This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/iH119cLK1I73O6ylzD6iTOiSCRg.roa File: iH119cLK1I73O6ylzD6iTOiSCRg.roa (raw, json) Hash identifier: u9J8sGKHMpSvJgDKlcMEMLPm8XOxznoYKs8EkVdBJcU= Subject key identifier: 88:7D:75:F5:C2:CA:D4:8E:F7:3B:AC:A5:CC:3E:A2:4C:E8:92:09:18 Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA Certificate serial: 509A Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/iH119cLK1I73O6ylzD6iTOiSCRg.roa Signing time: Mon 06 May 2024 01:23:50 +0000 ROA not before: Mon 06 May 2024 01:23:50 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 24426 IP address blocks: 43.236.0.0/16 maxlen: 16 Validation: Failed, RFC 3779 resource not subset of parent's resources Certificate: Data: Version: 3 (0x2) Serial Number: 20634 (0x509a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA Validity Not Before: May 6 01:23:50 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=887D75F5C2CAD48EF73BACA5CC3EA24CE8920918 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:c3:3b:5d:af:da:53:7f:3d:d5:12:77:26:80: 0f:bf:58:72:06:41:cc:0e:7d:b4:d9:01:31:3b:a1: 35:2b:d9:a7:2e:08:68:63:22:dc:6d:cb:0e:36:ca: 2e:7b:ef:9a:1d:b1:02:5a:f8:1a:af:01:ff:64:75: 64:b0:16:cd:12:ab:89:26:c2:1e:41:74:9f:89:64: 4a:01:d9:1c:c8:0e:4e:40:3f:d5:b6:3b:ac:9d:7c: dd:8c:8e:6a:9b:ba:c7:1e:32:37:01:0b:8a:20:50: 2c:d1:68:8a:01:a0:7b:12:5a:3c:05:5b:96:33:cd: c3:b5:0c:e2:0c:5f:c3:f4:db:87:d0:19:6f:7c:69: b3:9b:36:5c:49:48:8a:cd:c4:c4:17:65:81:f4:eb: 22:2a:1d:17:05:6e:0e:2d:45:92:0b:f8:4b:f5:03: 2f:fe:96:38:ce:68:12:94:d5:83:a3:2b:09:e9:9a: db:0c:da:24:57:3b:58:50:0e:ba:50:63:cc:70:b3: f3:d8:3c:f2:69:2d:d6:64:ce:6e:b7:be:37:ea:1c: cc:ac:bb:a8:25:ec:22:9b:32:aa:43:2a:48:6e:ae: eb:50:6a:b2:1b:eb:3a:7a:47:c3:f8:38:ca:e6:26: a4:7a:04:4a:6b:b3:a4:b0:1b:87:65:e0:35:23:db: 97:df Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 88:7D:75:F5:C2:CA:D4:8E:F7:3B:AC:A5:CC:3E:A2:4C:E8:92:09:18 X509v3 Authority Key Identifier: keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/iH119cLK1I73O6ylzD6iTOiSCRg.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 43.236.0.0/16 Signature Algorithm: sha256WithRSAEncryption 52:96:88:72:fc:6e:93:14:5f:b7:62:4f:48:b6:9f:72:46:a7: cb:7c:4d:11:d3:da:30:9f:20:3e:19:7b:93:9f:6e:d8:b1:da: 56:8f:e5:b1:74:e0:7a:65:d2:e7:c1:34:64:45:67:49:2d:0e: c9:1e:42:86:07:66:22:a3:0b:80:53:05:69:63:b4:e5:b9:14: 0c:28:ea:21:16:15:e3:7b:f7:bb:b7:88:b7:f0:2e:ac:5a:dd: ec:e4:c1:f0:dd:a8:17:98:53:00:db:a3:4c:e1:d4:77:d1:9e: 31:5f:db:f4:bf:b5:fa:61:6a:fb:1c:2e:3b:76:4f:5f:a3:07: 87:f3:4f:2b:fa:8a:95:ea:4b:b6:37:c8:36:80:e2:d6:70:4b: 64:99:42:5e:83:fc:5a:35:bb:01:26:75:96:ff:41:ef:93:15: a6:70:63:21:6c:70:86:bf:dd:1a:ab:5b:0d:ad:ed:f8:33:e8: 33:b6:2d:a1:b6:03:01:d3:93:28:8e:38:0e:75:64:20:5c:8f: 20:3c:95:00:c9:7c:7a:db:a0:64:3b:34:70:f4:30:b6:e8:70: 41:80:88:f4:fe:95:29:f1:c7:47:a9:78:c5:2f:77:c4:9c:81: a2:1f:40:f0:62:9a:55:e1:48:c4:ab:cb:20:0b:7a:d4:5d:6b: d8:47:3c:72 -----BEGIN CERTIFICATE----- MIIE1DCCA7ygAwIBAgICUJowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MDYw MTIzNTBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDg4N0Q3NUY1QzJDQUQ0 OEVGNzNCQUNBNUNDM0VBMjRDRTg5MjA5MTgwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDMwztdr9pTfz3VEncmgA+/WHIGQcwOfbTZATE7oTUr2acuCGhj Itxtyw42yi5775odsQJa+BqvAf9kdWSwFs0Sq4kmwh5BdJ+JZEoB2RzIDk5AP9W2 O6ydfN2MjmqbusceMjcBC4ogUCzRaIoBoHsSWjwFW5YzzcO1DOIMX8P024fQGW98 abObNlxJSIrNxMQXZYH06yIqHRcFbg4tRZIL+Ev1Ay/+ljjOaBKU1YOjKwnpmtsM 2iRXO1hQDrpQY8xws/PYPPJpLdZkzm63vjfqHMysu6gl7CKbMqpDKkhurutQarIb 6zp6R8P4OMrmJqR6BEprs6SwG4dl4DUj25ffAgMBAAGjggHwMIIB7DAdBgNVHQ4E FgQUiH119cLK1I73O6ylzD6iTOiSCRgwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj 3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3 L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2lIMTE5Y0xLMUk3M082 eWx6RDZpVE9pU0NSZy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAUpaIcvxukxRft2JPSLafckany3xNEdPa MJ8gPhl7k59u2LHaVo/lsXTgemXS58E0ZEVnSS0OyR5ChgdmIqMLgFMFaWO05bkU DCjqIRYV43v3u7eIt/AurFrd7OTB8N2oF5hTANujTOHUd9GeMV/b9L+1+mFq+xwu O3ZPX6MHh/NPK/qKlepLtjfINoDi1nBLZJlCXoP8WjW7ASZ1lv9B75MVpnBjIWxw hr/dGqtbDa3t+DPoM7YtobYDAdOTKI44DnVkIFyPIDyVAMl8etugZDs0cPQwtuhw QYCI9P6VKfHHR6l4xS93xJyBoh9A8GKaVeFIxKvLIAt61F1r2Ec8cg== -----END CERTIFICATE-----Generated at Sun Jan 11 14:42:36 2026 by rpki-client