$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2841/Dxf2IGNyXg9I98tAtX9uZk6GXVc.roa File: Dxf2IGNyXg9I98tAtX9uZk6GXVc.roa (raw, json) Hash identifier: ONovWuC+zq8l+bwh2lQi2A19xeNKL6TpIuIc732PvrY= Subject key identifier: 0F:17:F6:20:63:72:5E:0F:48:F7:CB:40:B5:7F:6E:66:4E:86:5D:57 Certificate issuer: /CN=51A5666D323BF842F6044CE71059773E2271B013 Certificate serial: 22FF Authority key identifier: 51:A5:66:6D:32:3B:F8:42:F6:04:4C:E7:10:59:77:3E:22:71:B0:13 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/UaVmbTI7-EL2BEznEFl3PiJxsBM.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2841/Dxf2IGNyXg9I98tAtX9uZk6GXVc.roa Signing time: Mon 26 Jan 2026 06:53:54 +0000 ROA not before: Mon 26 Jan 2026 06:53:54 +0000 ROA not after: Sat 09 Jan 2027 08:23:18 +0000 asID: 137571 IP address blocks: 103.126.103.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2841/UaVmbTI7-EL2BEznEFl3PiJxsBM.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2841/UaVmbTI7-EL2BEznEFl3PiJxsBM.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/UaVmbTI7-EL2BEznEFl3PiJxsBM.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 23 Feb 2026 07:29:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8959 (0x22ff) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=51A5666D323BF842F6044CE71059773E2271B013 Validity Not Before: Jan 26 06:53:54 2026 GMT Not After : Jan 9 08:23:18 2027 GMT Subject: CN=0F17F62063725E0F48F7CB40B57F6E664E865D57 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e4:22:1c:61:92:d0:06:8f:ed:fa:3c:cb:69:8a: 82:5b:ec:70:df:66:7a:b4:f1:03:e3:79:4b:3c:38: cc:d5:6e:07:a0:31:31:1d:d1:5d:4d:fb:33:4b:2a: cb:1f:3a:28:eb:4a:e9:94:28:b9:86:66:53:a7:bc: 0f:2e:35:97:4d:ac:11:ab:75:49:79:84:da:be:74: 30:35:a2:ba:c6:ad:46:3c:ec:c0:94:7a:ac:27:8a: 5d:c2:c0:c6:c9:e8:c5:28:ca:eb:51:93:1e:b2:07: f1:1e:d0:b0:66:62:6c:1d:4c:fb:20:52:1c:54:2b: aa:c6:46:2c:ab:53:e8:7b:c5:6e:cb:7e:21:72:20: 02:42:a2:c3:5b:30:ea:02:a6:f0:15:15:26:53:f0: 15:24:1f:c4:6f:a2:34:85:67:cd:85:06:8a:81:b0: 2a:ec:5c:7f:d1:20:da:8b:28:4b:ec:13:0d:c1:4c: ac:4f:04:25:86:55:66:1f:ab:47:b7:d9:ce:8d:5e: fc:e0:ba:36:9a:8f:0e:1a:bc:c0:3b:7e:89:03:f1: 92:49:53:61:93:53:70:52:b9:4b:15:30:78:d9:88: 94:bc:d9:ce:66:6e:74:16:83:3e:53:b6:65:dc:31: 3a:a1:5b:94:23:31:a2:f4:93:ef:d1:4c:f9:75:5c: c1:a9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0F:17:F6:20:63:72:5E:0F:48:F7:CB:40:B5:7F:6E:66:4E:86:5D:57 X509v3 Authority Key Identifier: keyid:51:A5:66:6D:32:3B:F8:42:F6:04:4C:E7:10:59:77:3E:22:71:B0:13 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2841/UaVmbTI7-EL2BEznEFl3PiJxsBM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/UaVmbTI7-EL2BEznEFl3PiJxsBM.