This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/oWSbFPKMEF2vUN_iEfHf8QTKB9Y.roa File: oWSbFPKMEF2vUN_iEfHf8QTKB9Y.roa (raw, json) Hash identifier: halIUSF3MHgO+cCUQA6lANB5FlXx+rPofvdOYeI8srI= Subject key identifier: A1:64:9B:14:F2:8C:10:5D:AF:50:DF:E2:11:F1:DF:F1:04:CA:07:D6 Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA Certificate serial: 56CA Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/oWSbFPKMEF2vUN_iEfHf8QTKB9Y.roa Signing time: Tue 14 May 2024 07:24:24 +0000 ROA not before: Tue 14 May 2024 07:24:24 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 24426 IP address blocks: 43.236.0.0/16 maxlen: 16 Validation: Failed, RFC 3779 resource not subset of parent's resources Certificate: Data: Version: 3 (0x2) Serial Number: 22218 (0x56ca) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA Validity Not Before: May 14 07:24:24 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=A1649B14F28C105DAF50DFE211F1DFF104CA07D6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:03:ab:8d:6e:29:8b:36:8b:d1:9e:26:68:9b: bd:77:af:3d:8f:4b:45:a0:37:29:96:bb:5d:b3:2b: 54:0c:8a:69:e1:0e:e5:8b:43:a6:d2:ee:b4:a1:b3: f8:84:c5:54:bc:e6:7a:db:a0:df:d7:77:00:85:4d: 04:60:0e:1c:4b:de:2d:22:f0:4f:55:53:a2:ea:17: 36:35:b2:56:01:a0:4d:0b:57:e9:42:b3:ad:e1:7c: 2c:2d:32:4f:4b:e2:5c:72:04:df:c8:5d:dc:64:bb: 02:ef:10:76:86:fd:93:bb:99:92:3d:97:5c:77:f5: aa:c1:30:4a:e7:11:00:9a:74:7c:89:76:a0:85:bd: ab:05:57:9d:6c:33:d1:8d:56:2c:91:0c:11:16:6e: 09:a6:66:8b:b1:80:f0:fb:24:a1:09:0f:56:f3:1f: 38:9e:24:cc:41:eb:c7:0b:4c:2d:f2:1f:4a:b6:26: 19:ac:24:58:e4:52:2a:6b:4b:0a:aa:2b:1d:0e:9d: 0f:66:2a:aa:91:0a:1f:a6:8e:d5:35:83:fb:38:83: eb:65:18:21:8f:f9:50:e2:e4:d9:dd:f4:24:7f:62: 21:e3:28:74:15:1d:1e:7c:20:6e:3b:91:45:2f:72: a3:63:78:42:fe:25:42:c1:32:1d:d4:28:fc:84:ab: 01:31 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A1:64:9B:14:F2:8C:10:5D:AF:50:DF:E2:11:F1:DF:F1:04:CA:07:D6 X509v3 Authority Key Identifier: keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/oWSbFPKMEF2vUN_iEfHf8QTKB9Y.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 43.236.0.0/16 Signature Algorithm: sha256WithRSAEncryption 52:66:72:28:f5:b2:86:00:92:a9:13:fc:1a:4d:a7:9e:f7:b9: cd:34:b1:dc:a0:64:df:1a:70:cb:a8:42:87:5b:9b:81:a9:54: 8d:b4:0a:1f:a3:dc:4e:d2:2a:84:6a:02:86:c6:0f:a7:71:c5: 18:0e:96:c3:de:b6:2e:67:93:15:80:66:96:ca:6b:01:85:f7: eb:90:cb:da:ef:d1:b3:37:71:17:ac:cc:aa:d4:05:5b:99:70: c3:76:43:c8:6c:9a:2e:a8:e4:2f:12:dc:72:e5:4b:3b:9a:ed: dd:22:7e:b6:20:fa:d8:16:bd:ba:f9:10:4d:19:7b:c4:01:b7: cb:c8:93:63:5e:f0:6b:13:1a:b9:57:6d:39:69:3e:22:b2:f6: 9c:d6:1f:f4:0c:e9:50:8c:d2:aa:e1:ca:dd:20:b0:4f:a5:6e: 62:d4:6b:94:4a:f5:88:2b:a3:73:b8:10:8d:ec:ff:42:6d:db: 9e:e8:1e:9e:07:da:27:34:c3:92:2d:1f:f6:c6:17:86:84:35: 0a:32:b1:17:1c:36:8b:38:c5:97:e1:82:27:2d:ea:86:48:67: 07:54:8c:7d:88:e8:11:44:a2:ab:28:61:1b:88:e4:66:34:8a: 24:86:b4:0b:f7:7c:48:69:37:64:f7:b1:e8:69:5c:c1:ae:70: 1c:c9:f3:19 -----BEGIN CERTIFICATE----- MIIE1DCCA7ygAwIBAgICVsowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MTQw NzI0MjRaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEExNjQ5QjE0RjI4QzEw NURBRjUwREZFMjExRjFERkYxMDRDQTA3RDYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCyA6uNbimLNovRniZom713rz2PS0WgNymWu12zK1QMimnhDuWL Q6bS7rShs/iExVS85nrboN/XdwCFTQRgDhxL3i0i8E9VU6LqFzY1slYBoE0LV+lC s63hfCwtMk9L4lxyBN/IXdxkuwLvEHaG/ZO7mZI9l1x39arBMErnEQCadHyJdqCF vasFV51sM9GNViyRDBEWbgmmZouxgPD7JKEJD1bzHzieJMxB68cLTC3yH0q2Jhms JFjkUiprSwqqKx0OnQ9mKqqRCh+mjtU1g/s4g+tlGCGP+VDi5Nnd9CR/YiHjKHQV HR58IG47kUUvcqNjeEL+JULBMh3UKPyEqwExAgMBAAGjggHwMIIB7DAdBgNVHQ4E FgQUoWSbFPKMEF2vUN/iEfHf8QTKB9YwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj 3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3 L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L29XU2JGUEtNRUYydlVO X2lFZkhmOFFUS0I5WS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAUmZyKPWyhgCSqRP8Gk2nnve5zTSx3KBk 3xpwy6hCh1ubgalUjbQKH6PcTtIqhGoChsYPp3HFGA6Ww962LmeTFYBmlsprAYX3 65DL2u/RszdxF6zMqtQFW5lww3ZDyGyaLqjkLxLccuVLO5rt3SJ+tiD62Ba9uvkQ TRl7xAG3y8iTY17waxMauVdtOWk+IrL2nNYf9AzpUIzSquHK3SCwT6VuYtRrlEr1 iCujc7gQjez/Qm3bnugengfaJzTDki0f9sYXhoQ1CjKxFxw2izjFl+GCJy3qhkhn B1SMfYjoEUSiqyhhG4jkZjSKJIa0C/d8SGk3ZPex6Glcwa5wHMnzGQ== -----END CERTIFICATE-----Generated at Mon Dec 22 03:27:49 2025 by rpki-client