This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/C0D6CXYS2dOxG-_2oFtn5DMJLs0.roa File: C0D6CXYS2dOxG-_2oFtn5DMJLs0.roa (raw, json) Hash identifier: lqFhg7neDUr+koiH/n+ugzqzMQG4VLa29UXJJCpIoCo= Subject key identifier: 0B:40:FA:09:76:12:D9:D3:B1:1B:EF:F6:A0:5B:67:E4:33:09:2E:CD Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA Certificate serial: 6C14 Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/C0D6CXYS2dOxG-_2oFtn5DMJLs0.roa Signing time: Sun 15 Jun 2025 07:25:45 +0000 ROA not before: Sun 15 Jun 2025 07:25:45 +0000 ROA not after: Fri 03 Apr 2026 08:00:09 +0000 asID: 24426 IP address blocks: 43.239.48.0/22 maxlen: 22 43.246.0.0/22 maxlen: 22 43.246.4.0/22 maxlen: 22 43.246.12.0/22 maxlen: 22 43.246.16.0/22 maxlen: 22 43.246.20.0/22 maxlen: 22 43.246.24.0/22 maxlen: 22 43.246.28.0/22 maxlen: 22 43.246.32.0/22 maxlen: 22 43.246.36.0/22 maxlen: 22 43.246.40.0/22 maxlen: 22 43.246.44.0/22 maxlen: 22 43.246.52.0/22 maxlen: 22 43.246.56.0/22 maxlen: 22 43.246.60.0/22 maxlen: 22 43.246.64.0/22 maxlen: 22 43.246.68.0/22 maxlen: 22 43.246.72.0/22 maxlen: 22 43.246.76.0/22 maxlen: 22 43.246.80.0/22 maxlen: 22 43.246.84.0/22 maxlen: 22 43.246.88.0/22 maxlen: 22 43.246.92.0/22 maxlen: 22 43.246.96.0/22 maxlen: 22 103.35.48.0/22 maxlen: 22 103.236.0.0/22 maxlen: 22 103.236.4.0/22 maxlen: 22 103.236.8.0/22 maxlen: 22 103.236.12.0/22 maxlen: 22 103.236.16.0/22 maxlen: 22 103.236.20.0/22 maxlen: 22 103.236.28.0/22 maxlen: 22 103.236.32.0/22 maxlen: 22 103.236.36.0/22 maxlen: 22 103.236.40.0/22 maxlen: 22 103.236.44.0/22 maxlen: 22 103.236.48.0/22 maxlen: 22 103.236.52.0/22 maxlen: 22 103.236.56.0/22 maxlen: 22 103.236.60.0/22 maxlen: 22 103.236.64.0/22 maxlen: 22 103.236.68.0/22 maxlen: 22 103.236.72.0/22 maxlen: 22 103.236.76.0/22 maxlen: 22 103.236.80.0/22 maxlen: 22 103.236.84.0/22 maxlen: 22 103.236.88.0/22 maxlen: 22 103.236.92.0/22 maxlen: 22 103.236.96.0/22 maxlen: 22 Validation: Failed, RFC 3779 resource not subset of parent's resources Certificate: Data: Version: 3 (0x2) Serial Number: 27668 (0x6c14) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA Validity Not Before: Jun 15 07:25:45 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=0B40FA097612D9D3B11BEFF6A05B67E433092ECD Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:fa:e3:db:ca:98:2a:fb:22:02:33:1d:9c:d4: 63:38:b1:73:70:70:71:ac:13:74:12:11:06:8a:61: 56:74:65:41:11:5d:7f:aa:71:c0:03:2c:19:fe:36: 6f:c8:d1:ee:54:2d:0e:ea:c8:44:0d:c9:31:94:09: 13:49:c2:dd:1d:f7:91:32:dd:48:3d:0c:c4:68:71: 9b:19:25:ac:d0:e0:30:32:9c:4d:ff:a4:91:d9:75: bd:91:df:cd:5f:05:9c:63:be:d5:0a:83:e2:0d:77: 05:84:01:f3:38:a4:43:25:d3:12:73:b3:70:ef:1e: f0:3a:d2:f5:fa:6b:c3:7d:a5:55:5f:16:f4:01:bd: 86:8e:38:18:68:75:52:f0:6b:48:10:10:e0:42:c0: a1:dd:07:ca:40:bc:89:50:14:65:eb:d0:5f:c2:4c: cf:06:76:cc:e5:48:a3:29:ea:6c:7f:27:75:68:7d: 02:54:0f:8c:14:08:37:cc:b8:55:17:55:5b:b0:19: da:79:d5:0f:2a:9e:1b:96:a6:01:1a:c0:6b:ac:55: 4e:8d:79:bd:3b:67:87:c3:78:14:8e:e6:ff:f8:5b: d6:5b:1d:91:8e:a7:47:ac:f1:99:f4:64:cf:c2:e8: 25:f4:6b:e5:e5:fa:13:bc:d8:cf:39:27:13:8c:6b: 2a:37 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0B:40:FA:09:76:12:D9:D3:B1:1B:EF:F6:A0:5B:67:E4:33:09:2E:CD X509v3 Authority Key Identifier: keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/C0D6CXYS2dOxG-_2oFtn5DMJLs0.