This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/i8HfqDPJhMTpgdpRaw_Jdh2B0UY.roa File: i8HfqDPJhMTpgdpRaw_Jdh2B0UY.roa (raw, json) Hash identifier: HeoLNBd7f9hwPz/XGc12YMCoKljthZfNoccxa+uzaRE= Subject key identifier: 8B:C1:DF:A8:33:C9:84:C4:E9:81:DA:51:6B:0F:C9:76:1D:81:D1:46 Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942 Certificate serial: 540E Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/i8HfqDPJhMTpgdpRaw_Jdh2B0UY.roa Signing time: Sun 25 Jan 2026 18:57:26 +0000 ROA not before: Sun 25 Jan 2026 18:57:26 +0000 ROA not after: Fri 23 Oct 2026 03:01:03 +0000 asID: 9391 IP address blocks: 124.29.0.0/17 maxlen: 17 Validation: Failed, RFC 3779 resource not subset of parent's resources Certificate: Data: Version: 3 (0x2) Serial Number: 21518 (0x540e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942 Validity Not Before: Jan 25 18:57:26 2026 GMT Not After : Oct 23 03:01:03 2026 GMT Subject: CN=8BC1DFA833C984C4E981DA516B0FC9761D81D146 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:af:98:e4:c0:a3:65:10:43:52:14:95:d6:c0: d4:3d:54:a0:3d:16:e4:e5:db:de:56:58:dd:1d:2e: 2c:a5:ab:26:9c:ed:fb:a5:ec:73:24:0e:93:98:a8: 6c:0a:ef:7c:36:3c:17:d0:64:72:b3:a5:ca:69:5e: e5:77:e4:d6:c0:f4:c4:54:8e:bc:7e:ae:0e:8a:3f: 3b:61:26:51:c0:f1:27:db:a7:ee:8b:0e:9b:66:ec: d3:99:52:02:f0:f9:f9:fb:fc:be:14:1a:fc:8f:53: c1:72:04:89:40:d4:32:0c:7a:e6:e2:3e:bf:7e:9a: eb:99:f7:4f:45:88:14:fd:b3:28:3b:b6:88:1d:c0: 9e:3b:ae:06:12:cb:a3:c1:64:4d:d1:84:46:68:18: d2:fd:87:d3:ec:71:bb:63:df:0c:e6:cf:18:0c:b2: 0d:01:3d:cb:1a:f2:78:52:bf:15:d5:4d:32:63:96: 80:69:c2:dc:82:70:30:b7:eb:02:39:d5:f2:ad:8d: 8c:55:31:fe:aa:08:06:1d:8b:e8:3e:1c:c0:2e:02: a4:88:05:e5:de:94:f5:8b:bd:c9:a0:69:de:62:25: af:b1:01:0c:bd:a1:41:7b:a6:8a:6b:14:90:93:1b: 66:7d:de:99:ff:7a:f2:8e:6c:a1:99:c6:04:ae:41: 68:1f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8B:C1:DF:A8:33:C9:84:C4:E9:81:DA:51:6B:0F:C9:76:1D:81:D1:46 X509v3 Authority Key Identifier: keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/i8HfqDPJhMTpgdpRaw_Jdh2B0UY.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 124.29.0.0/17 Signature Algorithm: sha256WithRSAEncryption 4f:c4:42:cf:25:ff:27:84:5a:de:a1:6c:d9:3a:bb:11:74:49: 21:3a:29:b3:8f:43:c1:76:e9:90:2d:b6:f4:0a:03:8a:2c:cb: 06:d0:99:c5:6d:40:73:2e:42:3c:7d:d3:a2:3c:e0:39:ea:2c: fe:50:b7:55:f5:50:d7:f7:59:50:b7:ac:c5:7d:24:c7:8c:7b: b6:7f:c1:a4:81:55:e9:4a:49:74:70:86:43:8f:32:1f:f7:7d: 12:b3:b3:bb:53:14:60:cd:1f:c0:ef:ed:32:b5:db:14:c9:32: 0d:18:01:e1:af:44:5e:cd:c6:c7:10:cb:d3:2e:1a:b8:b2:8e: c4:99:42:4e:75:90:a6:8c:0a:c8:4e:a7:b6:99:a9:5a:5b:7d: 70:16:42:df:07:cc:53:3e:fe:ac:c0:16:31:cf:91:5d:b1:64: 1d:21:10:77:d1:50:50:7b:33:1b:a3:8b:20:bf:cf:04:13:c4: 5d:f8:a1:63:aa:23:2c:35:a7:f7:48:e4:ae:3a:47:17:63:93: b8:83:2d:08:79:8b:6a:db:c3:69:b4:6b:f7:ec:70:8a:2c:01: 1a:12:a5:38:5e:8c:cb:a1:2e:18:92:bb:aa:7a:92:7c:55:70: eb:dd:4c:df:c5:7b:2b:4f:29:a2:6d:a5:36:0c:b1:b9:21:48: 12:ca:95:27 -----BEGIN CERTIFICATE----- MIIE0zCCA7ugAwIBAgICVA4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNjAxMjUx ODU3MjZaFw0yNjEwMjMwMzAxMDNaMDMxMTAvBgNVBAMTKDhCQzFERkE4MzNDOTg0 QzRFOTgxREE1MTZCMEZDOTc2MUQ4MUQxNDYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDHr5jkwKNlEENSFJXWwNQ9VKA9FuTl295WWN0dLiylqyac7ful 7HMkDpOYqGwK73w2PBfQZHKzpcppXuV35NbA9MRUjrx+rg6KPzthJlHA8Sfbp+6L Dptm7NOZUgLw+fn7/L4UGvyPU8FyBIlA1DIMeubiPr9+muuZ909FiBT9syg7togd wJ47rgYSy6PBZE3RhEZoGNL9h9Pscbtj3wzmzxgMsg0BPcsa8nhSvxXVTTJjloBp wtyCcDC36wI51fKtjYxVMf6qCAYdi+g+HMAuAqSIBeXelPWLvcmgad5iJa+xAQy9 oUF7poprFJCTG2Z93pn/evKObKGZxgSuQWgfAgMBAAGjggHvMIIB6zAdBgNVHQ4E FgQUi8HfqDPJhMTpgdpRaw/Jdh2B0UYwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9pOEhmcURQSmhNVHBnZHBS YXdfSmRoMkIwVVkucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu Y24vcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQH fB0AMA0GCSqGSIb3DQEBCwUAA4IBAQBPxELPJf8nhFreoWzZOrsRdEkhOimzj0PB dumQLbb0CgOKLMsG0JnFbUBzLkI8fdOiPOA56iz+ULdV9VDX91lQt6zFfSTHjHu2 f8GkgVXpSkl0cIZDjzIf930Ss7O7UxRgzR/A7+0ytdsUyTINGAHhr0RezcbHEMvT Lhq4so7EmUJOdZCmjArITqe2malaW31wFkLfB8xTPv6swBYxz5FdsWQdIRB30VBQ ezMbo4sgv88EE8Rd+KFjqiMsNaf3SOSuOkcXY5O4gy0IeYtq28NptGv37HCKLAEa EqU4XozLoS4YkruqepJ8VXDr3UzfxXsrTymibaU2DLG5IUgSypUn -----END CERTIFICATE-----Generated at Mon Jan 26 05:03:52 2026 by rpki-client