03:01:03 +0000 asID: 211392 IP address blocks: 210.87.73.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3246/f_5usVL6-W0Yv8af0-O_mYYqqfE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3246/f_5usVL6-W0Yv8af0-O_mYYqqfE.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/f_5usVL6-W0Yv8af0-O_mYYqqfE.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 02 Mar 2026 14:58:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3882 (0xf2a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=7FFE6EB152FAF96D18BFC69FD3E3BF99862AA9F1 Validity Not Before: Jan 26 07:00:33 2026 GMT Not After : Oct 23 03:01:03 2026 GMT Subject: CN=408EE1098954A44999F573FB8C5CADA8E0B606E0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9f:11:fd:1b:11:2a:ea:82:7e:f0:35:ef:8c:e9: 5e:bf:cb:d7:b8:92:ef:8b:9c:6a:05:d7:42:48:91: e0:5d:81:d9:27:bb:46:1e:eb:9b:50:de:85:48:5d: 48:7c:03:59:97:0e:b1:50:fe:7f:c7:4f:62:57:79: 29:e8:72:30:c6:fa:e9:4d:0c:1a:1b:ed:c5:e1:7f: bb:9b:2e:91:28:34:97:3f:6c:f5:43:6e:1a:a7:37: 1b:56:26:17:4e:c1:38:30:a0:15:91:7b:94:44:38: 76:0e:45:46:07:5e:3c:f7:9a:e3:0b:1f:08:2d:d7: 19:2b:54:af:09:8d:8d:c0:95:4b:b5:23:f8:f0:80: 14:64:8e:2e:4c:40:51:c1:87:fd:08:ac:fc:e6:04: 27:f5:f5:43:8f:69:b6:6c:9c:7f:89:be:6a:5d:53: c5:36:bf:da:2b:9b:e5:04:30:b1:52:1e:79:44:06: cf:e9:52:c8:77:a5:64:8d:87:d9:29:6b:22:e9:b5: 89:b7:24:97:da:17:13:8c:86:31:aa:a8:0d:55:03: b4:92:76:34:d9:67:a4:15:41:85:a8:9c:c9:76:f4: 97:44:3e:b9:5d:e7:4e:94:a7:e9:eb:b7:da:e4:33: c9:d7:17:93:b1:69:64:5d:ab:ad:aa:a9:4d:ef:10: 96:21 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 40:8E:E1:09:89:54:A4:49:99:F5:73:FB:8C:5C:AD:A8:E0:B6:06:E0 X509v3 Authority Key Identifier: keyid:7F:FE:6E:B1:52:FA:F9:6D:18:BF:C6:9F:D3:E3:BF:99:86:2A:A9:F1 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3246/f_5usVL6-W0Yv8af0-O_mYYqqfE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/f_5usVL6-W0Yv8af0-O_mYYqqfE.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3246/QI7hCYlUpEmZ9XP7jFytqOC2BuA.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 210.87.73.0/24 Signature Algorithm: sha256WithRSAEncryption 0a:59:4f:ce:de:b9:28:9e:91:ef:0b:56:59:df:e2:62:76:69: 59:f8:6c:dc:89:82:af:21:05:e2:c6:16:56:7b:fc:7e:05:5e: 38:cb:7b:77:a1:25:8f:d6:18:32:6a:1a:24:f3:4b:1d:45:3f: 47:93:06:76:80:3f:ee:71:53:d9:26:ae:fa:1f:c5:c2:0e:5b: 49:a9:61:37:8a:45:74:34:b2:96:47:d0:fe:1d:ea:4a:7e:5b: 17:b0:48:39:5e:92:c2:40:60:32:64:f3:dd:b3:fa:5e:29:ab: bb:e0:90:8e:6c:03:1d:9f:41:a5:73:f3:04:31:c2:a0:99:3c: 6b:36:f3:09:6a:a5:3b:e0:dc:bc:4b:a3:52:3b:5b:f5:ee:e4: 8d:74:bc:c6:a9:a6:c3:1f:41:20:e7:c5:8a:95:34:4b:8f:7d: 7a:53:d2:a2:cf:3a:ba:4b:56:43:47:84:59:c6:df:72:d9:9e: d7:78:9b:bc:36:47:b6:44:52:f3:cf:65:4e:e5:bd:7f:49:42: aa:93:17:4f:f1:b6:a1:7a:3f:6b:37:21:23:fb:90:32:42:16: d7:a4:3d:8e:b9:90:97:6e:2f:2a:70:ff:4d:18:10:54:9d:70: bb:2c:c1:e0:02:a6:8b:c4:c3:a4:28:8f:cc:d9:7d:d3:00:16: 13:01:db:cf -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICDyowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoN0ZG RTZFQjE1MkZBRjk2RDE4QkZDNjlGRDNFM0JGOTk4NjJBQTlGMTAeFw0yNjAxMjYw NzAwMzNaFw0yNjEwMjMwMzAxMDNaMDMxMTAvBgNVBAMTKDQwOEVFMTA5ODk1NEE0 NDk5OUY1NzNGQjhDNUNBREE4RTBCNjA2RTAwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCfEf0bESrqgn7wNe+M6V6/y9e4ku+LnGoF10JIkeBdgdknu0Ye 65tQ3oVIXUh8A1mXDrFQ/n/HT2JXeSnocjDG+ulNDBob7cXhf7ubLpEoNJc/bPVD bhqnNxtWJhdOwTgwoBWRe5REOHYORUYHXjz3muMLHwgt1xkrVK8JjY3AlUu1I/jw gBRkji5MQFHBh/0IrPzmBCf19UOPabZsnH+JvmpdU8U2v9orm+UEMLFSHnlEBs/p Ush3pWSNh9kpayLptYm3JJfaFxOMhjGqqA1VA7SSdjTZZ6QVQYWonMl29JdEPrld 506Up+nrt9rkM8nXF5OxaWRdq62qqU3vEJYhAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUQI7hCYlUpEmZ9XP7jFytqOC2BuAwHwYDVR0jBBgwFoAUf/5usVL6+W0Yv8af 0+O/mYYqqfEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzI0 Ni9mXzV1c1ZMNi1XMFl2OGFmMC1PX21ZWXFxZkUuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL2ZfNXVzVkw2LVcwWXY4YWYwLU9fbVlZcXFmRS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMyNDYvUUk3aENZbFVwRW1a OVhQN2pGeXRxT0MyQnVBLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEANJXSTANBgkqhkiG9w0BAQsFAAOCAQEACllPzt65KJ6R7wtWWd/iYnZpWfhs 3ImCryEF4sYWVnv8fgVeOMt7d6Elj9YYMmoaJPNLHUU/R5MGdoA/7nFT2Sau+h/F wg5bSalhN4pFdDSylkfQ/h3qSn5bF7BIOV6SwkBgMmTz3bP6Ximru+CQjmwDHZ9B pXPzBDHCoJk8azbzCWqlO+DcvEujUjtb9e7kjXS8xqmmwx9BIOfFipU0S499elPS os86uktWQ0eEWcbfctme13ibvDZHtkRS889lTuW9f0lCqpMXT/G2oXo/azchI/uQ MkIW16Q9jrmQl24vKnD/TRgQVJ1wuyzB4AKmi8TDpCiPzNl90wAWEwHbzw== -----END CERTIFICATE-----Generated at Mon Mar 2 13:09:39 2026 by rpki-client