
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3040/RKrRwdp1VyFPQ7YbOEvL0wAMGbA.roa
File: RKrRwdp1VyFPQ7YbOEvL0wAMGbA.roa (raw, json)
Hash identifier: oU8zQEw2eThFvF/D8BoL4kKFFC2d3GWIrdQQ9ZEQibs=
Subject key identifier: 44:AA:D1:C1:DA:75:57:21:4F:43:B6:1B:38:4B:CB:D3:00:0C:19:B0
Certificate issuer: /CN=03F075D9C6F18DC09BDA62B7087EA80DC5B711C5
Certificate serial: 26B0
Authority key identifier: 03:F0:75:D9:C6:F1:8D:C0:9B:DA:62:B7:08:7E:A8:0D:C5:B7:11:C5
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/A_B12cbxjcCb2mK3CH6oDcW3EcU.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3040/RKrRwdp1VyFPQ7YbOEvL0wAMGbA.roa
Signing time: Mon 26 Jan 2026 06:54:44 +0000
ROA not before: Mon 26 Jan 2026 06:54:44 +0000
ROA not after: Sat 09 Jan 2027 08:23:18 +0000
asID: 131484
IP address blocks: 2406:d140:8000::/34 maxlen: 48
Validation: OK
Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3040/A_B12cbxjcCb2mK3CH6oDcW3EcU.crl
rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3040/A_B12cbxjcCb2mK3CH6oDcW3EcU.mft
rsync://rpki.cnnic.cn/rpki/A9162E3D0000/A_B12cbxjcCb2mK3CH6oDcW3EcU.cer
rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl
rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 23 Feb 2026 07:29:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 9904 (0x26b0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=03F075D9C6F18DC09BDA62B7087EA80DC5B711C5
Validity
Not Before: Jan 26 06:54:44 2026 GMT
Not After : Jan 9 08:23:18 2027 GMT
Subject: CN=44AAD1C1DA7557214F43B61B384BCBD3000C19B0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:b9:3e:59:17:b0:ce:06:2e:5e:76:e7:95:6e:
05:10:1c:63:92:0e:3c:0d:d4:41:08:41:66:89:f6:
35:c5:62:ac:13:cd:4d:af:c8:93:81:2b:5a:94:58:
02:08:7e:e0:fe:bc:86:5c:b3:9c:f6:a8:0d:fb:69:
54:d7:8c:fb:8d:5b:d2:63:3d:9c:07:c3:d9:cd:2d:
fe:58:27:b3:ad:3f:cd:83:5d:7d:ca:b9:4c:59:a1:
be:68:1d:21:8a:73:68:bc:c2:5a:69:31:a2:04:f0:
92:05:23:4b:e6:01:b2:99:8a:dc:43:be:34:65:e2:
69:99:ca:76:8e:66:0b:c3:a8:db:ae:9e:6c:6d:fa:
d6:da:e1:a0:1a:79:ee:70:49:42:f7:2d:c8:ae:c1:
91:15:d2:6e:83:68:f4:05:58:67:4b:10:e6:97:cf:
dc:2c:0b:1c:96:bb:27:83:d5:bf:c7:6e:8d:f1:f9:
c2:f2:66:5b:10:4a:f9:a5:fd:69:d2:16:cd:62:91:
a0:d0:4d:64:da:59:cb:cb:e9:66:86:55:bf:36:7f:
5e:81:1e:48:c6:f6:9e:54:0b:5a:e3:91:9c:10:80:
5a:07:51:2a:a6:07:e2:38:1f:31:da:b2:ec:c1:8c:
38:25:73:47:71:c5:48:62:e5:e5:25:96:0e:eb:d6:
b3:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:AA:D1:C1:DA:75:57:21:4F:43:B6:1B:38:4B:CB:D3:00:0C:19:B0
X509v3 Authority Key Identifier:
keyid:03:F0:75:D9:C6:F1:8D:C0:9B:DA:62:B7:08:7E:A8:0D:C5:B7:11:C5
