$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/413/MBWRWa8nOAOHIRg9M77XIm5lbQg.roa File: MBWRWa8nOAOHIRg9M77XIm5lbQg.roa (raw, json) Hash identifier: K6PfFV97C6YDtmZm/8r+FoBWvLLS7dfIn4fZl32I/SE= Subject key identifier: 30:15:91:59:AF:27:38:03:87:21:18:3D:33:BE:D7:22:6E:65:6D:08 Certificate issuer: /CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA Certificate serial: 17CD Authority key identifier: C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/MBWRWa8nOAOHIRg9M77XIm5lbQg.roa Signing time: Mon 02 Feb 2026 02:50:45 +0000 ROA not before: Mon 02 Feb 2026 02:50:45 +0000 ROA not after: Fri 23 Oct 2026 03:01:03 +0000 asID: 399138 IP address blocks: 124.42.136.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/xlv1e9ybW-fZfg1lqkIise-qvqo.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/xlv1e9ybW-fZfg1lqkIise-qvqo.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 02 Mar 2026 13:28:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6093 (0x17cd) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA Validity Not Before: Feb 2 02:50:45 2026 GMT Not After : Oct 23 03:01:03 2026 GMT Subject: CN=30159159AF2738038721183D33BED7226E656D08 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:26:1d:38:37:44:5c:13:8a:5b:3f:91:1b:ab: 8c:52:96:79:e7:6a:34:4c:6b:30:cb:3a:cc:f3:3f: 0a:7b:98:5b:50:fe:ea:f6:c7:12:26:04:52:c6:87: 46:7e:02:fe:22:99:f2:0b:a3:24:fa:30:5e:95:16: 36:a8:e0:69:f5:92:bf:a0:e9:3f:e6:fd:bb:bc:c0: c6:e4:d4:d1:ac:4c:76:ad:0a:ae:62:30:d1:6e:dc: 42:8e:4b:ef:48:1a:26:25:78:5d:a9:0c:09:8a:ba: b5:36:76:ab:ca:38:ab:44:a7:09:50:6e:a4:fb:42: b3:6b:42:81:2e:bb:32:d6:3b:bb:ca:62:15:0d:0a: 29:6c:75:72:1d:c4:91:c7:7b:9f:c2:31:17:3f:0d: b2:6e:04:57:c8:14:9c:e4:e3:12:fb:5f:18:79:92: 02:87:d0:bc:a2:8a:7b:71:f1:9c:5a:06:af:2e:64: 1b:c3:c7:fd:e1:f8:35:b7:e9:09:80:62:34:5a:da: 8d:a0:da:d3:4d:d5:06:64:9b:64:52:b9:c4:e4:f2: 14:a9:12:6f:e5:01:35:4f:63:be:da:f3:13:fb:3d: c8:6d:2a:48:6b:0b:99:9b:21:ec:4b:37:1e:1c:8a: 95:d8:72:1b:9f:e4:4f:eb:78:47:d2:0a:70:c2:e0: d6:89 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 30:15:91:59:AF:27:38:03:87:21:18:3D:33:BE:D7:22:6E:65:6D:08 X509v3 Authority Key Identifier: keyid:C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/xlv1e9ybW-fZfg1lqkIise-qvqo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/MBWRWa8nOAOHIRg9M77XIm5lbQg.