$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/656/EL5ErkN0P007DJzgCx9G2DYusKE.roa File: EL5ErkN0P007DJzgCx9G2DYusKE.roa (raw, json) Hash identifier: ReDL0dSdv5KJmhvt7BUcP3v3HEljsWajNtiin6ipjcQ= Subject key identifier: 10:BE:44:AE:43:74:3F:4D:3B:0C:9C:E0:0B:1F:46:D8:36:2E:B0:A1 Certificate issuer: /CN=64DC20D9612C5B77499A6D223A652B2E38B11647 Certificate serial: 1EBD Authority key identifier: 64:DC:20:D9:61:2C:5B:77:49:9A:6D:22:3A:65:2B:2E:38:B1:16:47 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/ZNwg2WEsW3dJmm0iOmUrLjixFkc.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/656/EL5ErkN0P007DJzgCx9G2DYusKE.roa Signing time: Mon 26 Jan 2026 06:55:36 +0000 ROA not before: Mon 26 Jan 2026 06:55:36 +0000 ROA not after: Fri 23 Oct 2026 03:01:03 +0000 asID: 132203 IP address blocks: 49.51.128.0/19 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/656/ZNwg2WEsW3dJmm0iOmUrLjixFkc.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/656/ZNwg2WEsW3dJmm0iOmUrLjixFkc.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/ZNwg2WEsW3dJmm0iOmUrLjixFkc.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 20 Feb 2026 05:57:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7869 (0x1ebd) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=64DC20D9612C5B77499A6D223A652B2E38B11647 Validity Not Before: Jan 26 06:55:36 2026 GMT Not After : Oct 23 03:01:03 2026 GMT Subject: CN=10BE44AE43743F4D3B0C9CE00B1F46D8362EB0A1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e8:0d:8e:f9:80:dd:82:b3:d2:50:ed:28:e6:4e: 00:b0:24:d1:d7:8f:c5:16:ff:e9:99:ef:6e:c4:1c: 13:a4:41:47:34:82:91:e5:a8:be:45:16:6a:d3:8d: af:d7:3e:f6:2c:da:33:26:e5:f0:ea:3b:ba:cd:19: d0:5b:81:e3:99:87:0a:6e:80:f3:53:b2:05:2c:03: bd:53:18:c1:8f:6c:e9:02:86:fd:f7:22:8e:62:62: fd:74:e8:a8:32:2d:6b:5c:c1:b9:88:ea:27:5d:bf: 4b:8a:47:ee:17:11:d3:bd:70:6d:80:8e:c6:f7:8f: b8:99:30:fd:cc:b1:25:ac:f7:8c:4e:8a:d3:6e:cf: 73:c8:05:0d:59:ba:b4:53:dd:12:44:7a:30:80:5e: 88:d5:6f:1b:fc:40:b3:57:69:cc:af:92:83:bd:5b: f0:c7:9c:c1:75:16:10:ff:9d:ee:d9:ac:1f:1e:73: 5d:37:9f:94:05:fc:9a:02:96:ee:5a:05:d7:8b:26: 5e:f6:15:f5:12:45:54:9b:50:a3:7f:3e:f2:91:4b: 4b:8e:65:39:60:58:d6:2f:d6:4b:5e:a5:29:8c:3c: 5f:ee:2a:12:80:ef:3f:c4:85:c8:d4:b3:be:85:7d: e5:1e:3d:7f:60:dd:72:d1:8c:db:c4:f6:19:46:54: da:57 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 10:BE:44:AE:43:74:3F:4D:3B:0C:9C:E0:0B:1F:46:D8:36:2E:B0:A1 X509v3 Authority Key Identifier: keyid:64:DC:20:D9:61:2C:5B:77:49:9A:6D:22:3A:65:2B:2E:38:B1:16:47 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/656/ZNwg2WEsW3dJmm0iOmUrLjixFkc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/ZNwg2WEsW3dJmm0iOmUrLjixFkc.