$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2522/U8443cAZnEZu7YH0qCr_5GvsUOg.roa File: U8443cAZnEZu7YH0qCr_5GvsUOg.roa (raw, json) Hash identifier: JujS1xrBRsaYFKgle5zA1ZGOFwbzUP0rhV9Z511Y77U= Subject key identifier: 53:CE:38:DD:C0:19:9C:46:6E:ED:81:F4:A8:2A:FF:E4:6B:EC:50:E8 Certificate issuer: /CN=4087DAB67172836B082075CE18BE5E5FA45D5E95 Certificate serial: 231D Authority key identifier: 40:87:DA:B6:71:72:83:6B:08:20:75:CE:18:BE:5E:5F:A4:5D:5E:95 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/QIfatnFyg2sIIHXOGL5eX6RdXpU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2522/U8443cAZnEZu7YH0qCr_5GvsUOg.roa Signing time: Mon 26 Jan 2026 06:56:00 +0000 ROA not before: Mon 26 Jan 2026 06:56:00 +0000 ROA not after: Fri 23 Oct 2026 03:01:03 +0000 asID: 131567 IP address blocks: 103.96.9.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2522/QIfatnFyg2sIIHXOGL5eX6RdXpU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2522/QIfatnFyg2sIIHXOGL5eX6RdXpU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/QIfatnFyg2sIIHXOGL5eX6RdXpU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 23 Feb 2026 07:29:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8989 (0x231d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4087DAB67172836B082075CE18BE5E5FA45D5E95 Validity Not Before: Jan 26 06:56:00 2026 GMT Not After : Oct 23 03:01:03 2026 GMT Subject: CN=53CE38DDC0199C466EED81F4A82AFFE46BEC50E8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:b7:0c:24:2a:6e:7b:d3:0d:aa:1f:e8:4c:ba: e8:d2:2f:83:d7:08:60:ee:e2:a0:8f:27:af:95:d1: 62:eb:d8:fa:55:6d:9c:8b:dd:18:45:f6:99:ce:8e: 04:95:1b:42:29:e6:02:40:07:f1:5b:ab:98:38:44: 46:31:b0:2a:4e:e9:c5:52:10:ff:00:35:64:4d:55: d2:82:ce:ad:8d:62:11:ff:d8:90:4f:2f:1a:96:76: 3d:a4:9a:b6:f4:80:e4:0b:1c:41:a9:94:b8:14:ac: af:ca:27:a8:c3:33:4d:f2:09:80:e0:ec:8e:39:cd: f4:34:12:a9:14:b6:36:f4:ac:32:15:ad:3b:31:c7: b6:e6:ce:25:40:86:9c:13:40:d8:08:d2:a3:2a:e0: 5c:fb:89:f9:08:3c:84:08:41:c8:d9:cf:15:7d:92: 9a:2d:c2:0c:cb:09:af:a7:7a:b0:d6:99:32:3b:d5: cd:dd:fc:c3:44:9a:88:83:a6:cc:34:f2:12:8c:04: 00:3e:54:32:b6:80:9d:38:a6:08:3e:ed:2a:63:9a: 6d:d7:24:cb:19:4f:e5:d7:b0:72:8c:ed:69:b7:42: c4:9b:76:9a:e2:11:66:2c:36:d7:ae:f9:83:5b:d3: 8d:a8:c6:ae:93:3c:f1:30:37:bf:0f:07:33:b1:4a: bc:4f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 53:CE:38:DD:C0:19:9C:46:6E:ED:81:F4:A8:2A:FF:E4:6B:EC:50:E8 X509v3 Authority Key Identifier: keyid:40:87:DA:B6:71:72:83:6B:08:20:75:CE:18:BE:5E:5F:A4:5D:5E:95 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2522/QIfatnFyg2sIIHXOGL5eX6RdXpU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/QIfatnFyg2sIIHXOGL5eX6RdXpU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2522/U8443cAZnEZu7YH0qCr_5GvsUOg.