This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/1EwJ20dFpieH4pEpIpETRBgPpEM.roa File: 1EwJ20dFpieH4pEpIpETRBgPpEM.roa (raw, json) Hash identifier: gGd0L57BL9RJKqpwnmCq3ZxHHKaUMLbwWoV59Sx2M9g= Subject key identifier: D4:4C:09:DB:47:45:A6:27:87:E2:91:29:22:91:13:44:18:0F:A4:43 Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA Certificate serial: 34CB Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/1EwJ20dFpieH4pEpIpETRBgPpEM.roa Signing time: Fri 29 Mar 2024 23:22:08 +0000 ROA not before: Fri 29 Mar 2024 23:22:08 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 24426 IP address blocks: 36.0.64.0/18 maxlen: 18 Validation: Failed, RFC 3779 resource not subset of parent's resources Certificate: Data: Version: 3 (0x2) Serial Number: 13515 (0x34cb) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA Validity Not Before: Mar 29 23:22:08 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=D44C09DB4745A62787E2912922911344180FA443 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d3:31:af:5d:d0:75:88:e3:1a:da:65:07:65:78: 6e:11:de:51:20:89:92:ba:e9:13:a5:80:9f:21:0f: 10:9d:82:3c:25:ce:37:da:22:56:33:6e:95:04:dd: 5a:66:4e:44:72:ae:8f:48:31:38:f5:5a:91:eb:0c: 6a:a5:d5:a1:52:c6:85:94:8a:24:37:38:64:63:d4: a3:91:5e:51:d6:29:b9:5c:94:0f:0c:64:27:af:ba: 88:84:91:96:ac:cd:dc:0a:66:89:be:ab:fd:cf:85: 1b:56:10:0d:14:46:29:56:d8:2e:98:89:e5:52:db: 8c:48:38:af:45:1c:82:09:d8:5a:73:61:ff:34:70: 6c:be:60:a7:cf:3a:fc:de:ee:25:77:8f:79:bc:ff: 79:08:c0:38:04:2f:c5:dc:e8:a4:ad:b2:a4:48:98: 00:5d:5e:f3:9c:96:42:e0:f1:4a:90:8d:73:8f:a8: c8:49:f7:c5:e8:38:f0:5d:09:a3:6d:ae:ab:ca:db: e5:45:e1:89:12:c7:14:ac:ef:5a:b2:95:63:09:5a: 19:1e:63:b0:4c:f4:b9:df:22:7b:c5:1a:3f:60:61: bf:e1:56:94:c8:19:33:3c:23:c1:55:ec:14:38:e0: 33:66:0e:90:27:af:0c:20:67:fe:df:f2:1c:ce:3f: eb:e9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D4:4C:09:DB:47:45:A6:27:87:E2:91:29:22:91:13:44:18:0F:A4:43 X509v3 Authority Key Identifier: keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/1EwJ20dFpieH4pEpIpETRBgPpEM.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 36.0.64.0/18 Signature Algorithm: sha256WithRSAEncryption 86:28:4b:a3:b5:3b:ca:b1:d2:7a:98:32:e5:3e:56:6e:c1:fc: 37:21:b5:2b:c5:a7:71:0d:2d:ba:f3:f0:01:2d:5f:5b:94:49: b1:c1:62:14:75:9d:4e:30:0c:c8:ab:04:85:4c:53:c9:2b:6d: 87:e1:bb:15:c4:46:1a:df:52:9f:23:33:90:aa:d4:68:76:ab: c1:39:fd:ac:7f:e6:de:50:48:38:69:e3:96:75:50:d2:ab:5d: 70:34:f1:ea:06:1e:d5:b3:98:2d:ec:4e:04:ae:30:84:d2:fa: 90:f7:10:c8:36:01:02:bd:e4:1b:0e:18:8d:ef:47:1e:8c:72: 49:3f:b6:71:5b:2d:4a:2b:f4:d9:23:44:77:ef:a4:df:62:f9: 18:4b:65:a4:a0:1a:47:1d:2c:46:64:b2:ec:97:9e:d5:13:bb: 65:33:bc:9c:e0:91:56:f9:2d:01:e2:92:93:d2:6e:66:1d:3e: 69:25:0a:b8:3d:91:3c:86:24:20:af:05:09:62:4e:9c:24:81: 7c:51:d5:cc:8f:de:1a:2c:3a:82:eb:2c:97:54:a3:62:c3:ab: ea:b0:9e:ef:3f:d6:63:c2:8d:9d:10:71:f0:a3:54:a7:b1:a4: 26:4c:f5:df:c2:b7:ec:dc:e3:4b:9e:81:f6:79:92:71:1a:61: 74:9d:19:92 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICNMswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDAzMjky MzIyMDhaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEQ0NEMwOURCNDc0NUE2 Mjc4N0UyOTEyOTIyOTExMzQ0MTgwRkE0NDMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDTMa9d0HWI4xraZQdleG4R3lEgiZK66ROlgJ8hDxCdgjwlzjfa IlYzbpUE3VpmTkRyro9IMTj1WpHrDGql1aFSxoWUiiQ3OGRj1KORXlHWKblclA8M ZCevuoiEkZaszdwKZom+q/3PhRtWEA0URilW2C6YieVS24xIOK9FHIIJ2FpzYf80 cGy+YKfPOvze7iV3j3m8/3kIwDgEL8Xc6KStsqRImABdXvOclkLg8UqQjXOPqMhJ 98XoOPBdCaNtrqvK2+VF4YkSxxSs71qylWMJWhkeY7BM9LnfInvFGj9gYb/hVpTI GTM8I8FV7BQ44DNmDpAnrwwgZ/7f8hzOP+vpAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQU1EwJ20dFpieH4pEpIpETRBgPpEMwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj 3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3 L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzFFd0oyMGRGcGllSDRw RXBJcEVUUkJnUHBFTS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAIYoS6O1O8qx0nqYMuU+Vm7B/DchtSvF p3ENLbrz8AEtX1uUSbHBYhR1nU4wDMirBIVMU8krbYfhuxXERhrfUp8jM5Cq1Gh2 q8E5/ax/5t5QSDhp45Z1UNKrXXA08eoGHtWzmC3sTgSuMITS+pD3EMg2AQK95BsO GI3vRx6Mckk/tnFbLUor9NkjRHfvpN9i+RhLZaSgGkcdLEZksuyXntUTu2UzvJzg kVb5LQHikpPSbmYdPmklCrg9kTyGJCCvBQliTpwkgXxR1cyP3hosOoLrLJdUo2LD q+qwnu8/1mPCjZ0QcfCjVKexpCZM9d/Ct+zc40uegfZ5knEaYXSdGZI= -----END CERTIFICATE-----Generated at Sun Jan 11 20:04:01 2026 by rpki-client