This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/ioeOo24C4SCzAOns3nmZvIiSR-4.roa File: ioeOo24C4SCzAOns3nmZvIiSR-4.roa (raw, json) Hash identifier: GDTmcUGVSYaKC58ToNfgSZ8xYNkrzl+Sqe2URTfzagc= Subject key identifier: 8A:87:8E:A3:6E:02:E1:20:B3:00:E9:EC:DE:79:99:BC:88:92:47:EE Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA Certificate serial: 6170 Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/ioeOo24C4SCzAOns3nmZvIiSR-4.roa Signing time: Sat 17 May 2025 22:10:32 +0000 ROA not before: Sat 17 May 2025 22:10:32 +0000 ROA not after: Fri 03 Apr 2026 08:00:09 +0000 asID: 24426 IP address blocks: 43.239.48.0/22 maxlen: 22 43.246.0.0/22 maxlen: 22 43.246.4.0/22 maxlen: 22 43.246.12.0/22 maxlen: 22 43.246.16.0/22 maxlen: 22 43.246.20.0/22 maxlen: 22 43.246.24.0/22 maxlen: 22 43.246.28.0/22 maxlen: 22 43.246.32.0/22 maxlen: 22 43.246.36.0/22 maxlen: 22 43.246.40.0/22 maxlen: 22 43.246.44.0/22 maxlen: 22 43.246.52.0/22 maxlen: 22 43.246.56.0/22 maxlen: 22 43.246.60.0/22 maxlen: 22 43.246.64.0/22 maxlen: 22 43.246.68.0/22 maxlen: 22 43.246.72.0/22 maxlen: 22 43.246.76.0/22 maxlen: 22 43.246.80.0/22 maxlen: 22 43.246.84.0/22 maxlen: 22 43.246.88.0/22 maxlen: 22 43.246.92.0/22 maxlen: 22 43.246.96.0/22 maxlen: 22 103.35.48.0/22 maxlen: 22 103.236.0.0/22 maxlen: 22 103.236.4.0/22 maxlen: 22 103.236.8.0/22 maxlen: 22 103.236.12.0/22 maxlen: 22 103.236.16.0/22 maxlen: 22 103.236.20.0/22 maxlen: 22 103.236.28.0/22 maxlen: 22 103.236.32.0/22 maxlen: 22 103.236.36.0/22 maxlen: 22 103.236.40.0/22 maxlen: 22 103.236.44.0/22 maxlen: 22 103.236.48.0/22 maxlen: 22 103.236.52.0/22 maxlen: 22 103.236.56.0/22 maxlen: 22 103.236.60.0/22 maxlen: 22 103.236.64.0/22 maxlen: 22 103.236.68.0/22 maxlen: 22 103.236.72.0/22 maxlen: 22 103.236.76.0/22 maxlen: 22 103.236.80.0/22 maxlen: 22 103.236.84.0/22 maxlen: 22 103.236.88.0/22 maxlen: 22 103.236.92.0/22 maxlen: 22 103.236.96.0/22 maxlen: 22 Validation: Failed, RFC 3779 resource not subset of parent's resources Certificate: Data: Version: 3 (0x2) Serial Number: 24944 (0x6170) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA Validity Not Before: May 17 22:10:32 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=8A878EA36E02E120B300E9ECDE7999BC889247EE Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:75:da:ff:3e:b7:b9:0c:67:6a:be:72:f2:19: 41:da:9d:c8:76:65:16:91:6a:ad:2b:2a:e5:13:df: 59:c3:ce:68:29:e9:0d:fa:70:97:17:52:c5:c5:f0: fd:55:dd:83:61:6e:94:7f:5b:27:b7:00:32:64:5d: ea:3b:bb:58:63:3f:b1:e5:a6:f0:27:ee:1b:22:42: 14:8a:b2:38:ce:3e:2c:32:40:48:38:fd:d4:7e:72: c2:8e:ff:af:80:97:70:b4:be:2c:ed:e7:75:ca:4d: 27:2f:de:6d:fe:66:61:3f:6b:ea:c6:ed:df:89:54: 8c:58:1d:d8:71:1f:cf:e8:ce:5e:10:3e:6d:ed:df: 44:47:32:70:cb:bf:de:59:38:d2:64:17:15:3e:d7: 3a:c1:3b:a3:a2:48:ae:2c:bb:0a:0b:71:33:84:44: 03:ad:c9:2d:fb:7b:27:e4:a9:c8:be:1f:f1:c5:de: 7e:ee:44:ce:e5:3f:85:3b:04:93:07:d2:3b:c2:db: 7e:8a:cc:b6:3b:17:ae:7e:de:7c:93:90:ea:53:ac: 98:5f:59:e9:12:09:a8:41:c5:2c:f7:4f:23:9b:bd: b2:ab:a8:46:90:f1:23:76:59:48:52:8e:10:a6:b1: 18:4c:c2:c3:8a:19:31:fc:6c:d4:61:d9:a5:91:9b: f8:5f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8A:87:8E:A3:6E:02:E1:20:B3:00:E9:EC:DE:79:99:BC:88:92:47:EE X509v3 Authority Key Identifier: keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/ioeOo24C4SCzAOns3nmZvIiSR-4.