This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/Zw-edpPoq1MBczXTxGbRvEBeH5w.roa File: Zw-edpPoq1MBczXTxGbRvEBeH5w.roa (raw, json) Hash identifier: jGOoISAf2dYFxs2n28ClNb3ZIkvdeO21AQ94veXYL08= Subject key identifier: 67:0F:9E:76:93:E8:AB:53:01:73:35:D3:C4:66:D1:BC:40:5E:1F:9C Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA Certificate serial: 6B90 Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/Zw-edpPoq1MBczXTxGbRvEBeH5w.roa Signing time: Fri 13 Jun 2025 22:12:24 +0000 ROA not before: Fri 13 Jun 2025 22:12:24 +0000 ROA not after: Fri 03 Apr 2026 08:00:09 +0000 asID: 24426 IP address blocks: 43.239.48.0/22 maxlen: 22 43.246.0.0/22 maxlen: 22 43.246.4.0/22 maxlen: 22 43.246.12.0/22 maxlen: 22 43.246.16.0/22 maxlen: 22 43.246.20.0/22 maxlen: 22 43.246.24.0/22 maxlen: 22 43.246.28.0/22 maxlen: 22 43.246.32.0/22 maxlen: 22 43.246.36.0/22 maxlen: 22 43.246.40.0/22 maxlen: 22 43.246.44.0/22 maxlen: 22 43.246.52.0/22 maxlen: 22 43.246.56.0/22 maxlen: 22 43.246.60.0/22 maxlen: 22 43.246.64.0/22 maxlen: 22 43.246.68.0/22 maxlen: 22 43.246.72.0/22 maxlen: 22 43.246.76.0/22 maxlen: 22 43.246.80.0/22 maxlen: 22 43.246.84.0/22 maxlen: 22 43.246.88.0/22 maxlen: 22 43.246.92.0/22 maxlen: 22 43.246.96.0/22 maxlen: 22 103.35.48.0/22 maxlen: 22 103.236.0.0/22 maxlen: 22 103.236.4.0/22 maxlen: 22 103.236.8.0/22 maxlen: 22 103.236.12.0/22 maxlen: 22 103.236.16.0/22 maxlen: 22 103.236.20.0/22 maxlen: 22 103.236.28.0/22 maxlen: 22 103.236.32.0/22 maxlen: 22 103.236.36.0/22 maxlen: 22 103.236.40.0/22 maxlen: 22 103.236.44.0/22 maxlen: 22 103.236.48.0/22 maxlen: 22 103.236.52.0/22 maxlen: 22 103.236.56.0/22 maxlen: 22 103.236.60.0/22 maxlen: 22 103.236.64.0/22 maxlen: 22 103.236.68.0/22 maxlen: 22 103.236.72.0/22 maxlen: 22 103.236.76.0/22 maxlen: 22 103.236.80.0/22 maxlen: 22 103.236.84.0/22 maxlen: 22 103.236.88.0/22 maxlen: 22 103.236.92.0/22 maxlen: 22 103.236.96.0/22 maxlen: 22 Validation: Failed, RFC 3779 resource not subset of parent's resources Certificate: Data: Version: 3 (0x2) Serial Number: 27536 (0x6b90) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA Validity Not Before: Jun 13 22:12:24 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=670F9E7693E8AB53017335D3C466D1BC405E1F9C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:3b:28:0f:ea:2f:b3:3e:13:0b:bb:49:b3:a2: 40:ba:45:b2:f5:1e:f9:18:3e:e4:21:7b:c4:38:37: 3a:a9:48:96:cb:41:9e:2e:65:e7:a1:75:9a:83:08: 84:57:0a:3a:ce:03:bc:53:82:0c:61:76:3d:1a:60: 6c:46:18:42:3e:3c:93:42:06:24:5d:12:b1:9f:59: ed:c7:b9:dd:ca:e5:49:6a:41:ae:30:73:5c:32:fe: ff:b9:ac:e3:d9:21:1e:b5:23:f6:da:3e:d2:82:9e: 52:76:a3:bf:9d:05:1f:65:0d:03:e8:5a:ca:48:98: 8e:06:2a:13:78:e7:8c:4b:c6:10:6d:55:f8:c0:83: 52:4b:0e:0e:12:ff:82:64:de:b7:68:04:20:f1:60: 1b:55:01:82:f9:06:08:c1:bb:3c:e9:27:2d:b7:5d: e1:ac:67:88:f4:77:c1:b2:29:b0:8a:ac:3b:24:c4: 82:49:89:e5:b1:1f:fb:68:39:fc:5b:24:e4:d5:83: 4c:c5:aa:3b:94:a8:0a:91:c2:70:00:d9:32:d9:3a: 7c:85:68:e3:0e:2d:49:73:fe:c1:1f:d6:61:ed:dc: d4:3b:ff:b4:c4:d4:df:36:41:e6:bc:e8:b1:7b:5f: 67:d4:a9:88:ca:14:c1:31:ea:4e:62:62:77:8e:81: 90:29 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 67:0F:9E:76:93:E8:AB:53:01:73:35:D3:C4:66:D1:BC:40:5E:1F:9C X509v3 Authority Key Identifier: keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/Zw-edpPoq1MBczXTxGbRvEBeH5w.