This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/2rDXWLyyli3UQ8d7Pl4XDYdZ1HU.roa File: 2rDXWLyyli3UQ8d7Pl4XDYdZ1HU.roa (raw, json) Hash identifier: IPalvpTKxzmp6+xs0nISrJBlsQ2s8TMyhuepV7qNesk= Subject key identifier: DA:B0:D7:58:BC:B2:96:2D:D4:43:C7:7B:3E:5E:17:0D:87:59:D4:75 Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA Certificate serial: 346F Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/2rDXWLyyli3UQ8d7Pl4XDYdZ1HU.roa Signing time: Fri 29 Mar 2024 11:52:05 +0000 ROA not before: Fri 29 Mar 2024 11:52:05 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 24426 IP address blocks: 36.0.64.0/18 maxlen: 18 Validation: Failed, RFC 3779 resource not subset of parent's resources Certificate: Data: Version: 3 (0x2) Serial Number: 13423 (0x346f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA Validity Not Before: Mar 29 11:52:05 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=DAB0D758BCB2962DD443C77B3E5E170D8759D475 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9d:4c:dc:0b:2d:c0:38:e0:f8:2d:9f:ec:7d:34: df:0c:00:db:db:07:3d:2e:ec:60:07:e5:42:36:02: 61:1b:5f:c1:34:68:a3:74:3a:2f:4f:01:80:17:e7: 6d:06:ff:db:0f:39:2f:4d:f3:47:fd:12:f0:84:69: e1:ce:69:d0:e1:17:3a:64:4f:72:27:35:54:53:1f: 4d:c3:e1:fd:0a:3e:12:14:b8:7b:da:9e:10:12:fc: 57:29:40:60:c9:2a:78:26:33:53:a5:5a:0e:7c:eb: e8:24:13:36:e2:b2:18:bc:71:e6:83:9e:1f:bd:b9: 83:1a:28:3e:36:4a:aa:41:d7:39:f2:e7:6b:72:15: 56:d5:13:8e:ff:cf:9c:71:67:76:3c:33:93:c1:e5: e0:ee:32:91:d0:70:9e:2a:2d:e7:33:6f:79:3f:2b: ec:8a:b6:d0:90:ce:f3:c7:aa:6e:12:e0:9a:ee:f9: 9c:4f:50:01:af:9b:e8:f3:7c:e4:fa:18:3a:97:cf: 9d:7c:bc:1a:73:ea:de:cb:1f:19:73:8d:24:aa:a6: 07:41:82:04:c1:fb:11:9e:dc:56:16:43:9b:f6:8f: d2:f7:ec:c7:d3:ea:42:1b:8c:12:08:b4:b5:52:09: 75:62:6c:e8:71:48:65:14:44:fa:c5:68:7b:a3:1c: b3:c3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DA:B0:D7:58:BC:B2:96:2D:D4:43:C7:7B:3E:5E:17:0D:87:59:D4:75 X509v3 Authority Key Identifier: keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/2rDXWLyyli3UQ8d7Pl4XDYdZ1HU.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 36.0.64.0/18 Signature Algorithm: sha256WithRSAEncryption ab:5e:dc:e0:05:48:2e:0b:38:02:5d:03:71:dc:0f:f4:e1:39: 99:d5:14:79:5f:36:aa:50:e1:da:cc:c7:d6:99:c4:d5:b2:b9: 1a:90:f2:a7:c7:17:21:67:39:9a:8d:c8:6f:69:36:d7:e5:6d: d0:c4:57:fd:dc:88:95:06:5f:fb:d4:14:f2:7d:7a:a3:53:70: c4:e0:0f:9a:e3:cd:57:46:ca:2a:04:31:51:eb:b5:81:78:d5: f8:1a:90:84:1e:00:57:64:2f:b4:e4:1b:cd:4d:92:b8:ab:fd: 3c:3b:45:4a:15:83:90:ef:3e:36:73:0f:eb:6e:b4:be:19:eb: c5:9e:05:fa:42:80:8f:9a:e1:7b:97:40:b7:61:98:32:84:48: f3:fc:ca:ed:12:15:82:e7:10:40:88:bc:76:31:3e:a1:76:24: 01:2b:4a:c8:89:d5:c0:7b:d4:5f:51:58:c8:9d:b4:dd:1f:77: 52:bd:0c:5b:29:25:f3:ab:61:47:c0:24:0d:e0:3b:ca:6f:c9: c7:4a:0c:7d:81:d9:eb:38:5d:ac:f8:19:1a:36:92:9e:f1:5b: 6e:12:ea:97:2f:0e:bb:a9:07:06:0a:a5:25:57:1c:26:d0:a2: b8:ec:54:e7:b2:e4:85:80:57:2b:35:75:6c:30:03:26:44:eb: 4b:8a:ae:ee -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICNG8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDAzMjkx MTUyMDVaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKERBQjBENzU4QkNCMjk2 MkRENDQzQzc3QjNFNUUxNzBEODc1OUQ0NzUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCdTNwLLcA44Pgtn+x9NN8MANvbBz0u7GAH5UI2AmEbX8E0aKN0 Oi9PAYAX520G/9sPOS9N80f9EvCEaeHOadDhFzpkT3InNVRTH03D4f0KPhIUuHva nhAS/FcpQGDJKngmM1OlWg586+gkEzbishi8ceaDnh+9uYMaKD42SqpB1zny52ty FVbVE47/z5xxZ3Y8M5PB5eDuMpHQcJ4qLeczb3k/K+yKttCQzvPHqm4S4Jru+ZxP UAGvm+jzfOT6GDqXz518vBpz6t7LHxlzjSSqpgdBggTB+xGe3FYWQ5v2j9L37MfT 6kIbjBIItLVSCXVibOhxSGUURPrFaHujHLPDAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQU2rDXWLyyli3UQ8d7Pl4XDYdZ1HUwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj 3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3 L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzJyRFhXTHl5bGkzVVE4 ZDdQbDRYRFlkWjFIVS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAKte3OAFSC4LOAJdA3HcD/ThOZnVFHlf NqpQ4drMx9aZxNWyuRqQ8qfHFyFnOZqNyG9pNtflbdDEV/3ciJUGX/vUFPJ9eqNT cMTgD5rjzVdGyioEMVHrtYF41fgakIQeAFdkL7TkG81Nkrir/Tw7RUoVg5DvPjZz D+tutL4Z68WeBfpCgI+a4XuXQLdhmDKESPP8yu0SFYLnEECIvHYxPqF2JAErSsiJ 1cB71F9RWMidtN0fd1K9DFspJfOrYUfAJA3gO8pvycdKDH2B2es4Xaz4GRo2kp7x W24S6pcvDrupBwYKpSVXHCbQorjsVOey5IWAVys1dWwwAyZE60uKru4= -----END CERTIFICATE-----Generated at Mon Jan 12 16:02:21 2026 by rpki-client