$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2988/WndHbjRCw23yWTJ5rI3H19Ad0Pk.roa File: WndHbjRCw23yWTJ5rI3H19Ad0Pk.roa (raw, json) Hash identifier: K7cZOi+gqIGqw1P04flbzPMyz3gWL3RLQYClc3Qy/yM= Subject key identifier: 5A:77:47:6E:34:42:C3:6D:F2:59:32:79:AC:8D:C7:D7:D0:1D:D0:F9 Certificate issuer: /CN=012D4317BCA1660F88066F890F8C04AF557000CB Certificate serial: 2920 Authority key identifier: 01:2D:43:17:BC:A1:66:0F:88:06:6F:89:0F:8C:04:AF:55:70:00:CB Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/AS1DF7yhZg-IBm-JD4wEr1VwAMs.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2988/WndHbjRCw23yWTJ5rI3H19Ad0Pk.roa Signing time: Mon 26 Jan 2026 06:52:22 +0000 ROA not before: Mon 26 Jan 2026 06:52:22 +0000 ROA not after: Sat 09 Jan 2027 08:23:18 +0000 asID: 139139 IP address blocks: 2406:3340:1000::/36 maxlen: 36 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2988/AS1DF7yhZg-IBm-JD4wEr1VwAMs.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2988/AS1DF7yhZg-IBm-JD4wEr1VwAMs.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/AS1DF7yhZg-IBm-JD4wEr1VwAMs.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 20 Feb 2026 05:58:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 10528 (0x2920) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=012D4317BCA1660F88066F890F8C04AF557000CB Validity Not Before: Jan 26 06:52:22 2026 GMT Not After : Jan 9 08:23:18 2027 GMT Subject: CN=5A77476E3442C36DF2593279AC8DC7D7D01DD0F9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:7c:93:c9:a8:f4:25:f4:a2:16:fa:14:1c:5f: 88:ac:a0:53:f5:a6:9d:7c:3d:83:87:37:15:e8:da: ed:f6:f9:5b:13:aa:67:be:40:3d:28:18:79:fa:c8: d4:62:91:a8:19:56:80:1e:63:2f:ba:44:b5:3b:c2: 64:0f:17:09:d7:d5:19:c5:b6:36:41:28:6d:3a:53: 39:8f:c0:ba:a0:4c:37:d8:d1:32:c4:9d:25:ad:f9: 03:a9:fa:a7:8d:49:a7:25:be:f7:de:1b:a2:5d:3c: c7:31:4f:3a:52:ac:5c:c0:1f:df:93:ba:74:80:33: d3:55:26:11:a8:15:d9:f9:d5:2a:da:50:a0:4a:4a: 03:57:bf:8d:81:d0:b1:95:87:fe:8b:59:3a:65:0d: dd:ee:28:8b:15:76:69:09:0a:f5:bc:d5:9f:a7:d5: 38:82:d2:ce:ab:f3:00:57:58:32:a8:d2:2c:1a:0a: 1a:f0:10:2b:c0:0c:83:1b:ef:3d:f2:6b:ce:4f:2e: 26:c1:cd:42:ca:e2:d3:20:ac:81:97:a3:cd:f3:5f: db:5f:c2:d0:b0:ac:6d:ed:b3:9f:e5:fe:2b:04:9e: 01:53:98:87:83:89:ec:a4:2a:a6:a8:80:07:3d:68: e6:62:aa:a3:e9:25:81:56:41:7f:1c:2d:2b:0e:d3: 10:4b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5A:77:47:6E:34:42:C3:6D:F2:59:32:79:AC:8D:C7:D7:D0:1D:D0:F9 X509v3 Authority Key Identifier: keyid:01:2D:43:17:BC:A1:66:0F:88:06:6F:89:0F:8C:04:AF:55:70:00:CB X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2988/AS1DF7yhZg-IBm-JD4wEr1VwAMs.