$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2988/bzHUb37wqq6vZG_XdGOsSODnE5g.roa File: bzHUb37wqq6vZG_XdGOsSODnE5g.roa (raw, json) Hash identifier: esZfW+ZJ3LKtDeHoVr6XI4SDXbU1JFrxpW5XtTZYbBQ= Subject key identifier: 6F:31:D4:6F:7E:F0:AA:AE:AF:64:6F:D7:74:63:AC:48:E0:E7:13:98 Certificate issuer: /CN=012D4317BCA1660F88066F890F8C04AF557000CB Certificate serial: 292B Authority key identifier: 01:2D:43:17:BC:A1:66:0F:88:06:6F:89:0F:8C:04:AF:55:70:00:CB Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/AS1DF7yhZg-IBm-JD4wEr1VwAMs.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2988/bzHUb37wqq6vZG_XdGOsSODnE5g.roa Signing time: Mon 26 Jan 2026 06:52:24 +0000 ROA not before: Mon 26 Jan 2026 06:52:24 +0000 ROA not after: Sat 09 Jan 2027 08:23:18 +0000 asID: 139139 IP address blocks: 2406:3340::/36 maxlen: 36 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2988/AS1DF7yhZg-IBm-JD4wEr1VwAMs.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2988/AS1DF7yhZg-IBm-JD4wEr1VwAMs.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/AS1DF7yhZg-IBm-JD4wEr1VwAMs.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 20 Feb 2026 05:58:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 10539 (0x292b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=012D4317BCA1660F88066F890F8C04AF557000CB Validity Not Before: Jan 26 06:52:24 2026 GMT Not After : Jan 9 08:23:18 2027 GMT Subject: CN=6F31D46F7EF0AAAEAF646FD77463AC48E0E71398 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:de:ee:7b:d2:b2:85:cf:3c:a7:bd:6e:53:e0: 3c:ee:36:b2:72:38:be:38:62:9c:b0:04:22:6c:50: c4:4a:e4:72:2b:44:59:39:6f:ef:fc:35:26:0a:2f: eb:d3:9e:46:97:a8:5e:28:0d:8a:08:49:0f:32:94: 59:fa:f5:b2:a6:9b:42:9e:f6:8a:93:bd:65:eb:65: 79:23:a4:94:ed:7f:fe:af:d8:79:d8:c6:91:43:bd: ac:93:85:eb:2e:85:17:77:79:5d:71:40:50:4f:d4: f0:c9:ff:b1:31:98:36:10:ec:c8:ba:83:1f:65:fe: 79:2b:04:f6:4b:38:11:5b:52:bf:fb:19:29:6a:82: d2:6a:b7:85:24:df:95:bd:64:96:0f:b9:99:04:dc: 50:6e:96:5d:67:1f:df:b8:8f:9a:b2:c1:3b:85:32: 68:6c:8f:8f:84:48:c1:ce:68:67:c1:42:65:f0:36: d3:d4:34:4a:45:4b:c9:32:a7:dc:86:7a:38:da:f9: 65:2a:36:68:e6:16:88:fb:3a:4d:d2:5b:51:de:60: 18:67:29:78:da:dd:10:00:3a:a3:7c:8d:ed:78:ae: 55:22:c2:cb:d3:51:3a:1e:32:69:e7:ef:21:0a:0a: db:8c:9c:10:38:0f:05:76:ed:73:ad:8c:9f:54:32: db:0b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6F:31:D4:6F:7E:F0:AA:AE:AF:64:6F:D7:74:63:AC:48:E0:E7:13:98 X509v3 Authority Key Identifier: keyid:01:2D:43:17:BC:A1:66:0F:88:06:6F:89:0F:8C:04:AF:55:70:00:CB X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2988/AS1DF7yhZg-IBm-JD4wEr1VwAMs.