This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rps.cnnic.cn/repo/A1065588553129656323/0/323430343a3238303a3a2f33322d3438203d3e203234343234.roa File: 323430343a3238303a3a2f33322d3438203d3e203234343234.roa (raw, json) Hash identifier: Q7jTFRqeTV+I16t6qezcIwe/qQa9hw14sNk/ZcCAfQg= Subject key identifier: 60:68:A9:02:AA:78:A4:78:F9:84:1C:1F:7B:A8:B6:22:9C:26:51:50 Certificate issuer: /CN=A487EFD8173F6507202F8FDAB24DA77DB8429DAB Certificate serial: 10BE7BD8E081747D84F08F0F109CCA0B63C8E67D Authority key identifier: A4:87:EF:D8:17:3F:65:07:20:2F:8F:DA:B2:4D:A7:7D:B8:42:9D:AB Authority info access: rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A487EFD8173F6507202F8FDAB24DA77DB8429DAB.cer Subject info access: rsync://rpki-rps.cnnic.cn/repo/A1065588553129656323/0/323430343a3238303a3a2f33322d3438203d3e203234343234.roa Signing time: Tue 20 Jan 2026 02:18:02 +0000 ROA not before: Tue 20 Jan 2026 02:13:02 +0000 ROA not after: Tue 19 Jan 2027 02:18:02 +0000 asID: 24424 IP address blocks: 2404:280::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki-rps.cnnic.cn/repo/A1065588553129656323/0/A487EFD8173F6507202F8FDAB24DA77DB8429DAB.crl rsync://rpki-rps.cnnic.cn/repo/A1065588553129656323/0/A487EFD8173F6507202F8FDAB24DA77DB8429DAB.mft rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A487EFD8173F6507202F8FDAB24DA77DB8429DAB.cer rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.crl rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pW6HKkA-e5zrlDGgj1QEAdL71xA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 25 Jan 2026 19:40:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 10:be:7b:d8:e0:81:74:7d:84:f0:8f:0f:10:9c:ca:0b:63:c8:e6:7d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A487EFD8173F6507202F8FDAB24DA77DB8429DAB Validity Not Before: Jan 20 02:13:02 2026 GMT Not After : Jan 19 02:18:02 2027 GMT Subject: CN=6068A902AA78A478F9841C1F7BA8B6229C265150 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ec:95:0f:93:ff:13:73:05:b5:f9:c0:67:73:7c: 09:b3:36:3b:7a:fa:00:a4:e8:b9:80:75:d3:f8:2d: aa:61:9b:95:dc:09:0e:86:7c:9a:f7:39:0e:a2:3d: 43:6c:10:7a:52:9d:6b:73:d1:0a:87:65:d5:bd:b6: 72:67:84:4f:a1:59:fc:23:29:3a:c1:41:01:e9:db: 88:8b:6b:5b:f9:e2:d8:b1:69:a9:18:c7:ce:b7:57: 7e:5c:fe:73:be:b6:3b:7e:f8:f0:2b:71:72:ab:6b: cb:40:35:d0:a4:22:a5:d1:39:3c:56:d6:db:7e:06: 64:05:c0:1d:6d:4b:b1:67:98:c5:1a:44:12:95:9e: fd:90:7a:46:cb:4f:04:10:6e:72:a6:3a:5e:2a:b8: 64:a8:d6:76:41:b6:7b:05:99:9d:16:47:dd:85:49: 28:92:05:97:4d:c2:a6:96:a0:8e:c9:6a:3d:85:cb: 5d:31:c4:18:34:6a:79:91:2f:e1:99:51:78:ce:59: 0c:1d:e9:d4:59:0a:d8:e0:75:6a:df:e7:95:51:83: 85:df:e8:21:ad:61:5c:91:3b:9c:fb:da:59:6c:eb: 4f:1e:96:e4:39:10:ca:ab:c1:bb:b8:5c:aa:e4:10: 2a:b1:2e:da:e1:bb:22:8c:5f:ef:c6:a0:29:79:eb: 42:97 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 60:68:A9:02:AA:78:A4:78:F9:84:1C:1F:7B:A8:B6:22:9C:26:51:50 X509v3 Authority Key Identifier: keyid:A4:87:EF:D8:17:3F:65:07:20:2F:8F:DA:B2:4D:A7:7D:B8:42:9D:AB X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rps.cnnic.cn/repo/A1065588553129656323/0/A487EFD8173F6507202F8FDAB24DA77DB8429DAB.