This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/2JiUU19gscRGJdtZXvUW65mMnYI.roa File: 2JiUU19gscRGJdtZXvUW65mMnYI.roa (raw, json) Hash identifier: LDIJf0iiD2/2rhaAQCPFIb7/iwy687+h9ofr18kmJrE= Subject key identifier: D8:98:94:53:5F:60:B1:C4:46:25:DB:59:5E:F5:16:EB:99:8C:9D:82 Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA Certificate serial: 6016 Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/2JiUU19gscRGJdtZXvUW65mMnYI.roa Signing time: Wed 14 May 2025 07:40:26 +0000 ROA not before: Wed 14 May 2025 07:40:26 +0000 ROA not after: Fri 03 Apr 2026 08:00:09 +0000 asID: 24426 IP address blocks: 43.239.48.0/22 maxlen: 22 43.246.0.0/22 maxlen: 22 43.246.4.0/22 maxlen: 22 43.246.12.0/22 maxlen: 22 43.246.16.0/22 maxlen: 22 43.246.20.0/22 maxlen: 22 43.246.24.0/22 maxlen: 22 43.246.28.0/22 maxlen: 22 43.246.32.0/22 maxlen: 22 43.246.36.0/22 maxlen: 22 43.246.40.0/22 maxlen: 22 43.246.44.0/22 maxlen: 22 43.246.52.0/22 maxlen: 22 43.246.56.0/22 maxlen: 22 43.246.60.0/22 maxlen: 22 43.246.64.0/22 maxlen: 22 43.246.68.0/22 maxlen: 22 43.246.72.0/22 maxlen: 22 43.246.76.0/22 maxlen: 22 43.246.80.0/22 maxlen: 22 43.246.84.0/22 maxlen: 22 43.246.88.0/22 maxlen: 22 43.246.92.0/22 maxlen: 22 43.246.96.0/22 maxlen: 22 103.35.48.0/22 maxlen: 22 103.236.0.0/22 maxlen: 22 103.236.4.0/22 maxlen: 22 103.236.8.0/22 maxlen: 22 103.236.12.0/22 maxlen: 22 103.236.16.0/22 maxlen: 22 103.236.20.0/22 maxlen: 22 103.236.28.0/22 maxlen: 22 103.236.32.0/22 maxlen: 22 103.236.36.0/22 maxlen: 22 103.236.40.0/22 maxlen: 22 103.236.44.0/22 maxlen: 22 103.236.48.0/22 maxlen: 22 103.236.52.0/22 maxlen: 22 103.236.56.0/22 maxlen: 22 103.236.60.0/22 maxlen: 22 103.236.64.0/22 maxlen: 22 103.236.68.0/22 maxlen: 22 103.236.72.0/22 maxlen: 22 103.236.76.0/22 maxlen: 22 103.236.80.0/22 maxlen: 22 103.236.84.0/22 maxlen: 22 103.236.88.0/22 maxlen: 22 103.236.92.0/22 maxlen: 22 103.236.96.0/22 maxlen: 22 Validation: Failed, RFC 3779 resource not subset of parent's resources Certificate: Data: Version: 3 (0x2) Serial Number: 24598 (0x6016) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA Validity Not Before: May 14 07:40:26 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=D89894535F60B1C44625DB595EF516EB998C9D82 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e6:93:15:ac:7c:46:74:7c:67:b3:d9:c4:6f:d8: de:b7:35:67:40:b2:5e:05:b6:6f:69:54:89:c8:fc: 82:9e:cc:e2:78:11:30:88:8e:14:39:69:01:d9:3d: 2b:91:45:29:8f:11:a2:35:7c:79:2a:fe:a2:b2:17: 35:fa:e3:67:68:d0:6c:fe:54:45:0d:c4:f2:2f:c4: 17:1f:40:8e:3e:4a:f7:b3:15:fc:47:51:5f:b7:9c: 74:c0:56:1b:79:7e:4d:f9:56:0e:09:41:40:85:20: 37:91:07:53:8d:31:22:35:85:10:60:8b:d9:83:6a: cf:5e:06:7f:2a:e4:54:7c:e2:6a:6d:d8:1d:3a:49: 3b:1e:fa:48:a8:54:e3:ab:41:56:88:ea:17:90:79: 06:2d:05:9c:e2:89:7c:13:13:ea:e2:8a:40:90:01: 14:3b:e2:72:ee:a8:79:3b:1d:a1:ec:a5:1d:01:a0: 66:f9:2a:73:20:17:26:5b:cd:0b:ef:1b:e0:7f:eb: 9b:b7:93:bc:fe:23:93:84:99:de:4d:44:88:1f:07: 88:11:61:8c:b9:fc:18:ec:22:18:93:a3:7d:30:67: a1:83:fe:ce:f9:97:35:1b:64:1e:eb:4e:58:5c:66: 23:8a:f2:bd:d0:e0:9f:e4:86:7b:91:8e:2a:c7:eb: 51:57 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D8:98:94:53:5F:60:B1:C4:46:25:DB:59:5E:F5:16:EB:99:8C:9D:82 X509v3 Authority Key Identifier: keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/2JiUU19gscRGJdtZXvUW65mMnYI.