$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2889/MiXQWz4bAKLej3UXD7mJ0zUbWU8.roa File: MiXQWz4bAKLej3UXD7mJ0zUbWU8.roa (raw, json) Hash identifier: Rez9UnU+HmL6iBYkHp44DZ2hyEVCrlcqYS5/ZqQdOmo= Subject key identifier: 32:25:D0:5B:3E:1B:00:A2:DE:8F:75:17:0F:B9:89:D3:35:1B:59:4F Certificate issuer: /CN=A93A86712684A72E5DF41F00AFA04C5F01A97735 Certificate serial: 230C Authority key identifier: A9:3A:86:71:26:84:A7:2E:5D:F4:1F:00:AF:A0:4C:5F:01:A9:77:35 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/qTqGcSaEpy5d9B8Ar6BMXwGpdzU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2889/MiXQWz4bAKLej3UXD7mJ0zUbWU8.roa Signing time: Mon 26 Jan 2026 06:54:25 +0000 ROA not before: Mon 26 Jan 2026 06:54:25 +0000 ROA not after: Sat 09 Jan 2027 08:23:18 +0000 asID: 139021 IP address blocks: 43.250.116.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2889/qTqGcSaEpy5d9B8Ar6BMXwGpdzU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2889/qTqGcSaEpy5d9B8Ar6BMXwGpdzU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/qTqGcSaEpy5d9B8Ar6BMXwGpdzU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 20 Feb 2026 05:59:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8972 (0x230c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A93A86712684A72E5DF41F00AFA04C5F01A97735 Validity Not Before: Jan 26 06:54:25 2026 GMT Not After : Jan 9 08:23:18 2027 GMT Subject: CN=3225D05B3E1B00A2DE8F75170FB989D3351B594F Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:9e:94:c6:30:4b:83:59:88:2d:19:1f:d8:9a: 42:43:7b:46:44:6f:3c:bd:06:1a:6d:37:42:61:0b: 6c:b9:36:d9:fa:80:c3:65:0d:dd:2d:d9:b9:09:7a: d4:e9:0f:c7:65:a6:30:4b:ce:ec:1a:5a:49:ca:3e: 7a:96:fb:0b:92:93:1b:79:35:98:4d:fb:2a:f0:69: fe:8b:95:1e:b2:79:5c:1b:88:f0:30:24:62:51:3e: d6:8d:db:d1:73:5d:54:3f:c4:10:aa:c8:6a:48:da: 19:c4:be:99:29:f9:fd:6b:7e:68:e4:b5:41:75:0f: 48:c3:fc:ca:77:bb:5a:32:82:0b:a2:c9:81:38:63: 94:85:7b:57:f8:ae:c7:af:b4:70:6c:90:3a:18:b4: 07:92:d2:95:3a:c9:ed:b9:4b:8a:f7:b0:ad:f9:30: e5:1e:2b:fe:81:02:7a:d6:25:35:d4:f1:1c:25:fc: 94:87:5c:5f:a3:36:93:30:0a:0e:40:32:f8:bb:69: 19:8e:04:b2:b0:8d:ee:aa:ad:db:ff:78:32:20:82: 07:13:e5:eb:c5:04:05:f4:c5:b6:8b:d3:7c:51:bf: 44:ea:bc:04:b1:95:9c:eb:0a:1d:03:3e:96:39:35: 4b:40:78:03:b5:4d:58:92:10:0c:1c:34:7f:60:68: f4:87 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 32:25:D0:5B:3E:1B:00:A2:DE:8F:75:17:0F:B9:89:D3:35:1B:59:4F X509v3 Authority Key Identifier: keyid:A9:3A:86:71:26:84:A7:2E:5D:F4:1F:00:AF:A0:4C:5F:01:A9:77:35 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2889/qTqGcSaEpy5d9B8Ar6BMXwGpdzU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/qTqGcSaEpy5d9B8Ar6BMXwGpdzU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2889/MiXQWz4bAKLej3UXD7mJ0zUbWU8.