This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/361/JFedtLxXu2_P4wgS16PoE5O5Epo.roa File: JFedtLxXu2_P4wgS16PoE5O5Epo.roa (raw, json) Hash identifier: DJx6HuoXo46mlA6OkRWCW6bZ0auPhQEZnc6k7+J0/HM= Subject key identifier: 24:57:9D:B4:BC:57:BB:6F:CF:E3:08:12:D7:A3:E8:13:93:B9:12:9A Certificate issuer: /CN=585206C87420BE42C7B9042DE3E5FD51595FF14B Certificate serial: 2288 Authority key identifier: 58:52:06:C8:74:20:BE:42:C7:B9:04:2D:E3:E5:FD:51:59:5F:F1:4B Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/WFIGyHQgvkLHuQQt4-X9UVlf8Us.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/361/JFedtLxXu2_P4wgS16PoE5O5Epo.roa Signing time: Thu 25 Dec 2025 05:41:44 +0000 ROA not before: Thu 25 Dec 2025 05:41:44 +0000 ROA not after: Fri 23 Oct 2026 03:01:03 +0000 asID: 131314 IP address blocks: 2403:9b00:2400::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/361/WFIGyHQgvkLHuQQt4-X9UVlf8Us.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/361/WFIGyHQgvkLHuQQt4-X9UVlf8Us.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/WFIGyHQgvkLHuQQt4-X9UVlf8Us.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 25 Jan 2026 16:57:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8840 (0x2288) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=585206C87420BE42C7B9042DE3E5FD51595FF14B Validity Not Before: Dec 25 05:41:44 2025 GMT Not After : Oct 23 03:01:03 2026 GMT Subject: CN=24579DB4BC57BB6FCFE30812D7A3E81393B9129A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d1:10:a1:e2:75:c2:b9:20:46:8f:94:55:89:76: 70:a8:f6:97:f1:72:c8:89:b1:75:28:38:1e:2c:2d: 90:39:6f:65:d2:48:dd:c6:c6:68:8b:20:32:1e:35: 26:ee:68:4a:a3:56:53:b0:d6:df:f7:35:9c:22:a2: a2:7f:af:32:17:98:30:aa:48:1d:d7:53:46:58:1a: f9:d2:43:e6:96:48:12:29:e0:b8:9e:72:c2:5b:9a: 9b:7a:3e:ed:cd:e2:d5:b2:4d:d1:80:84:ba:fe:bc: 41:8c:d9:0f:95:9e:53:bf:15:4b:ee:6f:59:b8:c3: a2:d1:5b:0a:3f:bb:bf:4e:7d:e9:9c:d1:78:19:c9: 80:1e:47:b7:5a:63:99:2d:0e:90:7d:4e:fa:10:fa: d0:96:01:f6:5f:3d:d1:68:1d:e9:b8:d9:31:9f:5e: e4:aa:87:47:70:53:97:20:aa:60:80:d4:ad:b8:6b: 4b:5a:ca:ea:63:2d:9f:99:73:7a:33:46:df:62:2e: 66:0a:9c:d4:d6:c5:f6:e5:87:93:e8:f4:06:c5:83: 05:f1:f0:40:94:f7:cc:7b:ca:cb:47:1d:09:ca:60: 55:66:99:31:c1:4c:95:c7:b1:11:ef:fe:2f:b8:4e: 0d:83:b3:15:a9:77:2d:eb:60:17:ae:1f:48:ad:7b: 83:9b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 24:57:9D:B4:BC:57:BB:6F:CF:E3:08:12:D7:A3:E8:13:93:B9:12:9A X509v3 Authority Key Identifier: keyid:58:52:06:C8:74:20:BE:42:C7:B9:04:2D:E3:E5:FD:51:59:5F:F1:4B X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/361/WFIGyHQgvkLHuQQt4-X9UVlf8Us.