$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/890/ng5uWSija7gGOjKlzDwrtRK_WMo.roa File: ng5uWSija7gGOjKlzDwrtRK_WMo.roa (raw, json) Hash identifier: iOektHwDnMkz/TReDcmzBnIEYYv9PAb6YIFfflXR0fk= Subject key identifier: 9E:0E:6E:59:28:A3:6B:B8:06:3A:32:A5:CC:3C:2B:B5:12:BF:58:CA Certificate issuer: /CN=DBB4C5FA96B8741BF68B48BF004DBD6FD9636FAD Certificate serial: 11FF Authority key identifier: DB:B4:C5:FA:96:B8:74:1B:F6:8B:48:BF:00:4D:BD:6F:D9:63:6F:AD Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/27TF-pa4dBv2i0i_AE29b9ljb60.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/890/ng5uWSija7gGOjKlzDwrtRK_WMo.roa Signing time: Mon 09 Mar 2026 10:19:42 +0000 ROA not before: Mon 09 Mar 2026 10:19:42 +0000 ROA not after: Sat 09 Jan 2027 08:23:18 +0000 asID: 13378 IP address blocks: 43.248.184.0/21 maxlen: 21 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/890/27TF-pa4dBv2i0i_AE29b9ljb60.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/890/27TF-pa4dBv2i0i_AE29b9ljb60.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/27TF-pa4dBv2i0i_AE29b9ljb60.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 13 Mar 2026 01:59:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4607 (0x11ff) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=DBB4C5FA96B8741BF68B48BF004DBD6FD9636FAD Validity Not Before: Mar 9 10:19:42 2026 GMT Not After : Jan 9 08:23:18 2027 GMT Subject: CN=9E0E6E5928A36BB8063A32A5CC3C2BB512BF58CA Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:ce:27:22:51:e2:e4:67:c1:39:d1:80:e1:6c: 3f:7e:6f:fc:e5:47:5d:b0:a2:96:e3:81:a2:00:01: bf:3d:29:0c:e9:f9:c7:c8:89:5e:f6:17:f2:a4:78: 4b:8f:cc:03:43:aa:a9:07:e9:7b:45:ca:27:bc:61: 1e:c9:3a:47:f1:74:dc:2a:9a:9e:4e:3f:c4:3f:0a: be:7b:11:11:be:f2:51:be:ee:5d:16:a7:ff:53:94: b6:c6:8b:01:6b:5b:5b:bd:e0:2c:b0:3d:6d:e8:e3: 1e:01:79:39:36:31:a5:72:74:49:73:dd:3c:25:e7: 63:8b:78:f0:c6:10:a9:df:2e:f4:96:2c:56:d9:29: 5f:ec:fe:fc:97:be:af:c8:12:a1:c6:ce:f9:bb:e2: 8a:04:51:c1:5c:b0:21:af:e2:ba:92:da:7e:4e:11: 0a:8e:4f:80:25:cd:08:49:f4:60:df:29:99:cb:0c: 17:e5:26:67:19:59:41:97:69:d7:38:4f:d0:1f:6a: f8:b8:d3:98:91:60:de:4d:37:6d:00:f1:4c:cc:ea: f0:86:5f:46:52:ce:07:5a:c7:6c:39:86:f6:37:89: d6:12:a9:a3:3b:4e:c9:50:e4:1a:be:37:98:3f:84: 72:05:64:1a:40:b9:eb:a9:f6:f3:56:a3:c5:31:41: 23:ad Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9E:0E:6E:59:28:A3:6B:B8:06:3A:32:A5:CC:3C:2B:B5:12:BF:58:CA X509v3 Authority Key Identifier: keyid:DB:B4:C5:FA:96:B8:74:1B:F6:8B:48:BF:00:4D:BD:6F:D9:63:6F:AD X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/890/27TF-pa4dBv2i0i_AE29b9ljb60.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/27TF-pa4dBv2i0i_AE29b9ljb60.