$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/399/IhwD_HdHHb_P7IOTPaMoIKmOuu4.roa File: IhwD_HdHHb_P7IOTPaMoIKmOuu4.roa (raw, json) Hash identifier: 258bd+fJcXM+4xojCm+tVOzormKUhrA/sZBMd+vBO7I= Subject key identifier: 22:1C:03:FC:77:47:1D:BF:CF:EC:83:93:3D:A3:28:20:A9:8E:BA:EE Certificate issuer: /CN=51C4C1D52D2E3FE6BF3D9BF1B3D6924B49C5D4E5 Certificate serial: 4F76 Authority key identifier: 51:C4:C1:D5:2D:2E:3F:E6:BF:3D:9B:F1:B3:D6:92:4B:49:C5:D4:E5 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/UcTB1S0uP-a_PZvxs9aSS0nF1OU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/399/IhwD_HdHHb_P7IOTPaMoIKmOuu4.roa Signing time: Mon 26 Jan 2026 06:54:53 +0000 ROA not before: Mon 26 Jan 2026 06:54:53 +0000 ROA not after: Sat 09 Jan 2027 08:23:18 +0000 asID: 132203 IP address blocks: 203.205.137.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/399/UcTB1S0uP-a_PZvxs9aSS0nF1OU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/399/UcTB1S0uP-a_PZvxs9aSS0nF1OU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/UcTB1S0uP-a_PZvxs9aSS0nF1OU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 02 Mar 2026 13:30:24 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 20342 (0x4f76) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=51C4C1D52D2E3FE6BF3D9BF1B3D6924B49C5D4E5 Validity Not Before: Jan 26 06:54:53 2026 GMT Not After : Jan 9 08:23:18 2027 GMT Subject: CN=221C03FC77471DBFCFEC83933DA32820A98EBAEE Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:17:e8:51:2e:1f:62:a6:30:b9:d1:c9:01:ba: 52:ed:6f:2c:78:5e:0f:33:a2:a0:2c:d6:c6:23:ef: 95:d5:ad:8b:84:56:d3:ec:1a:47:fd:e5:4d:4a:50: 1a:ea:36:d7:1c:c1:b0:f4:0e:02:2b:bf:82:b8:87: 08:6d:cc:52:d6:ca:51:bb:39:06:72:dd:3b:96:cf: c1:7a:c6:f9:81:83:4f:af:0a:57:36:90:52:71:10: 9c:56:e8:44:34:ed:40:0b:95:9d:ce:77:fe:eb:fd: 07:7d:28:29:46:af:00:73:ee:14:74:ae:67:94:de: 18:da:0f:f9:b2:6f:b5:80:08:71:2d:ec:a8:6e:31: 7f:09:52:a5:a5:03:46:cb:db:22:f1:4b:28:7a:98: 8c:5f:2d:52:0d:ac:b3:1d:f8:9e:f1:e0:b1:a7:35: 42:ca:0b:f3:2f:be:e4:65:15:30:5c:b4:48:45:03: 99:b8:30:fb:72:d8:71:d7:49:62:01:a1:10:3a:02: a6:bb:df:59:72:59:13:52:ea:26:01:d8:ab:e7:d2: d0:10:db:27:f3:99:bb:8d:b3:69:75:c5:ea:58:5c: 55:bb:ca:a6:35:9f:19:64:0b:02:9f:f4:d3:2a:c4: 08:ba:76:21:01:39:78:20:31:85:73:9a:0d:19:77: 9f:13 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 22:1C:03:FC:77:47:1D:BF:CF:EC:83:93:3D:A3:28:20:A9:8E:BA:EE X509v3 Authority Key Identifier: keyid:51:C4:C1:D5:2D:2E:3F:E6:BF:3D:9B:F1:B3:D6:92:4B:49:C5:D4:E5 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/399/UcTB1S0uP-a_PZvxs9aSS0nF1OU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/UcTB1S0uP-a_PZvxs9aSS0nF1OU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/399/IhwD_HdHHb_P7IOTPaMoIKmOuu4.