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 43.239.48.0/22 43.246.0.0/21 43.246.12.0-43.246.47.255 43.246.52.0-43.246.99.255 103.35.48.0/22 103.236.0.0-103.236.23.255 103.236.28.0-103.236.99.255 Signature Algorithm: sha256WithRSAEncryption 8d:9b:2b:c3:d9:cd:38:75:a1:14:6e:87:13:84:33:e8:53:ce: 43:e7:35:3c:0c:c3:b3:8d:34:ef:39:14:4a:d8:ae:b3:65:cb: 7f:49:68:9e:e8:94:d2:21:0a:19:ef:1f:a2:86:a4:fa:15:4e: 09:a6:8c:6d:8d:34:b9:12:0c:dd:ec:3f:3d:bf:0e:11:3c:5e: 6f:cc:2e:23:6e:65:1f:ca:a1:1c:b4:8b:e0:cc:3f:2a:cd:8b: a3:ca:33:62:29:cd:a6:ed:49:87:65:d8:b9:b2:db:40:1c:a9: 7c:40:68:52:ab:a2:ae:5a:64:2c:0c:4c:75:45:d8:c4:a3:3e: a2:3b:c9:c7:2f:5a:c9:cc:17:a6:49:a0:d7:3d:78:84:6d:d1: d5:91:5e:f1:03:bc:7e:67:9a:29:e3:8a:2d:76:70:5a:ff:62: c4:67:28:5c:a3:76:04:26:39:09:b0:56:0b:bf:07:4a:7f:2b: 51:c3:2c:4c:ae:bf:2f:f1:db:49:28:e5:f0:71:10:64:ba:e6: 27:6b:68:05:75:5e:48:04:e6:ef:1d:7a:59:fd:08:1f:ca:65: ad:85:bd:ac:80:91:60:08:7c:d9:57:ae:d6:5d:b6:cd:6d:fd: 5c:7a:8d:2c:fe:b5:f2:b1:04:b6:63:45:3e:71:85:85:28:38: 8d:c7:09:2b -----BEGIN CERTIFICATE----- MIIFGDCCBACgAwIBAgICa5AwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNTA2MTMy MjEyMjRaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDY3MEY5RTc2OTNFOEFC NTMwMTczMzVEM0M0NjZEMUJDNDA1RTFGOUMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCvOygP6i+zPhMLu0mzokC6RbL1HvkYPuQhe8Q4NzqpSJbLQZ4u ZeehdZqDCIRXCjrOA7xTggxhdj0aYGxGGEI+PJNCBiRdErGfWe3Hud3K5UlqQa4w c1wy/v+5rOPZIR61I/baPtKCnlJ2o7+dBR9lDQPoWspImI4GKhN454xLxhBtVfjA g1JLDg4S/4Jk3rdoBCDxYBtVAYL5BgjBuzzpJy23XeGsZ4j0d8GyKbCKrDskxIJJ ieWxH/toOfxbJOTVg0zFqjuUqAqRwnAA2TLZOnyFaOMOLUlz/sEf1mHt3NQ7/7TE 1N82Qea86LF7X2fUqYjKFMEx6k5iYneOgZApAgMBAAGjggI0MIICMDAdBgNVHQ4E FgQUZw+edpPoq1MBczXTxGbRvEBeH5wwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj 3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3 L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1p3LWVkcFBvcTFNQmN6 WFR4R2JSdkVCZUg1dy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwYgYIKwYBBQUHAQcBAf8EUzBRME8EAgABMEkD BAIr7zADBAMr9gAwDAMEAiv2DAMEBCv2IDAMAwQCK/Y0AwQCK/ZgAwQCZyMwMAsD AwJn7AMEA2fsEDAMAwQCZ+wcAwQCZ+xgMA0GCSqGSIb3DQEBCwUAA4IBAQCNmyvD 2c04daEUbocThDPoU85D5zU8DMOzjTTvORRK2K6zZct/SWie6JTSIQoZ7x+ihqT6 FU4JpoxtjTS5Egzd7D89vw4RPF5vzC4jbmUfyqEctIvgzD8qzYujyjNiKc2m7UmH Zdi5sttAHKl8QGhSq6KuWmQsDEx1RdjEoz6iO8nHL1rJzBemSaDXPXiEbdHVkV7x A7x+Z5op44otdnBa/2LEZyhco3YEJjkJsFYLvwdKfytRwyxMrr8v8dtJKOXwcRBk uuYna2gFdV5IBObvHXpZ/QgfymWthb2sgJFgCHzZV67WXbbNbf1ceo0s/rXysQS2 Y0U+cYWFKDiNxwkr -----END CERTIFICATE-----Generated at Mon Jan 12 05:29:26 2026 by rpki-client