This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/QwkJ6g4MGmpmd1GpvE4e-jLKozk.roa File: QwkJ6g4MGmpmd1GpvE4e-jLKozk.roa (raw, json) Hash identifier: 1xEVPgL2SsXiY/82sy+HM/3sIue7ePWLcNv48d5iIUk= Subject key identifier: 43:09:09:EA:0E:0C:1A:6A:66:77:51:A9:BC:4E:1E:FA:32:CA:A3:39 Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA Certificate serial: 57A1 Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/QwkJ6g4MGmpmd1GpvE4e-jLKozk.roa Signing time: Wed 15 May 2024 10:24:10 +0000 ROA not before: Wed 15 May 2024 10:24:10 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 24426 IP address blocks: 43.239.0.0/19 maxlen: 19 101.78.32.0/19 maxlen: 19 103.35.0.0/19 maxlen: 19 Validation: Failed, RFC 3779 resource not subset of parent's resources Certificate: Data: Version: 3 (0x2) Serial Number: 22433 (0x57a1) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA Validity Not Before: May 15 10:24:10 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=430909EA0E0C1A6A667751A9BC4E1EFA32CAA339 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e7:9d:13:ec:d6:b1:5c:20:0e:6b:97:a7:20:f4: c7:69:fd:77:f3:ba:5c:15:93:58:6c:5d:56:f2:bb: c0:db:1a:f5:7b:b1:e9:6e:01:93:c4:16:e0:34:b0: d5:9c:f8:e5:19:2d:90:69:5f:c1:86:61:14:a8:54: 68:1a:21:ed:43:e3:76:39:2e:9b:e3:1d:69:47:96: 2b:ef:b9:99:39:50:ac:89:c9:78:52:ff:af:bc:b8: 1b:68:17:a9:bf:39:6b:ac:f6:05:9f:85:12:64:63: 8e:2f:61:a3:2d:ce:83:32:c3:20:86:1d:6f:49:d6: 49:5f:21:cc:eb:3e:48:45:88:4a:f2:2a:ad:af:b1: 60:47:b6:b9:9b:3a:7f:07:51:3b:47:2e:6a:ef:e6: e5:e0:6b:58:31:16:73:93:f1:76:e3:ce:57:e2:c7: 05:c6:b1:bc:19:0e:c4:7f:59:a7:bb:90:30:2b:16: 0e:fa:e6:54:73:96:44:6f:bb:37:83:62:e6:3a:12: f1:63:20:e7:22:dd:88:94:7e:28:7e:b3:f8:7a:ee: 5b:94:96:d8:76:6e:a2:2c:64:60:3f:6c:86:01:f4: 0e:b3:4d:93:f7:70:de:f6:ec:f3:27:2a:10:cc:b0: 8d:8f:14:e9:b2:cd:a0:b2:2c:68:3f:25:c0:57:20: a9:2d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 43:09:09:EA:0E:0C:1A:6A:66:77:51:A9:BC:4E:1E:FA:32:CA:A3:39 X509v3 Authority Key Identifier: keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/QwkJ6g4MGmpmd1GpvE4e-jLKozk.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 43.239.0.0/19 101.78.32.0/19 103.35.0.0/19 Signature Algorithm: sha256WithRSAEncryption 49:cd:c5:3f:dc:d6:1b:0d:a2:b6:62:58:7e:22:49:26:75:0c: 7d:c5:6f:02:85:ba:04:42:02:0b:0e:d1:eb:b1:56:e2:f2:34: af:8e:96:77:8e:1b:4b:a9:7a:9a:b7:67:b1:17:63:e5:dc:57: 8d:5b:48:f9:15:f0:bc:6d:97:cd:c3:09:3e:01:c5:bb:5a:14: d6:6e:85:98:13:0f:6e:87:7b:b5:24:86:2f:41:02:7a:99:b2: ab:6e:bf:fb:a4:97:7e:68:a1:6f:0f:81:5b:03:14:49:59:0b: ad:2a:ad:2f:a5:e0:70:3c:3e:16:03:42:21:e4:0e:84:8f:33: 7d:86:d5:f2:43:41:49:eb:4e:43:cf:5c:07:49:be:79:f2:ab: 86:4c:62:ad:85:bc:a3:ec:f6:48:41:e1:f4:e2:c4:c6:da:16: c4:26:e1:39:c9:ec:8d:47:8b:c7:d3:4c:11:18:4a:2f:f1:35: 11:0e:54:12:d7:43:79:99:24:12:dc:7a:41:1d:f8:f5:f3:d6: 56:5a:63:1e:3b:74:64:06:a9:e8:ea:8f:19:56:15:20:dc:67: 4e:c2:a7:16:15:ac:de:12:a5:09:2b:17:dd:40:e3:d0:12:e7: c0:24:19:a0:4f:6e:ae:0a:c0:da:20:d2:a4:e6:14:fc:a3:62: 28:7f:35:6b -----BEGIN CERTIFICATE----- MIIE4TCCA8mgAwIBAgICV6EwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MTUx MDI0MTBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDQzMDkwOUVBMEUwQzFB NkE2Njc3NTFBOUJDNEUxRUZBMzJDQUEzMzkwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDnnRPs1rFcIA5rl6cg9Mdp/XfzulwVk1hsXVbyu8DbGvV7selu AZPEFuA0sNWc+OUZLZBpX8GGYRSoVGgaIe1D43Y5LpvjHWlHlivvuZk5UKyJyXhS /6+8uBtoF6m/OWus9gWfhRJkY44vYaMtzoMywyCGHW9J1klfIczrPkhFiEryKq2v sWBHtrmbOn8HUTtHLmrv5uXga1gxFnOT8XbjzlfixwXGsbwZDsR/Wae7kDArFg76 5lRzlkRvuzeDYuY6EvFjIOci3YiUfih+s/h67luUlth2bqIsZGA/bIYB9A6zTZP3 cN727PMnKhDMsI2PFOmyzaCyLGg/JcBXIKktAgMBAAGjggH9MIIB+TAdBgNVHQ4E FgQUQwkJ6g4MGmpmd1GpvE4e+jLKozkwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj 3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3 L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1F3a0o2ZzRNR21wbWQx R3B2RTRlLWpMS296ay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAEnNxT/c1hsNorZi WH4iSSZ1DH3FbwKFugRCAgsO0euxVuLyNK+OlneOG0upepq3Z7EXY+XcV41bSPkV 8Lxtl83DCT4BxbtaFNZuhZgTD26He7Ukhi9BAnqZsqtuv/ukl35ooW8PgVsDFElZ C60qrS+l4HA8PhYDQiHkDoSPM32G1fJDQUnrTkPPXAdJvnnyq4ZMYq2FvKPs9khB 4fTixMbaFsQm4TnJ7I1Hi8fTTBEYSi/xNREOVBLXQ3mZJBLcekEd+PXz1lZaYx47 dGQGqejqjxlWFSDcZ07CpxYVrN4SpQkrF91A49AS58AkGaBPbq4KwNog0qTmFPyj Yih/NWs= -----END CERTIFICATE-----Generated at Mon Dec 22 12:53:00 2025 by rpki-client