This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1663/dI40E7mkivpcN8WyoPDvjxlPtlE.roa File: dI40E7mkivpcN8WyoPDvjxlPtlE.roa (raw, json) Hash identifier: Sh+mTAs1W3B0LzMmJpoelB9vGPHX1aSe2em9wv2FGIY= Subject key identifier: 74:8E:34:13:B9:A4:8A:FA:5C:37:C5:B2:A0:F0:EF:8F:19:4F:B6:51 Certificate issuer: /CN=8AE4CF78B49DF0B2C1D29D32E48A943AE4F41ACC Certificate serial: BCCC Authority key identifier: 8A:E4:CF:78:B4:9D:F0:B2:C1:D2:9D:32:E4:8A:94:3A:E4:F4:1A:CC Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1663/dI40E7mkivpcN8WyoPDvjxlPtlE.roa Signing time: Sun 07 Dec 2025 05:47:46 +0000 ROA not before: Sun 07 Dec 2025 05:47:46 +0000 ROA not after: Fri 23 Oct 2026 03:01:03 +0000 asID: 63612 IP address blocks: 43.227.80.0/20 maxlen: 20 Validation: Failed, RFC 3779 resource not subset of parent's resources Certificate: Data: Version: 3 (0x2) Serial Number: 48332 (0xbccc) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8AE4CF78B49DF0B2C1D29D32E48A943AE4F41ACC Validity Not Before: Dec 7 05:47:46 2025 GMT Not After : Oct 23 03:01:03 2026 GMT Subject: CN=748E3413B9A48AFA5C37C5B2A0F0EF8F194FB651 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:7c:2f:c8:12:07:57:5f:31:13:19:38:aa:ba: ca:64:c7:ab:d1:ab:87:cc:6a:d7:20:aa:25:d8:ee: 6b:5f:ae:f6:64:c9:ca:12:ba:12:34:6f:9c:e2:d8: f7:5b:3a:d0:b7:7f:f5:76:9e:03:53:3c:b7:4e:8f: 8c:60:67:83:b6:94:4f:ae:63:f7:af:65:30:13:16: 99:8c:2a:35:00:2c:4c:b3:1f:8a:a9:66:70:00:52: 66:26:1f:93:bf:e4:da:5c:a1:41:23:af:83:9d:8a: c2:1d:f4:82:51:52:ef:fe:41:86:65:6d:65:e2:bf: 80:6e:93:98:73:b3:12:0d:86:9d:1d:9a:df:19:67: 96:ca:3d:58:82:ec:0f:65:91:74:1d:45:81:df:b3: ee:31:04:ae:b1:6b:e4:41:69:71:03:41:a2:1b:63: b6:6b:70:70:62:f4:94:f5:71:d3:be:b6:8c:6d:e8: a5:94:6f:24:ab:dd:43:81:0c:0f:0b:68:b7:de:cc: 8c:51:ed:57:f5:72:c4:f1:52:6c:7f:cb:e2:b7:7f: e3:92:df:ee:ab:38:73:e2:02:c2:81:0f:cc:f6:3e: f3:2a:54:07:8f:ff:b3:8f:64:ae:08:02:2a:b9:23: 0f:c8:52:7d:12:b0:19:2d:26:c8:36:25:5e:70:92: 8c:b1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 74:8E:34:13:B9:A4:8A:FA:5C:37:C5:B2:A0:F0:EF:8F:19:4F:B6:51 X509v3 Authority Key Identifier: keyid:8A:E4:CF:78:B4:9D:F0:B2:C1:D2:9D:32:E4:8A:94:3A:E4:F4:1A:CC X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1663/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1663/dI40E7mkivpcN8WyoPDvjxlPtlE.