$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/40/KSm2-9EZTyNgvEP3G65pF3u9LVI.roa File: KSm2-9EZTyNgvEP3G65pF3u9LVI.roa (raw, json) Hash identifier: jSmiBLmcELBvFO/kvXg7C5gquFptamvPRqMELMyUxNU= Subject key identifier: 29:29:B6:FB:D1:19:4F:23:60:BC:43:F7:1B:AE:69:17:7B:BD:2D:52 Certificate issuer: /CN=AECCCCB79DFE6C466CCADB39896710ECAC37B847 Certificate serial: 1F82 Authority key identifier: AE:CC:CC:B7:9D:FE:6C:46:6C:CA:DB:39:89:67:10:EC:AC:37:B8:47 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/rszMt53-bEZsyts5iWcQ7Kw3uEc.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/40/KSm2-9EZTyNgvEP3G65pF3u9LVI.roa Signing time: Mon 26 Jan 2026 06:55:25 +0000 ROA not before: Mon 26 Jan 2026 06:55:25 +0000 ROA not after: Fri 23 Oct 2026 03:01:03 +0000 asID: 17429 IP address blocks: 103.238.48.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/40/rszMt53-bEZsyts5iWcQ7Kw3uEc.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/40/rszMt53-bEZsyts5iWcQ7Kw3uEc.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/rszMt53-bEZsyts5iWcQ7Kw3uEc.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 23 Feb 2026 07:28:53 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8066 (0x1f82) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=AECCCCB79DFE6C466CCADB39896710ECAC37B847 Validity Not Before: Jan 26 06:55:25 2026 GMT Not After : Oct 23 03:01:03 2026 GMT Subject: CN=2929B6FBD1194F2360BC43F71BAE69177BBD2D52 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:8b:9d:89:5f:ea:47:6e:6a:87:53:4b:6e:48: cd:60:68:9a:b5:a7:15:f7:43:a4:7c:d8:21:94:b3: 50:1c:e2:68:67:be:5d:5e:a0:ff:a4:bb:33:68:00: ac:33:b9:f9:f5:14:6d:75:71:b7:a8:60:a7:6e:6e: 2c:3f:16:76:31:1e:fb:2d:8e:54:fb:33:9c:a4:aa: f1:fc:83:48:f4:f5:fa:ad:b1:af:6a:58:da:62:df: 26:f7:45:f5:28:fe:86:9f:18:f4:03:ae:9c:42:be: 17:15:05:de:3b:23:b7:12:eb:bf:ba:34:11:32:7f: 8f:35:43:ac:c4:55:8c:a9:6c:8b:5f:9d:74:d8:56: da:21:7e:66:39:05:2f:c3:64:81:55:90:7b:76:4a: bf:9d:75:ab:16:61:9c:00:ed:a4:c7:d9:95:b9:74: b9:57:50:f0:33:ae:a2:d6:be:a4:d4:95:59:dd:e7: cb:fb:d6:f3:99:6d:fa:58:0b:4d:9f:c4:54:42:55: 43:35:6c:56:6b:0b:32:3e:5e:6a:b1:72:84:c7:58: a2:6d:8f:fc:67:ba:5d:35:73:b1:00:e2:d9:5a:65: 29:25:d5:b0:bb:1c:02:03:95:93:96:de:d9:eb:65: 27:2d:60:a6:0d:06:2d:94:c5:08:75:b7:4e:4d:dc: 80:57 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 29:29:B6:FB:D1:19:4F:23:60:BC:43:F7:1B:AE:69:17:7B:BD:2D:52 X509v3 Authority Key Identifier: keyid:AE:CC:CC:B7:9D:FE:6C:46:6C:CA:DB:39:89:67:10:EC:AC:37:B8:47 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/40/rszMt53-bEZsyts5iWcQ7Kw3uEc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/rszMt53-bEZsyts5iWcQ7Kw3uEc.