$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/357/HjQoiWdSark1Vq_WBRravxkv_Pg.roa File: HjQoiWdSark1Vq_WBRravxkv_Pg.roa (raw, json) Hash identifier: XBR6XXXcZGbdzil4gB51pnfrtY7dwGqHOJqSoNbHj+o= Subject key identifier: 1E:34:28:89:67:52:6A:B9:35:56:AF:D6:05:1A:DA:BF:19:2F:FC:F8 Certificate issuer: /CN=B3BA6AEF3B8FA2E5D9B5E43438E0020D426A1ECA Certificate serial: 1C97 Authority key identifier: B3:BA:6A:EF:3B:8F:A2:E5:D9:B5:E4:34:38:E0:02:0D:42:6A:1E:CA Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/s7pq7zuPouXZteQ0OOACDUJqHso.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/357/HjQoiWdSark1Vq_WBRravxkv_Pg.roa Signing time: Thu 26 Feb 2026 04:18:20 +0000 ROA not before: Thu 26 Feb 2026 04:18:20 +0000 ROA not after: Sat 09 Jan 2027 08:23:18 +0000 asID: 37963 IP address blocks: 2407:bc00::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/357/s7pq7zuPouXZteQ0OOACDUJqHso.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/357/s7pq7zuPouXZteQ0OOACDUJqHso.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/s7pq7zuPouXZteQ0OOACDUJqHso.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 02 Mar 2026 10:59:44 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7319 (0x1c97) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=B3BA6AEF3B8FA2E5D9B5E43438E0020D426A1ECA Validity Not Before: Feb 26 04:18:20 2026 GMT Not After : Jan 9 08:23:18 2027 GMT Subject: CN=1E34288967526AB93556AFD6051ADABF192FFCF8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:da:e8:fa:51:d1:8a:55:24:67:86:e6:94:58:bc: 06:2b:dc:5d:bd:f5:e9:a6:be:90:c6:ae:d2:b8:2a: 8d:71:1d:81:e0:77:24:51:61:7b:16:18:5b:1e:ab: 1b:60:6c:50:79:c2:be:c6:48:56:8c:81:8d:5e:d6: da:ea:8c:93:2f:90:57:e9:3c:14:04:36:86:7d:ce: e0:54:bf:38:f2:ce:ae:71:9e:c8:3a:66:94:54:b9: 8c:75:a7:09:67:9c:d3:89:16:0f:5e:30:a3:31:b7: 00:44:92:c9:40:38:65:40:8c:41:96:bd:60:e3:52: 45:7e:15:b1:5b:1b:0b:b5:86:2a:c4:0b:ca:f5:99: f1:6d:83:da:d7:bb:d0:19:d7:f8:69:85:72:ba:99: 2f:8c:e8:f3:2e:ee:47:21:80:92:bb:85:a9:59:b0: 0c:a3:56:8e:21:12:d1:d3:58:83:05:07:82:19:57: f5:3a:0e:58:92:b3:ee:46:12:5f:dd:79:00:9c:b4: 0a:a4:80:59:5d:79:4c:af:2f:71:9f:b1:28:18:82: 91:6b:6b:06:3b:5f:d8:7c:21:33:b6:a7:ca:b4:b7: 44:e5:cd:c0:a7:d3:5d:0e:8d:63:79:3e:64:ee:40: f3:26:b4:c4:ab:c3:af:7f:2d:93:51:2e:7c:f3:c6: 16:cb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1E:34:28:89:67:52:6A:B9:35:56:AF:D6:05:1A:DA:BF:19:2F:FC:F8 X509v3 Authority Key Identifier: keyid:B3:BA:6A:EF:3B:8F:A2:E5:D9:B5:E4:34:38:E0:02:0D:42:6A:1E:CA X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/357/s7pq7zuPouXZteQ0OOACDUJqHso.