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 124.42.136.0/22 Signature Algorithm: sha256WithRSAEncryption 3c:a0:d9:d4:eb:2a:1e:84:71:f5:c6:7f:dd:5d:36:3f:a7:4d: 74:c7:57:e9:40:f3:49:dd:0c:ee:60:6b:3d:ec:8f:1b:75:e8: ad:6f:47:e3:de:4a:4a:e0:f0:e1:15:01:39:94:2e:ad:d9:c9: 4c:d6:34:a5:10:af:e4:e6:cd:2a:ed:15:a9:14:4b:47:3c:58: 3d:00:a7:08:60:6a:a5:15:05:1d:c9:66:bf:fd:4d:88:25:24: 64:1d:47:2a:1b:bf:2c:8e:74:3f:13:c1:1f:f9:6e:1b:6a:77: 33:4b:17:67:b1:ab:78:f0:cc:aa:13:18:6e:02:e2:f2:08:af: a5:6f:86:c5:5d:0b:7c:80:06:7e:71:74:ca:71:22:cf:43:e7: 82:f0:4f:30:5c:3f:17:9f:9d:cc:fe:ab:76:56:09:43:9b:0c: 96:e0:2a:81:5b:d7:36:6d:5a:6e:a9:3a:32:de:18:79:2d:ae: 59:41:f8:ff:a2:6c:34:6a:c9:f3:96:5d:1f:e8:32:3d:4d:c7: 33:45:df:18:f2:17:f3:92:67:dc:a9:10:12:47:b2:46:c6:4a: 96:e5:d3:e5:3f:6d:e7:a3:08:06:0a:c4:62:eb:30:45:6f:92: 2c:3f:e2:62:93:a2:12:9e:78:b9:65:47:c7:cb:6c:dc:64:b2: 55:50:db:1e -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICF80wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzY1 QkY1N0JEQzlCNUJFN0Q5N0UwRDY1QUE0MjIyQjFFRkFBQkVBQTAeFw0yNjAyMDIw MjUwNDVaFw0yNjEwMjMwMzAxMDNaMDMxMTAvBgNVBAMTKDMwMTU5MTU5QUYyNzM4 MDM4NzIxMTgzRDMzQkVENzIyNkU2NTZEMDgwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDAJh04N0RcE4pbP5Ebq4xSlnnnajRMazDLOszzPwp7mFtQ/ur2 xxImBFLGh0Z+Av4imfILoyT6MF6VFjao4Gn1kr+g6T/m/bu8wMbk1NGsTHatCq5i MNFu3EKOS+9IGiYleF2pDAmKurU2dqvKOKtEpwlQbqT7QrNrQoEuuzLWO7vKYhUN CilsdXIdxJHHe5/CMRc/DbJuBFfIFJzk4xL7Xxh5kgKH0Lyiintx8ZxaBq8uZBvD x/3h+DW36QmAYjRa2o2g2tNN1QZkm2RSucTk8hSpEm/lATVPY77a8xP7PchtKkhr C5mbIexLNx4cipXYchuf5E/reEfSCnDC4NaJAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUMBWRWa8nOAOHIRg9M77XIm5lbQgwHwYDVR0jBBgwFoAUxlv1e9ybW+fZfg1l qkIise+qvqowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEz L3hsdjFlOXliVy1mWmZnMWxxa0lpc2UtcXZxby5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAveGx2MWU5eWJXLWZaZmcxbHFrSWlzZS1xdnFvLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEzL01CV1JXYThuT0FPSElS ZzlNNzdYSW01bGJRZy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAJ8KogwDQYJKoZIhvcNAQELBQADggEBADyg2dTrKh6EcfXGf91dNj+nTXTHV+lA 80ndDO5gaz3sjxt16K1vR+PeSkrg8OEVATmULq3ZyUzWNKUQr+TmzSrtFakUS0c8 WD0ApwhgaqUVBR3JZr/9TYglJGQdRyobvyyOdD8TwR/5bhtqdzNLF2exq3jwzKoT GG4C4vIIr6VvhsVdC3yABn5xdMpxIs9D54LwTzBcPxefncz+q3ZWCUObDJbgKoFb 1zZtWm6pOjLeGHktrllB+P+ibDRqyfOWXR/oMj1NxzNF3xjyF/OSZ9ypEBJHskbG Spbl0+U/beejCAYKxGLrMEVvkiw/4mKTohKeeLllR8fLbNxkslVQ2x4= -----END CERTIFICATE-----Generated at Mon Mar 2 13:10:21 2026 by rpki-client