$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2048/mP1Ce9x6N0aeyRbidd3setyV2Zo.roa File: mP1Ce9x6N0aeyRbidd3setyV2Zo.roa (raw, json) Hash identifier: 5RQtUB4f4JwROI8dcp9uGQmxbhXc7p6Y7M35xZKtB84= Subject key identifier: 98:FD:42:7B:DC:7A:37:46:9E:C9:16:E2:75:DD:EC:7A:DC:95:D9:9A Certificate issuer: /CN=4E25934FE8D89959425D1018EB121981DA250985 Certificate serial: 0D80 Authority key identifier: 4E:25:93:4F:E8:D8:99:59:42:5D:10:18:EB:12:19:81:DA:25:09:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/TiWTT-jYmVlCXRAY6xIZgdolCYU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2048/mP1Ce9x6N0aeyRbidd3setyV2Zo.roa Signing time: Mon 26 Jan 2026 06:54:13 +0000 ROA not before: Mon 26 Jan 2026 06:54:13 +0000 ROA not after: Fri 23 Oct 2026 03:01:03 +0000 asID: 151296 IP address blocks: 103.71.68.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2048/TiWTT-jYmVlCXRAY6xIZgdolCYU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2048/TiWTT-jYmVlCXRAY6xIZgdolCYU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/TiWTT-jYmVlCXRAY6xIZgdolCYU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 23 Feb 2026 07:28:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3456 (0xd80) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4E25934FE8D89959425D1018EB121981DA250985 Validity Not Before: Jan 26 06:54:13 2026 GMT Not After : Oct 23 03:01:03 2026 GMT Subject: CN=98FD427BDC7A37469EC916E275DDEC7ADC95D99A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a0:71:4a:f0:d5:ae:b6:6b:fe:f5:e2:71:64:11: 0e:c9:97:5d:38:e7:1f:14:4c:3f:2b:9d:dc:33:2c: 59:5f:47:71:db:a3:71:69:36:bf:0f:fd:cd:b6:47: 2a:9e:97:47:eb:da:38:51:f8:6c:30:60:5f:c7:bf: 53:37:4c:26:09:86:35:19:ec:c2:91:86:0f:7e:03: 2b:74:ad:78:56:ec:1f:fc:c8:3a:19:57:e2:26:89: 7a:9f:42:a1:5a:63:c5:0f:f3:22:de:ac:f0:2f:47: c5:9d:34:0b:ad:f2:26:89:f4:8b:6f:8c:60:0a:17: a7:26:7a:e6:42:af:bb:97:61:ae:ea:bf:e1:40:c6: d4:8a:8e:e4:ca:09:92:ea:0d:ad:40:28:73:7f:85: ee:19:93:a0:62:a8:4d:01:99:0c:15:55:64:d6:3b: 38:8f:6d:67:79:66:18:12:3a:f7:26:66:7e:5e:57: 88:a4:0c:44:af:73:ec:99:51:18:0d:d3:f7:d3:4c: 9c:4a:7d:bf:de:74:b7:8a:d2:ac:d1:c9:c5:f0:38: fb:d1:73:7b:c7:3c:78:0f:0f:ab:0b:98:3e:68:1d: 25:1e:0d:98:a1:ca:f3:94:36:55:44:d1:af:41:51: 63:1d:48:fe:06:94:7e:de:a3:68:60:b0:86:53:79: f9:83 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 98:FD:42:7B:DC:7A:37:46:9E:C9:16:E2:75:DD:EC:7A:DC:95:D9:9A X509v3 Authority Key Identifier: keyid:4E:25:93:4F:E8:D8:99:59:42:5D:10:18:EB:12:19:81:DA:25:09:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2048/TiWTT-jYmVlCXRAY6xIZgdolCYU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/TiWTT-jYmVlCXRAY6xIZgdolCYU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2048/mP1Ce9x6N0aeyRbidd3setyV2Zo.