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/s7pq7zuPouXZteQ0OOACDUJqHso.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/357/HjQoiWdSark1Vq_WBRravxkv_Pg.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2407:bc00::/32 Signature Algorithm: sha256WithRSAEncryption 74:e1:82:69:8e:c2:eb:5e:6e:f2:02:81:78:b7:4a:96:d6:42: 3d:f2:6e:c1:57:8e:72:f1:ca:20:e9:31:02:be:c2:5a:d7:e0: 88:92:78:60:38:9b:e8:ea:09:73:3f:d7:f3:53:e5:be:15:08: 77:cb:32:ad:03:fd:95:bf:50:71:9d:f5:91:a1:fe:43:b4:e9: 5c:1a:8c:38:a3:5a:8d:f1:21:70:59:72:27:d3:e2:83:6c:92: 9c:ca:d8:99:68:af:c6:b0:1e:0d:44:f6:4c:8b:8e:a0:5c:ba: fe:46:2f:96:00:ba:6a:c6:2f:8d:6a:da:c1:b1:7e:96:53:fd: 65:77:97:61:63:8c:b0:b8:85:9b:0d:7a:5e:e7:8b:5b:75:3d: 6d:6a:f8:df:0e:a3:50:15:fb:6c:4b:f7:a0:68:e8:78:90:c1: b1:e2:c4:8f:26:fd:f6:ca:fa:91:8e:85:ed:71:d5:9e:b1:b9: 60:28:df:a2:09:c4:de:4b:0b:16:e8:a1:0d:84:2c:e6:be:73: 7a:fd:a3:9a:55:44:b4:9c:2a:6b:a9:a0:8a:86:5d:e2:e9:53: 7f:d9:e9:ba:04:f5:3e:05:f1:55:a7:52:91:a1:49:6c:45:09: c0:1c:aa:fb:15:37:7c:b4:b2:5b:ec:be:c8:18:03:a5:60:4f: 12:aa:f4:66 -----BEGIN CERTIFICATE----- MIIE1jCCA76gAwIBAgICHJcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQjNC QTZBRUYzQjhGQTJFNUQ5QjVFNDM0MzhFMDAyMEQ0MjZBMUVDQTAeFw0yNjAyMjYw NDE4MjBaFw0yNzAxMDkwODIzMThaMDMxMTAvBgNVBAMTKDFFMzQyODg5Njc1MjZB QjkzNTU2QUZENjA1MUFEQUJGMTkyRkZDRjgwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDa6PpR0YpVJGeG5pRYvAYr3F299emmvpDGrtK4Ko1xHYHgdyRR YXsWGFseqxtgbFB5wr7GSFaMgY1e1trqjJMvkFfpPBQENoZ9zuBUvzjyzq5xnsg6 ZpRUuYx1pwlnnNOJFg9eMKMxtwBEkslAOGVAjEGWvWDjUkV+FbFbGwu1hirEC8r1 mfFtg9rXu9AZ1/hphXK6mS+M6PMu7kchgJK7halZsAyjVo4hEtHTWIMFB4IZV/U6 DliSs+5GEl/deQCctAqkgFldeUyvL3GfsSgYgpFrawY7X9h8ITO2p8q0t0TlzcCn 010OjWN5PmTuQPMmtMSrw69/LZNRLnzzxhbLAgMBAAGjggHyMIIB7jAdBgNVHQ4E FgQUHjQoiWdSark1Vq/WBRravxkv/PgwHwYDVR0jBBgwFoAUs7pq7zuPouXZteQ0 OOACDUJqHsowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzU3 L3M3cHE3enVQb3VYWnRlUTBPT0FDRFVKcUhzby5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvczdwcTd6dVBvdVhadGVRME9PQUNEVUpxSHNvLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzU3L0hqUW9pV2RTYXJrMVZx X1dCUnJhdnhrdl9QZy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcD BQAkB7wAMA0GCSqGSIb3DQEBCwUAA4IBAQB04YJpjsLrXm7yAoF4t0qW1kI98m7B V45y8cog6TECvsJa1+CIknhgOJvo6glzP9fzU+W+FQh3yzKtA/2Vv1BxnfWRof5D tOlcGow4o1qN8SFwWXIn0+KDbJKcytiZaK/GsB4NRPZMi46gXLr+Ri+WALpqxi+N atrBsX6WU/1ld5dhY4ywuIWbDXpe54tbdT1tavjfDqNQFftsS/egaOh4kMGx4sSP Jv32yvqRjoXtcdWesblgKN+iCcTeSwsW6KENhCzmvnN6/aOaVUS0nCprqaCKhl3i 6VN/2em6BPU+BfFVp1KRoUlsRQnAHKr7FTd8tLJb7L7IGAOlYE8SqvRm -----END CERTIFICATE-----Generated at Mon Mar 2 08:23:25 2026 by rpki-client