This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/VgJ0TuaoZlT7Hmi2saC0DUKKF2c.roa File: VgJ0TuaoZlT7Hmi2saC0DUKKF2c.roa (raw, json) Hash identifier: dsNP6DdHkm/TuX/lmbiRYWzs996qNOF9dehT1A6FDyM= Subject key identifier: 56:02:74:4E:E6:A8:66:54:FB:1E:68:B6:B1:A0:B4:0D:42:8A:17:67 Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA Certificate serial: 40CD Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/VgJ0TuaoZlT7Hmi2saC0DUKKF2c.roa Signing time: Sun 14 Apr 2024 23:52:52 +0000 ROA not before: Sun 14 Apr 2024 23:52:52 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 24426 IP address blocks: 43.239.0.0/19 maxlen: 19 101.78.32.0/19 maxlen: 19 103.35.0.0/19 maxlen: 19 Validation: Failed, RFC 3779 resource not subset of parent's resources Certificate: Data: Version: 3 (0x2) Serial Number: 16589 (0x40cd) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA Validity Not Before: Apr 14 23:52:52 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=5602744EE6A86654FB1E68B6B1A0B40D428A1767 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:8d:ee:fc:5c:28:a4:b2:b2:f2:25:27:d1:dc: c2:74:f6:56:c3:ef:75:bb:94:d9:93:da:42:5e:22: e7:17:15:cd:8f:54:88:98:41:d7:03:e5:c7:d7:6c: a4:1d:d2:cd:a5:1b:5b:ff:cb:e7:44:17:aa:06:bb: dd:09:21:27:45:a0:b4:a2:9f:5c:5b:98:ea:26:b1: f0:08:2f:db:78:55:f3:4f:d1:1d:41:27:05:90:c0: 18:dc:dd:00:ce:3a:6d:5d:30:af:63:bf:b2:a9:1c: fa:f7:31:36:4a:ca:03:2e:d3:89:5a:79:49:34:93: 84:de:14:b9:3a:58:7d:90:24:3a:33:c3:e2:4f:50: 5a:d2:c7:84:0d:df:f2:51:43:b5:f9:b5:5b:3c:da: f0:51:d8:6f:9f:02:8a:5a:cb:58:57:17:2e:19:05: a0:6a:2d:b8:74:9e:d5:8e:cc:84:ba:c6:7e:55:09: fa:63:09:63:cf:ef:11:4b:f5:d3:9e:62:7f:3d:15: b6:00:fa:49:38:01:cd:a9:1d:39:50:4b:5d:c4:a8: 72:4b:c3:fe:9f:04:2c:1e:69:40:ba:2e:44:2c:53: 2d:9c:3f:3f:a0:6a:9e:e8:d3:88:2a:7c:d3:17:cd: 0b:ec:31:eb:3f:24:86:d5:7e:c9:a5:07:ac:f9:95: c5:53 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 56:02:74:4E:E6:A8:66:54:FB:1E:68:B6:B1:A0:B4:0D:42:8A:17:67 X509v3 Authority Key Identifier: keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/VgJ0TuaoZlT7Hmi2saC0DUKKF2c.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 43.239.0.0/19 101.78.32.0/19 103.35.0.0/19 Signature Algorithm: sha256WithRSAEncryption 3e:e5:e6:38:3b:6e:09:7b:7d:59:fa:a1:05:98:b6:09:f7:45: 88:35:19:d5:1d:f2:e1:60:b0:be:72:0a:a3:3b:cd:b0:35:c5: ea:63:e4:c8:ae:f4:a6:ae:9a:48:08:4a:d6:7a:92:5a:ed:14: 50:9d:08:36:ad:f7:43:13:50:63:05:e5:a0:b8:55:b3:69:bc: 15:ed:61:4f:02:1d:63:d1:2b:b5:71:5e:8d:36:90:ca:64:ae: 02:52:5b:aa:5f:15:55:6c:14:9e:0d:d4:c1:55:11:67:6a:b6: 35:f9:b1:67:22:30:84:bd:50:f2:23:f2:08:1c:96:84:7d:e3: f3:ce:07:2e:94:5f:ee:be:65:4a:ae:54:3e:6f:14:f0:52:6e: f6:68:d2:5d:4c:7f:af:89:b6:2f:eb:f5:e1:7d:9d:d1:6f:da: cb:2f:93:fe:77:68:5a:57:69:f2:d0:a9:9c:7e:1f:96:7b:72: 21:5d:6f:91:1e:d4:27:4f:6a:ca:22:9d:33:f0:65:1d:05:2c: ea:40:7b:fc:d6:1c:79:29:19:90:a9:93:2a:05:50:20:1d:6b: 4c:db:61:63:95:c3:82:e1:e6:6a:d2:6e:83:72:3c:cd:cc:c9: b7:fe:39:ba:c2:18:2d:ff:df:a3:89:bc:55:05:08:90:e6:0f: 74:24:65:45 -----BEGIN CERTIFICATE----- MIIE4TCCA8mgAwIBAgICQM0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTQy MzUyNTJaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDU2MDI3NDRFRTZBODY2 NTRGQjFFNjhCNkIxQTBCNDBENDI4QTE3NjcwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCoje78XCiksrLyJSfR3MJ09lbD73W7lNmT2kJeIucXFc2PVIiY QdcD5cfXbKQd0s2lG1v/y+dEF6oGu90JISdFoLSin1xbmOomsfAIL9t4VfNP0R1B JwWQwBjc3QDOOm1dMK9jv7KpHPr3MTZKygMu04laeUk0k4TeFLk6WH2QJDozw+JP UFrSx4QN3/JRQ7X5tVs82vBR2G+fAopay1hXFy4ZBaBqLbh0ntWOzIS6xn5VCfpj CWPP7xFL9dOeYn89FbYA+kk4Ac2pHTlQS13EqHJLw/6fBCweaUC6LkQsUy2cPz+g ap7o04gqfNMXzQvsMes/JIbVfsmlB6z5lcVTAgMBAAGjggH9MIIB+TAdBgNVHQ4E FgQUVgJ0TuaoZlT7Hmi2saC0DUKKF2cwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj 3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3 L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1ZnSjBUdWFvWmxUN0ht aTJzYUMwRFVLS0YyYy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAD7l5jg7bgl7fVn6 oQWYtgn3RYg1GdUd8uFgsL5yCqM7zbA1xepj5Miu9KaumkgIStZ6klrtFFCdCDat 90MTUGMF5aC4VbNpvBXtYU8CHWPRK7VxXo02kMpkrgJSW6pfFVVsFJ4N1MFVEWdq tjX5sWciMIS9UPIj8ggcloR94/POBy6UX+6+ZUquVD5vFPBSbvZo0l1Mf6+Jti/r 9eF9ndFv2ssvk/53aFpXafLQqZx+H5Z7ciFdb5Ee1CdPasoinTPwZR0FLOpAe/zW HHkpGZCpkyoFUCAda0zbYWOVw4Lh5mrSboNyPM3Mybf+ObrCGC3/36OJvFUFCJDm D3QkZUU= -----END CERTIFICATE-----Generated at Mon Dec 22 13:03:20 2025 by rpki-client