This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/IeiMCcg3ykpD_4GIWFJ42Z9f36s.roa File: IeiMCcg3ykpD_4GIWFJ42Z9f36s.roa (raw, json) Hash identifier: TclExuTf0FmTyXfuYTZrde26dsJcEHlD/merXi76wMs= Subject key identifier: 21:E8:8C:09:C8:37:CA:4A:43:FF:81:88:58:52:78:D9:9F:5F:DF:AB Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA Certificate serial: 5182 Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/IeiMCcg3ykpD_4GIWFJ42Z9f36s.roa Signing time: Tue 07 May 2024 06:24:09 +0000 ROA not before: Tue 07 May 2024 06:24:09 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 24426 IP address blocks: 43.236.0.0/16 maxlen: 16 Validation: Failed, RFC 3779 resource not subset of parent's resources Certificate: Data: Version: 3 (0x2) Serial Number: 20866 (0x5182) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA Validity Not Before: May 7 06:24:09 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=21E88C09C837CA4A43FF8188585278D99F5FDFAB Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:78:ea:51:92:27:2b:b0:71:7e:85:21:08:ed: 88:d4:3b:a1:aa:91:1f:3f:10:f2:48:d9:79:90:8e: 33:85:d6:40:96:9d:da:38:e3:99:4c:2b:13:61:3e: 14:2f:94:df:3a:4d:c1:78:e1:a5:fb:d9:eb:72:31: 95:7f:26:5f:dd:3c:67:43:a1:6b:7f:d1:84:ea:c1: 71:e2:66:3c:c1:02:ff:ae:df:fd:30:cf:7d:f0:9a: eb:14:ee:80:51:e3:e9:8f:d4:fd:03:ab:20:0f:b7: 51:ad:cb:aa:60:5d:da:24:da:1f:51:e8:4c:06:94: 09:42:88:e1:23:c6:2f:9a:d9:b8:13:26:0f:1f:d2: b1:ac:f4:ce:9e:5e:06:30:da:fb:6c:70:ba:aa:67: 89:81:81:f4:46:9b:78:30:16:10:fa:4e:c9:f3:da: a8:b2:b5:25:d6:02:60:1a:06:76:a9:6e:11:14:0c: e0:51:38:4e:24:1f:b9:cb:82:48:d9:e9:82:91:31: 15:cf:14:f0:42:f7:0c:bc:07:a4:3c:84:2f:d2:ba: 86:47:d7:ad:11:be:68:b2:c1:fc:f1:c3:a1:55:85: 96:31:a4:6a:5c:51:ab:bc:12:5a:5a:f9:6d:93:6a: fd:bf:60:e7:95:35:f4:98:6a:3c:c7:62:ee:95:f3: 2d:dd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 21:E8:8C:09:C8:37:CA:4A:43:FF:81:88:58:52:78:D9:9F:5F:DF:AB X509v3 Authority Key Identifier: keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/IeiMCcg3ykpD_4GIWFJ42Z9f36s.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 43.236.0.0/16 Signature Algorithm: sha256WithRSAEncryption 97:b5:6f:47:c4:c8:86:28:5a:02:74:3a:06:f9:de:ef:95:3a: a7:bb:fe:e5:98:1b:7b:e7:7b:40:0d:06:c2:35:9c:dc:57:94: 00:b0:fa:52:f6:1d:24:c3:54:41:9f:5c:60:f3:f2:da:0e:2a: 45:17:3a:df:27:4c:f7:09:e0:94:11:33:55:68:54:43:74:25: bd:cd:01:42:2f:73:6f:3a:41:3b:38:12:99:a8:21:e9:57:bf: 74:42:4a:40:c0:be:74:bb:02:98:59:fc:ed:88:e7:7b:0e:3a: d5:47:2e:3a:29:b7:0d:6a:69:7b:b8:52:c2:27:a4:f0:59:4c: 28:7e:8e:4a:a6:a0:9c:37:62:db:be:7a:b7:6a:4b:cb:c4:7b: 32:09:c7:e2:e3:61:c3:38:5c:19:00:5d:ac:fe:37:6a:dc:9f: 9e:66:86:68:a5:fc:97:d0:19:02:c0:54:01:7c:48:36:2e:d8: f8:bd:81:d0:48:c9:91:ee:16:b2:4b:48:73:a8:23:3b:8e:8b: ea:57:1d:e9:46:1e:bf:22:3d:21:31:3f:3e:fb:b0:83:1f:06: 0e:e0:10:57:e0:cc:9f:b2:8a:b8:2c:aa:dc:8b:75:e8:c4:9e: 6d:db:16:26:3f:a7:5f:70:01:96:e9:bd:0c:f7:54:d7:bc:bc: b1:6c:f1:24 -----BEGIN CERTIFICATE----- MIIE1DCCA7ygAwIBAgICUYIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MDcw NjI0MDlaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDIxRTg4QzA5QzgzN0NB NEE0M0ZGODE4ODU4NTI3OEQ5OUY1RkRGQUIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCteOpRkicrsHF+hSEI7YjUO6GqkR8/EPJI2XmQjjOF1kCWndo4 45lMKxNhPhQvlN86TcF44aX72etyMZV/Jl/dPGdDoWt/0YTqwXHiZjzBAv+u3/0w z33wmusU7oBR4+mP1P0DqyAPt1Gty6pgXdok2h9R6EwGlAlCiOEjxi+a2bgTJg8f 0rGs9M6eXgYw2vtscLqqZ4mBgfRGm3gwFhD6Tsnz2qiytSXWAmAaBnapbhEUDOBR OE4kH7nLgkjZ6YKRMRXPFPBC9wy8B6Q8hC/SuoZH160Rvmiywfzxw6FVhZYxpGpc Uau8Elpa+W2Tav2/YOeVNfSYajzHYu6V8y3dAgMBAAGjggHwMIIB7DAdBgNVHQ4E FgQUIeiMCcg3ykpD/4GIWFJ42Z9f36swHwYDVR0jBBgwFoAUvevthkDLplk9qfmj 3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3 L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0llaU1DY2czeWtwRF80 R0lXRko0Mlo5ZjM2cy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAl7VvR8TIhihaAnQ6Bvne75U6p7v+5Zgb e+d7QA0GwjWc3FeUALD6UvYdJMNUQZ9cYPPy2g4qRRc63ydM9wnglBEzVWhUQ3Ql vc0BQi9zbzpBOzgSmagh6Ve/dEJKQMC+dLsCmFn87Yjnew461UcuOim3DWppe7hS wiek8FlMKH6OSqagnDdi2756t2pLy8R7MgnH4uNhwzhcGQBdrP43atyfnmaGaKX8 l9AZAsBUAXxINi7Y+L2B0EjJke4WsktIc6gjO46L6lcd6UYevyI9ITE/Pvuwgx8G DuAQV+DMn7KKuCyq3It16MSebdsWJj+nX3ABlum9DPdU17y8sWzxJA== -----END CERTIFICATE-----Generated at Sun Jan 11 23:03:59 2026 by rpki-client