This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/817/MMQ2a1EqvLNPH2cc_2Bmrplqo-A.roa File: MMQ2a1EqvLNPH2cc_2Bmrplqo-A.roa (raw, json) Hash identifier: obvXGK1DwCiD5iThBMkPV/U85ZrJn4162UsVDpTpnpo= Subject key identifier: 30:C4:36:6B:51:2A:BC:B3:4F:1F:67:1C:FF:60:66:AE:99:6A:A3:E0 Certificate issuer: /CN=2A711AA7DC60049B0B0D884897E015B1171F37B9 Certificate serial: 23A2 Authority key identifier: 2A:71:1A:A7:DC:60:04:9B:0B:0D:88:48:97:E0:15:B1:17:1F:37:B9 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/MMQ2a1EqvLNPH2cc_2Bmrplqo-A.roa Signing time: Thu 04 Dec 2025 06:35:53 +0000 ROA not before: Thu 04 Dec 2025 06:35:53 +0000 ROA not after: Fri 23 Oct 2026 03:01:03 +0000 asID: 135377 IP address blocks: 101.237.252.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/KnEap9xgBJsLDYhIl-AVsRcfN7k.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/KnEap9xgBJsLDYhIl-AVsRcfN7k.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 06 Dec 2025 21:17:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 9122 (0x23a2) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2A711AA7DC60049B0B0D884897E015B1171F37B9 Validity Not Before: Dec 4 06:35:53 2025 GMT Not After : Oct 23 03:01:03 2026 GMT Subject: CN=30C4366B512ABCB34F1F671CFF6066AE996AA3E0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:db:d5:a3:21:26:b2:6d:94:b5:ed:e2:1c:09:bc: 38:8d:88:33:67:8b:c9:fb:f4:df:02:09:3d:c3:ec: c6:2c:3f:8c:97:0e:74:22:57:c5:26:58:b0:49:bf: af:22:75:0a:29:82:d6:4d:ba:80:0a:19:b7:7f:f6: 88:10:d3:fb:c9:69:01:da:8f:44:76:1e:f5:02:bf: 99:3d:00:f1:f6:5d:04:ee:1e:59:ff:b5:cb:04:02: 7c:da:35:f6:03:b6:da:22:3f:6d:15:b4:b8:79:0e: 21:24:8d:78:dc:52:88:82:a9:75:02:d1:4a:89:e5: 0c:d2:bf:60:23:77:d6:68:29:11:50:f6:02:e3:b7: ca:b0:34:e5:9f:3e:c9:c1:75:95:18:bd:fd:d9:83: 73:0a:6d:e4:a1:25:3d:b3:73:a5:70:86:d4:5d:9c: 9e:da:fb:5a:32:77:b8:0b:47:c3:89:89:2a:06:a6: 09:47:79:c4:c7:c5:21:e5:d3:e4:8a:74:47:0c:d6: e4:e4:42:c8:eb:95:95:10:6b:e2:20:66:d8:dd:e9: b5:7a:76:24:fa:7e:1f:fc:15:72:94:ab:55:da:b3: 81:79:22:59:5d:48:ff:3d:0f:c5:d6:a9:e0:b7:0f: b2:b6:18:c4:a0:f4:db:70:2f:8c:3c:d1:24:0c:26: 8d:63 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 30:C4:36:6B:51:2A:BC:B3:4F:1F:67:1C:FF:60:66:AE:99:6A:A3:E0 X509v3 Authority Key Identifier: keyid:2A:71:1A:A7:DC:60:04:9B:0B:0D:88:48:97:E0:15:B1:17:1F:37:B9 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/KnEap9xgBJsLDYhIl-AVsRcfN7k.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/MMQ2a1EqvLNPH2cc_2Bmrplqo-A.