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A487EFD8173F6507202F8FDAB24DA77DB8429DAB.cer Subject Information Access: Signed Object - URI:rsync://rpki-rps.cnnic.cn/repo/A1065588553129656323/0/323430343a3238303a3a2f33322d3438203d3e203234343234.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2404:280::/32 Signature Algorithm: sha256WithRSAEncryption 9e:f3:ac:55:c9:9e:d1:85:03:6d:70:d1:98:11:c7:26:80:75: fd:05:96:26:f3:20:c7:5c:77:5f:b5:34:46:9a:95:4e:00:79: 94:1b:5d:41:fd:95:c7:4a:f5:05:9b:a0:a8:7f:67:89:ab:00: 89:b6:ee:be:cd:fa:93:f8:23:ef:37:b9:d4:be:d6:19:77:22: 60:45:d6:70:8f:8d:64:a3:c9:04:b5:29:9b:25:38:05:77:02: b8:e5:a7:8f:40:e3:7f:32:f4:16:55:4b:25:ad:90:67:77:4e: fd:53:1b:70:f4:a9:3d:d7:72:b6:91:f9:37:f7:50:17:7d:3c: 50:78:44:93:13:cc:c5:57:66:77:29:98:48:7f:0d:52:c6:dd: 5c:aa:09:e6:87:c6:99:41:44:e2:15:d9:64:80:b7:a3:98:0d: 9d:6c:a5:62:bf:ad:e9:50:50:ea:33:b3:eb:01:75:26:64:3b: 99:85:50:53:dc:e3:17:fe:13:99:7f:fa:c9:32:0e:a1:7e:ca: e5:9c:29:94:fc:f1:2d:1b:64:3d:e0:72:9a:17:4d:e6:7d:63: e8:66:0d:8b:d4:fe:61:ae:b7:e5:8a:03:32:3f:28:d0:67:05: 66:1a:26:92:b0:7b:98:1e:cd:65:61:ed:09:b8:76:be:f6:ba: c5:e9:b8:4d -----BEGIN CERTIFICATE----- MIIFBjCCA+6gAwIBAgIUEL572OCBdH2E8I8PEJzKC2PI5n0wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQTQ4N0VGRDgxNzNGNjUwNzIwMkY4RkRBQjI0REE3N0RC ODQyOURBQjAeFw0yNjAxMjAwMjEzMDJaFw0yNzAxMTkwMjE4MDJaMDMxMTAvBgNV BAMTKDYwNjhBOTAyQUE3OEE0NzhGOTg0MUMxRjdCQThCNjIyOUMyNjUxNTAwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDslQ+T/xNzBbX5wGdzfAmzNjt6 +gCk6LmAddP4Laphm5XcCQ6GfJr3OQ6iPUNsEHpSnWtz0QqHZdW9tnJnhE+hWfwj KTrBQQHp24iLa1v54tixaakYx863V35c/nO+tjt++PArcXKra8tANdCkIqXROTxW 1tt+BmQFwB1tS7FnmMUaRBKVnv2QekbLTwQQbnKmOl4quGSo1nZBtnsFmZ0WR92F SSiSBZdNwqaWoI7Jaj2Fy10xxBg0anmRL+GZUXjOWQwd6dRZCtjgdWrf55VRg4Xf 6CGtYVyRO5z72lls608eluQ5EMqrwbu4XKrkECqxLtrhuyKMX+/GoCl560KXAgMB AAGjggIQMIICDDAdBgNVHQ4EFgQUYGipAqp4pHj5hBwfe6i2IpwmUVAwHwYDVR0j BBgwFoAUpIfv2Bc/ZQcgL4/ask2nfbhCnaswDgYDVR0PAQH/BAQDAgeAMHMGA1Ud HwRsMGowaKBmoGSGYnJzeW5jOi8vcnBraS1ycHMuY25uaWMuY24vcmVwby9BMTA2 NTU4ODU1MzEyOTY1NjMyMy8wL0E0ODdFRkQ4MTczRjY1MDcyMDJGOEZEQUIyNERB NzdEQjg0MjlEQUIuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5 bmM6Ly9ycGtpLXJwcy5jbm5pYy5jbi9yZXBvL0ExMDU1MzkwNzc1MDkwNjc1NzE1 LzEvQTQ4N0VGRDgxNzNGNjUwNzIwMkY4RkRBQjI0REE3N0RCODQyOURBQi5jZXIw gYgGCCsGAQUFBwELBHwwejB4BggrBgEFBQcwC4ZscnN5bmM6Ly9ycGtpLXJwcy5j bm5pYy5jbi9yZXBvL0ExMDY1NTg4NTUzMTI5NjU2MzIzLzAvMzIzNDMwMzQzYTMy MzgzMDNhM2EyZjMzMzIyZDM0MzgyMDNkM2UyMDMyMzQzNDMyMzQucm9hMBgGA1Ud IAEB/wQOMAwwCgYIKwYBBQUHDgIwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcD BQAkBAKAMA0GCSqGSIb3DQEBCwUAA4IBAQCe86xVyZ7RhQNtcNGYEccmgHX9BZYm 8yDHXHdftTRGmpVOAHmUG11B/ZXHSvUFm6Cof2eJqwCJtu6+zfqT+CPvN7nUvtYZ dyJgRdZwj41ko8kEtSmbJTgFdwK45aePQON/MvQWVUslrZBnd079Uxtw9Kk913K2 kfk391AXfTxQeESTE8zFV2Z3KZhIfw1Sxt1cqgnmh8aZQUTiFdlkgLejmA2dbKVi v63pUFDqM7PrAXUmZDuZhVBT3OMX/hOZf/rJMg6hfsrlnCmU/PEtG2Q94HKaF03m fWPoZg2L1P5hrrfligMyPyjQZwVmGiaSsHuYHs1lYe0JuHa+9rrF6bhN -----END CERTIFICATE-----Generated at Sun Jan 25 09:11:34 2026 by rpki-client