This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/035g5QJ5Z21HeQj3RXxD-KMc0G4.roa File: 035g5QJ5Z21HeQj3RXxD-KMc0G4.roa (raw, json) Hash identifier: hb5lasKE5XudJFDJ9onvNnxyOXrN3F2DxvTEkVkgAhw= Subject key identifier: D3:7E:60:E5:02:79:67:6D:47:79:08:F7:45:7C:43:F8:A3:1C:D0:6E Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA Certificate serial: 601C Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/035g5QJ5Z21HeQj3RXxD-KMc0G4.roa Signing time: Wed 14 May 2025 09:10:19 +0000 ROA not before: Wed 14 May 2025 09:10:19 +0000 ROA not after: Fri 03 Apr 2026 08:00:09 +0000 asID: 24426 IP address blocks: 43.239.48.0/22 maxlen: 22 43.246.0.0/22 maxlen: 22 43.246.4.0/22 maxlen: 22 43.246.12.0/22 maxlen: 22 43.246.16.0/22 maxlen: 22 43.246.20.0/22 maxlen: 22 43.246.24.0/22 maxlen: 22 43.246.28.0/22 maxlen: 22 43.246.32.0/22 maxlen: 22 43.246.36.0/22 maxlen: 22 43.246.40.0/22 maxlen: 22 43.246.44.0/22 maxlen: 22 43.246.52.0/22 maxlen: 22 43.246.56.0/22 maxlen: 22 43.246.60.0/22 maxlen: 22 43.246.64.0/22 maxlen: 22 43.246.68.0/22 maxlen: 22 43.246.72.0/22 maxlen: 22 43.246.76.0/22 maxlen: 22 43.246.80.0/22 maxlen: 22 43.246.84.0/22 maxlen: 22 43.246.88.0/22 maxlen: 22 43.246.92.0/22 maxlen: 22 43.246.96.0/22 maxlen: 22 103.35.48.0/22 maxlen: 22 103.236.0.0/22 maxlen: 22 103.236.4.0/22 maxlen: 22 103.236.8.0/22 maxlen: 22 103.236.12.0/22 maxlen: 22 103.236.16.0/22 maxlen: 22 103.236.20.0/22 maxlen: 22 103.236.28.0/22 maxlen: 22 103.236.32.0/22 maxlen: 22 103.236.36.0/22 maxlen: 22 103.236.40.0/22 maxlen: 22 103.236.44.0/22 maxlen: 22 103.236.48.0/22 maxlen: 22 103.236.52.0/22 maxlen: 22 103.236.56.0/22 maxlen: 22 103.236.60.0/22 maxlen: 22 103.236.64.0/22 maxlen: 22 103.236.68.0/22 maxlen: 22 103.236.72.0/22 maxlen: 22 103.236.76.0/22 maxlen: 22 103.236.80.0/22 maxlen: 22 103.236.84.0/22 maxlen: 22 103.236.88.0/22 maxlen: 22 103.236.92.0/22 maxlen: 22 103.236.96.0/22 maxlen: 22 Validation: Failed, RFC 3779 resource not subset of parent's resources Certificate: Data: Version: 3 (0x2) Serial Number: 24604 (0x601c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA Validity Not Before: May 14 09:10:19 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=D37E60E50279676D477908F7457C43F8A31CD06E Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e5:de:c0:53:ac:5d:80:e0:7a:83:8f:41:0d:66: eb:82:5c:79:05:30:a1:53:af:e7:df:d2:ca:86:09: ee:8f:68:87:b8:df:55:ac:da:6a:b7:c2:51:87:48: 94:9d:ab:c1:bb:df:ca:45:e9:67:50:d2:2e:1c:65: 64:48:63:8a:4b:aa:14:5d:85:49:bf:d2:ec:6f:10: 53:eb:1a:0c:7a:22:78:7d:c4:cc:f5:72:19:b4:50: 4b:59:08:37:4a:37:59:09:ed:44:d9:64:bd:20:00: 5b:bf:e7:e3:91:71:29:76:ec:64:d9:3f:19:a0:30: fc:ee:fa:0f:d9:be:fb:28:42:09:fc:30:52:8d:4e: ab:e9:e0:8f:32:8d:92:3d:37:45:7d:61:9f:76:8e: f1:93:9b:f9:f1:90:fd:8d:42:b1:a5:be:f5:fb:b4: e6:22:d0:aa:17:34:0e:a2:01:b4:4a:64:a7:8b:e5: af:1a:21:1b:54:42:62:2d:d7:b4:b5:d8:e1:06:82: b5:e1:77:92:04:fa:06:77:0c:97:06:15:e6:63:06: d6:98:e0:18:c9:2c:c9:db:c5:1d:58:65:04:a2:42: 50:5a:32:a4:59:83:1f:1c:1b:6c:8a:0c:72:7d:90: 90:d4:c1:5e:5e:4c:75:a3:ff:81:78:1e:87:1c:1b: b1:27 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D3:7E:60:E5:02:79:67:6D:47:79:08:F7:45:7C:43:F8:A3:1C:D0:6E X509v3 Authority Key Identifier: keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/035g5QJ5Z21HeQj3RXxD-KMc0G4.