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 43.227.80.0/20 Signature Algorithm: sha256WithRSAEncryption 09:83:56:a8:db:6d:b6:24:7e:20:cb:65:0a:95:e4:66:6f:9f: b8:49:a5:50:85:0c:67:11:e9:a7:e5:b9:a2:02:a9:c8:18:9a: 50:62:d0:f0:70:b0:c9:75:76:ea:c6:34:38:66:89:82:b7:b3: eb:dc:20:89:b3:1b:fc:4c:21:90:03:8e:6a:f8:d0:ed:78:b9: b2:0c:07:ec:ec:df:61:4b:b9:3f:03:e6:b2:34:16:b2:64:8d: 81:5a:9d:06:f1:be:50:85:b1:5e:31:4e:24:fd:37:a1:81:d4: 83:b4:c1:34:b8:d1:23:42:dc:a9:93:5d:d6:a4:a6:e7:27:dd: 81:d4:aa:1b:6c:ab:ea:a1:21:bd:e2:b2:38:81:19:42:15:86: d6:35:37:e5:97:cc:50:d8:b3:a5:ae:94:bf:f3:6b:49:b9:87: 56:36:2d:29:78:ec:dc:f2:0d:37:ee:bf:4f:1b:a4:d3:62:af: 18:2b:21:a8:de:c6:ce:7b:15:13:39:f6:87:a8:e6:d9:fb:15: 61:e0:a2:b5:38:c6:fc:d1:81:97:87:01:af:3b:fe:be:0c:73: f9:6b:9a:b2:e0:a1:b7:97:e9:f4:33:7a:3b:52:67:a5:63:f0: 68:27:43:a1:28:a9:40:fe:35:8e:55:73:a0:67:57:87:48:21: ba:5f:e3:6d -----BEGIN CERTIFICATE----- MIIE2DCCA8CgAwIBAgIDALzMMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDhB RTRDRjc4QjQ5REYwQjJDMUQyOUQzMkU0OEE5NDNBRTRGNDFBQ0MwHhcNMjUxMjA3 MDU0NzQ2WhcNMjYxMDIzMDMwMTAzWjAzMTEwLwYDVQQDEyg3NDhFMzQxM0I5QTQ4 QUZBNUMzN0M1QjJBMEYwRUY4RjE5NEZCNjUxMIIBIjANBgkqhkiG9w0BAQEFAAOC AQ8AMIIBCgKCAQEAxXwvyBIHV18xExk4qrrKZMer0auHzGrXIKol2O5rX672ZMnK EroSNG+c4tj3WzrQt3/1dp4DUzy3To+MYGeDtpRPrmP3r2UwExaZjCo1ACxMsx+K qWZwAFJmJh+Tv+TaXKFBI6+DnYrCHfSCUVLv/kGGZW1l4r+AbpOYc7MSDYadHZrf GWeWyj1YguwPZZF0HUWB37PuMQSusWvkQWlxA0GiG2O2a3BwYvSU9XHTvraMbeil lG8kq91DgQwPC2i33syMUe1X9XLE8VJsf8vit3/jkt/uqzhz4gLCgQ/M9j7zKlQH j/+zj2SuCAIquSMPyFJ9ErAZLSbINiVecJKMsQIDAQABo4IB8zCCAe8wHQYDVR0O BBYEFHSONBO5pIr6XDfFsqDw748ZT7ZRMB8GA1UdIwQYMBaAFIrkz3i0nfCywdKd MuSKlDrk9BrMMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwXQYDVR0fBFYwVDBS oFCgToZMcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzE2 NjMvaXVUUGVMU2Q4TExCMHAweTVJcVVPdVQwR3N3LmNybDBjBggrBgEFBQcBAQRX MFUwUwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYy RTNEMDAwMC9pdVRQZUxTZDhMTEIwcDB5NUlxVU91VDBHc3cuY2VyMA4GA1UdDwEB /wQEAwIHgDCBnQYIKwYBBQUHAQsEgZAwgY0wWAYIKwYBBQUHMAuGTHJzeW5jOi8v cnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC8xNjYzL2RJNDBFN21raXZw Y044V3lvUER2anhsUHRsRS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5j bm5pYy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB MAYDBAQr41AwDQYJKoZIhvcNAQELBQADggEBAAmDVqjbbbYkfiDLZQqV5GZvn7hJ pVCFDGcR6afluaICqcgYmlBi0PBwsMl1durGNDhmiYK3s+vcIImzG/xMIZADjmr4 0O14ubIMB+zs32FLuT8D5rI0FrJkjYFanQbxvlCFsV4xTiT9N6GB1IO0wTS40SNC 3KmTXdakpucn3YHUqhtsq+qhIb3isjiBGUIVhtY1N+WXzFDYs6WulL/za0m5h1Y2 LSl47NzyDTfuv08bpNNirxgrIajexs57FRM59oeo5tn7FWHgorU4xvzRgZeHAa87 /r4Mc/lrmrLgobeX6fQzejtSZ6Vj8GgnQ6EoqUD+NY5Vc6BnV4dIIbpf420= -----END CERTIFICATE-----Generated at Sun Dec 7 13:14:15 2025 by rpki-client