This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/121/i4_OXkOkejjlSFmtJl6eHLGLSFo.roa File: i4_OXkOkejjlSFmtJl6eHLGLSFo.roa (raw, json) Hash identifier: r0Pw8MBvh/UZUww72GxgSsMnkypDK2kvh+ZH4Ln2+pc= Subject key identifier: 8B:8F:CE:5E:43:A4:7A:38:E5:48:59:AD:26:5E:9E:1C:B1:8B:48:5A Certificate issuer: /CN=82E0162ABA80BBE8B4E1F963BB45B64729344FA1 Certificate serial: 2158 Authority key identifier: 82:E0:16:2A:BA:80:BB:E8:B4:E1:F9:63:BB:45:B6:47:29:34:4F:A1 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/guAWKrqAu-i04flju0W2Ryk0T6E.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/121/i4_OXkOkejjlSFmtJl6eHLGLSFo.roa Signing time: Fri 05 Dec 2025 02:36:42 +0000 ROA not before: Fri 05 Dec 2025 02:36:42 +0000 ROA not after: Fri 23 Oct 2026 03:01:03 +0000 asID: 24147 IP address blocks: 219.235.207.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/121/guAWKrqAu-i04flju0W2Ryk0T6E.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/121/guAWKrqAu-i04flju0W2Ryk0T6E.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/guAWKrqAu-i04flju0W2Ryk0T6E.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 07 Dec 2025 09:48:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8536 (0x2158) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=82E0162ABA80BBE8B4E1F963BB45B64729344FA1 Validity Not Before: Dec 5 02:36:42 2025 GMT Not After : Oct 23 03:01:03 2026 GMT Subject: CN=8B8FCE5E43A47A38E54859AD265E9E1CB18B485A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e5:5d:4a:b9:5e:ee:2f:84:30:e0:f4:ef:5f:dc: 2c:92:a4:df:83:59:27:1f:c6:d8:f7:ba:b4:bb:5b: ff:9c:2c:80:0b:cc:d9:87:08:ca:c0:d3:2f:10:21: 69:e1:4f:7f:80:0f:2c:b6:3b:e1:ac:56:98:9d:c4: d7:59:9a:f7:65:0b:98:a5:85:d8:5b:47:db:45:0b: 6d:6e:bd:a3:42:f0:58:52:e2:4a:c9:bd:4c:5a:dc: 22:19:fc:86:47:ca:2a:21:b1:58:b8:54:eb:00:2d: 3a:4c:ec:4c:56:98:39:a4:62:94:88:96:0f:3e:f2: 49:31:79:86:8b:20:88:e3:3a:20:7e:0f:fb:03:1d: fc:93:2e:11:b8:38:02:83:1f:8f:4b:d2:f4:c0:8c: c8:67:74:65:86:17:c3:1f:4f:aa:3d:60:85:0b:4f: 9c:6e:03:79:51:4d:0a:1b:fa:ad:1c:30:1f:b7:fb: ef:98:67:6e:4f:d7:03:b3:d1:0d:e8:fa:e4:13:34: fc:85:c0:76:47:a9:7c:22:33:52:eb:cf:78:d8:0e: e5:39:1a:74:03:8b:0a:00:d3:0a:36:a4:c1:45:7f: b5:2a:77:2d:fc:2c:ad:59:3d:7c:2f:3c:bb:2f:22: 86:80:11:e8:67:8c:ac:6e:c4:ae:69:27:21:f0:13: 6d:3d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8B:8F:CE:5E:43:A4:7A:38:E5:48:59:AD:26:5E:9E:1C:B1:8B:48:5A X509v3 Authority Key Identifier: keyid:82:E0:16:2A:BA:80:BB:E8:B4:E1:F9:63:BB:45:B6:47:29:34:4F:A1 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/121/guAWKrqAu-i04flju0W2Ryk0T6E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/guAWKrqAu-i04flju0W2Ryk0T6E.