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 203.205.137.0/24 Signature Algorithm: sha256WithRSAEncryption 06:0b:27:b7:9d:89:1c:75:7a:13:ee:2d:61:4e:c4:ec:19:86: 40:e9:8b:2d:4e:53:9b:b9:31:5f:7e:b5:f8:35:e8:1f:47:5c: ef:c5:1c:63:7d:8b:b2:d0:fc:e9:69:3f:73:55:fd:97:21:d0: 38:5a:d2:77:1f:4a:94:d2:b1:19:fb:94:21:00:2e:78:f4:72: b1:e2:14:0c:7c:e5:82:3d:3e:a0:5a:03:29:5c:d8:cf:5b:4f: 00:ef:62:c4:8b:f6:12:80:0a:aa:f9:c7:1c:97:22:05:91:f9: 85:4f:84:31:df:f2:fe:d7:dc:09:1c:07:8a:13:6a:50:c1:90: 26:86:47:fa:63:ce:bf:28:67:e7:5a:90:7c:e1:84:46:b8:87: ca:72:f6:18:c0:50:7e:a8:95:3c:29:eb:19:1c:1e:8a:cb:8c: 91:3f:97:63:95:19:78:dd:d9:b5:d9:d2:b1:07:56:59:aa:db: 0f:5e:86:ea:cd:c2:ba:d4:39:0f:89:bc:75:a4:28:3e:a4:30: cf:b0:ca:bd:8f:41:16:96:8c:84:3d:7a:9f:a2:20:83:af:50: 14:f0:1e:03:e5:35:e7:c4:9b:6d:0f:da:77:6d:5b:56:1b:90: 64:08:24:28:a2:20:60:a3:e8:c7:77:e7:43:39:fe:d1:c8:76: cb:c9:63:bf -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICT3YwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNTFD NEMxRDUyRDJFM0ZFNkJGM0Q5QkYxQjNENjkyNEI0OUM1RDRFNTAeFw0yNjAxMjYw NjU0NTNaFw0yNzAxMDkwODIzMThaMDMxMTAvBgNVBAMTKDIyMUMwM0ZDNzc0NzFE QkZDRkVDODM5MzNEQTMyODIwQTk4RUJBRUUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC4F+hRLh9ipjC50ckBulLtbyx4Xg8zoqAs1sYj75XVrYuEVtPs Gkf95U1KUBrqNtccwbD0DgIrv4K4hwhtzFLWylG7OQZy3TuWz8F6xvmBg0+vClc2 kFJxEJxW6EQ07UALlZ3Od/7r/Qd9KClGrwBz7hR0rmeU3hjaD/myb7WACHEt7Khu MX8JUqWlA0bL2yLxSyh6mIxfLVINrLMd+J7x4LGnNULKC/MvvuRlFTBctEhFA5m4 MPty2HHXSWIBoRA6Aqa731lyWRNS6iYB2Kvn0tAQ2yfzmbuNs2l1xepYXFW7yqY1 nxlkCwKf9NMqxAi6diEBOXggMYVzmg0Zd58TAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUIhwD/HdHHb/P7IOTPaMoIKmOuu4wHwYDVR0jBBgwFoAUUcTB1S0uP+a/PZvx s9aSS0nF1OUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzk5 L1VjVEIxUzB1UC1hX1BadnhzOWFTUzBuRjFPVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvVWNUQjFTMHVQLWFfUFp2eHM5YVNTMG5GMU9VLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzk5L0lod0RfSGRISGJfUDdJ T1RQYU1vSUttT3V1NC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BADLzYkwDQYJKoZIhvcNAQELBQADggEBAAYLJ7ediRx1ehPuLWFOxOwZhkDpiy1O U5u5MV9+tfg16B9HXO/FHGN9i7LQ/OlpP3NV/Zch0Dha0ncfSpTSsRn7lCEALnj0 crHiFAx85YI9PqBaAylc2M9bTwDvYsSL9hKACqr5xxyXIgWR+YVPhDHf8v7X3Akc B4oTalDBkCaGR/pjzr8oZ+dakHzhhEa4h8py9hjAUH6olTwp6xkcHorLjJE/l2OV GXjd2bXZ0rEHVlmq2w9ehurNwrrUOQ+JvHWkKD6kMM+wyr2PQRaWjIQ9ep+iIIOv UBTwHgPlNefEm20P2ndtW1YbkGQIJCiiIGCj6Md350M5/tHIdsvJY78= -----END CERTIFICATE-----Generated at Mon Mar 2 13:10:53 2026 by rpki-client