$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1646/5fZHLT3DwaPtOIKpd7uul75gE4w.roa File: 5fZHLT3DwaPtOIKpd7uul75gE4w.roa (raw, json) Hash identifier: kuPo67k9R4XSd7ql3/KGOTV7vsX1Q5zmKuRLHo1K2Rs= Subject key identifier: E5:F6:47:2D:3D:C3:C1:A3:ED:38:82:A9:77:BB:AE:97:BE:60:13:8C Certificate issuer: /CN=1619C986780A13F380FE45EDC28EF4C842884843 Certificate serial: 0161 Authority key identifier: 16:19:C9:86:78:0A:13:F3:80:FE:45:ED:C2:8E:F4:C8:42:88:48:43 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/FhnJhngKE_OA_kXtwo70yEKISEM.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1646/5fZHLT3DwaPtOIKpd7uul75gE4w.roa Signing time: Tue 03 Mar 2026 09:17:45 +0000 ROA not before: Tue 03 Mar 2026 09:17:45 +0000 ROA not after: Sat 09 Jan 2027 08:23:18 +0000 asID: 135629 IP address blocks: 69.230.192.0/18 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1646/FhnJhngKE_OA_kXtwo70yEKISEM.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1646/FhnJhngKE_OA_kXtwo70yEKISEM.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/FhnJhngKE_OA_kXtwo70yEKISEM.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 12 Mar 2026 15:01:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 353 (0x161) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1619C986780A13F380FE45EDC28EF4C842884843 Validity Not Before: Mar 3 09:17:45 2026 GMT Not After : Jan 9 08:23:18 2027 GMT Subject: CN=E5F6472D3DC3C1A3ED3882A977BBAE97BE60138C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:a2:a0:30:f1:b8:5b:ce:a5:aa:68:50:15:4e: df:07:ad:31:58:8d:1d:19:b4:6e:ed:c1:66:9b:2e: aa:7d:8d:14:9a:37:f5:4a:ec:68:22:53:4f:34:7e: 3e:ea:56:89:05:31:52:47:87:3b:39:e1:69:7a:b0: 0a:57:8e:b1:61:99:a4:6f:cb:b9:a6:99:3a:49:a4: 98:f2:e3:4c:a6:7b:30:26:82:cb:29:33:c2:60:7a: c7:ac:a9:87:8e:29:e5:58:21:b7:02:b1:4b:98:4b: 6a:05:da:69:22:ee:99:d8:0c:4b:cf:19:20:e5:1b: 50:e9:ca:9b:71:07:22:d6:e2:24:2a:e7:4b:bd:12: 89:1d:24:d4:07:9e:eb:c7:fe:5e:85:a8:6c:a9:1e: 6e:82:4b:01:ce:27:47:0b:37:01:62:09:e9:e4:e0: 25:5b:c4:2c:55:1d:a5:09:8d:ca:ca:64:9e:c1:25: ca:53:86:17:09:74:a1:45:58:05:b3:b3:66:a9:ef: 20:bd:97:18:38:52:6e:0c:c2:7e:cf:4f:4f:90:b4: c1:61:c1:c1:97:0e:bb:ae:dd:e7:65:bc:71:a6:d6: aa:99:25:47:f3:02:29:0a:67:9c:c4:c8:00:2d:e0: 70:f2:1f:9c:de:54:23:33:55:eb:5f:6f:21:da:14: a9:53 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E5:F6:47:2D:3D:C3:C1:A3:ED:38:82:A9:77:BB:AE:97:BE:60:13:8C X509v3 Authority Key Identifier: keyid:16:19:C9:86:78:0A:13:F3:80:FE:45:ED:C2:8E:F4:C8:42:88:48:43 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1646/FhnJhngKE_OA_kXtwo70yEKISEM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/FhnJhngKE_OA_kXtwo70yEKISEM.