$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2522/i6PVNqwWSuSLHFg0TyEdYfK1YAs.roa File: i6PVNqwWSuSLHFg0TyEdYfK1YAs.roa (raw, json) Hash identifier: 7jNuns72rZdmPrL4edJRrxlrEPqNZRaAgqkPY0vOoN0= Subject key identifier: 8B:A3:D5:36:AC:16:4A:E4:8B:1C:58:34:4F:21:1D:61:F2:B5:60:0B Certificate issuer: /CN=4087DAB67172836B082075CE18BE5E5FA45D5E95 Certificate serial: 231C Authority key identifier: 40:87:DA:B6:71:72:83:6B:08:20:75:CE:18:BE:5E:5F:A4:5D:5E:95 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/QIfatnFyg2sIIHXOGL5eX6RdXpU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2522/i6PVNqwWSuSLHFg0TyEdYfK1YAs.roa Signing time: Mon 26 Jan 2026 06:56:00 +0000 ROA not before: Mon 26 Jan 2026 06:56:00 +0000 ROA not after: Fri 23 Oct 2026 03:01:03 +0000 asID: 131567 IP address blocks: 103.96.11.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2522/QIfatnFyg2sIIHXOGL5eX6RdXpU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2522/QIfatnFyg2sIIHXOGL5eX6RdXpU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/QIfatnFyg2sIIHXOGL5eX6RdXpU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 23 Feb 2026 07:29:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8988 (0x231c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4087DAB67172836B082075CE18BE5E5FA45D5E95 Validity Not Before: Jan 26 06:56:00 2026 GMT Not After : Oct 23 03:01:03 2026 GMT Subject: CN=8BA3D536AC164AE48B1C58344F211D61F2B5600B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:24:2f:47:62:c3:2d:a2:f3:64:51:e2:2d:9b: ff:ac:d4:10:10:e9:86:a6:92:15:28:5f:83:65:57: 6c:9f:8d:6d:f7:40:90:c0:ab:12:e0:b7:21:1d:0a: 70:82:ec:dd:97:da:46:25:20:18:26:ac:41:56:08: a7:3e:31:2a:0e:fe:d5:7f:20:35:91:af:ac:18:b0: cb:62:40:e1:9a:ca:56:b3:de:3f:1f:67:e9:20:30: 3c:15:04:28:7c:82:46:f0:d3:25:44:6d:7c:c4:cb: 10:8f:6d:a4:bd:c3:cc:fb:f2:62:c7:76:f6:31:67: d3:b3:c0:ef:c5:fc:ad:ef:24:cb:89:97:46:93:1c: 02:6f:27:cd:aa:b6:cf:77:37:c5:b6:77:fd:ca:9e: 46:9e:6d:83:6b:ef:0a:df:7d:51:67:09:cb:5f:ed: 56:93:83:aa:36:7f:d4:8d:5f:86:bb:91:a0:a9:3f: 54:db:df:16:3c:39:3b:a3:2c:e1:32:e6:cb:24:0d: bd:fc:3c:f6:bd:97:2a:47:3f:5e:8d:46:b2:39:aa: ef:6a:0d:77:2c:8f:96:42:b0:9b:8a:4b:66:70:55: 0d:d9:3f:39:5c:79:bb:c4:b6:64:8c:ff:7b:de:8c: cd:23:0e:7f:7c:96:73:d1:f6:f3:66:79:a5:86:35: 7b:d1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8B:A3:D5:36:AC:16:4A:E4:8B:1C:58:34:4F:21:1D:61:F2:B5:60:0B X509v3 Authority Key Identifier: keyid:40:87:DA:B6:71:72:83:6B:08:20:75:CE:18:BE:5E:5F:A4:5D:5E:95 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2522/QIfatnFyg2sIIHXOGL5eX6RdXpU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/QIfatnFyg2sIIHXOGL5eX6RdXpU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2522/i6PVNqwWSuSLHFg0TyEdYfK1YAs.