$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2988/gW4EuJO8f7MZH4a6My2N0BPQo2o.roa File: gW4EuJO8f7MZH4a6My2N0BPQo2o.roa (raw, json) Hash identifier: o9zHDf5qvOrfWmIyXAjwjOML9FNKrus9hv6txpKsZBY= Subject key identifier: 81:6E:04:B8:93:BC:7F:B3:19:1F:86:BA:33:2D:8D:D0:13:D0:A3:6A Certificate issuer: /CN=012D4317BCA1660F88066F890F8C04AF557000CB Certificate serial: 292A Authority key identifier: 01:2D:43:17:BC:A1:66:0F:88:06:6F:89:0F:8C:04:AF:55:70:00:CB Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/AS1DF7yhZg-IBm-JD4wEr1VwAMs.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2988/gW4EuJO8f7MZH4a6My2N0BPQo2o.roa Signing time: Mon 26 Jan 2026 06:52:24 +0000 ROA not before: Mon 26 Jan 2026 06:52:24 +0000 ROA not after: Sat 09 Jan 2027 08:23:18 +0000 asID: 4538 IP address blocks: 2406:3340::/36 maxlen: 36 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2988/AS1DF7yhZg-IBm-JD4wEr1VwAMs.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2988/AS1DF7yhZg-IBm-JD4wEr1VwAMs.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/AS1DF7yhZg-IBm-JD4wEr1VwAMs.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 20 Feb 2026 05:58:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 10538 (0x292a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=012D4317BCA1660F88066F890F8C04AF557000CB Validity Not Before: Jan 26 06:52:24 2026 GMT Not After : Jan 9 08:23:18 2027 GMT Subject: CN=816E04B893BC7FB3191F86BA332D8DD013D0A36A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dd:f2:02:14:41:50:e3:ff:45:d7:3d:d9:ef:64: 75:39:2b:a4:05:c8:f6:a7:ee:d1:d5:3b:f2:1f:2b: a5:6a:b7:77:27:c1:1b:00:41:a4:b4:7a:9f:a8:40: 66:d5:fb:5b:ed:cc:da:0b:08:cf:0a:5b:62:2e:66: ac:fa:b4:01:74:ab:14:ac:c9:3b:d6:57:d9:36:f6: d0:b2:1b:05:54:b5:7e:15:46:30:c4:ee:5e:9f:32: c8:e9:d4:90:dc:ea:8a:e2:28:5b:d0:81:c5:5e:21: 94:4c:d0:9d:07:e1:d0:c9:76:6d:05:a8:47:ba:d7: ac:00:d8:0d:57:d5:a2:90:88:ef:c2:0f:bb:6d:d2: 08:f2:af:d7:0c:31:58:40:9f:ef:43:03:a3:a4:5b: 22:11:49:2a:aa:26:3e:6b:84:55:9a:b4:95:b1:ca: 9c:72:c9:20:8d:ee:fe:a1:da:91:9d:e7:c9:95:8e: c1:70:5d:23:80:aa:64:63:02:87:8d:52:9d:90:9e: 38:b6:d5:0d:37:52:4b:0b:42:dc:a6:d5:18:85:c4: 32:40:ce:ce:0c:41:1b:24:41:1d:10:39:c3:da:78: 9a:f1:0c:60:6d:3b:76:5a:39:22:b7:9b:5f:3f:02: e9:75:5c:a0:80:06:d8:ea:9e:78:ea:c1:37:68:ea: 27:2f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 81:6E:04:B8:93:BC:7F:B3:19:1F:86:BA:33:2D:8D:D0:13:D0:A3:6A X509v3 Authority Key Identifier: keyid:01:2D:43:17:BC:A1:66:0F:88:06:6F:89:0F:8C:04:AF:55:70:00:CB X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2988/AS1DF7yhZg-IBm-JD4wEr1VwAMs.