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/40/KSm2-9EZTyNgvEP3G65pF3u9LVI.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.238.48.0/22 Signature Algorithm: sha256WithRSAEncryption c3:7f:bb:11:99:7b:f1:2a:78:44:07:ac:cc:53:5b:f5:be:92: cc:1a:e0:55:31:84:41:12:e8:03:98:09:31:a9:e5:30:b6:ea: 61:6a:6d:6d:f5:be:ca:aa:02:19:99:8f:e5:8c:21:6e:66:9d: bf:13:c2:0e:a0:71:4f:70:03:74:35:14:40:01:81:57:7e:98: 8a:fa:e6:77:05:7a:cb:42:5b:12:28:7e:4a:9c:92:7e:6a:4e: 49:8e:af:40:7c:90:2f:61:7f:e5:59:c7:a1:29:29:8f:99:33: 9a:18:23:92:ea:c7:07:24:b2:6b:27:d2:e0:be:62:24:62:07: 38:24:8e:4a:de:86:b0:58:87:14:af:0a:8f:bb:c5:e9:5a:3c: 4f:2f:51:5d:5c:a8:3a:6b:2f:a7:5b:d0:83:06:0e:5d:20:cc: 8b:49:40:5f:aa:7e:33:9d:10:1c:e0:a4:cb:f8:22:ee:3b:5a: 7a:bb:83:ba:dc:26:f5:9b:6b:69:a4:9d:a8:a6:ca:b8:cd:5c: e8:cf:78:77:f4:b2:c3:e0:8c:98:7f:e2:65:9f:8b:a3:c1:68: d3:0e:e5:49:66:10:a5:6a:3e:34:7f:9b:fe:8e:3b:da:be:92: 77:8e:d9:87:6a:55:a4:cd:bc:bb:0e:d5:53:bc:84:fd:22:fd: 6c:98:9a:cd -----BEGIN CERTIFICATE----- MIIE0zCCA7ugAwIBAgICH4IwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQUVD Q0NDQjc5REZFNkM0NjZDQ0FEQjM5ODk2NzEwRUNBQzM3Qjg0NzAeFw0yNjAxMjYw NjU1MjVaFw0yNjEwMjMwMzAxMDNaMDMxMTAvBgNVBAMTKDI5MjlCNkZCRDExOTRG MjM2MEJDNDNGNzFCQUU2OTE3N0JCRDJENTIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCti52JX+pHbmqHU0tuSM1gaJq1pxX3Q6R82CGUs1Ac4mhnvl1e oP+kuzNoAKwzufn1FG11cbeoYKdubiw/FnYxHvstjlT7M5ykqvH8g0j09fqtsa9q WNpi3yb3RfUo/oafGPQDrpxCvhcVBd47I7cS67+6NBEyf481Q6zEVYypbItfnXTY VtohfmY5BS/DZIFVkHt2Sr+ddasWYZwA7aTH2ZW5dLlXUPAzrqLWvqTUlVnd58v7 1vOZbfpYC02fxFRCVUM1bFZrCzI+XmqxcoTHWKJtj/xnul01c7EA4tlaZSkl1bC7 HAIDlZOW3tnrZSctYKYNBi2UxQh1t05N3IBXAgMBAAGjggHvMIIB6zAdBgNVHQ4E FgQUKSm2+9EZTyNgvEP3G65pF3u9LVIwHwYDVR0jBBgwFoAUrszMt53+bEZsyts5 iWcQ7Kw3uEcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDAv cnN6TXQ1My1iRVpzeXRzNWlXY1E3S3czdUVjLmNybDBjBggrBgEFBQcBAQRXMFUw UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE MDAwMC9yc3pNdDUzLWJFWnN5dHM1aVdjUTdLdzN1RWMuY2VyMA4GA1UdDwEB/wQE AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC80MC9LU20yLTlFWlR5Tmd2RVAz RzY1cEYzdTlMVkkucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu Y24vcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQC Z+4wMA0GCSqGSIb3DQEBCwUAA4IBAQDDf7sRmXvxKnhEB6zMU1v1vpLMGuBVMYRB EugDmAkxqeUwtupham1t9b7KqgIZmY/ljCFuZp2/E8IOoHFPcAN0NRRAAYFXfpiK +uZ3BXrLQlsSKH5KnJJ+ak5Jjq9AfJAvYX/lWcehKSmPmTOaGCOS6scHJLJrJ9Lg vmIkYgc4JI5K3oawWIcUrwqPu8XpWjxPL1FdXKg6ay+nW9CDBg5dIMyLSUBfqn4z nRAc4KTL+CLuO1p6u4O63Cb1m2tppJ2opsq4zVzoz3h39LLD4IyYf+Jln4ujwWjT DuVJZhClaj40f5v+jjvavpJ3jtmHalWkzby7DtVTvIT9Iv1smJrN -----END CERTIFICATE-----Generated at Mon Feb 23 06:24:16 2026 by rpki-client