This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/cfnZUSzUlsE2ZricvwYje9nJHkc.roa File: cfnZUSzUlsE2ZricvwYje9nJHkc.roa (raw, json) Hash identifier: GcJdHM7jIy1wCNRMXLSS1nW3c7apzDjmqoIHyJg3Ykk= Subject key identifier: 71:F9:D9:51:2C:D4:96:C1:36:66:B8:9C:BF:06:23:7B:D9:C9:1E:47 Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA Certificate serial: 3A8D Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/cfnZUSzUlsE2ZricvwYje9nJHkc.roa Signing time: Sat 06 Apr 2024 15:52:28 +0000 ROA not before: Sat 06 Apr 2024 15:52:28 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 24426 IP address blocks: 43.239.0.0/19 maxlen: 19 101.78.32.0/19 maxlen: 19 103.35.0.0/19 maxlen: 19 Validation: Failed, RFC 3779 resource not subset of parent's resources Certificate: Data: Version: 3 (0x2) Serial Number: 14989 (0x3a8d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA Validity Not Before: Apr 6 15:52:28 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=71F9D9512CD496C13666B89CBF06237BD9C91E47 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:da:9b:ce:c1:bd:7f:c0:12:0a:f3:c7:d0:a1:bb: 1d:0c:7d:f8:7d:9b:44:c8:86:9c:27:2b:91:cd:8a: cd:4e:47:40:04:a0:1d:37:67:28:82:22:ad:da:07: 64:32:f6:ba:01:1a:d1:8e:ed:cf:71:e0:85:72:50: 49:4a:84:c3:e5:27:9e:e0:a3:26:71:29:ba:75:10: 2e:2c:96:36:7f:ce:8c:2d:bc:71:91:eb:34:ef:89: 47:a3:05:67:79:a9:4b:b2:8b:28:ea:e0:54:1d:45: 93:a0:bb:16:50:4e:87:bd:cd:66:99:f5:40:e4:d1: a2:e4:07:41:49:64:72:0c:70:b1:1d:9a:e2:bd:2c: e3:44:ec:d9:f1:35:20:c1:8c:61:de:eb:90:ff:a7: d2:1b:a4:00:cd:bb:89:8f:c5:ff:df:77:18:c1:98: 17:8b:7c:41:e7:b8:ce:f8:f3:32:d7:fe:06:34:76: d6:9d:e4:0c:17:e6:c7:37:b0:d5:be:9e:c6:06:72: bc:91:34:a6:15:c5:c4:90:15:0e:19:e3:08:25:27: 23:5b:76:f4:bf:ec:f1:49:91:b3:13:54:2f:be:a7: a8:7c:de:7a:3d:cf:aa:ff:de:e9:c6:51:c1:03:33: 47:ee:fa:4a:74:02:0d:85:d1:05:56:e6:58:32:e9: 93:39 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 71:F9:D9:51:2C:D4:96:C1:36:66:B8:9C:BF:06:23:7B:D9:C9:1E:47 X509v3 Authority Key Identifier: keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/cfnZUSzUlsE2ZricvwYje9nJHkc.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 43.239.0.0/19 101.78.32.0/19 103.35.0.0/19 Signature Algorithm: sha256WithRSAEncryption 80:90:fd:b3:3e:b8:06:52:27:a0:94:7d:e5:9b:c9:2f:8f:ec: 56:7f:07:6a:50:97:07:0f:e3:16:46:66:46:42:35:c6:eb:57: f4:c9:cc:aa:2f:8c:cf:7c:d8:f1:9b:e5:1e:97:fd:10:01:3e: 36:55:04:92:69:29:ff:9c:dd:26:78:e0:ea:7c:a7:97:07:04: 2c:07:7e:b5:80:19:fa:8f:0b:5c:01:47:a9:0a:30:60:4e:17: 3a:e2:2b:28:dd:b1:57:0c:d7:d1:1f:cf:40:50:21:f7:ab:ef: 17:5e:8d:ff:49:ec:c1:17:71:19:34:7e:95:c7:9e:fc:c0:0f: 3f:6f:35:93:0f:18:b7:06:42:60:24:a9:70:ad:1d:ad:a4:5e: 25:26:ec:8e:3f:ce:d9:ef:bf:88:de:3b:d1:53:82:c7:18:b9: ba:c5:88:db:29:a2:fc:35:d4:d5:32:d0:17:88:20:87:20:af: dd:54:35:ec:f6:3b:68:b7:a1:45:6d:9e:2d:df:fc:e6:7b:f4: f6:b8:7f:20:a5:c2:30:7e:19:bf:e7:c0:77:95:1f:44:0c:82: 62:c4:15:28:bb:35:06:68:4a:b4:08:e4:ab:ca:a0:4b:32:1d: 0f:53:89:ca:2c:cb:69:e8:9c:ed:6f:3b:15:f1:8c:73:b7:c5: e1:cf:b2:58 -----BEGIN CERTIFICATE----- MIIE4TCCA8mgAwIBAgICOo0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDYx NTUyMjhaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDcxRjlEOTUxMkNENDk2 QzEzNjY2Qjg5Q0JGMDYyMzdCRDlDOTFFNDcwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDam87BvX/AEgrzx9Chux0Mffh9m0TIhpwnK5HNis1OR0AEoB03 ZyiCIq3aB2Qy9roBGtGO7c9x4IVyUElKhMPlJ57goyZxKbp1EC4sljZ/zowtvHGR 6zTviUejBWd5qUuyiyjq4FQdRZOguxZQToe9zWaZ9UDk0aLkB0FJZHIMcLEdmuK9 LONE7NnxNSDBjGHe65D/p9IbpADNu4mPxf/fdxjBmBeLfEHnuM748zLX/gY0dtad 5AwX5sc3sNW+nsYGcryRNKYVxcSQFQ4Z4wglJyNbdvS/7PFJkbMTVC++p6h83no9 z6r/3unGUcEDM0fu+kp0Ag2F0QVW5lgy6ZM5AgMBAAGjggH9MIIB+TAdBgNVHQ4E FgQUcfnZUSzUlsE2ZricvwYje9nJHkcwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj 3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3 L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2NmblpVU3pVbHNFMlpy aWN2d1lqZTluSkhrYy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAICQ/bM+uAZSJ6CU feWbyS+P7FZ/B2pQlwcP4xZGZkZCNcbrV/TJzKovjM982PGb5R6X/RABPjZVBJJp Kf+c3SZ44Op8p5cHBCwHfrWAGfqPC1wBR6kKMGBOFzriKyjdsVcM19Efz0BQIfer 7xdejf9J7MEXcRk0fpXHnvzADz9vNZMPGLcGQmAkqXCtHa2kXiUm7I4/ztnvv4je O9FTgscYubrFiNspovw11NUy0BeIIIcgr91UNez2O2i3oUVtni3f/OZ79Pa4fyCl wjB+Gb/nwHeVH0QMgmLEFSi7NQZoSrQI5KvKoEsyHQ9Ticosy2nonO1vOxXxjHO3 xeHPslg= -----END CERTIFICATE-----Generated at Mon Dec 22 07:09:13 2025 by rpki-client