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1646/5fZHLT3DwaPtOIKpd7uul75gE4w.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 69.230.192.0/18 Signature Algorithm: sha256WithRSAEncryption 77:c6:24:3d:ad:0b:4c:45:b1:1e:00:77:4b:5d:30:0f:8c:92: 18:f6:94:87:e9:d1:bc:4f:a2:25:6f:60:24:27:65:03:10:8f: 81:c0:da:46:9d:2c:63:93:4f:70:f9:f0:48:a9:29:b1:d4:66: e4:cd:3e:7c:af:98:16:7d:39:8e:48:d3:31:00:8c:be:e0:83: d5:4c:bb:ba:98:b0:cc:b5:d1:a8:5e:00:da:fa:78:4a:3a:8f: d5:ff:b7:ed:70:ee:b6:91:55:89:bf:fa:96:62:be:fb:b2:29: 5f:25:15:05:44:39:37:02:15:08:e4:04:e2:a1:29:38:43:fd: e3:ee:a4:14:01:16:05:08:96:30:57:d9:d8:01:aa:40:bf:b6: 2d:81:11:80:7c:ef:ae:0a:a1:03:6e:29:1a:c9:70:2c:4d:4e: 8d:42:cc:cc:f9:bf:1b:13:81:5f:93:13:f5:e5:f9:c9:13:ef: 86:07:14:47:58:b5:82:27:c7:a8:cc:9b:00:1e:50:dd:98:00: f2:e1:82:01:70:0f:d6:b3:cb:f0:ac:38:64:87:36:cd:9d:1b: 77:f9:ac:1c:8b:16:b1:8f:06:ae:6f:ab:9c:67:34:3c:bd:52: 0f:62:dc:0a:58:99:be:0a:39:6c:11:2a:17:e8:ae:21:c5:b2: 3b:60:db:78 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICAWEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMTYx OUM5ODY3ODBBMTNGMzgwRkU0NUVEQzI4RUY0Qzg0Mjg4NDg0MzAeFw0yNjAzMDMw OTE3NDVaFw0yNzAxMDkwODIzMThaMDMxMTAvBgNVBAMTKEU1RjY0NzJEM0RDM0Mx QTNFRDM4ODJBOTc3QkJBRTk3QkU2MDEzOEMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDJoqAw8bhbzqWqaFAVTt8HrTFYjR0ZtG7twWabLqp9jRSaN/VK 7GgiU080fj7qVokFMVJHhzs54Wl6sApXjrFhmaRvy7mmmTpJpJjy40ymezAmgssp M8JgesesqYeOKeVYIbcCsUuYS2oF2mki7pnYDEvPGSDlG1DpyptxByLW4iQq50u9 EokdJNQHnuvH/l6FqGypHm6CSwHOJ0cLNwFiCenk4CVbxCxVHaUJjcrKZJ7BJcpT hhcJdKFFWAWzs2ap7yC9lxg4Um4Mwn7PT0+QtMFhwcGXDruu3edlvHGm1qqZJUfz AikKZ5zEyAAt4HDyH5zeVCMzVetfbyHaFKlTAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQU5fZHLT3DwaPtOIKpd7uul75gE4wwHwYDVR0jBBgwFoAUFhnJhngKE/OA/kXt wo70yEKISEMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTY0 Ni9GaG5KaG5nS0VfT0Ffa1h0d283MHlFS0lTRU0uY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0ZobkpobmdLRV9PQV9rWHR3bzcweUVLSVNFTS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzE2NDYvNWZaSExUM0R3YVB0 T0lLcGQ3dXVsNzVnRTR3LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEBkXmwDANBgkqhkiG9w0BAQsFAAOCAQEAd8YkPa0LTEWxHgB3S10wD4ySGPaU h+nRvE+iJW9gJCdlAxCPgcDaRp0sY5NPcPnwSKkpsdRm5M0+fK+YFn05jkjTMQCM vuCD1Uy7upiwzLXRqF4A2vp4SjqP1f+37XDutpFVib/6lmK++7IpXyUVBUQ5NwIV COQE4qEpOEP94+6kFAEWBQiWMFfZ2AGqQL+2LYERgHzvrgqhA24pGslwLE1OjULM zPm/GxOBX5MT9eX5yRPvhgcUR1i1gifHqMybAB5Q3ZgA8uGCAXAP1rPL8Kw4ZIc2 zZ0bd/msHIsWsY8Grm+rnGc0PL1SD2LcCliZvgo5bBEqF+iuIcWyO2DbeA== -----END CERTIFICATE-----Generated at Thu Mar 12 13:51:14 2026 by rpki-client