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/656/EL5ErkN0P007DJzgCx9G2DYusKE.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 49.51.128.0/19 Signature Algorithm: sha256WithRSAEncryption aa:f9:3f:89:33:d8:2d:ea:b3:c2:5b:67:e2:cc:a1:13:ab:97: 85:0c:a6:71:d7:27:96:e0:71:95:1f:5e:4c:d3:ef:05:62:ed: c5:47:77:64:4e:f1:0c:b0:23:14:90:9f:92:4a:b9:fd:2e:c6: ab:7e:57:42:74:c2:fc:06:1a:b7:f7:02:2a:55:0a:bf:3d:06: 0e:14:22:2c:f4:4f:2f:3e:6c:dd:7c:0b:4e:12:3b:2c:0e:14: a3:06:94:9d:9d:bb:96:94:c6:38:a8:74:b4:cc:1f:ce:61:45: 14:a8:64:e7:64:b8:26:a3:be:b3:c5:b2:46:60:f1:65:d4:91: 32:88:94:66:21:22:58:79:07:a0:f6:7d:b2:f7:95:f4:c2:4d: 1d:b9:94:16:b9:08:ac:c4:f7:09:a1:f4:25:52:9d:d2:6f:25: 56:6b:4e:f4:25:f0:5e:a3:df:20:b6:a3:81:db:94:64:b3:18: f9:b6:97:3b:60:e2:71:06:7f:33:32:74:2a:82:84:fc:c4:5a: 8d:08:9a:95:27:d8:6f:15:47:81:07:01:1e:04:37:4a:73:b8: e8:f2:9a:c1:a1:01:47:d1:ea:28:70:8e:5d:ce:93:ae:fd:4a: f1:b1:87:cb:4e:cf:7f:4f:4e:0d:9a:34:bc:bd:fb:16:f8:e0: 04:1c:f1:b5 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICHr0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNjRE QzIwRDk2MTJDNUI3NzQ5OUE2RDIyM0E2NTJCMkUzOEIxMTY0NzAeFw0yNjAxMjYw NjU1MzZaFw0yNjEwMjMwMzAxMDNaMDMxMTAvBgNVBAMTKDEwQkU0NEFFNDM3NDNG NEQzQjBDOUNFMDBCMUY0NkQ4MzYyRUIwQTEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDoDY75gN2Cs9JQ7SjmTgCwJNHXj8UW/+mZ727EHBOkQUc0gpHl qL5FFmrTja/XPvYs2jMm5fDqO7rNGdBbgeOZhwpugPNTsgUsA71TGMGPbOkChv33 Io5iYv106KgyLWtcwbmI6iddv0uKR+4XEdO9cG2Ajsb3j7iZMP3MsSWs94xOitNu z3PIBQ1ZurRT3RJEejCAXojVbxv8QLNXacyvkoO9W/DHnMF1FhD/ne7ZrB8ec103 n5QF/JoClu5aBdeLJl72FfUSRVSbUKN/PvKRS0uOZTlgWNYv1ktepSmMPF/uKhKA 7z/EhcjUs76FfeUePX9g3XLRjNvE9hlGVNpXAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUEL5ErkN0P007DJzgCx9G2DYusKEwHwYDVR0jBBgwFoAUZNwg2WEsW3dJmm0i OmUrLjixFkcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjU2 L1pOd2cyV0VzVzNkSm1tMGlPbVVyTGppeEZrYy5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvWk53ZzJXRXNXM2RKbW0waU9tVXJMaml4RmtjLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjU2L0VMNUVya04wUDAwN0RK emdDeDlHMkRZdXNLRS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAUxM4AwDQYJKoZIhvcNAQELBQADggEBAKr5P4kz2C3qs8JbZ+LMoROrl4UMpnHX J5bgcZUfXkzT7wVi7cVHd2RO8QywIxSQn5JKuf0uxqt+V0J0wvwGGrf3AipVCr89 Bg4UIiz0Ty8+bN18C04SOywOFKMGlJ2du5aUxjiodLTMH85hRRSoZOdkuCajvrPF skZg8WXUkTKIlGYhIlh5B6D2fbL3lfTCTR25lBa5CKzE9wmh9CVSndJvJVZrTvQl 8F6j3yC2o4HblGSzGPm2lztg4nEGfzMydCqChPzEWo0ImpUn2G8VR4EHAR4EN0pz uOjymsGhAUfR6ihwjl3Ok679SvGxh8tOz39PTg2aNLy9+xb44AQc8bU= -----END CERTIFICATE-----Generated at Fri Feb 20 03:48:23 2026 by rpki-client