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/121/i4_OXkOkejjlSFmtJl6eHLGLSFo.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 219.235.207.0/24 Signature Algorithm: sha256WithRSAEncryption 20:27:62:a9:6d:bd:7b:01:81:b7:dd:48:c7:29:5b:de:00:d2: 7d:c2:3c:b6:6c:db:5e:75:9e:40:2f:d5:a3:72:1e:d7:f4:fe: 7e:ee:a3:54:14:ec:f5:46:10:d0:e4:71:48:eb:9f:fc:00:77: a3:eb:1a:d8:fe:19:ac:a1:7f:4a:73:0b:31:ce:b9:14:0b:c6: 84:8b:e1:7a:b5:5e:3c:62:5b:32:38:36:6b:20:71:32:95:96: 43:96:6b:a2:9e:c4:a4:24:9c:f1:56:30:63:bd:dd:23:70:43: 9b:26:37:8b:30:14:45:c6:48:13:ea:6f:00:f9:6f:e6:63:65: c6:2e:df:8e:9d:cc:de:06:45:ea:6b:41:7e:64:24:af:f3:bd: 43:ba:25:09:51:6d:62:64:38:b3:d5:6c:2f:88:35:f0:17:10: 33:f7:41:74:76:7f:da:4b:ca:66:39:3d:36:81:4f:68:2e:17: 59:54:d2:6c:95:f8:79:6a:77:a5:b9:aa:89:a7:8b:04:60:94: bb:5d:dd:1c:00:19:be:59:86:1e:99:ca:09:c1:05:28:f2:5f: db:ed:b8:20:04:87:13:89:72:41:74:66:6f:c7:f7:18:5b:aa: cf:2a:de:82:eb:b8:98:a7:58:ee:bd:a3:2a:fb:49:87:0c:22: 62:36:c3:dd -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICIVgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoODJF MDE2MkFCQTgwQkJFOEI0RTFGOTYzQkI0NUI2NDcyOTM0NEZBMTAeFw0yNTEyMDUw MjM2NDJaFw0yNjEwMjMwMzAxMDNaMDMxMTAvBgNVBAMTKDhCOEZDRTVFNDNBNDdB MzhFNTQ4NTlBRDI2NUU5RTFDQjE4QjQ4NUEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDlXUq5Xu4vhDDg9O9f3CySpN+DWScfxtj3urS7W/+cLIALzNmH CMrA0y8QIWnhT3+ADyy2O+GsVpidxNdZmvdlC5ilhdhbR9tFC21uvaNC8FhS4krJ vUxa3CIZ/IZHyiohsVi4VOsALTpM7ExWmDmkYpSIlg8+8kkxeYaLIIjjOiB+D/sD HfyTLhG4OAKDH49L0vTAjMhndGWGF8MfT6o9YIULT5xuA3lRTQob+q0cMB+3+++Y Z25P1wOz0Q3o+uQTNPyFwHZHqXwiM1Lrz3jYDuU5GnQDiwoA0wo2pMFFf7Uqdy38 LK1ZPXwvPLsvIoaAEehnjKxuxK5pJyHwE209AgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUi4/OXkOkejjlSFmtJl6eHLGLSFowHwYDVR0jBBgwFoAUguAWKrqAu+i04flj u0W2Ryk0T6EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTIx L2d1QVdLcnFBdS1pMDRmbGp1MFcyUnlrMFQ2RS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZ3VBV0tycUF1LWkwNGZsanUwVzJSeWswVDZFLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTIxL2k0X09Ya09rZWpqbFNG bXRKbDZlSExHTFNGby5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BADb688wDQYJKoZIhvcNAQELBQADggEBACAnYqltvXsBgbfdSMcpW94A0n3CPLZs 2151nkAv1aNyHtf0/n7uo1QU7PVGENDkcUjrn/wAd6PrGtj+Gayhf0pzCzHOuRQL xoSL4Xq1XjxiWzI4NmsgcTKVlkOWa6KexKQknPFWMGO93SNwQ5smN4swFEXGSBPq bwD5b+ZjZcYu346dzN4GReprQX5kJK/zvUO6JQlRbWJkOLPVbC+INfAXEDP3QXR2 f9pLymY5PTaBT2guF1lU0myV+Hlqd6W5qomniwRglLtd3RwAGb5Zhh6ZygnBBSjy X9vtuCAEhxOJckF0Zm/H9xhbqs8q3oLruJinWO69oyr7SYcMImI2w90= -----END CERTIFICATE-----Generated at Sun Dec 7 08:29:07 2025 by rpki-client