$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2988/fBgIpTOxAzFFnzpWsXPx2pB0L6g.roa File: fBgIpTOxAzFFnzpWsXPx2pB0L6g.roa (raw, json) Hash identifier: zwZxd4I2TQQt/4G3oN3RZ4Tc5bdK7vg8n88gUAbJcwM= Subject key identifier: 7C:18:08:A5:33:B1:03:31:45:9F:3A:56:B1:73:F1:DA:90:74:2F:A8 Certificate issuer: /CN=012D4317BCA1660F88066F890F8C04AF557000CB Certificate serial: 2921 Authority key identifier: 01:2D:43:17:BC:A1:66:0F:88:06:6F:89:0F:8C:04:AF:55:70:00:CB Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/AS1DF7yhZg-IBm-JD4wEr1VwAMs.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2988/fBgIpTOxAzFFnzpWsXPx2pB0L6g.roa Signing time: Mon 26 Jan 2026 06:52:22 +0000 ROA not before: Mon 26 Jan 2026 06:52:22 +0000 ROA not after: Sat 09 Jan 2027 08:23:18 +0000 asID: 139139 IP address blocks: 103.152.186.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2988/AS1DF7yhZg-IBm-JD4wEr1VwAMs.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2988/AS1DF7yhZg-IBm-JD4wEr1VwAMs.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/AS1DF7yhZg-IBm-JD4wEr1VwAMs.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 20 Feb 2026 05:58:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 10529 (0x2921) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=012D4317BCA1660F88066F890F8C04AF557000CB Validity Not Before: Jan 26 06:52:22 2026 GMT Not After : Jan 9 08:23:18 2027 GMT Subject: CN=7C1808A533B10331459F3A56B173F1DA90742FA8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:03:a8:f5:7e:9c:12:70:d7:4d:ad:38:6e:58: 23:7d:4d:6a:3b:44:30:90:f6:19:81:f0:ab:2f:41: 11:82:f6:3a:a6:b6:78:8f:79:a6:eb:e8:7a:20:ba: 52:3d:6b:22:e0:1b:c6:b4:91:4b:aa:60:8a:75:2e: 93:e2:50:cf:f5:66:c1:c3:7e:1b:6d:93:11:11:c1: 91:54:1e:bc:62:6c:49:51:48:88:07:08:0f:1d:b4: 23:39:86:21:ca:9c:7c:60:cb:bf:ea:c4:0c:61:53: 65:8d:ac:83:da:46:48:47:5f:e2:9a:4a:0b:fa:b0: 7c:cb:23:71:83:4f:a8:fa:92:f8:ef:77:98:e5:35: 0e:8c:ff:d0:92:b2:9a:0f:49:71:fe:14:ff:38:b0: a4:87:12:3d:08:2b:c0:86:6f:4a:e8:99:42:6d:b3: 54:6f:37:e3:7d:e6:3b:2d:d3:0a:cb:de:55:69:f1: 65:92:99:80:b5:ab:f8:b0:aa:a7:04:8f:7c:3b:82: 0a:4d:44:9f:e1:0f:40:49:45:84:78:a0:6c:82:fc: ce:1f:0f:02:d8:b9:b3:31:f6:f3:81:80:1e:d2:94: 2c:71:0e:b0:70:8b:18:5e:36:f8:92:47:6e:2f:81: c6:ca:c8:11:ce:af:ef:20:ba:8f:3f:e3:cb:66:a8: e5:d5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7C:18:08:A5:33:B1:03:31:45:9F:3A:56:B1:73:F1:DA:90:74:2F:A8 X509v3 Authority Key Identifier: keyid:01:2D:43:17:BC:A1:66:0F:88:06:6F:89:0F:8C:04:AF:55:70:00:CB X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2988/AS1DF7yhZg-IBm-JD4wEr1VwAMs.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/AS1DF7yhZg-IBm-JD4wEr1VwAMs.