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 43.239.48.0/22 43.246.0.0/21 43.246.12.0-43.246.47.255 43.246.52.0-43.246.99.255 103.35.48.0/22 103.236.0.0-103.236.23.255 103.236.28.0-103.236.99.255 Signature Algorithm: sha256WithRSAEncryption 4f:e8:4d:ce:42:2e:c8:58:c3:73:cb:b9:25:e2:aa:84:f6:4c: cb:c1:a8:a2:c4:57:22:fe:8a:a2:97:fb:4f:c3:4a:8c:3a:b6: fd:1e:d9:53:12:17:32:a5:7c:be:6f:ce:6d:4e:5a:7d:9a:06: 5a:67:a0:c7:4b:e7:f7:89:74:42:8e:13:93:7a:6e:8a:96:94: f5:2e:ec:6d:69:d5:2c:62:72:0f:f1:e1:61:43:70:ad:f4:b2: 75:d0:54:3a:c6:ef:52:f3:1b:d6:44:22:53:e5:f8:6a:f9:8d: 36:e3:80:70:9b:f5:6f:65:03:8c:de:73:d1:02:f1:c4:14:7d: ab:f6:09:a4:13:d3:87:fb:c1:5e:a7:fd:b5:8e:5d:ab:82:56: 74:9d:f1:d3:3f:66:e0:e7:92:7f:3b:3c:90:74:97:9f:13:3b: be:d6:9e:c5:ed:b6:89:dc:c5:1f:a8:c4:33:78:b9:7c:69:f1: 15:1f:da:44:d1:15:0a:e0:f1:7c:d7:79:d8:ff:6a:c3:8e:00: 0a:e2:3c:1c:82:78:82:24:9e:51:cb:26:d4:84:27:48:a5:cb: 75:5c:42:9d:2c:ac:ed:13:14:25:9b:f0:34:1b:75:c1:52:a2: bd:d8:d6:ae:03:f0:b5:2e:0d:ae:e7:53:3f:f7:d4:ab:7b:4d: 2b:7f:8a:ea -----BEGIN CERTIFICATE----- MIIFGDCCBACgAwIBAgICbBQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNTA2MTUw NzI1NDVaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDBCNDBGQTA5NzYxMkQ5 RDNCMTFCRUZGNkEwNUI2N0U0MzMwOTJFQ0QwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCu+uPbypgq+yICMx2c1GM4sXNwcHGsE3QSEQaKYVZ0ZUERXX+q ccADLBn+Nm/I0e5ULQ7qyEQNyTGUCRNJwt0d95Ey3Ug9DMRocZsZJazQ4DAynE3/ pJHZdb2R381fBZxjvtUKg+INdwWEAfM4pEMl0xJzs3DvHvA60vX6a8N9pVVfFvQB vYaOOBhodVLwa0gQEOBCwKHdB8pAvIlQFGXr0F/CTM8GdszlSKMp6mx/J3VofQJU D4wUCDfMuFUXVVuwGdp51Q8qnhuWpgEawGusVU6Neb07Z4fDeBSO5v/4W9ZbHZGO p0es8Zn0ZM/C6CX0a+Xl+hO82M85JxOMayo3AgMBAAGjggI0MIICMDAdBgNVHQ4E FgQUC0D6CXYS2dOxG+/2oFtn5DMJLs0wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj 3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3 L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0MwRDZDWFlTMmRPeEct XzJvRnRuNURNSkxzMC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwYgYIKwYBBQUHAQcBAf8EUzBRME8EAgABMEkD BAIr7zADBAMr9gAwDAMEAiv2DAMEBCv2IDAMAwQCK/Y0AwQCK/ZgAwQCZyMwMAsD AwJn7AMEA2fsEDAMAwQCZ+wcAwQCZ+xgMA0GCSqGSIb3DQEBCwUAA4IBAQBP6E3O Qi7IWMNzy7kl4qqE9kzLwaiixFci/oqil/tPw0qMOrb9HtlTEhcypXy+b85tTlp9 mgZaZ6DHS+f3iXRCjhOTem6KlpT1LuxtadUsYnIP8eFhQ3Ct9LJ10FQ6xu9S8xvW RCJT5fhq+Y0244Bwm/VvZQOM3nPRAvHEFH2r9gmkE9OH+8Fep/21jl2rglZ0nfHT P2bg55J/OzyQdJefEzu+1p7F7baJ3MUfqMQzeLl8afEVH9pE0RUK4PF813nY/2rD jgAK4jwcgniCJJ5RyybUhCdIpct1XEKdLKztExQlm/A0G3XBUqK92NauA/C1Lg2u 51M/99Sre00rf4rq -----END CERTIFICATE-----Generated at Mon Jan 12 01:46:53 2026 by rpki-client