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/AS1DF7yhZg-IBm-JD4wEr1VwAMs.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2988/gW4EuJO8f7MZH4a6My2N0BPQo2o.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2406:3340::/36 Signature Algorithm: sha256WithRSAEncryption 7f:e8:78:f3:89:c9:e6:cf:43:48:52:3b:cc:df:97:e6:39:6e: ec:c8:32:03:19:db:1c:b4:b2:4a:19:e4:bf:1a:20:de:a3:91: 45:33:ed:04:d4:1b:49:2c:ed:4c:7a:bb:09:32:80:e1:6a:36: 8a:47:1a:d3:99:e9:a0:96:f2:f6:a2:0c:e5:af:24:eb:82:2b: 65:cd:a4:67:dd:07:3d:a4:e1:06:96:04:15:ea:30:d7:fa:08: 2e:a6:c8:ab:6c:c1:fd:65:1a:cb:41:f3:e2:a3:c3:cd:e2:85: 7a:e1:b0:9e:37:f5:c0:e7:9b:c3:ae:11:fb:e3:29:da:ff:64: 1c:15:c3:b1:99:60:b6:a0:8f:59:55:24:2f:29:09:50:92:02: ca:b2:37:03:d8:d8:29:31:48:ac:8a:32:62:ea:bf:e6:4c:6e: 71:9b:8e:49:e3:45:0d:11:9c:0c:98:18:32:9a:7f:10:d5:bb: 13:81:b8:37:ae:5f:a1:75:b3:d5:50:c0:16:50:1a:0d:5c:c0: 7b:65:a5:02:27:8e:35:02:43:16:99:c6:03:4e:e3:d5:1d:fb: b9:8f:62:62:e5:82:28:57:39:eb:d6:52:d0:b8:66:48:da:19: 40:ae:44:1b:3b:df:70:8f:da:b0:9a:a3:14:28:e5:04:f6:e9: 90:99:64:b5 -----BEGIN CERTIFICATE----- MIIE2TCCA8GgAwIBAgICKSowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMDEy RDQzMTdCQ0ExNjYwRjg4MDY2Rjg5MEY4QzA0QUY1NTcwMDBDQjAeFw0yNjAxMjYw NjUyMjRaFw0yNzAxMDkwODIzMThaMDMxMTAvBgNVBAMTKDgxNkUwNEI4OTNCQzdG QjMxOTFGODZCQTMzMkQ4REQwMTNEMEEzNkEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDd8gIUQVDj/0XXPdnvZHU5K6QFyPan7tHVO/IfK6Vqt3cnwRsA QaS0ep+oQGbV+1vtzNoLCM8KW2IuZqz6tAF0qxSsyTvWV9k29tCyGwVUtX4VRjDE 7l6fMsjp1JDc6oriKFvQgcVeIZRM0J0H4dDJdm0FqEe616wA2A1X1aKQiO/CD7tt 0gjyr9cMMVhAn+9DA6OkWyIRSSqqJj5rhFWatJWxypxyySCN7v6h2pGd58mVjsFw XSOAqmRjAoeNUp2Qnji21Q03UksLQtym1RiFxDJAzs4MQRskQR0QOcPaeJrxDGBt O3ZaOSK3m18/Aul1XKCABtjqnnjqwTdo6icvAgMBAAGjggH1MIIB8TAdBgNVHQ4E FgQUgW4EuJO8f7MZH4a6My2N0BPQo2owHwYDVR0jBBgwFoAUAS1DF7yhZg+IBm+J D4wEr1VwAMswGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjk4 OC9BUzFERjd5aFpnLUlCbS1KRDR3RXIxVndBTXMuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0FTMURGN3loWmctSUJtLUpENHdFcjFWd0FNcy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI5ODgvZ1c0RXVKTzhmN01a SDRhNk15Mk4wQlBRbzJvLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIw CAMGBCQGM0AAMA0GCSqGSIb3DQEBCwUAA4IBAQB/6Hjzicnmz0NIUjvM35fmOW7s yDIDGdsctLJKGeS/GiDeo5FFM+0E1BtJLO1MersJMoDhajaKRxrTmemglvL2ogzl ryTrgitlzaRn3Qc9pOEGlgQV6jDX+ggupsirbMH9ZRrLQfPio8PN4oV64bCeN/XA 55vDrhH74yna/2QcFcOxmWC2oI9ZVSQvKQlQkgLKsjcD2NgpMUisijJi6r/mTG5x m45J40UNEZwMmBgymn8Q1bsTgbg3rl+hdbPVUMAWUBoNXMB7ZaUCJ441AkMWmcYD TuPVHfu5j2Ji5YIoVznr1lLQuGZI2hlArkQbO99wj9qwmqMUKOUE9umQmWS1 -----END CERTIFICATE-----Generated at Fri Feb 20 03:29:32 2026 by rpki-client