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.71.68.0/22 Signature Algorithm: sha256WithRSAEncryption 7b:bf:2e:09:cb:c5:70:80:ef:5b:99:f0:da:91:19:32:6a:37: f4:b3:ba:4c:d5:b3:ee:1a:77:a2:27:c0:62:f3:97:8d:2e:8c: c7:5a:84:33:13:6a:50:e5:db:89:fe:0d:c1:f4:62:88:42:ef: dd:95:f5:01:bf:7c:5f:bb:37:af:62:97:33:a4:85:a6:e4:7d: 7b:8d:06:76:6b:0b:76:f9:b4:8f:ae:dd:a2:b7:7c:8d:a4:02: d6:89:d0:98:ff:da:9f:6b:db:a1:a8:db:91:30:90:2c:7d:a9: 6b:55:13:a7:85:b9:fb:e8:2c:92:3b:d9:f7:94:0c:6f:76:5b: d5:b7:89:b0:91:24:70:ec:e3:83:d9:72:83:54:7c:94:69:df: 8d:f0:d2:8b:a2:9f:92:4f:3b:df:ff:08:84:75:6f:5e:4a:43: bd:cc:64:0f:08:13:ff:dd:79:4f:98:15:49:77:53:60:32:80: d3:11:cb:ab:14:b6:4d:67:ea:e4:d6:02:7b:6b:f4:98:04:4d: 2e:ed:f0:39:59:8e:fa:a8:e4:79:56:c1:b8:19:09:4b:e6:97: b7:55:9d:84:97:1c:3c:16:dd:98:d8:47:c4:20:3d:37:15:16: 80:8f:84:f4:ed:d6:b5:aa:59:87:02:a2:3d:e0:15:4a:0b:f8: 14:ea:9a:d3 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICDYAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNEUy NTkzNEZFOEQ4OTk1OTQyNUQxMDE4RUIxMjE5ODFEQTI1MDk4NTAeFw0yNjAxMjYw NjU0MTNaFw0yNjEwMjMwMzAxMDNaMDMxMTAvBgNVBAMTKDk4RkQ0MjdCREM3QTM3 NDY5RUM5MTZFMjc1RERFQzdBREM5NUQ5OUEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCgcUrw1a62a/714nFkEQ7Jl1045x8UTD8rndwzLFlfR3Hbo3Fp Nr8P/c22Ryqel0fr2jhR+GwwYF/Hv1M3TCYJhjUZ7MKRhg9+Ayt0rXhW7B/8yDoZ V+ImiXqfQqFaY8UP8yLerPAvR8WdNAut8iaJ9ItvjGAKF6cmeuZCr7uXYa7qv+FA xtSKjuTKCZLqDa1AKHN/he4Zk6BiqE0BmQwVVWTWOziPbWd5ZhgSOvcmZn5eV4ik DESvc+yZURgN0/fTTJxKfb/edLeK0qzRycXwOPvRc3vHPHgPD6sLmD5oHSUeDZih yvOUNlVE0a9BUWMdSP4GlH7eo2hgsIZTefmDAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUmP1Ce9x6N0aeyRbidd3setyV2ZowHwYDVR0jBBgwFoAUTiWTT+jYmVlCXRAY 6xIZgdolCYUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjA0 OC9UaVdUVC1qWW1WbENYUkFZNnhJWmdkb2xDWVUuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL1RpV1RULWpZbVZsQ1hSQVk2eElaZ2RvbENZVS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzIwNDgvbVAxQ2U5eDZOMGFl eVJiaWRkM3NldHlWMlpvLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAmdHRDANBgkqhkiG9w0BAQsFAAOCAQEAe78uCcvFcIDvW5nw2pEZMmo39LO6 TNWz7hp3oifAYvOXjS6Mx1qEMxNqUOXbif4NwfRiiELv3ZX1Ab98X7s3r2KXM6SF puR9e40GdmsLdvm0j67dord8jaQC1onQmP/an2vboajbkTCQLH2pa1UTp4W5++gs kjvZ95QMb3Zb1beJsJEkcOzjg9lyg1R8lGnfjfDSi6Kfkk873/8IhHVvXkpDvcxk DwgT/915T5gVSXdTYDKA0xHLqxS2TWfq5NYCe2v0mARNLu3wOVmO+qjkeVbBuBkJ S+aXt1WdhJccPBbdmNhHxCA9NxUWgI+E9O3WtapZhwKiPeAVSgv4FOqa0w== -----END CERTIFICATE-----Generated at Mon Feb 23 06:24:18 2026 by rpki-client