$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2048/1cfEcZ4-vFAqK8rRk0HKRl5oSRk.roa File: 1cfEcZ4-vFAqK8rRk0HKRl5oSRk.roa (raw, json) Hash identifier: jcHU4SMG/LFs1PMjAXJH6LggvyNmeTBJ9u2coCQ22os= Subject key identifier: D5:C7:C4:71:9E:3E:BC:50:2A:2B:CA:D1:93:41:CA:46:5E:68:49:19 Certificate issuer: /CN=4E25934FE8D89959425D1018EB121981DA250985 Certificate serial: 0D83 Authority key identifier: 4E:25:93:4F:E8:D8:99:59:42:5D:10:18:EB:12:19:81:DA:25:09:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/TiWTT-jYmVlCXRAY6xIZgdolCYU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2048/1cfEcZ4-vFAqK8rRk0HKRl5oSRk.roa Signing time: Mon 26 Jan 2026 06:54:13 +0000 ROA not before: Mon 26 Jan 2026 06:54:13 +0000 ROA not after: Fri 23 Oct 2026 03:01:03 +0000 asID: 151296 IP address blocks: 103.9.108.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2048/TiWTT-jYmVlCXRAY6xIZgdolCYU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2048/TiWTT-jYmVlCXRAY6xIZgdolCYU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/TiWTT-jYmVlCXRAY6xIZgdolCYU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 23 Feb 2026 07:28:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3459 (0xd83) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4E25934FE8D89959425D1018EB121981DA250985 Validity Not Before: Jan 26 06:54:13 2026 GMT Not After : Oct 23 03:01:03 2026 GMT Subject: CN=D5C7C4719E3EBC502A2BCAD19341CA465E684919 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d4:3d:f0:71:ff:89:f9:be:30:a5:ab:11:95:b9: 54:d2:97:d0:67:5b:70:e9:69:ee:b3:bb:10:e0:31: 00:99:47:30:e4:b5:cf:45:5d:c0:42:7b:11:6a:bf: 48:b0:07:e7:4b:c0:d3:b7:6d:e7:96:9e:5f:6c:c1: 90:ed:65:9d:ad:10:5f:87:2b:f5:33:3f:72:8c:e2: cc:ad:21:c9:7f:2a:c2:1e:e5:fc:f4:de:8d:89:2d: 6b:f5:e5:71:77:4d:c5:81:d2:ec:72:87:b3:fb:77: 9c:ba:c0:09:cf:36:37:d9:1b:01:a6:99:0a:fc:8c: f5:a1:b8:27:6a:21:bd:18:2e:89:4a:15:76:ca:11: 7b:e2:f0:a7:d7:37:22:dd:91:b0:65:a0:7b:07:6e: 14:bf:a9:29:91:1e:97:a2:8a:71:41:95:44:dc:0e: b1:bf:b7:41:2a:68:e5:62:a5:65:9f:95:71:44:fa: 77:75:ba:ef:d4:f0:47:3a:d5:f4:9f:b6:47:d5:39: b7:a5:5b:b4:1b:ea:2f:dc:d4:9e:18:59:4d:9d:3f: c1:47:e8:f5:c1:63:94:a8:bf:89:7b:c5:ce:7f:84: b9:47:f1:98:ae:33:6c:ff:7d:35:af:70:9a:30:46: 69:23:e3:6e:62:7b:6a:e9:e3:b1:7d:b6:43:4a:18: 3c:fb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D5:C7:C4:71:9E:3E:BC:50:2A:2B:CA:D1:93:41:CA:46:5E:68:49:19 X509v3 Authority Key Identifier: keyid:4E:25:93:4F:E8:D8:99:59:42:5D:10:18:EB:12:19:81:DA:25:09:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2048/TiWTT-jYmVlCXRAY6xIZgdolCYU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/TiWTT-jYmVlCXRAY6xIZgdolCYU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2048/1cfEcZ4-vFAqK8rRk0HKRl5oSRk.