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/WFIGyHQgvkLHuQQt4-X9UVlf8Us.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/361/JFedtLxXu2_P4wgS16PoE5O5Epo.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2403:9b00:2400::/48 Signature Algorithm: sha256WithRSAEncryption 58:e4:94:e0:9d:69:4e:9f:ae:6d:ef:75:12:fe:bc:6c:e6:a9: 14:af:39:5b:de:02:e6:69:39:7e:c0:f6:fe:90:96:3c:a7:33: 44:80:1d:f3:2e:cd:80:36:bb:de:9f:fa:83:c8:61:09:d7:b7: 64:a4:6d:55:cf:a1:d4:ff:7b:c0:4f:20:fc:44:20:56:7a:4d: 86:0f:f9:f2:e1:92:f8:e5:09:a0:87:70:5b:3b:eb:e5:72:cc: 01:d9:4f:71:60:e4:f4:2e:50:08:4b:19:66:c9:c7:22:9b:d4: 4a:e0:fa:3a:54:21:68:40:5f:d2:52:0e:b2:84:13:64:88:80: a3:70:fe:6d:30:9a:51:77:1f:a4:29:28:8c:75:d0:ea:6d:84: ea:9b:f1:ff:49:ae:a3:3e:7b:c1:db:dd:cd:80:d0:24:35:66: 91:08:df:dc:e3:96:61:9e:d0:85:f3:7f:72:a3:2a:76:25:19: d1:11:4d:8d:35:06:b0:0b:7c:46:86:12:17:ba:c7:aa:17:cf: 8e:f7:03:b9:11:9e:f7:64:b9:5a:46:6b:c7:9d:5c:20:06:37: 30:59:b8:4a:2d:99:56:8a:e7:65:16:38:4f:47:11:95:e6:d4: cb:1f:58:e1:ae:8d:2f:44:12:7b:a6:95:3e:4d:52:26:0f:51: 76:33:5f:0b -----BEGIN CERTIFICATE----- MIIE2DCCA8CgAwIBAgICIogwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNTg1 MjA2Qzg3NDIwQkU0MkM3QjkwNDJERTNFNUZENTE1OTVGRjE0QjAeFw0yNTEyMjUw NTQxNDRaFw0yNjEwMjMwMzAxMDNaMDMxMTAvBgNVBAMTKDI0NTc5REI0QkM1N0JC NkZDRkUzMDgxMkQ3QTNFODEzOTNCOTEyOUEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDREKHidcK5IEaPlFWJdnCo9pfxcsiJsXUoOB4sLZA5b2XSSN3G xmiLIDIeNSbuaEqjVlOw1t/3NZwioqJ/rzIXmDCqSB3XU0ZYGvnSQ+aWSBIp4Lie csJbmpt6Pu3N4tWyTdGAhLr+vEGM2Q+VnlO/FUvub1m4w6LRWwo/u79Ofemc0XgZ yYAeR7daY5ktDpB9TvoQ+tCWAfZfPdFoHem42TGfXuSqh0dwU5cgqmCA1K24a0ta yupjLZ+Zc3ozRt9iLmYKnNTWxfblh5Po9AbFgwXx8ECU98x7ystHHQnKYFVmmTHB TJXHsRHv/i+4Tg2DsxWpdy3rYBeuH0ite4ObAgMBAAGjggH0MIIB8DAdBgNVHQ4E FgQUJFedtLxXu2/P4wgS16PoE5O5EpowHwYDVR0jBBgwFoAUWFIGyHQgvkLHuQQt 4+X9UVlf8UswGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzYx L1dGSUd5SFFndmtMSHVRUXQ0LVg5VVZsZjhVcy5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvV0ZJR3lIUWd2a0xIdVFRdDQtWDlVVmxmOFVzLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzYxL0pGZWR0THhYdTJfUDR3 Z1MxNlBvRTVPNUVwby5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkD BwAkA5sAJAAwDQYJKoZIhvcNAQELBQADggEBAFjklOCdaU6frm3vdRL+vGzmqRSv OVveAuZpOX7A9v6QljynM0SAHfMuzYA2u96f+oPIYQnXt2SkbVXPodT/e8BPIPxE IFZ6TYYP+fLhkvjlCaCHcFs76+VyzAHZT3Fg5PQuUAhLGWbJxyKb1Erg+jpUIWhA X9JSDrKEE2SIgKNw/m0wmlF3H6QpKIx10OpthOqb8f9JrqM+e8Hb3c2A0CQ1ZpEI 39zjlmGe0IXzf3KjKnYlGdERTY01BrALfEaGEhe6x6oXz473A7kRnvdkuVpGa8ed XCAGNzBZuEotmVaK52UWOE9HEZXm1MsfWOGujS9EEnumlT5NUiYPUXYzXws= -----END CERTIFICATE-----Generated at Sun Jan 25 15:01:27 2026 by rpki-client