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2988/fBgIpTOxAzFFnzpWsXPx2pB0L6g.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.152.186.0/24 Signature Algorithm: sha256WithRSAEncryption 10:b4:bb:d0:a9:63:8d:4a:e7:c1:65:06:89:95:c3:b6:85:a6: 3b:27:22:91:df:a0:a2:e1:66:e6:3c:07:1b:ed:6b:32:82:8b: c0:46:71:da:ee:90:56:99:d5:a3:06:f0:fd:8d:4d:d3:aa:6b: 72:65:6d:d0:d0:e2:43:1f:8a:f0:8e:16:e8:e1:98:4a:9a:76: 70:5a:3d:55:08:7a:21:1b:47:1d:ef:ac:f0:19:3e:05:c2:8f: 43:c6:00:3e:93:5b:bf:6c:10:70:42:ad:f6:2e:b8:ec:ef:e2: 82:42:c6:ee:b7:ed:4e:18:d7:0c:bb:e3:3c:bd:c1:dc:a9:ca: 67:58:5e:a9:ba:b6:77:9a:47:ff:c0:74:c9:b7:34:87:5c:79: c5:2d:81:23:fc:81:78:27:90:41:5f:09:df:f4:37:d7:e2:64: ef:26:26:d0:4a:27:c1:57:4c:bf:b5:76:24:28:59:93:8e:8b: a6:8e:d9:cc:b2:4d:27:e7:59:f5:99:78:46:b4:46:56:e9:0f: d8:3a:f8:b8:70:15:97:f6:5d:60:bb:9e:53:31:bc:e7:f1:96: 30:f8:02:32:20:20:30:2c:55:90:bf:a5:11:ca:e9:bd:aa:b6: 51:d5:a3:f0:2c:61:1d:2a:8f:4d:26:d5:da:ee:75:6e:28:7f: 4c:34:ca:ee -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICKSEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMDEy RDQzMTdCQ0ExNjYwRjg4MDY2Rjg5MEY4QzA0QUY1NTcwMDBDQjAeFw0yNjAxMjYw NjUyMjJaFw0yNzAxMDkwODIzMThaMDMxMTAvBgNVBAMTKDdDMTgwOEE1MzNCMTAz MzE0NTlGM0E1NkIxNzNGMURBOTA3NDJGQTgwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDAA6j1fpwScNdNrThuWCN9TWo7RDCQ9hmB8KsvQRGC9jqmtniP eabr6HogulI9ayLgG8a0kUuqYIp1LpPiUM/1ZsHDfhttkxERwZFUHrxibElRSIgH CA8dtCM5hiHKnHxgy7/qxAxhU2WNrIPaRkhHX+KaSgv6sHzLI3GDT6j6kvjvd5jl NQ6M/9CSspoPSXH+FP84sKSHEj0IK8CGb0romUJts1RvN+N95jst0wrL3lVp8WWS mYC1q/iwqqcEj3w7ggpNRJ/hD0BJRYR4oGyC/M4fDwLYubMx9vOBgB7SlCxxDrBw ixheNviSR24vgcbKyBHOr+8guo8/48tmqOXVAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUfBgIpTOxAzFFnzpWsXPx2pB0L6gwHwYDVR0jBBgwFoAUAS1DF7yhZg+IBm+J D4wEr1VwAMswGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjk4 OC9BUzFERjd5aFpnLUlCbS1KRDR3RXIxVndBTXMuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0FTMURGN3loWmctSUJtLUpENHdFcjFWd0FNcy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI5ODgvZkJnSXBUT3hBekZG bnpwV3NYUHgycEIwTDZnLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAGeYujANBgkqhkiG9w0BAQsFAAOCAQEAELS70KljjUrnwWUGiZXDtoWmOyci kd+gouFm5jwHG+1rMoKLwEZx2u6QVpnVowbw/Y1N06prcmVt0NDiQx+K8I4W6OGY Spp2cFo9VQh6IRtHHe+s8Bk+BcKPQ8YAPpNbv2wQcEKt9i647O/igkLG7rftThjX DLvjPL3B3KnKZ1heqbq2d5pH/8B0ybc0h1x5xS2BI/yBeCeQQV8J3/Q31+Jk7yYm 0EonwVdMv7V2JChZk46Lpo7ZzLJNJ+dZ9Zl4RrRGVukP2Dr4uHAVl/ZdYLueUzG8 5/GWMPgCMiAgMCxVkL+lEcrpvaq2UdWj8CxhHSqPTSbV2u51bih/TDTK7g== -----END CERTIFICATE-----Generated at Fri Feb 20 05:34:47 2026 by rpki-client