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 43.239.48.0/22 43.246.0.0/21 43.246.12.0-43.246.47.255 43.246.52.0-43.246.99.255 103.35.48.0/22 103.236.0.0-103.236.23.255 103.236.28.0-103.236.99.255 Signature Algorithm: sha256WithRSAEncryption 40:19:f2:87:0f:fc:10:0b:b1:27:cf:f7:26:8a:aa:ab:e1:01: ab:8a:9d:73:3c:de:d8:87:5f:c1:b0:39:89:1a:76:13:86:a6: 83:f4:42:76:b6:fe:2e:e3:2d:5c:4c:09:7b:44:8a:79:e1:c1: 5c:39:15:a4:1d:27:7d:2d:d6:86:0a:32:bc:26:52:d7:50:60: 46:cc:77:c8:89:5a:9f:51:e9:f2:b8:75:f0:d5:4a:98:fb:a3: 38:af:76:3b:f5:e6:b8:2c:e4:42:99:21:6f:75:a9:de:e5:6e: 4c:a4:6b:67:b1:cc:00:62:33:b0:8b:12:31:4c:46:40:58:70: 07:2f:db:76:b7:da:b8:bb:a6:8f:cb:9b:61:94:e7:ea:d2:71: 05:0e:99:79:00:76:07:d0:2f:ae:ec:e0:9f:76:ac:2a:18:53: 39:39:e5:50:cb:7a:0c:b9:75:cc:62:6c:94:4c:37:7d:55:32: 03:19:a5:5b:97:bd:79:94:ee:cf:ca:bf:eb:95:a2:21:1f:26: e2:51:e0:b6:a6:4d:38:d7:71:5f:59:50:95:0a:c8:ed:04:1d: c8:82:34:19:ce:24:f5:b6:01:b3:0d:46:0f:06:ad:93:63:90: 53:9a:5b:c8:0c:59:2d:68:03:75:1b:22:da:ca:16:4a:c7:1f: c2:6e:03:cd -----BEGIN CERTIFICATE----- MIIFGDCCBACgAwIBAgICYXAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNTA1MTcy MjEwMzJaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDhBODc4RUEzNkUwMkUx MjBCMzAwRTlFQ0RFNzk5OUJDODg5MjQ3RUUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDHddr/Pre5DGdqvnLyGUHanch2ZRaRaq0rKuUT31nDzmgp6Q36 cJcXUsXF8P1V3YNhbpR/Wye3ADJkXeo7u1hjP7HlpvAn7hsiQhSKsjjOPiwyQEg4 /dR+csKO/6+Al3C0vizt53XKTScv3m3+ZmE/a+rG7d+JVIxYHdhxH8/ozl4QPm3t 30RHMnDLv95ZONJkFxU+1zrBO6OiSK4suwoLcTOERAOtyS37eyfkqci+H/HF3n7u RM7lP4U7BJMH0jvC236KzLY7F65+3nyTkOpTrJhfWekSCahBxSz3TyObvbKrqEaQ 8SN2WUhSjhCmsRhMwsOKGTH8bNRh2aWRm/hfAgMBAAGjggI0MIICMDAdBgNVHQ4E FgQUioeOo24C4SCzAOns3nmZvIiSR+4wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj 3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3 L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2lvZU9vMjRDNFNDekFP bnMzbm1adklpU1ItNC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwYgYIKwYBBQUHAQcBAf8EUzBRME8EAgABMEkD BAIr7zADBAMr9gAwDAMEAiv2DAMEBCv2IDAMAwQCK/Y0AwQCK/ZgAwQCZyMwMAsD AwJn7AMEA2fsEDAMAwQCZ+wcAwQCZ+xgMA0GCSqGSIb3DQEBCwUAA4IBAQBAGfKH D/wQC7Enz/cmiqqr4QGrip1zPN7Yh1/BsDmJGnYThqaD9EJ2tv4u4y1cTAl7RIp5 4cFcORWkHSd9LdaGCjK8JlLXUGBGzHfIiVqfUenyuHXw1UqY+6M4r3Y79ea4LORC mSFvdane5W5MpGtnscwAYjOwixIxTEZAWHAHL9t2t9q4u6aPy5thlOfq0nEFDpl5 AHYH0C+u7OCfdqwqGFM5OeVQy3oMuXXMYmyUTDd9VTIDGaVbl715lO7Pyr/rlaIh HybiUeC2pk0413FfWVCVCsjtBB3IgjQZziT1tgGzDUYPBq2TY5BTmlvIDFktaAN1 GyLayhZKxx/CbgPN -----END CERTIFICATE-----Generated at Mon Jan 12 02:00:17 2026 by rpki-client