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 43.250.116.0/22 Signature Algorithm: sha256WithRSAEncryption 64:91:45:08:fe:be:28:c9:79:85:7d:dc:54:7b:c9:cc:73:78: dd:21:9b:dd:3e:bf:f5:4b:9c:eb:93:31:aa:a0:7d:06:30:86: af:7a:f5:c6:d0:de:15:f6:99:6a:34:ca:87:e6:8d:52:a1:fd: d7:c1:ed:eb:2b:0e:0d:6f:82:87:35:11:39:a1:6c:1f:b5:ff: 41:83:a4:d6:20:d9:d6:ed:9c:4c:c7:eb:22:ec:de:4a:c4:c1: 0c:c2:d9:58:68:05:02:f4:ee:ec:7f:6f:29:e6:eb:38:c4:77: 46:a7:45:75:ff:b3:68:4e:dd:df:90:75:a7:17:65:69:8a:85: f7:01:7f:cb:5e:dd:47:69:09:bc:6f:62:53:e6:ef:b2:1b:37: 03:78:f6:4c:39:b7:67:df:1c:50:be:b2:d2:74:30:8f:d5:71: 79:5a:ad:fa:24:fd:6e:1f:f2:7b:6c:4e:2d:d5:38:9d:63:bf: 5e:17:33:c3:ef:33:03:ef:76:23:5c:b4:5b:41:94:0f:2a:10: 7b:04:2f:a8:93:dc:aa:1a:b9:d5:3f:df:ac:56:01:d8:e8:52: 93:0c:6b:bb:14:12:99:39:72:f1:16:3d:e6:34:93:dd:2c:8b: df:c7:63:dd:3a:31:73:00:03:36:cd:c7:4d:50:cb:f5:da:85: 11:6f:33:82 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICIwwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQTkz QTg2NzEyNjg0QTcyRTVERjQxRjAwQUZBMDRDNUYwMUE5NzczNTAeFw0yNjAxMjYw NjU0MjVaFw0yNzAxMDkwODIzMThaMDMxMTAvBgNVBAMTKDMyMjVEMDVCM0UxQjAw QTJERThGNzUxNzBGQjk4OUQzMzUxQjU5NEYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCrnpTGMEuDWYgtGR/YmkJDe0ZEbzy9BhptN0JhC2y5Ntn6gMNl Dd0t2bkJetTpD8dlpjBLzuwaWknKPnqW+wuSkxt5NZhN+yrwaf6LlR6yeVwbiPAw JGJRPtaN29FzXVQ/xBCqyGpI2hnEvpkp+f1rfmjktUF1D0jD/Mp3u1oygguiyYE4 Y5SFe1f4rsevtHBskDoYtAeS0pU6ye25S4r3sK35MOUeK/6BAnrWJTXU8Rwl/JSH XF+jNpMwCg5AMvi7aRmOBLKwje6qrdv/eDIgggcT5evFBAX0xbaL03xRv0TqvASx lZzrCh0DPpY5NUtAeAO1TViSEAwcNH9gaPSHAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUMiXQWz4bAKLej3UXD7mJ0zUbWU8wHwYDVR0jBBgwFoAUqTqGcSaEpy5d9B8A r6BMXwGpdzUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjg4 OS9xVHFHY1NhRXB5NWQ5QjhBcjZCTVh3R3BkelUuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL3FUcUdjU2FFcHk1ZDlCOEFyNkJNWHdHcGR6VS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI4ODkvTWlYUVd6NGJBS0xl ajNVWEQ3bUowelViV1U4LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAiv6dDANBgkqhkiG9w0BAQsFAAOCAQEAZJFFCP6+KMl5hX3cVHvJzHN43SGb 3T6/9Uuc65MxqqB9BjCGr3r1xtDeFfaZajTKh+aNUqH918Ht6ysODW+ChzUROaFs H7X/QYOk1iDZ1u2cTMfrIuzeSsTBDMLZWGgFAvTu7H9vKebrOMR3RqdFdf+zaE7d 35B1pxdlaYqF9wF/y17dR2kJvG9iU+bvshs3A3j2TDm3Z98cUL6y0nQwj9VxeVqt +iT9bh/ye2xOLdU4nWO/Xhczw+8zA+92I1y0W0GUDyoQewQvqJPcqhq51T/frFYB 2OhSkwxruxQSmTly8RY95jST3SyL38dj3ToxcwADNs3HTVDL9dqFEW8zgg== -----END CERTIFICATE-----Generated at Fri Feb 20 01:49:18 2026 by rpki-client