This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/RLzKmtPrXe57Mwb9YESBGVJheAo.roa File: RLzKmtPrXe57Mwb9YESBGVJheAo.roa (raw, json) Hash identifier: 1vxVbAJcDxItENP5GrW1dF2Xxmcdnugepvx4F9pU0aA= Subject key identifier: 44:BC:CA:9A:D3:EB:5D:EE:7B:33:06:FD:60:44:81:19:52:61:78:0A Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA Certificate serial: 55DE Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/RLzKmtPrXe57Mwb9YESBGVJheAo.roa Signing time: Mon 13 May 2024 01:54:11 +0000 ROA not before: Mon 13 May 2024 01:54:11 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 24426 IP address blocks: 43.236.0.0/16 maxlen: 16 Validation: Failed, RFC 3779 resource not subset of parent's resources Certificate: Data: Version: 3 (0x2) Serial Number: 21982 (0x55de) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA Validity Not Before: May 13 01:54:11 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=44BCCA9AD3EB5DEE7B3306FD604481195261780A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:d7:17:42:7f:cf:e7:5d:54:70:80:fd:9a:f7: ea:59:41:47:db:8f:76:30:51:69:34:4d:36:00:5b: c3:42:54:c7:aa:21:fb:70:23:cc:40:2b:80:9b:d5: df:64:15:a1:e0:a5:a4:0a:82:73:4c:81:b7:bd:8c: 54:cf:82:2e:0b:86:4e:bb:2e:3f:62:05:39:75:45: 69:b4:1a:dd:0c:e5:be:f3:39:ec:62:ec:9b:d6:e3: a8:6f:4f:13:3b:17:e4:e2:16:13:a5:30:2d:01:83: 2b:01:c6:08:83:07:a9:b5:12:a5:d9:f6:c7:17:41: 81:fa:dc:cf:eb:06:11:37:d9:de:aa:88:94:99:64: f5:a6:c2:46:75:7e:77:e6:dd:5e:19:8c:0c:c5:5d: 2b:07:62:be:3a:8c:b4:91:00:d9:53:21:a9:5d:e0: 8d:03:91:92:2e:5a:ad:54:3e:16:97:4b:9d:2e:b6: 5f:1c:34:ec:cb:53:47:1b:84:b6:fb:d3:19:56:54: 9a:dc:62:08:ba:b5:85:1f:cd:bb:f8:a4:65:85:bf: 86:a5:8d:8d:3e:9d:7e:cb:db:51:69:30:43:07:28: af:b4:6a:da:3f:28:b2:c9:cd:bd:fa:fd:b4:f3:e8: c1:26:61:79:ac:68:9c:b7:02:66:07:62:99:4e:6c: 51:71 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 44:BC:CA:9A:D3:EB:5D:EE:7B:33:06:FD:60:44:81:19:52:61:78:0A X509v3 Authority Key Identifier: keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/RLzKmtPrXe57Mwb9YESBGVJheAo.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 43.236.0.0/16 Signature Algorithm: sha256WithRSAEncryption a6:2e:cb:4e:dc:b6:25:1e:3c:a7:bb:20:c5:fa:09:66:9c:9b: 92:8f:e8:8c:1a:50:8b:99:04:e4:e2:55:8f:3d:b6:62:2a:16: 45:ec:53:bf:41:1c:04:55:3a:66:41:d8:13:75:7b:86:e9:5c: 00:13:09:73:46:06:db:54:54:cf:09:9b:ca:97:80:ff:3f:06: c8:ce:2f:08:67:b6:cc:c2:e8:37:6f:42:66:68:e9:16:1f:a0: ec:c7:8a:cd:a7:84:43:35:18:29:da:fe:e3:51:42:e8:35:ab: 57:c2:c4:bb:87:1a:74:7d:fd:d1:de:d3:52:4f:00:b6:0e:18: 8b:54:58:84:7d:9c:ec:3d:3e:f3:53:d1:9b:ae:78:18:eb:85: d4:3d:12:1a:72:07:90:da:e2:82:62:7a:ee:2d:a9:76:6c:05: 53:39:e4:54:09:aa:f2:c9:db:d3:f9:11:ab:e7:8b:5a:9a:9b: af:7a:33:bb:64:5e:6f:c9:4a:0d:fe:d8:6c:f4:c5:73:11:d2: f9:81:93:23:4e:67:be:f9:11:ca:b2:dc:c5:d8:81:aa:78:d5: 25:90:18:72:ba:5d:18:f6:a9:30:63:35:c7:1d:b5:89:dd:6c: 50:22:82:d0:c9:44:42:48:35:83:97:2f:43:f7:a6:99:15:61: 2a:35:3c:3a -----BEGIN CERTIFICATE----- MIIE1DCCA7ygAwIBAgICVd4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MTMw MTU0MTFaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDQ0QkNDQTlBRDNFQjVE RUU3QjMzMDZGRDYwNDQ4MTE5NTI2MTc4MEEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDI1xdCf8/nXVRwgP2a9+pZQUfbj3YwUWk0TTYAW8NCVMeqIftw I8xAK4Cb1d9kFaHgpaQKgnNMgbe9jFTPgi4Lhk67Lj9iBTl1RWm0Gt0M5b7zOexi 7JvW46hvTxM7F+TiFhOlMC0BgysBxgiDB6m1EqXZ9scXQYH63M/rBhE32d6qiJSZ ZPWmwkZ1fnfm3V4ZjAzFXSsHYr46jLSRANlTIald4I0DkZIuWq1UPhaXS50utl8c NOzLU0cbhLb70xlWVJrcYgi6tYUfzbv4pGWFv4aljY0+nX7L21FpMEMHKK+0ato/ KLLJzb36/bTz6MEmYXmsaJy3AmYHYplObFFxAgMBAAGjggHwMIIB7DAdBgNVHQ4E FgQURLzKmtPrXe57Mwb9YESBGVJheAowHwYDVR0jBBgwFoAUvevthkDLplk9qfmj 3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3 L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1JMekttdFByWGU1N013 YjlZRVNCR1ZKaGVBby5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEApi7LTty2JR48p7sgxfoJZpybko/ojBpQ i5kE5OJVjz22YioWRexTv0EcBFU6ZkHYE3V7hulcABMJc0YG21RUzwmbypeA/z8G yM4vCGe2zMLoN29CZmjpFh+g7MeKzaeEQzUYKdr+41FC6DWrV8LEu4cadH390d7T Uk8Atg4Yi1RYhH2c7D0+81PRm654GOuF1D0SGnIHkNrigmJ67i2pdmwFUznkVAmq 8snb0/kRq+eLWpqbr3ozu2Reb8lKDf7YbPTFcxHS+YGTI05nvvkRyrLcxdiBqnjV JZAYcrpdGPapMGM1xx21id1sUCKC0MlEQkg1g5cvQ/emmRVhKjU8Og== -----END CERTIFICATE-----Generated at Mon Dec 22 12:32:14 2025 by rpki-client