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/AS1DF7yhZg-IBm-JD4wEr1VwAMs.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2988/WndHbjRCw23yWTJ5rI3H19Ad0Pk.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2406:3340:1000::/36 Signature Algorithm: sha256WithRSAEncryption 9d:62:68:53:a2:5a:10:47:9c:96:f7:4d:b2:3b:ba:7d:c1:d7: 67:34:da:6d:9b:c8:0a:e3:85:9f:fb:f6:28:b1:72:52:6b:ad: 34:3a:b1:13:3e:8d:9d:d3:e0:39:92:b3:25:72:bf:91:f2:99: 79:1c:59:24:82:ba:58:f9:c9:d5:8e:89:7d:80:39:c0:5a:f5: f7:46:cc:f7:b6:c8:da:49:5b:58:6d:1e:35:1e:85:68:fe:4f: e6:bf:8d:e3:6d:ab:23:a3:25:aa:cf:f7:1f:cc:ba:f0:37:31: 1e:18:ae:ad:e1:5e:9a:be:df:85:6a:1d:7d:1c:10:24:45:8b: cd:a4:cd:6b:61:63:29:0f:99:3a:49:8d:1e:42:78:b7:06:80: 6a:a3:71:58:43:c0:b6:06:a0:ae:3f:33:7d:9f:08:c1:ac:49: 57:38:a1:f2:9b:41:64:29:bd:31:99:fb:71:28:1c:30:e9:f7: 32:b4:8c:ac:53:31:11:87:09:76:c7:47:58:6d:95:f3:ca:c8: d2:0e:4f:a5:c0:9c:79:08:3b:b1:2a:85:06:b1:3d:6e:6e:5e: 61:ff:18:85:23:95:d6:67:e7:c7:5d:50:aa:91:ed:bd:b1:e4: d1:79:a6:b3:8a:53:5e:9f:26:8b:0f:80:54:2c:1f:63:f5:dd: ad:bd:dc:31 -----BEGIN CERTIFICATE----- MIIE2TCCA8GgAwIBAgICKSAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMDEy RDQzMTdCQ0ExNjYwRjg4MDY2Rjg5MEY4QzA0QUY1NTcwMDBDQjAeFw0yNjAxMjYw NjUyMjJaFw0yNzAxMDkwODIzMThaMDMxMTAvBgNVBAMTKDVBNzc0NzZFMzQ0MkMz NkRGMjU5MzI3OUFDOERDN0Q3RDAxREQwRjkwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC6fJPJqPQl9KIW+hQcX4isoFP1pp18PYOHNxXo2u32+VsTqme+ QD0oGHn6yNRikagZVoAeYy+6RLU7wmQPFwnX1RnFtjZBKG06UzmPwLqgTDfY0TLE nSWt+QOp+qeNSaclvvfeG6JdPMcxTzpSrFzAH9+TunSAM9NVJhGoFdn51SraUKBK SgNXv42B0LGVh/6LWTplDd3uKIsVdmkJCvW81Z+n1TiC0s6r8wBXWDKo0iwaChrw ECvADIMb7z3ya85PLibBzULK4tMgrIGXo83zX9tfwtCwrG3ts5/l/isEngFTmIeD ieykKqaogAc9aOZiqqPpJYFWQX8cLSsO0xBLAgMBAAGjggH1MIIB8TAdBgNVHQ4E FgQUWndHbjRCw23yWTJ5rI3H19Ad0PkwHwYDVR0jBBgwFoAUAS1DF7yhZg+IBm+J D4wEr1VwAMswGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjk4 OC9BUzFERjd5aFpnLUlCbS1KRDR3RXIxVndBTXMuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0FTMURGN3loWmctSUJtLUpENHdFcjFWd0FNcy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI5ODgvV25kSGJqUkN3MjN5 V1RKNXJJM0gxOUFkMFBrLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIw CAMGBCQGM0AQMA0GCSqGSIb3DQEBCwUAA4IBAQCdYmhToloQR5yW902yO7p9wddn NNptm8gK44Wf+/YosXJSa600OrETPo2d0+A5krMlcr+R8pl5HFkkgrpY+cnVjol9 gDnAWvX3Rsz3tsjaSVtYbR41HoVo/k/mv43jbasjoyWqz/cfzLrwNzEeGK6t4V6a vt+Fah19HBAkRYvNpM1rYWMpD5k6SY0eQni3BoBqo3FYQ8C2BqCuPzN9nwjBrElX OKHym0FkKb0xmftxKBww6fcytIysUzERhwl2x0dYbZXzysjSDk+lwJx5CDuxKoUG sT1ubl5h/xiFI5XWZ+fHXVCqke29seTReaazilNenyaLD4BULB9j9d2tvdwx -----END CERTIFICATE-----Generated at Fri Feb 20 05:34:46 2026 by rpki-client