This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rps.cnnic.cn/repo/A1065574560142786561/0/3232332e3136302e3232302e302f32322d3234203d3e2039383038.roa File: 3232332e3136302e3232302e302f32322d3234203d3e2039383038.roa (raw, json) Hash identifier: b7rSPPsCDW6WVWK0i9w6Ry6rRXMZQ2RuBPoXRTM/WSU= Subject key identifier: 89:6B:F2:D4:66:6C:E0:5C:E2:9C:9B:AA:B8:06:BD:95:2F:FD:94:66 Certificate issuer: /CN=CDD55F3D78FC75753FF9C6C826A7D81AA5EBEEB7 Certificate serial: 1D3DE91D551723A2C335C9801913C76C14EEF187 Authority key identifier: CD:D5:5F:3D:78:FC:75:75:3F:F9:C6:C8:26:A7:D8:1A:A5:EB:EE:B7 Authority info access: rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/CDD55F3D78FC75753FF9C6C826A7D81AA5EBEEB7.cer Subject info access: rsync://rpki-rps.cnnic.cn/repo/A1065574560142786561/0/3232332e3136302e3232302e302f32322d3234203d3e2039383038.roa Signing time: Tue 20 Jan 2026 02:27:24 +0000 ROA not before: Tue 20 Jan 2026 02:22:24 +0000 ROA not after: Tue 19 Jan 2027 02:27:24 +0000 asID: 9808 IP address blocks: 223.160.220.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki-rps.cnnic.cn/repo/A1065574560142786561/0/CDD55F3D78FC75753FF9C6C826A7D81AA5EBEEB7.crl rsync://rpki-rps.cnnic.cn/repo/A1065574560142786561/0/CDD55F3D78FC75753FF9C6C826A7D81AA5EBEEB7.mft rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/CDD55F3D78FC75753FF9C6C826A7D81AA5EBEEB7.cer rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.crl rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pW6HKkA-e5zrlDGgj1QEAdL71xA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 25 Jan 2026 17:37:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1d:3d:e9:1d:55:17:23:a2:c3:35:c9:80:19:13:c7:6c:14:ee:f1:87 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=CDD55F3D78FC75753FF9C6C826A7D81AA5EBEEB7 Validity Not Before: Jan 20 02:22:24 2026 GMT Not After : Jan 19 02:27:24 2027 GMT Subject: CN=896BF2D4666CE05CE29C9BAAB806BD952FFD9466 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:dd:8d:65:94:a7:a0:2c:d1:f7:1b:ca:cd:8e: c2:91:7b:7a:c4:25:5c:b5:f6:fc:c0:f8:b6:73:5c: 51:72:8b:6e:a3:7d:c1:8d:47:bb:b0:61:94:4c:06: 3b:ab:d8:fd:fa:46:df:f5:12:ff:ff:7c:3d:b4:37: f6:0f:b4:f3:c8:58:c1:53:4c:be:33:18:97:df:1e: 29:5d:4e:64:28:42:ea:8d:96:dc:27:78:cb:98:22: 4e:ca:e0:4f:74:f4:82:dc:a6:c6:d7:b7:b8:b7:f7: b8:25:17:58:d2:5b:2b:87:d9:a7:28:01:2d:ee:93: c1:83:68:49:61:38:e7:d9:8a:41:5c:84:b8:e0:78: 93:27:ef:24:ce:3a:67:0b:71:fb:e0:1b:56:7b:ce: d8:e3:54:f8:7d:c6:f4:33:31:f1:bb:4d:84:79:75: bc:6f:96:1e:d3:76:02:d3:e5:75:8c:36:13:18:82: 43:62:40:72:09:42:bc:61:11:a3:cd:6d:6d:69:49: 9d:d6:d5:19:6f:7e:3d:5b:38:3c:aa:2b:e5:b4:5c: 69:33:fe:3e:f1:19:c9:10:de:c1:97:36:89:12:a1: 22:ba:7a:89:6c:2a:39:05:de:07:13:be:34:eb:da: 7c:05:ad:8d:43:d3:1a:f7:63:d6:68:32:7c:7e:1e: b1:e7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 89:6B:F2:D4:66:6C:E0:5C:E2:9C:9B:AA:B8:06:BD:95:2F:FD:94:66 X509v3 Authority Key Identifier: keyid:CD:D5:5F:3D:78:FC:75:75:3F:F9:C6:C8:26:A7:D8:1A:A5:EB:EE:B7 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rps.cnnic.cn/repo/A1065574560142786561/0/CDD55F3D78FC75753FF9C6C826A7D81AA5EBEEB7.