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 101.237.252.0/24 Signature Algorithm: sha256WithRSAEncryption aa:70:95:b6:02:65:6b:3e:c8:bc:0b:67:41:0b:ff:84:a0:2d: 58:ea:a7:82:9d:1a:11:f5:23:d1:9a:c6:e4:f5:3a:38:21:d0: 6e:91:b1:48:d5:10:e0:96:c7:0b:ff:d3:cd:40:76:31:e0:f6: 05:8a:c8:d2:0d:82:4b:78:bf:85:6c:21:e7:4f:ff:46:17:dd: 7f:ee:b4:ba:5d:a9:a6:16:13:3e:43:74:30:4c:d6:11:1c:17: 4b:14:9e:85:b4:a3:97:e1:08:ed:1c:01:bd:8c:56:92:4c:43: a2:4d:a6:07:79:f2:ff:99:08:e8:94:77:6e:6c:3d:70:35:e3: 24:72:06:cd:e4:13:37:39:01:7d:2a:08:2c:8d:1c:d5:2b:ff: 0a:2f:4b:65:62:78:b6:ef:fc:23:e1:a1:cf:22:4d:83:b8:da: 43:db:89:08:22:c9:47:4b:c5:ec:1c:e9:f7:88:43:52:ef:36: a3:5d:75:00:b7:db:ea:c4:db:c7:89:88:54:65:57:ce:5d:4a: e2:b6:3f:67:02:5d:a3:d8:a0:4f:92:94:37:c3:a9:b8:a2:3e: ca:c6:39:04:8f:8c:5a:ce:6f:73:ee:cc:a6:65:a7:f5:6c:0d: 67:cb:9e:22:c9:74:b9:e6:dc:d6:19:1f:71:14:27:d4:af:f4: 71:45:da:1d -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICI6IwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkE3 MTFBQTdEQzYwMDQ5QjBCMEQ4ODQ4OTdFMDE1QjExNzFGMzdCOTAeFw0yNTEyMDQw NjM1NTNaFw0yNjEwMjMwMzAxMDNaMDMxMTAvBgNVBAMTKDMwQzQzNjZCNTEyQUJD QjM0RjFGNjcxQ0ZGNjA2NkFFOTk2QUEzRTAwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDb1aMhJrJtlLXt4hwJvDiNiDNni8n79N8CCT3D7MYsP4yXDnQi V8UmWLBJv68idQopgtZNuoAKGbd/9ogQ0/vJaQHaj0R2HvUCv5k9APH2XQTuHln/ tcsEAnzaNfYDttoiP20VtLh5DiEkjXjcUoiCqXUC0UqJ5QzSv2Ajd9ZoKRFQ9gLj t8qwNOWfPsnBdZUYvf3Zg3MKbeShJT2zc6VwhtRdnJ7a+1oyd7gLR8OJiSoGpglH ecTHxSHl0+SKdEcM1uTkQsjrlZUQa+IgZtjd6bV6diT6fh/8FXKUq1Xas4F5Illd SP89D8XWqeC3D7K2GMSg9NtwL4w80SQMJo1jAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUMMQ2a1EqvLNPH2cc/2Bmrplqo+AwHwYDVR0jBBgwFoAUKnEap9xgBJsLDYhI l+AVsRcfN7kwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODE3 L0tuRWFwOXhnQkpzTERZaElsLUFWc1JjZk43ay5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvS25FYXA5eGdCSnNMRFloSWwtQVZzUmNmTjdrLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODE3L01NUTJhMUVxdkxOUEgy Y2NfMkJtcnBscW8tQS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BABl7fwwDQYJKoZIhvcNAQELBQADggEBAKpwlbYCZWs+yLwLZ0EL/4SgLVjqp4Kd GhH1I9GaxuT1Ojgh0G6RsUjVEOCWxwv/081AdjHg9gWKyNINgkt4v4VsIedP/0YX 3X/utLpdqaYWEz5DdDBM1hEcF0sUnoW0o5fhCO0cAb2MVpJMQ6JNpgd58v+ZCOiU d25sPXA14yRyBs3kEzc5AX0qCCyNHNUr/wovS2VieLbv/CPhoc8iTYO42kPbiQgi yUdLxewc6feIQ1LvNqNddQC32+rE28eJiFRlV85dSuK2P2cCXaPYoE+SlDfDqbii PsrGOQSPjFrOb3PuzKZlp/VsDWfLniLJdLnm3NYZH3EUJ9Sv9HFF2h0= -----END CERTIFICATE-----Generated at Sat Dec 6 17:58:47 2025 by rpki-client