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 43.239.48.0/22 43.246.0.0/21 43.246.12.0-43.246.47.255 43.246.52.0-43.246.99.255 103.35.48.0/22 103.236.0.0-103.236.23.255 103.236.28.0-103.236.99.255 Signature Algorithm: sha256WithRSAEncryption 92:f7:61:3a:30:5b:85:d7:61:bd:36:17:0c:27:c7:5c:2c:9c: 8c:99:98:e2:a8:28:c1:ac:40:6f:e5:df:8e:83:92:ef:9c:52: 3b:ea:b5:1d:df:4f:30:d2:4e:4a:67:6f:ae:50:58:0e:8b:1a: 21:2f:5f:2b:07:54:29:a4:9b:22:c0:c7:3d:71:99:c8:1c:a9: 6a:2f:c6:4a:13:d3:62:42:ba:ed:ec:0d:47:cb:9b:43:2b:f6: fd:cd:62:51:84:20:1d:14:48:6c:65:b2:bc:d3:3d:c1:5c:ea: b4:d6:17:f0:fd:bf:d6:02:7f:0e:95:ac:de:5a:e8:35:5a:42: a7:d1:66:1e:cb:22:98:db:5e:5e:d0:2a:c8:b4:46:ac:6e:cd: 55:95:e9:af:11:5c:ab:1a:79:9c:5f:d8:3a:8a:de:7a:52:b7: ac:43:13:e8:48:b1:4a:ac:21:24:8a:da:62:1c:5c:3a:f6:ef: 8b:b2:5b:5d:e1:fc:82:e1:99:d4:24:6e:e8:2a:59:50:13:40: 0e:aa:aa:a0:92:46:bc:39:ac:c1:04:4b:2e:5a:ef:d9:32:e1: c6:69:c3:9e:42:ce:7e:ba:4b:62:93:72:87:e2:a2:01:99:c0: f7:7e:d8:b2:1b:60:63:ff:91:5d:02:0a:fb:94:15:1f:96:44: 97:d5:be:42 -----BEGIN CERTIFICATE----- MIIFGDCCBACgAwIBAgICYBwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNTA1MTQw OTEwMTlaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKEQzN0U2MEU1MDI3OTY3 NkQ0Nzc5MDhGNzQ1N0M0M0Y4QTMxQ0QwNkUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDl3sBTrF2A4HqDj0ENZuuCXHkFMKFTr+ff0sqGCe6PaIe431Ws 2mq3wlGHSJSdq8G738pF6WdQ0i4cZWRIY4pLqhRdhUm/0uxvEFPrGgx6Inh9xMz1 chm0UEtZCDdKN1kJ7UTZZL0gAFu/5+ORcSl27GTZPxmgMPzu+g/ZvvsoQgn8MFKN Tqvp4I8yjZI9N0V9YZ92jvGTm/nxkP2NQrGlvvX7tOYi0KoXNA6iAbRKZKeL5a8a IRtUQmIt17S12OEGgrXhd5IE+gZ3DJcGFeZjBtaY4BjJLMnbxR1YZQSiQlBaMqRZ gx8cG2yKDHJ9kJDUwV5eTHWj/4F4HoccG7EnAgMBAAGjggI0MIICMDAdBgNVHQ4E FgQU035g5QJ5Z21HeQj3RXxD+KMc0G4wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj 3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3 L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzAzNWc1UUo1WjIxSGVR ajNSWHhELUtNYzBHNC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwYgYIKwYBBQUHAQcBAf8EUzBRME8EAgABMEkD BAIr7zADBAMr9gAwDAMEAiv2DAMEBCv2IDAMAwQCK/Y0AwQCK/ZgAwQCZyMwMAsD AwJn7AMEA2fsEDAMAwQCZ+wcAwQCZ+xgMA0GCSqGSIb3DQEBCwUAA4IBAQCS92E6 MFuF12G9NhcMJ8dcLJyMmZjiqCjBrEBv5d+Og5LvnFI76rUd308w0k5KZ2+uUFgO ixohL18rB1QppJsiwMc9cZnIHKlqL8ZKE9NiQrrt7A1Hy5tDK/b9zWJRhCAdFEhs ZbK80z3BXOq01hfw/b/WAn8OlazeWug1WkKn0WYeyyKY215e0CrItEasbs1Vlemv EVyrGnmcX9g6it56UresQxPoSLFKrCEkitpiHFw69u+Lsltd4fyC4ZnUJG7oKllQ E0AOqqqgkka8OazBBEsuWu/ZMuHGacOeQs5+uktik3KH4qIBmcD3ftiyG2Bj/5Fd Agr7lBUflkSX1b5C -----END CERTIFICATE-----Generated at Mon Jan 12 14:33:56 2026 by rpki-client