This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/2q8H1xjij71l4jSy33XkC7JaxGs.roa File: 2q8H1xjij71l4jSy33XkC7JaxGs.roa (raw, json) Hash identifier: rDGcKL1Al2wFoycaEgf6q9mS50DMImKvf7nAbJANL98= Subject key identifier: DA:AF:07:D7:18:E2:8F:BD:65:E2:34:B2:DF:75:E4:0B:B2:5A:C4:6B Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA Certificate serial: 48ED Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/2q8H1xjij71l4jSy33XkC7JaxGs.roa Signing time: Thu 25 Apr 2024 19:53:18 +0000 ROA not before: Thu 25 Apr 2024 19:53:18 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 24426 IP address blocks: 43.239.0.0/19 maxlen: 19 101.78.32.0/19 maxlen: 19 103.35.0.0/19 maxlen: 19 Validation: Failed, RFC 3779 resource not subset of parent's resources Certificate: Data: Version: 3 (0x2) Serial Number: 18669 (0x48ed) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA Validity Not Before: Apr 25 19:53:18 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=DAAF07D718E28FBD65E234B2DF75E40BB25AC46B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:96:d9:7f:44:13:64:6a:c9:2f:78:f9:e8:59:aa: 2e:c5:fd:cb:4e:71:79:67:07:b2:40:d1:f0:fe:dd: e8:5a:9f:cf:8c:e9:8f:b9:45:86:9a:cb:ba:90:5b: 3a:b4:d2:fe:21:f2:ce:21:43:26:a5:e3:e5:5a:f6: 78:4e:ac:84:fd:1f:1b:b1:95:fe:bb:73:71:2e:68: e5:1b:fd:c4:b3:97:cc:aa:1e:ac:84:46:fc:4f:75: 4d:aa:46:5b:3e:c1:2d:2e:14:44:74:e8:03:71:31: 9c:53:66:e0:db:fc:5e:7b:09:c6:72:1b:d4:00:bb: 52:6e:d1:04:f9:93:25:42:69:0e:04:99:bd:28:b1: 00:b0:3a:eb:d9:ba:2c:ed:c9:71:e1:ab:70:62:40: 38:66:26:6b:2e:07:36:75:04:26:49:a0:63:51:54: 85:57:e2:75:2c:68:5d:0a:00:0d:15:b7:48:29:34: c0:b5:1c:cd:f4:5f:da:ca:86:02:dc:f1:df:64:7c: 1f:ff:59:af:db:98:59:2d:78:f7:41:ff:ba:4c:bb: b8:f5:3a:55:2d:44:53:27:9b:40:a0:63:3a:98:06: ba:81:57:f0:a6:95:2a:ca:63:c6:6e:39:9b:30:7a: 16:6c:98:9f:8b:31:7e:84:fd:37:62:82:13:01:cc: 33:3d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DA:AF:07:D7:18:E2:8F:BD:65:E2:34:B2:DF:75:E4:0B:B2:5A:C4:6B X509v3 Authority Key Identifier: keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/2q8H1xjij71l4jSy33XkC7JaxGs.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 43.239.0.0/19 101.78.32.0/19 103.35.0.0/19 Signature Algorithm: sha256WithRSAEncryption a4:c7:74:ab:78:df:c1:9b:6d:4d:39:89:09:0f:24:f8:49:ee: 3e:f7:e8:6a:bd:19:33:bd:1a:52:6d:7e:c3:dd:51:69:68:24: 94:74:7a:13:5d:fc:d3:1c:5f:13:9a:df:92:23:25:a8:bc:78: 36:86:4d:93:66:71:85:32:86:b6:6b:b9:84:18:b6:f5:e6:85: 07:de:e2:af:7e:0d:5e:ce:60:70:81:c5:bb:41:0a:e2:84:81: b9:ca:e6:c2:24:0c:e3:7e:97:39:4b:fd:f7:27:b9:f7:66:18: 27:cf:59:38:f2:5e:bf:44:78:68:de:5a:c2:79:71:d3:26:38: 65:a4:8c:d0:d0:8d:ec:0b:4f:c7:79:ee:51:5f:36:2f:d3:91: 1a:04:bd:e3:82:39:c2:a2:ed:44:a1:96:65:a9:c8:cf:3d:3f: bb:ca:a5:81:33:0f:da:cf:56:97:13:e2:b5:85:1a:44:c7:4a: 37:8a:5e:98:9a:1b:bd:cb:c7:55:16:23:20:e9:97:95:d9:5d: 01:40:81:35:10:0c:dd:52:59:01:f3:a4:45:f2:e8:af:1e:b8: 00:8e:3d:3d:a7:24:b2:7e:ff:6e:8e:e9:9b:8c:b6:ab:6e:2b: b3:5f:bc:67:f8:91:d3:b9:84:f7:28:1b:b5:9d:77:9b:c1:d4: 0f:e7:e4:7b -----BEGIN CERTIFICATE----- MIIE4TCCA8mgAwIBAgICSO0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MjUx OTUzMThaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKERBQUYwN0Q3MThFMjhG QkQ2NUUyMzRCMkRGNzVFNDBCQjI1QUM0NkIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCW2X9EE2RqyS94+ehZqi7F/ctOcXlnB7JA0fD+3ehan8+M6Y+5 RYaay7qQWzq00v4h8s4hQyal4+Va9nhOrIT9Hxuxlf67c3EuaOUb/cSzl8yqHqyE RvxPdU2qRls+wS0uFER06ANxMZxTZuDb/F57CcZyG9QAu1Ju0QT5kyVCaQ4Emb0o sQCwOuvZuiztyXHhq3BiQDhmJmsuBzZ1BCZJoGNRVIVX4nUsaF0KAA0Vt0gpNMC1 HM30X9rKhgLc8d9kfB//Wa/bmFktePdB/7pMu7j1OlUtRFMnm0CgYzqYBrqBV/Cm lSrKY8ZuOZswehZsmJ+LMX6E/TdighMBzDM9AgMBAAGjggH9MIIB+TAdBgNVHQ4E FgQU2q8H1xjij71l4jSy33XkC7JaxGswHwYDVR0jBBgwFoAUvevthkDLplk9qfmj 3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3 L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzJxOEgxeGppajcxbDRq U3kzM1hrQzdKYXhHcy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAKTHdKt438GbbU05 iQkPJPhJ7j736Gq9GTO9GlJtfsPdUWloJJR0ehNd/NMcXxOa35IjJai8eDaGTZNm cYUyhrZruYQYtvXmhQfe4q9+DV7OYHCBxbtBCuKEgbnK5sIkDON+lzlL/fcnufdm GCfPWTjyXr9EeGjeWsJ5cdMmOGWkjNDQjewLT8d57lFfNi/TkRoEveOCOcKi7USh lmWpyM89P7vKpYEzD9rPVpcT4rWFGkTHSjeKXpiaG73Lx1UWIyDpl5XZXQFAgTUQ DN1SWQHzpEXy6K8euACOPT2nJLJ+/26O6ZuMtqtuK7NfvGf4kdO5hPcoG7Wdd5vB 1A/n5Hs= -----END CERTIFICATE-----Generated at Sun Jan 11 15:14:39 2026 by rpki-client