This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/yBwpRTVx6Zxtjrd9gfQkMOb9HRw.roa File: yBwpRTVx6Zxtjrd9gfQkMOb9HRw.roa (raw, json) Hash identifier: McWVdwPH5YkWKwcEO0Yv8938oGvggattmj5MWEuAQy0= Subject key identifier: C8:1C:29:45:35:71:E9:9C:6D:8E:B7:7D:81:F4:24:30:E6:FD:1D:1C Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA Certificate serial: 5062 Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/yBwpRTVx6Zxtjrd9gfQkMOb9HRw.roa Signing time: Sun 05 May 2024 18:24:03 +0000 ROA not before: Sun 05 May 2024 18:24:03 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 24426 IP address blocks: 43.236.0.0/16 maxlen: 16 Validation: Failed, RFC 3779 resource not subset of parent's resources Certificate: Data: Version: 3 (0x2) Serial Number: 20578 (0x5062) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA Validity Not Before: May 5 18:24:03 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=C81C29453571E99C6D8EB77D81F42430E6FD1D1C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d3:75:bb:e7:f5:43:e6:ff:e8:12:ca:10:b8:c4: 76:e1:c9:2f:1a:78:38:39:13:d9:67:89:d1:c5:95: 7e:64:38:d3:77:e8:98:db:17:d8:22:95:50:09:a7: 9a:0d:ec:c5:62:d5:a4:bb:f1:c7:32:5f:c8:ba:1b: 5e:9b:fa:a8:a2:40:40:f9:db:1b:6a:54:99:b8:fa: fe:d2:7a:19:fc:be:ed:f5:48:3f:a4:25:c2:cd:6a: cd:f1:9c:37:82:f3:f5:59:9e:3b:1b:02:ff:c8:c8: e9:d6:88:cc:dc:e0:0b:cf:70:f0:81:f4:1d:c6:48: 75:c0:09:97:ab:e7:24:f2:87:8e:af:16:2e:0e:4c: f0:0a:e1:08:98:da:5a:02:1e:62:5b:45:1c:29:88: eb:1b:fe:98:cd:26:70:29:ab:30:06:4e:48:d4:be: 18:36:39:1a:f5:f0:39:1b:5a:f0:55:ce:1c:c9:e1: ae:58:f2:b1:5d:94:d6:0c:56:b9:5a:86:5f:e1:3f: 77:35:3a:51:dd:eb:40:b0:e6:d2:02:d3:da:a7:21: 05:c8:78:12:6b:6b:11:51:d5:16:4e:b1:15:0c:e3: c9:79:1d:bd:70:ab:60:56:ce:1d:ee:b8:c5:8b:ec: e7:bc:05:29:40:0b:af:06:d5:d8:27:6d:0b:00:3f: 20:71 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C8:1C:29:45:35:71:E9:9C:6D:8E:B7:7D:81:F4:24:30:E6:FD:1D:1C X509v3 Authority Key Identifier: keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/yBwpRTVx6Zxtjrd9gfQkMOb9HRw.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 43.236.0.0/16 Signature Algorithm: sha256WithRSAEncryption 07:ee:9e:f4:5b:98:9c:fb:50:55:08:e8:3a:26:4f:c6:0a:36: 47:a0:32:4a:02:5e:4b:15:c7:61:31:0e:43:fa:06:80:d5:6b: 72:94:55:a1:4f:5f:b9:dc:2c:3c:21:f8:0c:74:1e:73:27:37: ff:8a:4c:9a:8b:df:87:ef:26:9f:0d:15:a3:1c:cd:78:b8:29: 0e:7b:22:8d:2d:20:d2:a1:9c:6f:73:e2:eb:74:6b:1b:3e:a2: ab:68:62:fb:da:93:d8:e7:78:3a:11:3a:f5:71:9a:50:6b:83: ef:c0:fd:84:a0:d6:6e:13:97:33:20:33:37:78:fb:38:6e:bc: b4:24:48:ad:e5:f5:80:0d:4a:ac:d3:79:73:f4:3d:9e:4e:05: 6e:fa:cd:47:a8:1f:8d:59:65:b0:33:84:8f:73:24:cd:3c:df: 0f:64:ed:36:12:82:46:42:32:a4:3a:b1:3d:94:6b:1a:3e:42: 2f:31:2f:91:ce:02:34:b2:a6:16:1b:de:77:78:c0:9d:31:08: 42:83:1b:c9:a9:47:5f:5e:5d:43:30:4e:45:1e:6c:6c:16:ed: c7:cd:9c:04:ea:ce:38:99:73:2e:81:38:72:ae:de:4a:5d:94: 01:05:7c:15:d8:81:23:1d:90:bb:69:b2:39:22:d7:8e:8c:66: 17:44:12:b2 -----BEGIN CERTIFICATE----- MIIE1DCCA7ygAwIBAgICUGIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MDUx ODI0MDNaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEM4MUMyOTQ1MzU3MUU5 OUM2RDhFQjc3RDgxRjQyNDMwRTZGRDFEMUMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDTdbvn9UPm/+gSyhC4xHbhyS8aeDg5E9lnidHFlX5kONN36Jjb F9gilVAJp5oN7MVi1aS78ccyX8i6G16b+qiiQED52xtqVJm4+v7Sehn8vu31SD+k JcLNas3xnDeC8/VZnjsbAv/IyOnWiMzc4AvPcPCB9B3GSHXACZer5yTyh46vFi4O TPAK4QiY2loCHmJbRRwpiOsb/pjNJnApqzAGTkjUvhg2ORr18DkbWvBVzhzJ4a5Y 8rFdlNYMVrlahl/hP3c1OlHd60Cw5tIC09qnIQXIeBJraxFR1RZOsRUM48l5Hb1w q2BWzh3uuMWL7Oe8BSlAC68G1dgnbQsAPyBxAgMBAAGjggHwMIIB7DAdBgNVHQ4E FgQUyBwpRTVx6Zxtjrd9gfQkMOb9HRwwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj 3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3 L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3lCd3BSVFZ4Nlp4dGpy ZDlnZlFrTU9iOUhSdy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAB+6e9FuYnPtQVQjoOiZPxgo2R6AySgJe SxXHYTEOQ/oGgNVrcpRVoU9fudwsPCH4DHQecyc3/4pMmovfh+8mnw0VoxzNeLgp DnsijS0g0qGcb3Pi63RrGz6iq2hi+9qT2Od4OhE69XGaUGuD78D9hKDWbhOXMyAz N3j7OG68tCRIreX1gA1KrNN5c/Q9nk4FbvrNR6gfjVllsDOEj3MkzTzfD2TtNhKC RkIypDqxPZRrGj5CLzEvkc4CNLKmFhved3jAnTEIQoMbyalHX15dQzBORR5sbBbt x82cBOrOOJlzLoE4cq7eSl2UAQV8FdiBIx2Qu2myOSLXjoxmF0QSsg== -----END CERTIFICATE-----Generated at Mon Dec 22 12:31:36 2025 by rpki-client