$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3258/IQQLzRKxjKBeHr2DLQykbF1xEug.roa File: IQQLzRKxjKBeHr2DLQykbF1xEug.roa (raw, json) Hash identifier: HTdGPlP9FXezylCpvK+gQqYQsAu3n3g4KhEqqyZGA4o= Subject key identifier: 21:04:0B:CD:12:B1:8C:A0:5E:1E:BD:83:2D:0C:A4:6C:5D:71:12:E8 Certificate issuer: /CN=90F30E1DF327D103907F1BE08ED3EA64BFB778E3 Certificate serial: 0E41 Authority key identifier: 90:F3:0E:1D:F3:27:D1:03:90:7F:1B:E0:8E:D3:EA:64:BF:B7:78:E3 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/kPMOHfMn0QOQfxvgjtPqZL-3eOM.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3258/IQQLzRKxjKBeHr2DLQykbF1xEug.roa Signing time: Mon 26 Jan 2026 06:54:19 +0000 ROA not before: Mon 26 Jan 2026 06:54:19 +0000 ROA not after: Fri 23 Oct 2026 03:01:03 +0000 asID: 21859 IP address blocks: 157.10.221.0/24 maxlen: 32 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3258/kPMOHfMn0QOQfxvgjtPqZL-3eOM.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3258/kPMOHfMn0QOQfxvgjtPqZL-3eOM.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/kPMOHfMn0QOQfxvgjtPqZL-3eOM.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 23 Feb 2026 00:30:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3649 (0xe41) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=90F30E1DF327D103907F1BE08ED3EA64BFB778E3 Validity Not Before: Jan 26 06:54:19 2026 GMT Not After : Oct 23 03:01:03 2026 GMT Subject: CN=21040BCD12B18CA05E1EBD832D0CA46C5D7112E8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:1a:e0:46:8b:86:56:d4:b5:91:5d:d0:1a:14: f7:b6:55:33:96:0f:14:57:3f:60:0c:44:d4:e3:8d: 5a:eb:af:f5:fd:55:7f:88:06:9c:03:92:b6:5f:bd: 96:64:be:b2:7d:f8:e4:e9:c9:8a:bc:14:ca:1e:b1: 1b:00:fd:f6:0b:dc:8c:69:e5:89:f3:41:5b:c8:c4: 20:cb:27:8d:59:c8:df:8a:bc:dd:93:77:5d:de:19: 6b:b9:50:40:d5:3e:7d:c6:a4:30:03:e8:0c:d4:c8: b0:d6:98:a3:3a:49:81:dc:ec:23:a7:05:df:a1:1f: cf:c3:a2:5e:68:8d:20:6b:da:72:c3:3a:a0:62:b6: 04:7a:3b:ca:9a:9d:04:d0:81:74:d6:ff:55:66:4d: 51:df:58:a2:9b:f9:5c:40:12:eb:fb:4d:85:c2:64: 89:92:30:c9:4f:de:3a:ea:32:64:9b:25:76:ee:c1: d9:17:fa:01:08:b6:16:f0:5f:f8:b0:df:da:cf:72: 6d:74:bb:eb:cc:e3:fb:d6:a0:05:b1:18:6b:7e:70: 0c:e6:1a:fb:eb:bd:0b:f9:cd:de:e7:e7:72:0d:6a: 79:8e:83:69:63:f8:ac:b6:2b:73:2f:d5:c9:bf:2b: 89:f0:5f:f9:67:ef:48:47:9d:e8:65:00:9e:6b:11: a6:23 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 21:04:0B:CD:12:B1:8C:A0:5E:1E:BD:83:2D:0C:A4:6C:5D:71:12:E8 X509v3 Authority Key Identifier: keyid:90:F3:0E:1D:F3:27:D1:03:90:7F:1B:E0:8E:D3:EA:64:BF:B7:78:E3 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3258/kPMOHfMn0QOQfxvgjtPqZL-3eOM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/kPMOHfMn0QOQfxvgjtPqZL-3eOM.