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.96.9.0/24 Signature Algorithm: sha256WithRSAEncryption 2b:4b:5a:dd:1a:d3:a7:e6:3a:da:40:15:da:ef:f2:bc:cf:5b: e8:90:41:78:75:95:eb:69:03:a5:d5:fd:bd:90:54:c8:f4:d3: 7c:ae:70:0c:44:b3:5f:c5:7d:65:a3:ac:e2:96:cd:5c:c3:15: 19:da:de:d8:9f:4d:c0:c8:31:2e:1d:01:ae:15:97:3d:54:db: 96:69:86:2f:b8:de:c8:6a:74:e3:88:1f:f2:4f:2d:b3:26:a1: 77:3b:f0:45:f6:8c:ff:89:7a:aa:08:79:04:07:3a:67:f0:b5: 88:ea:09:8c:e2:c2:05:28:2d:dc:9d:93:ba:76:30:71:e5:2e: 38:a3:cc:ec:b6:5f:15:46:40:f9:61:ac:f2:bb:b6:b0:71:67: 73:2c:ed:45:0b:86:12:8b:7e:fb:57:fd:c3:80:ae:7a:62:82: 78:af:6d:a4:89:3f:af:3f:d5:f5:d5:98:5e:ae:25:6b:01:53: 5a:8a:58:21:6d:eb:43:df:8c:c6:85:f0:2e:d6:31:bf:8b:2c: f7:09:19:b8:46:48:4a:6f:71:de:24:d1:42:47:09:ad:62:dc: a2:09:19:c7:d4:43:db:74:32:a5:3d:67:df:38:e5:c2:0d:1a: be:3e:59:a7:27:8b:c2:b3:3f:f2:b7:8e:ba:fe:8f:b9:77:f6: f5:07:c1:51 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICIx0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDA4 N0RBQjY3MTcyODM2QjA4MjA3NUNFMThCRTVFNUZBNDVENUU5NTAeFw0yNjAxMjYw NjU2MDBaFw0yNjEwMjMwMzAxMDNaMDMxMTAvBgNVBAMTKDUzQ0UzOEREQzAxOTlD NDY2RUVEODFGNEE4MkFGRkU0NkJFQzUwRTgwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCstwwkKm570w2qH+hMuujSL4PXCGDu4qCPJ6+V0WLr2PpVbZyL 3RhF9pnOjgSVG0Ip5gJAB/Fbq5g4REYxsCpO6cVSEP8ANWRNVdKCzq2NYhH/2JBP LxqWdj2kmrb0gOQLHEGplLgUrK/KJ6jDM03yCYDg7I45zfQ0EqkUtjb0rDIVrTsx x7bmziVAhpwTQNgI0qMq4Fz7ifkIPIQIQcjZzxV9kpotwgzLCa+nerDWmTI71c3d /MNEmoiDpsw08hKMBAA+VDK2gJ04pgg+7Spjmm3XJMsZT+XXsHKM7Wm3QsSbdpri EWYsNteu+YNb042oxq6TPPEwN78PBzOxSrxPAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUU8443cAZnEZu7YH0qCr/5GvsUOgwHwYDVR0jBBgwFoAUQIfatnFyg2sIIHXO GL5eX6RdXpUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjUy Mi9RSWZhdG5GeWcyc0lJSFhPR0w1ZVg2UmRYcFUuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL1FJZmF0bkZ5ZzJzSUlIWE9HTDVlWDZSZFhwVS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI1MjIvVTg0NDNjQVpuRVp1 N1lIMHFDcl81R3ZzVU9nLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAGdgCTANBgkqhkiG9w0BAQsFAAOCAQEAK0ta3RrTp+Y62kAV2u/yvM9b6JBB eHWV62kDpdX9vZBUyPTTfK5wDESzX8V9ZaOs4pbNXMMVGdre2J9NwMgxLh0BrhWX PVTblmmGL7jeyGp044gf8k8tsyahdzvwRfaM/4l6qgh5BAc6Z/C1iOoJjOLCBSgt 3J2TunYwceUuOKPM7LZfFUZA+WGs8ru2sHFncyztRQuGEot++1f9w4CuemKCeK9t pIk/rz/V9dWYXq4lawFTWopYIW3rQ9+MxoXwLtYxv4ss9wkZuEZISm9x3iTRQkcJ rWLcogkZx9RD23QypT1n3zjlwg0avj5ZpyeLwrM/8reOuv6PuXf29QfBUQ== -----END CERTIFICATE-----Generated at Mon Feb 23 06:08:33 2026 by rpki-client