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/AS1DF7yhZg-IBm-JD4wEr1VwAMs.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2988/bzHUb37wqq6vZG_XdGOsSODnE5g.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2406:3340::/36 Signature Algorithm: sha256WithRSAEncryption 6f:59:02:45:de:c1:e4:1d:40:08:d8:00:60:53:2e:8b:15:d6: 9f:09:54:16:61:28:63:95:ee:e0:8d:a9:97:d4:e0:85:62:76: b6:20:4f:8e:59:48:79:8e:f4:78:ca:94:25:e3:b5:17:27:06: 0f:07:3b:a0:be:4e:14:cd:f2:59:3a:71:1b:cb:cb:18:fc:94: 95:00:15:e3:07:16:e9:12:5e:cb:75:96:cb:e1:55:2e:b5:f3: 0a:07:c8:61:86:f2:35:89:eb:95:b4:c9:0d:f8:45:be:aa:f5: 9c:ef:67:31:bd:39:78:9a:a2:6a:bb:20:c0:42:78:26:32:c6: 35:aa:16:45:15:5e:b3:44:7c:56:3a:d9:f1:6e:83:9d:2b:87: 61:02:2d:80:5e:72:a0:9a:c1:bc:27:af:a0:9b:1a:bc:35:f0: 5c:44:25:b5:bc:8a:0d:70:22:76:2c:a4:23:54:9e:40:4e:56: e2:3c:d0:eb:86:92:eb:57:30:fe:98:87:30:7c:b1:c7:76:57: 14:1f:02:dc:35:5c:2f:84:c1:90:6d:4a:2c:2d:0a:4a:23:20: f3:fb:19:8c:6f:37:5b:35:fc:65:92:f5:5d:f1:81:4d:88:33: 4a:99:6e:9d:fb:0d:7d:3c:da:ad:63:6e:8f:a8:b9:0c:62:15: fc:be:b6:38 -----BEGIN CERTIFICATE----- MIIE2TCCA8GgAwIBAgICKSswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMDEy RDQzMTdCQ0ExNjYwRjg4MDY2Rjg5MEY4QzA0QUY1NTcwMDBDQjAeFw0yNjAxMjYw NjUyMjRaFw0yNzAxMDkwODIzMThaMDMxMTAvBgNVBAMTKDZGMzFENDZGN0VGMEFB QUVBRjY0NkZENzc0NjNBQzQ4RTBFNzEzOTgwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDJ3u570rKFzzynvW5T4DzuNrJyOL44YpywBCJsUMRK5HIrRFk5 b+/8NSYKL+vTnkaXqF4oDYoISQ8ylFn69bKmm0Ke9oqTvWXrZXkjpJTtf/6v2HnY xpFDvayThesuhRd3eV1xQFBP1PDJ/7ExmDYQ7Mi6gx9l/nkrBPZLOBFbUr/7GSlq gtJqt4Uk35W9ZJYPuZkE3FBull1nH9+4j5qywTuFMmhsj4+ESMHOaGfBQmXwNtPU NEpFS8kyp9yGejja+WUqNmjmFoj7Ok3SW1HeYBhnKXja3RAAOqN8je14rlUiwsvT UToeMmnn7yEKCtuMnBA4DwV27XOtjJ9UMtsLAgMBAAGjggH1MIIB8TAdBgNVHQ4E FgQUbzHUb37wqq6vZG/XdGOsSODnE5gwHwYDVR0jBBgwFoAUAS1DF7yhZg+IBm+J D4wEr1VwAMswGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjk4 OC9BUzFERjd5aFpnLUlCbS1KRDR3RXIxVndBTXMuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0FTMURGN3loWmctSUJtLUpENHdFcjFWd0FNcy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI5ODgvYnpIVWIzN3dxcTZ2 WkdfWGRHT3NTT0RuRTVnLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIw CAMGBCQGM0AAMA0GCSqGSIb3DQEBCwUAA4IBAQBvWQJF3sHkHUAI2ABgUy6LFdaf CVQWYShjle7gjamX1OCFYna2IE+OWUh5jvR4ypQl47UXJwYPBzugvk4UzfJZOnEb y8sY/JSVABXjBxbpEl7LdZbL4VUutfMKB8hhhvI1ieuVtMkN+EW+qvWc72cxvTl4 mqJquyDAQngmMsY1qhZFFV6zRHxWOtnxboOdK4dhAi2AXnKgmsG8J6+gmxq8NfBc RCW1vIoNcCJ2LKQjVJ5ATlbiPNDrhpLrVzD+mIcwfLHHdlcUHwLcNVwvhMGQbUos LQpKIyDz+xmMbzdbNfxlkvVd8YFNiDNKmW6d+w19PNqtY26PqLkMYhX8vrY4 -----END CERTIFICATE-----Generated at Fri Feb 20 05:35:07 2026 by rpki-client