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/CDD55F3D78FC75753FF9C6C826A7D81AA5EBEEB7.cer Subject Information Access: Signed Object - URI:rsync://rpki-rps.cnnic.cn/repo/A1065574560142786561/0/3232332e3136302e3232302e302f32322d3234203d3e2039383038.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 223.160.220.0/22 Signature Algorithm: sha256WithRSAEncryption 32:4f:d3:33:5e:74:d3:7c:68:b4:82:76:c4:43:e2:7f:e0:16: 6a:99:0e:17:bc:1e:48:97:b1:f1:1d:62:82:d9:f8:b5:be:cb: d5:7d:08:9d:9e:2e:39:dc:b0:8c:94:f3:70:d7:6f:32:0f:1b: 09:7a:93:27:97:b6:4e:5a:7b:bf:6b:22:03:85:6d:33:9d:9e: 8d:5d:c7:f6:23:fa:d9:b8:71:0e:b2:8a:79:20:31:00:78:86: ea:1d:bd:60:78:f1:38:92:a7:85:af:50:0b:3a:dd:b8:7a:a9: f4:90:af:32:1c:61:8d:11:ba:ca:ef:b1:92:bd:81:b7:37:51: 44:90:cd:6a:0e:ad:69:7e:47:b5:a4:6c:65:ce:b8:95:1f:38: 34:6e:aa:94:0e:5f:bf:3c:90:25:3b:ee:6a:73:e3:dd:1f:63: 06:a9:3d:c4:b8:db:b8:69:fc:f1:d7:26:4a:00:84:f6:db:a6: 07:da:6f:9f:20:c3:35:23:05:13:1c:19:d7:e0:f0:7f:20:02: 83:f3:94:26:68:7a:93:23:12:69:f6:61:6a:51:64:44:4c:01: b3:7b:54:70:2a:27:2a:75:cf:7b:de:88:55:1a:2a:23:2f:14: 69:ab:93:72:f3:56:6e:26:87:13:57:92:6e:b7:0f:2a:da:57: 30:70:4f:d6 -----BEGIN CERTIFICATE----- MIIFCjCCA/KgAwIBAgIUHT3pHVUXI6LDNcmAGRPHbBTu8YcwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQ0RENTVGM0Q3OEZDNzU3NTNGRjlDNkM4MjZBN0Q4MUFB NUVCRUVCNzAeFw0yNjAxMjAwMjIyMjRaFw0yNzAxMTkwMjI3MjRaMDMxMTAvBgNV BAMTKDg5NkJGMkQ0NjY2Q0UwNUNFMjlDOUJBQUI4MDZCRDk1MkZGRDk0NjYwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCo3Y1llKegLNH3G8rNjsKRe3rE JVy19vzA+LZzXFFyi26jfcGNR7uwYZRMBjur2P36Rt/1Ev//fD20N/YPtPPIWMFT TL4zGJffHildTmQoQuqNltwneMuYIk7K4E909ILcpsbXt7i397glF1jSWyuH2aco AS3uk8GDaElhOOfZikFchLjgeJMn7yTOOmcLcfvgG1Z7ztjjVPh9xvQzMfG7TYR5 dbxvlh7TdgLT5XWMNhMYgkNiQHIJQrxhEaPNbW1pSZ3W1Rlvfj1bODyqK+W0XGkz /j7xGckQ3sGXNokSoSK6eolsKjkF3gcTvjTr2nwFrY1D0xr3Y9ZoMnx+HrHnAgMB AAGjggIUMIICEDAdBgNVHQ4EFgQUiWvy1GZs4FzinJuquAa9lS/9lGYwHwYDVR0j BBgwFoAUzdVfPXj8dXU/+cbIJqfYGqXr7rcwDgYDVR0PAQH/BAQDAgeAMHMGA1Ud HwRsMGowaKBmoGSGYnJzeW5jOi8vcnBraS1ycHMuY25uaWMuY24vcmVwby9BMTA2 NTU3NDU2MDE0Mjc4NjU2MS8wL0NERDU1RjNENzhGQzc1NzUzRkY5QzZDODI2QTdE ODFBQTVFQkVFQjcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5 bmM6Ly9ycGtpLXJwcy5jbm5pYy5jbi9yZXBvL0ExMDU1MzkwNzc1MDkwNjc1NzE1 LzEvQ0RENTVGM0Q3OEZDNzU3NTNGRjlDNkM4MjZBN0Q4MUFBNUVCRUVCNy5jZXIw gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS1ycHMu Y25uaWMuY24vcmVwby9BMTA2NTU3NDU2MDE0Mjc4NjU2MS8wLzMyMzIzMzJlMzEz NjMwMmUzMjMyMzAyZTMwMmYzMjMyMmQzMjM0MjAzZDNlMjAzOTM4MzAzOC5yb2Ew GAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQC AAEwBgMEAt+g3DANBgkqhkiG9w0BAQsFAAOCAQEAMk/TM15003xotIJ2xEPif+AW apkOF7weSJex8R1igtn4tb7L1X0InZ4uOdywjJTzcNdvMg8bCXqTJ5e2Tlp7v2si A4VtM52ejV3H9iP62bhxDrKKeSAxAHiG6h29YHjxOJKnha9QCzrduHqp9JCvMhxh jRG6yu+xkr2BtzdRRJDNag6taX5HtaRsZc64lR84NG6qlA5fvzyQJTvuanPj3R9j Bqk9xLjbuGn88dcmSgCE9tumB9pvnyDDNSMFExwZ1+DwfyACg/OUJmh6kyMSafZh alFkREwBs3tUcConKnXPe96IVRoqIy8UaauTcvNWbiaHE1eSbrcPKtpXMHBP1g== -----END CERTIFICATE-----Generated at Sun Jan 25 09:11:50 2026 by rpki-client