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.9.108.0/22 Signature Algorithm: sha256WithRSAEncryption 17:8a:f5:2d:e8:e3:5b:e3:d8:0c:f8:fc:06:bb:56:de:ed:54: 7a:20:7e:72:15:8d:ef:67:66:61:f0:41:0d:c6:21:a1:4b:d1: 10:3d:5e:fb:ec:68:50:7e:8b:8f:c9:53:95:06:6d:17:e1:ae: 06:20:eb:4c:7a:33:7c:59:eb:86:5a:58:68:6f:34:b3:17:64: 97:3f:9b:ad:5f:8f:a0:fd:68:9a:9f:59:1e:a2:2a:04:30:d6: a2:79:17:57:c0:7e:26:1a:98:4b:b1:e3:e6:06:32:39:48:e3: 6e:9f:4b:57:03:df:4f:5b:ad:29:63:6c:17:ee:c7:5b:d7:7f: 0b:a2:7b:d1:1c:e0:65:41:03:cd:81:34:59:2a:dd:e0:c3:05: ff:c3:c4:d2:de:12:89:ab:07:73:04:8d:3b:82:4f:00:4e:63: fd:6c:c7:6a:5a:14:5b:85:e0:01:43:62:9e:79:91:e6:8d:d9: 5d:3f:05:ab:3e:16:7e:02:9a:63:55:13:82:ee:51:75:c1:cb: 0b:1b:6a:9c:1f:a7:3e:75:b5:ed:ea:4c:39:df:7c:fd:f1:1b: 74:c0:e0:60:1d:3f:8a:b2:d6:a9:df:f6:ab:ad:23:c1:05:b4: 13:19:1d:ae:3d:1a:d3:87:4a:95:bb:2d:ac:15:3c:9a:63:2c: d8:cf:84:fc -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICDYMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNEUy NTkzNEZFOEQ4OTk1OTQyNUQxMDE4RUIxMjE5ODFEQTI1MDk4NTAeFw0yNjAxMjYw NjU0MTNaFw0yNjEwMjMwMzAxMDNaMDMxMTAvBgNVBAMTKEQ1QzdDNDcxOUUzRUJD NTAyQTJCQ0FEMTkzNDFDQTQ2NUU2ODQ5MTkwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDUPfBx/4n5vjClqxGVuVTSl9BnW3Dpae6zuxDgMQCZRzDktc9F XcBCexFqv0iwB+dLwNO3beeWnl9swZDtZZ2tEF+HK/UzP3KM4sytIcl/KsIe5fz0 3o2JLWv15XF3TcWB0uxyh7P7d5y6wAnPNjfZGwGmmQr8jPWhuCdqIb0YLolKFXbK EXvi8KfXNyLdkbBloHsHbhS/qSmRHpeiinFBlUTcDrG/t0EqaOVipWWflXFE+nd1 uu/U8Ec61fSftkfVObelW7Qb6i/c1J4YWU2dP8FH6PXBY5Sov4l7xc5/hLlH8Ziu M2z/fTWvcJowRmkj425ie2rp47F9tkNKGDz7AgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQU1cfEcZ4+vFAqK8rRk0HKRl5oSRkwHwYDVR0jBBgwFoAUTiWTT+jYmVlCXRAY 6xIZgdolCYUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjA0 OC9UaVdUVC1qWW1WbENYUkFZNnhJWmdkb2xDWVUuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL1RpV1RULWpZbVZsQ1hSQVk2eElaZ2RvbENZVS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzIwNDgvMWNmRWNaNC12RkFx SzhyUmswSEtSbDVvU1JrLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAmcJbDANBgkqhkiG9w0BAQsFAAOCAQEAF4r1LejjW+PYDPj8BrtW3u1UeiB+ chWN72dmYfBBDcYhoUvRED1e++xoUH6Lj8lTlQZtF+GuBiDrTHozfFnrhlpYaG80 sxdklz+brV+PoP1omp9ZHqIqBDDWonkXV8B+JhqYS7Hj5gYyOUjjbp9LVwPfT1ut KWNsF+7HW9d/C6J70RzgZUEDzYE0WSrd4MMF/8PE0t4SiasHcwSNO4JPAE5j/WzH aloUW4XgAUNinnmR5o3ZXT8Fqz4WfgKaY1UTgu5RdcHLCxtqnB+nPnW17epMOd98 /fEbdMDgYB0/irLWqd/2q60jwQW0Exkdrj0a04dKlbstrBU8mmMs2M+E/A== -----END CERTIFICATE-----Generated at Mon Feb 23 06:24:30 2026 by rpki-client