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/890/ng5uWSija7gGOjKlzDwrtRK_WMo.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 43.248.184.0/21 Signature Algorithm: sha256WithRSAEncryption 4c:0b:15:80:98:f2:08:9c:8e:84:ef:c7:0a:59:f7:b4:a6:c9: b9:ce:52:ba:98:d1:b5:84:4c:6e:72:61:dd:81:43:b5:b8:55: fe:87:37:4f:ba:51:03:5e:c9:dc:68:3f:b9:53:0e:bc:72:fc: 79:75:6c:56:92:5f:06:d9:e2:2e:73:f5:e8:35:9f:3e:05:7b: c2:f1:9f:99:6a:7a:c9:64:9e:47:c6:16:2a:d4:c9:fb:c9:3e: f0:a4:61:ac:02:9a:66:bb:6e:bd:79:f8:16:46:76:e9:b7:56: b4:94:65:0c:d2:38:47:c6:b8:b9:2d:31:f4:12:d1:58:19:9c: ac:98:f6:1d:51:68:63:8d:b8:e0:25:49:9e:72:f8:b4:b1:19: ce:3e:2d:a1:f1:56:9d:94:b3:c0:96:13:b8:bf:82:1e:9c:68: 22:e5:97:f6:10:79:1d:cc:5c:2c:d4:21:a8:3b:43:e1:c9:73: 47:5b:65:6a:ce:91:38:34:46:39:04:ed:38:89:1f:53:04:23: 7b:2d:bb:ad:19:0a:4a:92:97:e8:4b:00:7a:5f:31:3e:fc:f2: 6f:f2:b2:46:d6:e5:65:7b:9e:21:cf:15:89:ea:b8:a7:0c:93: 2e:e4:72:47:00:d9:19:db:9e:c1:99:b8:1a:1d:12:3b:01:11: b0:1f:a2:2d -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICEf8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoREJC NEM1RkE5NkI4NzQxQkY2OEI0OEJGMDA0REJENkZEOTYzNkZBRDAeFw0yNjAzMDkx MDE5NDJaFw0yNzAxMDkwODIzMThaMDMxMTAvBgNVBAMTKDlFMEU2RTU5MjhBMzZC QjgwNjNBMzJBNUNDM0MyQkI1MTJCRjU4Q0EwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDJziciUeLkZ8E50YDhbD9+b/zlR12wopbjgaIAAb89KQzp+cfI iV72F/KkeEuPzANDqqkH6XtFyie8YR7JOkfxdNwqmp5OP8Q/Cr57ERG+8lG+7l0W p/9TlLbGiwFrW1u94CywPW3o4x4BeTk2MaVydElz3Twl52OLePDGEKnfLvSWLFbZ KV/s/vyXvq/IEqHGzvm74ooEUcFcsCGv4rqS2n5OEQqOT4AlzQhJ9GDfKZnLDBfl JmcZWUGXadc4T9Afavi405iRYN5NN20A8UzM6vCGX0ZSzgdax2w5hvY3idYSqaM7 TslQ5Bq+N5g/hHIFZBpAueup9vNWo8UxQSOtAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUng5uWSija7gGOjKlzDwrtRK/WMowHwYDVR0jBBgwFoAU27TF+pa4dBv2i0i/ AE29b9ljb60wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODkw LzI3VEYtcGE0ZEJ2MmkwaV9BRTI5YjlsamI2MC5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvMjdURi1wYTRkQnYyaTBpX0FFMjliOWxqYjYwLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODkwL25nNXVXU2lqYTdnR09q S2x6RHdydFJLX1dNby5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAMr+LgwDQYJKoZIhvcNAQELBQADggEBAEwLFYCY8gicjoTvxwpZ97SmybnOUrqY 0bWETG5yYd2BQ7W4Vf6HN0+6UQNeydxoP7lTDrxy/Hl1bFaSXwbZ4i5z9eg1nz4F e8Lxn5lqeslknkfGFirUyfvJPvCkYawCmma7br15+BZGdum3VrSUZQzSOEfGuLkt MfQS0VgZnKyY9h1RaGONuOAlSZ5y+LSxGc4+LaHxVp2Us8CWE7i/gh6caCLll/YQ eR3MXCzUIag7Q+HJc0dbZWrOkTg0RjkE7TiJH1MEI3stu60ZCkqSl+hLAHpfMT78 8m/yskbW5WV7niHPFYnquKcMky7kckcA2RnbnsGZuBodEjsBEbAfoi0= -----END CERTIFICATE-----Generated at Thu Mar 12 21:24:37 2026 by rpki-client