This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/7DIrFc6CqbnTzq0HuD7UmYa38Ks.roa File: 7DIrFc6CqbnTzq0HuD7UmYa38Ks.roa (raw, json) Hash identifier: +jP/+I1gpgn/hPa6+CMIec+rCVyHyXA3xy+K9WqVM9k= Subject key identifier: EC:32:2B:15:CE:82:A9:B9:D3:CE:AD:07:B8:3E:D4:99:86:B7:F0:AB Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA Certificate serial: 3DC9 Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/7DIrFc6CqbnTzq0HuD7UmYa38Ks.roa Signing time: Wed 10 Apr 2024 23:22:45 +0000 ROA not before: Wed 10 Apr 2024 23:22:45 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 24426 IP address blocks: 43.239.0.0/19 maxlen: 19 101.78.32.0/19 maxlen: 19 103.35.0.0/19 maxlen: 19 Validation: Failed, RFC 3779 resource not subset of parent's resources Certificate: Data: Version: 3 (0x2) Serial Number: 15817 (0x3dc9) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA Validity Not Before: Apr 10 23:22:45 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=EC322B15CE82A9B9D3CEAD07B83ED49986B7F0AB Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:70:98:53:39:23:fc:99:d5:84:45:2d:de:51: 16:38:43:be:c1:a4:18:ba:0d:32:83:c9:9c:26:32: de:13:49:69:93:8a:99:9d:30:d0:94:07:fa:d6:30: 2b:e2:04:4e:fc:03:09:d5:4d:8a:9e:75:73:08:b9: e6:e6:7d:5f:72:1a:c1:fb:fe:bd:91:c8:52:f1:d7: ae:c5:e3:ea:e5:9f:88:38:46:f6:3d:f5:e5:65:4e: 73:5f:0a:d0:f8:f5:4f:70:36:8b:fc:b7:fc:f4:f4: 84:09:07:44:6e:ed:25:04:ac:e9:34:26:7d:d3:82: 8a:20:5d:d5:e7:fe:7b:9f:d4:cf:59:ff:78:a3:7a: c8:5d:5d:72:27:ed:7e:c9:ee:05:2b:50:00:bf:9c: be:f4:56:84:37:c9:9e:bf:7d:94:47:aa:95:57:91: 26:86:59:8a:c3:24:a5:9f:1f:a0:dd:0a:b8:98:be: 67:dc:2e:64:d7:8c:a7:d0:49:f7:1f:87:84:bc:a4: db:48:8c:d2:ea:31:6f:f6:79:ff:83:7e:fa:0a:89: 46:d8:47:de:31:28:12:96:4c:b6:fc:ab:cd:2d:fa: 16:02:9b:8b:e8:85:fa:f6:07:03:1e:af:68:58:5c: 77:8d:72:c0:c1:4b:80:86:04:83:36:23:24:65:7c: f9:05 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EC:32:2B:15:CE:82:A9:B9:D3:CE:AD:07:B8:3E:D4:99:86:B7:F0:AB X509v3 Authority Key Identifier: keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/7DIrFc6CqbnTzq0HuD7UmYa38Ks.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 43.239.0.0/19 101.78.32.0/19 103.35.0.0/19 Signature Algorithm: sha256WithRSAEncryption 00:65:90:77:14:50:db:28:74:a4:df:62:d3:2b:e2:22:c4:4c: 6a:75:d8:d2:6c:b0:67:dc:f9:14:bc:08:79:de:97:9e:05:5f: c5:c1:1b:d6:1c:6a:d9:72:1a:57:ea:ba:53:5f:3d:3c:7f:76: 1d:5e:9c:35:4f:49:9f:6d:61:b9:a9:06:a3:f6:58:8f:16:ef: 5b:36:53:d8:6f:12:3b:a2:bc:a9:5e:90:32:0c:93:5b:5a:e7: 84:76:60:26:94:96:06:06:61:df:a1:60:19:1b:d0:f6:93:3a: 3a:a3:ba:87:96:0f:c4:5a:d8:83:1a:2b:1c:f5:76:e9:cc:e4: 6c:b1:a6:ce:43:ee:f2:14:1d:19:77:16:91:1c:ee:3a:e5:18: 0a:37:ae:1a:20:38:ae:e8:db:31:83:f3:db:46:6f:29:6e:cb: 17:56:8b:72:ed:1d:f1:6e:98:80:de:00:e9:bb:40:3b:c8:e6: 02:38:0c:17:ee:8c:70:28:e4:d5:db:56:57:39:70:61:b3:ab: 2a:19:ec:03:ea:fb:d6:eb:b6:ce:d4:e5:4d:78:36:fd:36:48: 8f:9b:a5:00:3b:90:d1:fd:82:70:67:77:6e:00:5e:3e:9b:42: 52:41:5f:18:10:54:8a:77:cb:df:dc:f5:81:fb:ce:d6:b4:35: bd:fd:ba:de -----BEGIN CERTIFICATE----- MIIE4TCCA8mgAwIBAgICPckwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTAy MzIyNDVaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEVDMzIyQjE1Q0U4MkE5 QjlEM0NFQUQwN0I4M0VENDk5ODZCN0YwQUIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDDcJhTOSP8mdWERS3eURY4Q77BpBi6DTKDyZwmMt4TSWmTipmd MNCUB/rWMCviBE78AwnVTYqedXMIuebmfV9yGsH7/r2RyFLx167F4+rln4g4RvY9 9eVlTnNfCtD49U9wNov8t/z09IQJB0Ru7SUErOk0Jn3TgoogXdXn/nuf1M9Z/3ij eshdXXIn7X7J7gUrUAC/nL70VoQ3yZ6/fZRHqpVXkSaGWYrDJKWfH6DdCriYvmfc LmTXjKfQSfcfh4S8pNtIjNLqMW/2ef+DfvoKiUbYR94xKBKWTLb8q80t+hYCm4vo hfr2BwMer2hYXHeNcsDBS4CGBIM2IyRlfPkFAgMBAAGjggH9MIIB+TAdBgNVHQ4E FgQU7DIrFc6CqbnTzq0HuD7UmYa38KswHwYDVR0jBBgwFoAUvevthkDLplk9qfmj 3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3 L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzdESXJGYzZDcWJuVHpx MEh1RDdVbVlhMzhLcy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAABlkHcUUNsodKTf YtMr4iLETGp12NJssGfc+RS8CHnel54FX8XBG9YcatlyGlfqulNfPTx/dh1enDVP SZ9tYbmpBqP2WI8W71s2U9hvEjuivKlekDIMk1ta54R2YCaUlgYGYd+hYBkb0PaT OjqjuoeWD8Ra2IMaKxz1dunM5Gyxps5D7vIUHRl3FpEc7jrlGAo3rhogOK7o2zGD 89tGbyluyxdWi3LtHfFumIDeAOm7QDvI5gI4DBfujHAo5NXbVlc5cGGzqyoZ7APq +9brts7U5U14Nv02SI+bpQA7kNH9gnBnd24AXj6bQlJBXxgQVIp3y9/c9YH7zta0 Nb39ut4= -----END CERTIFICATE-----Generated at Mon Dec 22 11:09:44 2025 by rpki-client