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3040/A_B12cbxjcCb2mK3CH6oDcW3EcU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/A_B12cbxjcCb2mK3CH6oDcW3EcU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3040/RKrRwdp1VyFPQ7YbOEvL0wAMGbA.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2406:d140:8000::/34
Signature Algorithm: sha256WithRSAEncryption
89:aa:ee:24:d1:32:09:b3:aa:fe:40:5b:00:fb:25:f7:d7:50:
a0:cb:e1:13:c4:5f:6c:51:f0:8e:e2:21:91:35:23:b5:5f:a5:
e6:e6:ac:d3:50:a4:bc:2f:c2:98:fd:70:12:3b:76:03:3c:61:
b3:33:65:21:aa:0e:86:4d:40:1d:d5:25:73:e9:82:f4:d4:2b:
cf:ee:98:29:98:a6:73:e9:6c:89:58:58:14:0c:cb:64:f2:3b:
3a:d7:96:99:b2:e2:9e:02:01:78:40:7c:6d:65:9f:34:e8:54:
e0:7f:c5:3d:6a:59:04:2e:1c:ed:df:0a:01:28:bf:ba:f7:d9:
61:b6:0c:ff:80:fb:f6:9d:63:72:ae:b2:8b:ca:85:a8:d1:4e:
16:0e:16:0b:24:35:33:fd:8b:2f:aa:bd:39:b5:e5:65:90:e5:
bf:98:96:15:19:0f:03:0b:37:72:14:31:20:fd:8d:3b:86:08:
ca:32:36:dd:41:9f:da:55:08:cb:d9:8b:a3:ca:94:51:52:05:
07:63:0a:a8:15:c9:9a:01:35:ce:1c:4a:03:ac:84:a5:7d:27:
9d:b3:87:32:bf:9b:e2:9a:ff:7a:31:8a:4c:72:c7:51:ca:cf:
cb:57:fd:87:bc:7f:c0:b2:99:10:0e:1b:ae:dd:7e:b4:2b:ae:
7d:25:f7:21
-----BEGIN CERTIFICATE-----
MIIE2TCCA8GgAwIBAgICJrAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMDNG
MDc1RDlDNkYxOERDMDlCREE2MkI3MDg3RUE4MERDNUI3MTFDNTAeFw0yNjAxMjYw
NjU0NDRaFw0yNzAxMDkwODIzMThaMDMxMTAvBgNVBAMTKDQ0QUFEMUMxREE3NTU3
MjE0RjQzQjYxQjM4NEJDQkQzMDAwQzE5QjAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDOuT5ZF7DOBi5edueVbgUQHGOSDjwN1EEIQWaJ9jXFYqwTzU2v
yJOBK1qUWAIIfuD+vIZcs5z2qA37aVTXjPuNW9JjPZwHw9nNLf5YJ7OtP82DXX3K
uUxZob5oHSGKc2i8wlppMaIE8JIFI0vmAbKZitxDvjRl4mmZynaOZgvDqNuunmxt
+tba4aAaee5wSUL3LciuwZEV0m6DaPQFWGdLEOaXz9wsCxyWuyeD1b/Hbo3x+cLy
ZlsQSvml/WnSFs1ikaDQTWTaWcvL6WaGVb82f16BHkjG9p5UC1rjkZwQgFoHUSqm
B+I4HzHasuzBjDglc0dxxUhi5eUllg7r1rMpAgMBAAGjggH1MIIB8TAdBgNVHQ4E
FgQURKrRwdp1VyFPQ7YbOEvL0wAMGbAwHwYDVR0jBBgwFoAUA/B12cbxjcCb2mK3
CH6oDcW3EcUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA0
MC9BX0IxMmNieGpjQ2IybUszQ0g2b0RjVzNFY1UuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL0FfQjEyY2J4amNDYjJtSzNDSDZvRGNXM0VjVS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwNDAvUktyUndkcDFWeUZQ
UTdZYk9Fdkwwd0FNR2JBLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIw
CAMGBiQG0UCAMA0GCSqGSIb3DQEBCwUAA4IBAQCJqu4k0TIJs6r+QFsA+yX311Cg
y+ETxF9sUfCO4iGRNSO1X6Xm5qzTUKS8L8KY/XASO3YDPGGzM2Uhqg6GTUAd1SVz
6YL01CvP7pgpmKZz6WyJWFgUDMtk8js615aZsuKeAgF4QHxtZZ806FTgf8U9alkE
Lhzt3woBKL+699lhtgz/gPv2nWNyrrKLyoWo0U4WDhYLJDUz/Ysvqr05teVlkOW/
mJYVGQ8DCzdyFDEg/Y07hgjKMjbdQZ/aVQjL2YujypRRUgUHYwqoFcmaATXOHEoD
rISlfSeds4cyv5vimv96MYpMcsdRys/LV/2HvH/AspkQDhuu3X60K659Jfch
-----END CERTIFICATE-----
Generated at Mon Feb 23 06:03:13 2026 by rpki-client