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.96.11.0/24 Signature Algorithm: sha256WithRSAEncryption 34:ba:41:a1:f5:49:cc:9d:9a:6f:88:04:a0:d4:9e:d5:1d:54: a1:6b:b7:fd:6e:1b:e0:0b:50:46:09:7b:65:47:44:f8:c5:4e: 11:24:a1:b5:0b:dd:d7:b5:ce:f0:aa:a2:6d:44:34:fe:3c:ce: be:58:37:c9:47:93:89:be:62:74:b4:f2:62:6f:88:ca:04:d1: d9:19:79:5f:06:a2:8b:a7:f1:8b:e8:cc:8c:62:85:92:28:87: 3a:fa:53:79:3f:d4:a5:6a:c4:f9:a7:50:69:52:26:ac:ff:5a: 64:9d:59:01:89:e1:e8:43:9d:3a:9e:66:10:49:0f:e3:bb:64: 3b:bd:a5:9d:76:6d:0e:f8:50:91:f3:80:1d:e4:54:49:71:d5: c4:6d:6f:41:14:de:16:cc:5f:95:53:c0:70:f3:31:b8:c8:9a: f0:d5:e5:61:1e:7f:58:7a:3a:a0:ae:b8:f8:2a:53:50:80:72: ad:7d:eb:d6:9a:fb:9a:4a:e2:92:8b:be:4b:01:9e:77:19:d3: f9:dd:e0:57:a7:57:7b:87:8f:98:92:82:74:a8:d8:52:de:55: 90:3b:94:10:d6:77:7d:26:4e:9b:84:e7:03:cb:ec:92:b5:e4: 40:04:84:05:15:37:47:1c:ce:cd:18:98:3e:f2:eb:d1:e7:a8: 1c:ad:19:dc -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICIxwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDA4 N0RBQjY3MTcyODM2QjA4MjA3NUNFMThCRTVFNUZBNDVENUU5NTAeFw0yNjAxMjYw NjU2MDBaFw0yNjEwMjMwMzAxMDNaMDMxMTAvBgNVBAMTKDhCQTNENTM2QUMxNjRB RTQ4QjFDNTgzNDRGMjExRDYxRjJCNTYwMEIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC6JC9HYsMtovNkUeItm/+s1BAQ6YamkhUoX4NlV2yfjW33QJDA qxLgtyEdCnCC7N2X2kYlIBgmrEFWCKc+MSoO/tV/IDWRr6wYsMtiQOGaylaz3j8f Z+kgMDwVBCh8gkbw0yVEbXzEyxCPbaS9w8z78mLHdvYxZ9OzwO/F/K3vJMuJl0aT HAJvJ82qts93N8W2d/3KnkaebYNr7wrffVFnCctf7VaTg6o2f9SNX4a7kaCpP1Tb 3xY8OTujLOEy5sskDb38PPa9lypHP16NRrI5qu9qDXcsj5ZCsJuKS2ZwVQ3ZPzlc ebvEtmSM/3vejM0jDn98lnPR9vNmeaWGNXvRAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUi6PVNqwWSuSLHFg0TyEdYfK1YAswHwYDVR0jBBgwFoAUQIfatnFyg2sIIHXO GL5eX6RdXpUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjUy Mi9RSWZhdG5GeWcyc0lJSFhPR0w1ZVg2UmRYcFUuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL1FJZmF0bkZ5ZzJzSUlIWE9HTDVlWDZSZFhwVS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI1MjIvaTZQVk5xd1dTdVNM SEZnMFR5RWRZZksxWUFzLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAGdgCzANBgkqhkiG9w0BAQsFAAOCAQEANLpBofVJzJ2ab4gEoNSe1R1UoWu3 /W4b4AtQRgl7ZUdE+MVOESShtQvd17XO8KqibUQ0/jzOvlg3yUeTib5idLTyYm+I ygTR2Rl5Xwaii6fxi+jMjGKFkiiHOvpTeT/UpWrE+adQaVImrP9aZJ1ZAYnh6EOd Op5mEEkP47tkO72lnXZtDvhQkfOAHeRUSXHVxG1vQRTeFsxflVPAcPMxuMia8NXl YR5/WHo6oK64+CpTUIByrX3r1pr7mkrikou+SwGedxnT+d3gV6dXe4ePmJKCdKjY Ut5VkDuUENZ3fSZOm4TnA8vskrXkQASEBRU3RxzOzRiYPvLr0eeoHK0Z3A== -----END CERTIFICATE-----Generated at Mon Feb 23 06:07:07 2026 by rpki-client