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2841/Dxf2IGNyXg9I98tAtX9uZk6GXVc.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.126.103.0/24 Signature Algorithm: sha256WithRSAEncryption b5:83:fc:9b:fe:ef:e0:8d:10:ee:04:d3:6e:07:ad:70:5c:ae: 2e:59:38:6a:6c:7b:1f:5e:25:25:b3:48:d7:86:ed:0e:ec:43: b9:48:50:63:1a:40:e9:ff:41:89:2e:f0:ef:e5:c0:14:a0:da: 49:df:ab:db:46:15:02:6e:87:3c:62:92:de:35:85:b9:73:7f: c6:2c:ee:09:2e:fc:04:4d:e0:35:d8:68:8d:57:c6:23:6f:48: 19:4f:97:21:16:29:f8:f8:d8:ae:ba:58:63:01:0d:4d:47:81: 27:ad:ad:9c:36:8c:5a:61:9a:7b:63:e2:aa:8c:71:7c:d7:be: 37:49:27:4a:14:05:c0:a0:a9:d1:0d:cd:30:86:5b:1e:ba:72: fb:9b:90:26:92:c4:95:43:64:6e:dd:a7:4d:ea:ad:87:49:01: 7f:7b:23:f5:67:79:97:7c:ae:3f:e3:e6:89:44:7e:4c:9f:79: 9d:36:4f:3b:05:4a:f9:1a:27:5d:1b:b2:21:78:f3:0c:cc:fb: 93:5e:19:8c:7f:28:80:39:89:62:57:bd:2e:00:3d:0e:59:c7: e0:00:52:8b:44:79:0b:a7:b0:73:5c:54:c4:f5:f4:91:f8:60: 74:69:b3:4c:59:d7:55:b4:4f:58:72:bb:af:de:85:e7:b5:7a: c3:7e:b6:64 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICIv8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNTFB NTY2NkQzMjNCRjg0MkY2MDQ0Q0U3MTA1OTc3M0UyMjcxQjAxMzAeFw0yNjAxMjYw NjUzNTRaFw0yNzAxMDkwODIzMThaMDMxMTAvBgNVBAMTKDBGMTdGNjIwNjM3MjVF MEY0OEY3Q0I0MEI1N0Y2RTY2NEU4NjVENTcwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDkIhxhktAGj+36PMtpioJb7HDfZnq08QPjeUs8OMzVbgegMTEd 0V1N+zNLKssfOijrSumUKLmGZlOnvA8uNZdNrBGrdUl5hNq+dDA1orrGrUY87MCU eqwnil3CwMbJ6MUoyutRkx6yB/Ee0LBmYmwdTPsgUhxUK6rGRiyrU+h7xW7LfiFy IAJCosNbMOoCpvAVFSZT8BUkH8RvojSFZ82FBoqBsCrsXH/RINqLKEvsEw3BTKxP BCWGVWYfq0e32c6NXvzgujaajw4avMA7fokD8ZJJU2GTU3BSuUsVMHjZiJS82c5m bnQWgz5TtmXcMTqhW5QjMaL0k+/RTPl1XMGpAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUDxf2IGNyXg9I98tAtX9uZk6GXVcwHwYDVR0jBBgwFoAUUaVmbTI7+EL2BEzn EFl3PiJxsBMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjg0 MS9VYVZtYlRJNy1FTDJCRXpuRUZsM1BpSnhzQk0uY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL1VhVm1iVEk3LUVMMkJFem5FRmwzUGlKeHNCTS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI4NDEvRHhmMklHTnlYZzlJ OTh0QXRYOXVaazZHWFZjLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAGd+ZzANBgkqhkiG9w0BAQsFAAOCAQEAtYP8m/7v4I0Q7gTTbgetcFyuLlk4 amx7H14lJbNI14btDuxDuUhQYxpA6f9BiS7w7+XAFKDaSd+r20YVAm6HPGKS3jWF uXN/xizuCS78BE3gNdhojVfGI29IGU+XIRYp+PjYrrpYYwENTUeBJ62tnDaMWmGa e2PiqoxxfNe+N0knShQFwKCp0Q3NMIZbHrpy+5uQJpLElUNkbt2nTeqth0kBf3sj 9Wd5l3yuP+PmiUR+TJ95nTZPOwVK+RonXRuyIXjzDMz7k14ZjH8ogDmJYle9LgA9 DlnH4ABSi0R5C6ewc1xUxPX0kfhgdGmzTFnXVbRPWHK7r96F57V6w362ZA== -----END CERTIFICATE-----Generated at Mon Feb 23 06:07:17 2026 by rpki-client