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3258/IQQLzRKxjKBeHr2DLQykbF1xEug.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 157.10.221.0/24 Signature Algorithm: sha256WithRSAEncryption a5:2e:4f:ff:ad:ff:f6:bc:94:ae:43:20:5a:12:c7:f4:a9:28: 22:28:61:b5:08:a8:81:02:79:f0:ac:51:72:44:97:f9:76:ce: 08:c4:a4:70:18:2d:92:c6:e1:d0:25:d7:d1:a0:9f:69:a2:a8: 6e:e2:03:2b:48:af:24:61:61:63:a7:d0:98:9c:5b:fe:5a:e2: 63:5b:2f:18:19:e8:f1:36:2e:b2:80:71:25:e8:ae:f8:86:d4: 98:9c:6d:38:2d:87:db:7f:55:0a:1d:f0:1f:cd:57:40:f5:8d: 8a:b5:92:67:b9:ee:2e:d2:2d:7a:aa:70:1f:8e:d9:c0:0f:d8: bd:aa:ad:2c:87:5e:3a:96:85:24:b4:6d:70:e4:24:7c:62:1f: 78:a5:71:96:73:92:06:79:80:80:41:60:eb:c2:af:30:64:60: ee:26:8e:71:48:fd:90:22:8e:2f:0a:f6:76:9d:db:f1:a0:ad: fd:9e:ef:b2:1d:b6:cc:51:ed:d9:5d:c6:5d:06:0f:8a:52:57: 47:f4:69:5b:3a:2a:ce:2c:ba:ae:d6:35:35:76:85:75:1e:61: cb:e6:d3:03:9c:79:1e:d6:76:c2:52:70:9e:a8:44:6c:3a:49: ec:24:fd:3d:37:d5:72:e6:6b:4d:6a:35:3a:5e:fb:38:fe:60: ff:79:c8:d1 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICDkEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOTBG MzBFMURGMzI3RDEwMzkwN0YxQkUwOEVEM0VBNjRCRkI3NzhFMzAeFw0yNjAxMjYw NjU0MTlaFw0yNjEwMjMwMzAxMDNaMDMxMTAvBgNVBAMTKDIxMDQwQkNEMTJCMThD QTA1RTFFQkQ4MzJEMENBNDZDNUQ3MTEyRTgwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCyGuBGi4ZW1LWRXdAaFPe2VTOWDxRXP2AMRNTjjVrrr/X9VX+I BpwDkrZfvZZkvrJ9+OTpyYq8FMoesRsA/fYL3Ixp5YnzQVvIxCDLJ41ZyN+KvN2T d13eGWu5UEDVPn3GpDAD6AzUyLDWmKM6SYHc7COnBd+hH8/Dol5ojSBr2nLDOqBi tgR6O8qanQTQgXTW/1VmTVHfWKKb+VxAEuv7TYXCZImSMMlP3jrqMmSbJXbuwdkX +gEIthbwX/iw39rPcm10u+vM4/vWoAWxGGt+cAzmGvvrvQv5zd7n53INanmOg2lj +Ky2K3Mv1cm/K4nwX/ln70hHnehlAJ5rEaYjAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUIQQLzRKxjKBeHr2DLQykbF1xEugwHwYDVR0jBBgwFoAUkPMOHfMn0QOQfxvg jtPqZL+3eOMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzI1 OC9rUE1PSGZNbjBRT1FmeHZnanRQcVpMLTNlT00uY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL2tQTU9IZk1uMFFPUWZ4dmdqdFBxWkwtM2VPTS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMyNTgvSVFRTHpSS3hqS0Jl SHIyRExReWtiRjF4RXVnLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAJ0K3TANBgkqhkiG9w0BAQsFAAOCAQEApS5P/63/9ryUrkMgWhLH9KkoIihh tQiogQJ58KxRckSX+XbOCMSkcBgtksbh0CXX0aCfaaKobuIDK0ivJGFhY6fQmJxb /lriY1svGBno8TYusoBxJeiu+IbUmJxtOC2H239VCh3wH81XQPWNirWSZ7nuLtIt eqpwH47ZwA/YvaqtLIdeOpaFJLRtcOQkfGIfeKVxlnOSBnmAgEFg68KvMGRg7iaO cUj9kCKOLwr2dp3b8aCt/Z7vsh22zFHt2V3GXQYPilJXR/RpWzoqziy6rtY1NXaF dR5hy+bTA5x5HtZ2wlJwnqhEbDpJ7CT9PTfVcuZrTWo1Ol77OP5g/3nI0Q== -----END CERTIFICATE-----Generated at Sun Feb 22 22:00:54 2026 by rpki-client