$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3418/AoYYwnAcS8KMMiGlwe5y5BVGSvE.roa File: AoYYwnAcS8KMMiGlwe5y5BVGSvE.roa (raw, json) Hash identifier: srtZ4DM1gKafG3BNbYGZM2h4BgYnRACTG22udaAxFEo= Subject key identifier: 02:86:18:C2:70:1C:4B:C2:8C:32:21:A5:C1:EE:72:E4:15:46:4A:F1 Certificate issuer: /CN=22AEF97258F6A3FCB497CE1A71A7A91828DC2339 Certificate serial: 03 Authority key identifier: 22:AE:F9:72:58:F6:A3:FC:B4:97:CE:1A:71:A7:A9:18:28:DC:23:39 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Iq75clj2o_y0l84acaepGCjcIzk.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3418/AoYYwnAcS8KMMiGlwe5y5BVGSvE.roa Signing time: Fri 27 Feb 2026 04:18:56 +0000 ROA not before: Fri 27 Feb 2026 04:18:56 +0000 ROA not after: Sat 09 Jan 2027 08:23:18 +0000 asID: 137771 IP address blocks: 144.79.148.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3418/Iq75clj2o_y0l84acaepGCjcIzk.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3418/Iq75clj2o_y0l84acaepGCjcIzk.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Iq75clj2o_y0l84acaepGCjcIzk.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 02 Mar 2026 13:58:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3 (0x3) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=22AEF97258F6A3FCB497CE1A71A7A91828DC2339 Validity Not Before: Feb 27 04:18:56 2026 GMT Not After : Jan 9 08:23:18 2027 GMT Subject: CN=028618C2701C4BC28C3221A5C1EE72E415464AF1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:df:3a:bc:f2:28:82:d1:37:73:bb:7e:7a:1b:ba: 34:a3:ad:aa:d9:e9:10:b4:70:f3:13:81:99:64:46: 4e:b7:3e:1d:b6:3c:78:dc:f3:14:bb:d4:fa:ae:78: e5:44:35:50:c2:43:a0:97:e7:88:bb:10:b7:2e:dc: 89:aa:b7:3e:04:60:bc:be:06:9b:ee:47:35:14:08: 9e:2a:2d:74:42:1b:f0:2e:2c:a1:3e:34:a7:1e:68: 16:d8:da:0c:57:4b:0b:3b:40:7e:a7:bf:39:33:3e: 4d:6c:6e:28:2d:45:71:ec:92:73:24:7d:18:9d:3a: 75:f9:9c:53:24:92:b5:bc:10:37:68:c3:c1:1c:0d: 71:12:26:9c:2b:63:92:bf:7b:23:fc:57:67:8a:2c: 0c:66:4a:cf:8c:7c:a0:78:4e:bf:60:20:53:46:09: 12:d4:7c:9e:73:b5:ea:2f:bd:9b:d4:70:96:76:23: 73:08:a4:f8:fb:83:0b:01:7d:21:90:0f:0f:38:0a: 2c:a0:a8:31:04:8d:28:4a:cf:5a:33:92:ab:aa:b4: 7b:5a:25:96:a8:5d:f3:00:03:bb:25:46:be:13:33: be:69:b1:e3:60:b0:f7:da:7f:7c:c4:59:29:06:c5: ff:3e:87:37:93:28:aa:e4:0f:08:9a:03:e4:57:42: 12:87 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 02:86:18:C2:70:1C:4B:C2:8C:32:21:A5:C1:EE:72:E4:15:46:4A:F1 X509v3 Authority Key Identifier: keyid:22:AE:F9:72:58:F6:A3:FC:B4:97:CE:1A:71:A7:A9:18:28:DC:23:39 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3418/Iq75clj2o_y0l84acaepGCjcIzk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Iq75clj2o_y0l84acaepGCjcIzk.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3418/AoYYwnAcS8KMMiGlwe5y5BVGSvE.