This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/GCRM5xdBUrp2O8m2O-v9FMpEkT0.roa File: GCRM5xdBUrp2O8m2O-v9FMpEkT0.roa (raw, json) Hash identifier: z4Jafc8XYt1qsnOAeQmIa8FkfvSo2cMdnqg3/DHX5b0= Subject key identifier: 18:24:4C:E7:17:41:52:BA:76:3B:C9:B6:3B:EB:FD:14:CA:44:91:3D Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA Certificate serial: 4165 Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/GCRM5xdBUrp2O8m2O-v9FMpEkT0.roa Signing time: Mon 15 Apr 2024 18:52:58 +0000 ROA not before: Mon 15 Apr 2024 18:52:58 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 24426 IP address blocks: 43.239.0.0/19 maxlen: 19 101.78.32.0/19 maxlen: 19 103.35.0.0/19 maxlen: 19 Validation: Failed, RFC 3779 resource not subset of parent's resources Certificate: Data: Version: 3 (0x2) Serial Number: 16741 (0x4165) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA Validity Not Before: Apr 15 18:52:58 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=18244CE7174152BA763BC9B63BEBFD14CA44913D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d8:d4:c0:8f:84:f5:3c:db:c1:b5:75:e5:bd:08: 87:0b:f5:9c:93:69:d0:69:f8:60:8c:3d:12:0a:96: 0d:60:d2:9f:3d:74:33:57:23:8d:46:48:98:cd:71: da:db:91:60:c5:b5:a8:59:20:b2:89:6a:9f:16:bc: e7:e5:3f:e4:97:4e:08:f6:1a:9c:8f:59:3b:35:0f: 4f:1c:b7:d7:d4:b3:7a:ec:41:2d:e9:b6:06:4f:09: ca:8c:a1:a7:39:f5:a8:5a:57:73:f0:3e:9a:a6:6f: 52:9d:55:fe:6f:b2:36:a1:61:bf:29:c9:4a:2a:60: 61:d9:5f:6b:b5:84:ae:69:ef:66:bd:b7:d9:a7:84: de:52:ba:36:a9:08:af:a4:61:24:5c:da:d0:6e:52: 5b:dd:82:11:e7:fc:4b:95:ef:91:95:26:b8:00:89: 81:fa:a5:6b:27:34:b9:db:b9:d7:75:c7:03:99:04: 5c:79:a8:d9:9d:c0:3c:c3:02:29:21:15:2a:ff:f8: fe:15:db:b7:73:0f:50:82:0d:d0:51:2b:fd:17:1f: db:e2:6b:f6:35:e8:d3:5d:9a:ad:b8:29:15:08:df: 3b:32:a4:75:e6:a5:3f:7b:6e:d6:65:5b:84:48:e8: 3e:1f:c9:88:de:9a:94:a1:40:67:36:41:d2:25:63: 37:91 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 18:24:4C:E7:17:41:52:BA:76:3B:C9:B6:3B:EB:FD:14:CA:44:91:3D X509v3 Authority Key Identifier: keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/GCRM5xdBUrp2O8m2O-v9FMpEkT0.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 43.239.0.0/19 101.78.32.0/19 103.35.0.0/19 Signature Algorithm: sha256WithRSAEncryption 91:d2:ef:d2:bf:38:f3:e7:e9:96:07:09:db:80:ed:d3:60:08: dd:a3:69:ba:b8:03:49:48:8b:b8:2b:f9:08:c4:f8:ba:9b:94: 0f:91:5f:58:ea:79:a3:7e:45:bc:9d:05:29:09:8e:9a:6b:5c: 5c:f9:95:64:f8:8e:41:7b:61:03:17:4a:e9:44:c3:4e:d5:28: e6:f9:68:e8:51:e7:80:5c:c7:c8:ff:09:7f:e9:11:5d:75:e2: 70:40:c7:ee:c0:42:ef:e1:40:68:45:46:d5:c9:69:e4:87:33: 50:1d:21:72:14:b9:92:39:82:77:a8:b2:1e:aa:42:9a:74:6a: 25:88:09:78:bb:d0:45:8f:6f:28:73:d7:6b:b3:0d:b7:5f:02: ec:01:06:08:78:10:8c:6d:5a:e5:9f:63:99:de:77:e9:82:d8: 47:3a:d3:57:1c:ac:21:b7:9b:5a:27:95:3f:58:c2:75:a2:2a: 2e:8b:27:4d:f7:59:9b:6f:1a:90:a4:69:91:62:b8:84:f1:0f: 1b:d6:9e:be:1c:d1:59:ee:49:3b:70:2d:ce:23:b3:5a:bc:af: cc:18:da:6d:51:3f:e6:50:a6:a6:8c:0d:21:2b:4f:2c:71:f7: d7:5a:2e:65:75:21:3a:b5:e0:ff:a6:a8:df:84:59:ad:48:e5: 87:b7:e4:00 -----BEGIN CERTIFICATE----- MIIE4TCCA8mgAwIBAgICQWUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTUx ODUyNThaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDE4MjQ0Q0U3MTc0MTUy QkE3NjNCQzlCNjNCRUJGRDE0Q0E0NDkxM0QwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDY1MCPhPU828G1deW9CIcL9ZyTadBp+GCMPRIKlg1g0p89dDNX I41GSJjNcdrbkWDFtahZILKJap8WvOflP+SXTgj2GpyPWTs1D08ct9fUs3rsQS3p tgZPCcqMoac59ahaV3PwPpqmb1KdVf5vsjahYb8pyUoqYGHZX2u1hK5p72a9t9mn hN5SujapCK+kYSRc2tBuUlvdghHn/EuV75GVJrgAiYH6pWsnNLnbudd1xwOZBFx5 qNmdwDzDAikhFSr/+P4V27dzD1CCDdBRK/0XH9via/Y16NNdmq24KRUI3zsypHXm pT97btZlW4RI6D4fyYjempShQGc2QdIlYzeRAgMBAAGjggH9MIIB+TAdBgNVHQ4E FgQUGCRM5xdBUrp2O8m2O+v9FMpEkT0wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj 3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3 L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0dDUk01eGRCVXJwMk84 bTJPLXY5Rk1wRWtUMC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAJHS79K/OPPn6ZYH CduA7dNgCN2jabq4A0lIi7gr+QjE+LqblA+RX1jqeaN+RbydBSkJjpprXFz5lWT4 jkF7YQMXSulEw07VKOb5aOhR54Bcx8j/CX/pEV114nBAx+7AQu/hQGhFRtXJaeSH M1AdIXIUuZI5gneosh6qQpp0aiWICXi70EWPbyhz12uzDbdfAuwBBgh4EIxtWuWf Y5ned+mC2Ec601ccrCG3m1onlT9YwnWiKi6LJ033WZtvGpCkaZFiuITxDxvWnr4c 0VnuSTtwLc4js1q8r8wY2m1RP+ZQpqaMDSErTyxx99daLmV1ITq14P+mqN+EWa1I 5Ye35AA= -----END CERTIFICATE-----Generated at Mon Jan 12 13:30:35 2026 by rpki-client