This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/O3EwAGR7xcd8CZlpJ3Zr22lyiHc.roa File: O3EwAGR7xcd8CZlpJ3Zr22lyiHc.roa (raw, json) Hash identifier: jOhA7HTt51a9Z8v9mYUJQQORFIpbXYGNhuaVgzvCfJs= Subject key identifier: 3B:71:30:00:64:7B:C5:C7:7C:09:99:69:27:76:6B:DB:69:72:88:77 Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA Certificate serial: 44E6 Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/O3EwAGR7xcd8CZlpJ3Zr22lyiHc.roa Signing time: Sat 20 Apr 2024 10:53:06 +0000 ROA not before: Sat 20 Apr 2024 10:53:06 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 24426 IP address blocks: 43.236.0.0/16 maxlen: 16 Validation: Failed, RFC 3779 resource not subset of parent's resources Certificate: Data: Version: 3 (0x2) Serial Number: 17638 (0x44e6) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA Validity Not Before: Apr 20 10:53:06 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=3B713000647BC5C77C09996927766BDB69728877 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:c2:9b:10:27:e7:0f:d8:c4:46:31:e8:b7:ba: 48:73:d6:e0:77:56:7a:a2:5b:43:60:a3:c8:61:3a: 61:56:e4:c9:82:f4:4a:5b:fd:a2:79:5c:b2:e7:16: 01:47:f1:95:97:9a:e8:5c:50:6c:83:c6:39:11:ea: a0:ec:7e:24:7d:c4:5f:ae:70:24:7c:f1:24:ce:d8: 52:e1:aa:1f:93:dc:d8:60:de:45:e8:d0:17:ee:2d: 41:a3:c3:6d:0a:ee:3a:67:65:12:d2:53:d5:c8:b8: 1d:dd:84:70:47:45:68:0a:9e:c0:66:91:9f:a6:30: 9c:49:22:3a:d1:9a:95:73:eb:55:13:55:49:22:0f: 0c:97:45:7c:0a:09:fa:3d:5e:98:5a:f4:0d:1c:b2: 52:f6:3d:e0:92:0c:a1:e5:e7:cd:aa:49:11:aa:22: 44:00:b6:36:1a:fb:9f:f9:7f:79:b6:d1:b1:7b:2d: c7:17:bc:8f:89:e2:6c:99:e6:ed:20:67:ff:e7:01: 2d:ce:4a:19:3c:aa:f3:9a:72:97:de:0f:7c:32:07: c8:4c:00:43:e6:74:7a:27:4d:da:28:7c:99:ee:d9: b5:97:27:a5:39:3c:1f:01:0f:67:3f:b2:3e:45:57: 8c:be:1e:de:cd:06:8a:4d:b4:0a:09:bb:6e:cb:92: 67:75 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3B:71:30:00:64:7B:C5:C7:7C:09:99:69:27:76:6B:DB:69:72:88:77 X509v3 Authority Key Identifier: keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/O3EwAGR7xcd8CZlpJ3Zr22lyiHc.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 43.236.0.0/16 Signature Algorithm: sha256WithRSAEncryption 72:b4:e2:e6:2a:f5:7d:c3:dc:d9:7d:77:2c:7c:9e:bb:04:99: fa:66:95:4a:a8:33:bd:b4:2b:96:51:d1:9c:62:fb:0c:b4:9a: 56:ef:84:37:e4:d1:c4:2c:96:08:a1:59:a9:f3:6d:45:8f:f5: ff:c1:4f:99:c5:ed:6b:db:4d:c0:05:30:3e:93:27:62:07:7d: bd:4a:73:cb:92:4c:c5:9b:d0:4d:23:13:c0:8a:da:ec:8a:c4: 8a:ad:7e:47:3e:ec:ae:36:cd:06:33:64:c0:ec:fc:ae:98:ff: 2e:02:5a:ee:44:3c:fc:df:0e:b8:f9:df:94:d7:a6:41:82:d8: 5d:49:b7:b9:b0:32:02:6f:02:ec:2c:f8:71:a0:7f:cf:20:d4: 29:1f:ec:8a:13:93:f6:47:b0:fb:ff:9f:ed:74:80:a8:20:e4: b8:56:f5:25:18:1f:9c:61:2c:e4:e0:6b:c2:e0:f7:ca:e4:6e: c6:da:f2:5b:66:b5:f9:80:9f:00:97:7f:31:cf:d7:42:ee:73: 7d:d9:4c:57:1a:ed:f5:ad:df:cb:ee:10:c8:44:c6:58:ef:d4: be:e4:8f:2b:2c:22:45:5c:df:97:59:28:27:ff:ce:3c:42:5d: 5f:cf:d2:d8:99:27:67:1e:d4:8a:72:35:93:40:86:6a:3a:38: 78:ad:1e:a5 -----BEGIN CERTIFICATE----- MIIE1DCCA7ygAwIBAgICROYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MjAx MDUzMDZaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDNCNzEzMDAwNjQ3QkM1 Qzc3QzA5OTk2OTI3NzY2QkRCNjk3Mjg4NzcwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDGwpsQJ+cP2MRGMei3ukhz1uB3VnqiW0Ngo8hhOmFW5MmC9Epb /aJ5XLLnFgFH8ZWXmuhcUGyDxjkR6qDsfiR9xF+ucCR88STO2FLhqh+T3Nhg3kXo 0BfuLUGjw20K7jpnZRLSU9XIuB3dhHBHRWgKnsBmkZ+mMJxJIjrRmpVz61UTVUki DwyXRXwKCfo9Xpha9A0cslL2PeCSDKHl582qSRGqIkQAtjYa+5/5f3m20bF7LccX vI+J4myZ5u0gZ//nAS3OShk8qvOacpfeD3wyB8hMAEPmdHonTdoofJnu2bWXJ6U5 PB8BD2c/sj5FV4y+Ht7NBopNtAoJu27Lkmd1AgMBAAGjggHwMIIB7DAdBgNVHQ4E FgQUO3EwAGR7xcd8CZlpJ3Zr22lyiHcwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj 3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3 L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L08zRXdBR1I3eGNkOENa bHBKM1pyMjJseWlIYy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAcrTi5ir1fcPc2X13LHyeuwSZ+maVSqgz vbQrllHRnGL7DLSaVu+EN+TRxCyWCKFZqfNtRY/1/8FPmcXta9tNwAUwPpMnYgd9 vUpzy5JMxZvQTSMTwIra7IrEiq1+Rz7srjbNBjNkwOz8rpj/LgJa7kQ8/N8OuPnf lNemQYLYXUm3ubAyAm8C7Cz4caB/zyDUKR/sihOT9kew+/+f7XSAqCDkuFb1JRgf nGEs5OBrwuD3yuRuxtryW2a1+YCfAJd/Mc/XQu5zfdlMVxrt9a3fy+4QyETGWO/U vuSPKywiRVzfl1koJ//OPEJdX8/S2JknZx7UinI1k0CGajo4eK0epQ== -----END CERTIFICATE-----Generated at Tue Dec 30 07:05:26 2025 by rpki-client