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 144.79.148.0/23 Signature Algorithm: sha256WithRSAEncryption 15:81:d9:d3:a5:7e:a7:c8:5e:90:18:9f:84:fd:c3:a6:02:c3: ba:38:a7:fa:76:fa:28:2a:ad:2a:7f:e2:42:18:7f:94:a7:96: d4:72:09:fa:93:ef:d1:eb:e1:5c:a2:52:c2:61:e4:87:58:d6: 7b:50:f3:78:14:85:47:4a:08:b2:26:7a:d5:c6:87:8f:2e:2b: 5e:71:ad:35:fa:64:c6:99:46:96:d2:7e:c8:d0:ae:e4:6c:db: 48:24:7f:dd:1b:63:98:c8:ef:50:d8:ff:2a:8b:1e:c7:ab:c8: 40:e7:e4:ae:5a:9b:d1:a0:43:75:04:ac:4d:bb:ea:7c:60:c1: 54:b8:17:39:83:6e:20:4f:8b:8b:43:f9:0f:60:d8:c3:d8:9f: 41:29:bc:64:74:ae:8a:2a:5f:44:ce:ac:49:56:07:83:c1:80: 67:2c:61:70:5c:c8:60:0c:39:3f:d4:13:fc:a9:d3:8a:e3:9c: 66:75:03:73:72:e1:6d:ec:b0:ca:12:c1:85:44:e0:35:3f:66: 2e:8d:3b:44:12:9d:1d:cf:b4:5d:33:b2:80:61:9e:6e:02:b0: 65:f1:8a:6b:8b:32:c7:1d:76:0e:2a:3b:ce:7d:d1:cb:2d:76: 3c:20:07:76:15:af:de:73:6b:81:ca:72:b1:98:c2:8f:2b:8b: 6b:a0:61:80 -----BEGIN CERTIFICATE----- MIIE1jCCA76gAwIBAgIBAzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygyMkFF Rjk3MjU4RjZBM0ZDQjQ5N0NFMUE3MUE3QTkxODI4REMyMzM5MB4XDTI2MDIyNzA0 MTg1NloXDTI3MDEwOTA4MjMxOFowMzExMC8GA1UEAxMoMDI4NjE4QzI3MDFDNEJD MjhDMzIyMUE1QzFFRTcyRTQxNTQ2NEFGMTCCASIwDQYJKoZIhvcNAQEBBQADggEP ADCCAQoCggEBAN86vPIogtE3c7t+ehu6NKOtqtnpELRw8xOBmWRGTrc+HbY8eNzz FLvU+q545UQ1UMJDoJfniLsQty7ciaq3PgRgvL4Gm+5HNRQIniotdEIb8C4soT40 px5oFtjaDFdLCztAfqe/OTM+TWxuKC1FceyScyR9GJ06dfmcUySStbwQN2jDwRwN cRImnCtjkr97I/xXZ4osDGZKz4x8oHhOv2AgU0YJEtR8nnO16i+9m9RwlnYjcwik +PuDCwF9IZAPDzgKLKCoMQSNKErPWjOSq6q0e1ollqhd8wADuyVGvhMzvmmx42Cw 99p/fMRZKQbF/z6HN5MoquQPCJoD5FdCEocCAwEAAaOCAfMwggHvMB0GA1UdDgQW BBQChhjCcBxLwowyIaXB7nLkFUZK8TAfBgNVHSMEGDAWgBQirvlyWPaj/LSXzhpx p6kYKNwjOTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMF0GA1UdHwRWMFQwUqBQ oE6GTHJzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC8zNDE4 L0lxNzVjbGoyb195MGw4NGFjYWVwR0NqY0l6ay5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvSXE3NWNsajJvX3kwbDg0YWNhZXBHQ2pjSXprLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZ0GCCsGAQUFBwELBIGQMIGNMFgGCCsGAQUFBzALhkxyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzQxOC9Bb1lZd25BY1M4S01N aUdsd2U1eTVCVkdTdkUucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25u aWMuY24vcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQBkE+UMA0GCSqGSIb3DQEBCwUAA4IBAQAVgdnTpX6nyF6QGJ+E/cOmAsO6OKf6 dvooKq0qf+JCGH+Up5bUcgn6k+/R6+FcolLCYeSHWNZ7UPN4FIVHSgiyJnrVxoeP Liteca01+mTGmUaW0n7I0K7kbNtIJH/dG2OYyO9Q2P8qix7Hq8hA5+SuWpvRoEN1 BKxNu+p8YMFUuBc5g24gT4uLQ/kPYNjD2J9BKbxkdK6KKl9EzqxJVgeDwYBnLGFw XMhgDDk/1BP8qdOK45xmdQNzcuFt7LDKEsGFROA1P2YujTtEEp0dz7RdM7KAYZ5u ArBl8YprizLHHXYOKjvOfdHLLXY8IAd2Fa/ec2uBynKxmMKPK4troGGA -----END CERTIFICATE-----Generated at Mon Mar 2 13:12:22 2026 by rpki-client