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 43.239.48.0/22 43.246.0.0/21 43.246.12.0-43.246.47.255 43.246.52.0-43.246.99.255 103.35.48.0/22 103.236.0.0-103.236.23.255 103.236.28.0-103.236.99.255 Signature Algorithm: sha256WithRSAEncryption 97:1d:cb:63:e1:89:e4:99:88:9d:58:62:c4:a4:b5:9a:a7:e3: 9a:a5:af:cd:f8:9d:fe:51:04:5f:1c:dc:9a:eb:60:4c:fe:2e: c6:f9:49:68:ae:4a:02:f4:e9:90:4b:66:52:57:d4:60:a9:50: bc:ab:4b:05:7e:17:de:06:d4:5c:7a:14:d1:93:1b:23:ac:4c: e2:30:0e:39:72:26:58:3e:8a:ba:a5:ef:3c:1b:db:6a:de:58: 69:e0:19:02:47:ba:4e:4f:ed:02:b1:8e:aa:60:a9:e4:ae:29: 45:ca:10:00:68:88:c3:29:65:fd:02:42:1f:ee:b9:6b:3d:71: 6b:55:f2:87:e2:db:d5:7f:9c:31:16:43:c5:a6:fe:cf:06:a6: 7c:06:0a:7e:2c:bd:25:30:9f:d0:92:44:3b:ee:5b:03:85:ac: 2e:59:a5:b8:05:83:83:bf:5f:76:1e:12:ce:f3:b9:0b:92:df: b8:c9:88:7e:b9:e3:a9:5c:75:fb:29:38:29:3b:35:99:97:82: d3:45:a2:f8:cc:fa:77:c2:a2:66:7a:0d:06:7e:95:59:fd:77: 22:ce:33:a7:37:45:5b:c9:32:ad:86:dc:fc:74:5d:2e:93:64: 62:cf:81:b3:54:dd:54:30:9e:00:1a:c8:e7:25:26:51:8f:b9: cb:b7:e3:2f -----BEGIN CERTIFICATE----- MIIFGDCCBACgAwIBAgICYBYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNTA1MTQw NzQwMjZaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKEQ4OTg5NDUzNUY2MEIx QzQ0NjI1REI1OTVFRjUxNkVCOTk4QzlEODIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDmkxWsfEZ0fGez2cRv2N63NWdAsl4Ftm9pVInI/IKezOJ4ETCI jhQ5aQHZPSuRRSmPEaI1fHkq/qKyFzX642do0Gz+VEUNxPIvxBcfQI4+SvezFfxH UV+3nHTAVht5fk35Vg4JQUCFIDeRB1ONMSI1hRBgi9mDas9eBn8q5FR84mpt2B06 STse+kioVOOrQVaI6heQeQYtBZziiXwTE+riikCQARQ74nLuqHk7HaHspR0BoGb5 KnMgFyZbzQvvG+B/65u3k7z+I5OEmd5NRIgfB4gRYYy5/BjsIhiTo30wZ6GD/s75 lzUbZB7rTlhcZiOK8r3Q4J/khnuRjirH61FXAgMBAAGjggI0MIICMDAdBgNVHQ4E FgQU2JiUU19gscRGJdtZXvUW65mMnYIwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj 3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3 L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzJKaVVVMTlnc2NSR0pk dFpYdlVXNjVtTW5ZSS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwYgYIKwYBBQUHAQcBAf8EUzBRME8EAgABMEkD BAIr7zADBAMr9gAwDAMEAiv2DAMEBCv2IDAMAwQCK/Y0AwQCK/ZgAwQCZyMwMAsD AwJn7AMEA2fsEDAMAwQCZ+wcAwQCZ+xgMA0GCSqGSIb3DQEBCwUAA4IBAQCXHctj 4YnkmYidWGLEpLWap+Oapa/N+J3+UQRfHNya62BM/i7G+UlorkoC9OmQS2ZSV9Rg qVC8q0sFfhfeBtRcehTRkxsjrEziMA45ciZYPoq6pe88G9tq3lhp4BkCR7pOT+0C sY6qYKnkrilFyhAAaIjDKWX9AkIf7rlrPXFrVfKH4tvVf5wxFkPFpv7PBqZ8Bgp+ LL0lMJ/QkkQ77lsDhawuWaW4BYODv192HhLO87kLkt+4yYh+ueOpXHX7KTgpOzWZ l4LTRaL4zPp3wqJmeg0GfpVZ/XcizjOnN0VbyTKthtz8dF0uk2Riz4GzVN1UMJ4A GsjnJSZRj7nLt+Mv -----END CERTIFICATE-----Generated at Mon Jan 12 05:54:46 2026 by rpki-client