This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/-HRI5ilAih04W-pwIo9u7W1EZSo.roa File: -HRI5ilAih04W-pwIo9u7W1EZSo.roa (raw, json) Hash identifier: Ehxz6KYBZqBhl7Ba6IJppDMUQXfbi5473Y3IF09+xS4= Subject key identifier: F8:74:48:E6:29:40:8A:1D:38:5B:EA:70:22:8F:6E:ED:6D:44:65:2A Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA Certificate serial: 5241 Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/-HRI5ilAih04W-pwIo9u7W1EZSo.roa Signing time: Wed 08 May 2024 06:24:20 +0000 ROA not before: Wed 08 May 2024 06:24:20 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 24426 IP address blocks: 43.239.0.0/19 maxlen: 19 101.78.32.0/19 maxlen: 19 103.35.0.0/19 maxlen: 19 Validation: Failed, RFC 3779 resource not subset of parent's resources Certificate: Data: Version: 3 (0x2) Serial Number: 21057 (0x5241) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA Validity Not Before: May 8 06:24:20 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=F87448E629408A1D385BEA70228F6EED6D44652A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:ed:3f:83:84:eb:b7:68:cc:4d:d4:fd:5c:19: ac:63:7d:af:17:94:bf:8d:56:e0:8a:4b:c8:73:70: 33:f1:99:93:f6:f1:35:e9:a6:42:28:a3:54:87:2b: c8:09:26:ab:b0:43:10:a5:84:9e:60:ab:6d:b1:0f: a5:be:d2:1b:80:95:6c:66:83:c5:38:23:2c:9e:aa: f5:0d:97:db:03:50:87:ef:8d:ce:0a:a0:36:b6:8a: b5:cc:12:e5:82:c3:59:e1:65:fe:08:b9:03:25:20: 1c:03:a9:44:ee:5b:8f:1e:0f:48:23:63:0f:50:14: 92:5c:81:cf:90:36:09:90:57:12:11:ef:33:42:c9: 96:4d:03:c5:c1:f4:c3:c9:fc:48:32:d6:9d:e6:12: 3a:2a:48:ca:91:cd:2d:19:70:d0:8a:43:b6:35:89: 86:87:43:40:52:37:ed:f2:9e:2c:4c:af:d4:9d:a5: d3:0b:9d:5e:81:3c:19:03:b2:51:6f:0c:0b:74:b3: 24:ff:8d:b0:78:35:a8:fb:ff:5d:47:5c:4b:25:00: 2a:3d:88:ba:b6:3a:24:c9:38:29:f0:4d:b6:77:4a: c6:28:7c:52:b5:b6:5e:82:63:0a:f0:10:e8:99:a1: 73:d5:06:0b:85:5d:4c:08:02:11:4b:d3:db:36:f2: 23:bb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F8:74:48:E6:29:40:8A:1D:38:5B:EA:70:22:8F:6E:ED:6D:44:65:2A X509v3 Authority Key Identifier: keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/-HRI5ilAih04W-pwIo9u7W1EZSo.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 43.239.0.0/19 101.78.32.0/19 103.35.0.0/19 Signature Algorithm: sha256WithRSAEncryption 00:c9:d1:77:66:24:e8:97:16:8f:5a:be:70:16:66:99:a5:2d: df:52:af:1c:d1:fd:e1:b2:d7:bb:25:11:95:6f:0d:3b:11:d8: ae:51:25:be:bb:c9:e8:87:7e:3f:55:2d:2f:7e:c1:84:42:97: a8:f1:6d:b7:f6:8a:45:9f:31:9e:c2:19:64:83:1f:78:db:d9: e1:39:b9:c2:8f:46:38:cc:75:b2:60:d3:7b:d5:9a:1c:8d:94: 24:f3:cc:8c:48:b4:58:52:15:7c:af:af:b8:0a:e7:e7:ec:5e: 76:0e:e9:ea:d4:f1:48:73:f7:93:88:97:95:33:67:db:1d:e8: c7:57:fc:1a:29:d7:5f:d7:68:cf:b4:75:65:e0:6f:97:5f:8f: ca:62:19:dc:29:dd:4f:1d:7d:da:b9:13:f9:67:64:71:10:50: 0f:9d:52:86:c0:5e:a6:03:bb:3b:80:18:04:12:49:3e:0e:5d: 37:eb:d7:f9:62:e4:42:23:cb:c7:8f:7d:98:31:d9:95:d2:c7: f0:e7:dd:33:e7:7a:5f:fc:26:71:6e:88:4f:91:07:0a:f6:68: c8:13:9a:a2:56:dc:e0:cc:ad:e3:31:f1:56:7b:88:9a:90:04: 68:89:8b:a2:69:a0:19:c2:cc:a5:25:f6:45:5a:4e:0e:fa:57: 92:36:27:88 -----BEGIN CERTIFICATE----- MIIE4TCCA8mgAwIBAgICUkEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MDgw NjI0MjBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEY4NzQ0OEU2Mjk0MDhB MUQzODVCRUE3MDIyOEY2RUVENkQ0NDY1MkEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC57T+DhOu3aMxN1P1cGaxjfa8XlL+NVuCKS8hzcDPxmZP28TXp pkIoo1SHK8gJJquwQxClhJ5gq22xD6W+0huAlWxmg8U4IyyeqvUNl9sDUIfvjc4K oDa2irXMEuWCw1nhZf4IuQMlIBwDqUTuW48eD0gjYw9QFJJcgc+QNgmQVxIR7zNC yZZNA8XB9MPJ/Egy1p3mEjoqSMqRzS0ZcNCKQ7Y1iYaHQ0BSN+3ynixMr9SdpdML nV6BPBkDslFvDAt0syT/jbB4Naj7/11HXEslACo9iLq2OiTJOCnwTbZ3SsYofFK1 tl6CYwrwEOiZoXPVBguFXUwIAhFL09s28iO7AgMBAAGjggH9MIIB+TAdBgNVHQ4E FgQU+HRI5ilAih04W+pwIo9u7W1EZSowHwYDVR0jBBgwFoAUvevthkDLplk9qfmj 3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3 L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3Ly1IUkk1aWxBaWgwNFct cHdJbzl1N1cxRVpTby5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAADJ0XdmJOiXFo9a vnAWZpmlLd9SrxzR/eGy17slEZVvDTsR2K5RJb67yeiHfj9VLS9+wYRCl6jxbbf2 ikWfMZ7CGWSDH3jb2eE5ucKPRjjMdbJg03vVmhyNlCTzzIxItFhSFXyvr7gK5+fs XnYO6erU8Uhz95OIl5UzZ9sd6MdX/Bop11/XaM+0dWXgb5dfj8piGdwp3U8dfdq5 E/lnZHEQUA+dUobAXqYDuzuAGAQSST4OXTfr1/li5EIjy8ePfZgx2ZXSx/Dn3TPn el/8JnFuiE+RBwr2aMgTmqJW3ODMreMx8VZ7iJqQBGiJi6JpoBnCzKUl9kVaTg76 V5I2J4g= -----END CERTIFICATE-----Generated at Mon Dec 22 13:06:37 2025 by rpki-client