This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/lP3c7vU-saRYi1Bp9XzClXKc664.roa File: lP3c7vU-saRYi1Bp9XzClXKc664.roa (raw, json) Hash identifier: sIyLrnrr+AU+GEjQoXNACTxD7JwWx7iYs2qR82fGrgg= Subject key identifier: 94:FD:DC:EE:F5:3E:B1:A4:58:8B:50:69:F5:7C:C2:95:72:9C:EB:AE Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA Certificate serial: 6B12 Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/lP3c7vU-saRYi1Bp9XzClXKc664.roa Signing time: Thu 12 Jun 2025 14:42:20 +0000 ROA not before: Thu 12 Jun 2025 14:42:20 +0000 ROA not after: Fri 03 Apr 2026 08:00:09 +0000 asID: 24426 IP address blocks: 43.239.48.0/22 maxlen: 22 43.246.0.0/22 maxlen: 22 43.246.4.0/22 maxlen: 22 43.246.12.0/22 maxlen: 22 43.246.16.0/22 maxlen: 22 43.246.20.0/22 maxlen: 22 43.246.24.0/22 maxlen: 22 43.246.28.0/22 maxlen: 22 43.246.32.0/22 maxlen: 22 43.246.36.0/22 maxlen: 22 43.246.40.0/22 maxlen: 22 43.246.44.0/22 maxlen: 22 43.246.52.0/22 maxlen: 22 43.246.56.0/22 maxlen: 22 43.246.60.0/22 maxlen: 22 43.246.64.0/22 maxlen: 22 43.246.68.0/22 maxlen: 22 43.246.72.0/22 maxlen: 22 43.246.76.0/22 maxlen: 22 43.246.80.0/22 maxlen: 22 43.246.84.0/22 maxlen: 22 43.246.88.0/22 maxlen: 22 43.246.92.0/22 maxlen: 22 43.246.96.0/22 maxlen: 22 103.35.48.0/22 maxlen: 22 103.236.0.0/22 maxlen: 22 103.236.4.0/22 maxlen: 22 103.236.8.0/22 maxlen: 22 103.236.12.0/22 maxlen: 22 103.236.16.0/22 maxlen: 22 103.236.20.0/22 maxlen: 22 103.236.28.0/22 maxlen: 22 103.236.32.0/22 maxlen: 22 103.236.36.0/22 maxlen: 22 103.236.40.0/22 maxlen: 22 103.236.44.0/22 maxlen: 22 103.236.48.0/22 maxlen: 22 103.236.52.0/22 maxlen: 22 103.236.56.0/22 maxlen: 22 103.236.60.0/22 maxlen: 22 103.236.64.0/22 maxlen: 22 103.236.68.0/22 maxlen: 22 103.236.72.0/22 maxlen: 22 103.236.76.0/22 maxlen: 22 103.236.80.0/22 maxlen: 22 103.236.84.0/22 maxlen: 22 103.236.88.0/22 maxlen: 22 103.236.92.0/22 maxlen: 22 103.236.96.0/22 maxlen: 22 Validation: Failed, RFC 3779 resource not subset of parent's resources Certificate: Data: Version: 3 (0x2) Serial Number: 27410 (0x6b12) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA Validity Not Before: Jun 12 14:42:20 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=94FDDCEEF53EB1A4588B5069F57CC295729CEBAE Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dd:93:cb:6b:50:6e:fe:0d:65:2b:ef:7d:b2:20: 0a:72:6b:64:92:0e:54:b1:53:72:f8:46:f4:f0:a6: 74:e6:e2:83:be:09:9e:6f:03:3a:04:71:eb:cb:da: df:10:b6:bd:d4:4d:7b:8f:5b:11:e9:84:fc:da:19: 39:3e:f7:db:c5:4c:77:21:05:89:8f:99:80:29:c7: 9d:c3:1d:d8:92:f7:e9:99:2d:f3:a2:8c:86:b6:2d: 78:ef:90:61:a1:f8:67:82:da:3e:1a:30:c9:b0:99: 65:d3:64:d9:84:15:75:78:99:26:ac:d5:d0:fc:3f: 61:be:2e:7b:d7:09:9b:b6:8e:80:70:aa:86:eb:91: 12:1f:cd:b3:e6:2a:91:21:17:ba:a4:34:76:ff:36: 7f:a7:19:64:e5:5a:96:8a:08:b3:2d:b5:65:a4:e7: 4f:38:9b:71:5b:1c:f0:dd:54:6f:4b:89:2f:0d:7c: 3c:84:82:47:71:20:36:33:4e:3a:47:0c:74:99:52: 7b:9b:d6:be:48:80:9c:cc:e2:c4:ed:29:af:12:37: 8b:78:17:d0:7c:bd:d7:1f:be:c3:06:9b:ee:3e:8f: 8e:60:ff:59:cc:8d:a7:e7:d5:24:04:c7:e9:5d:51: d4:d3:95:72:f6:8c:17:ee:2f:c2:0d:f8:6b:d6:a6: 8b:c7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 94:FD:DC:EE:F5:3E:B1:A4:58:8B:50:69:F5:7C:C2:95:72:9C:EB:AE X509v3 Authority Key Identifier: keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/lP3c7vU-saRYi1Bp9XzClXKc664.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 43.239.48.0/22 43.246.0.0/21 43.246.12.0-43.246.47.255 43.246.52.0-43.246.99.255 103.35.48.0/22 103.236.0.0-103.236.23.255 103.236.28.0-103.236.99.255 Signature Algorithm: sha256WithRSAEncryption 5c:46:d3:95:55:0c:db:8c:9c:f7:ca:23:1b:87:87:d2:d4:42: ee:40:0b:03:9a:e2:4b:5c:ee:89:92:d1:b6:d5:9c:ac:6c:f3: 66:9a:f1:e7:0c:f1:84:bd:54:8a:3b:5f:2d:17:92:79:8f:dd: b4:5f:b0:40:bb:1d:e2:df:07:4a:56:8e:52:81:38:1d:06:e6: 8a:bf:d3:35:34:0f:aa:11:be:7d:2a:1c:f1:e4:2a:1e:a2:19: b0:f7:49:ca:d4:bb:60:9e:47:eb:67:71:4e:f6:ed:4d:6d:4e: 01:5f:bb:5d:4a:4b:f0:eb:8a:a7:6b:0b:f7:c2:fa:f1:91:d1: 24:a8:70:80:30:9d:6f:10:3c:51:e6:0f:2f:f4:4f:bc:3c:ed: 4a:07:18:a1:06:7c:46:bd:55:fb:f2:24:77:30:42:9e:d7:05: a2:43:eb:44:13:f4:e0:f3:42:2f:7b:77:5d:a6:e6:78:69:11: 4d:99:72:9e:7c:11:1d:4b:fd:3c:b9:43:c9:66:96:0a:19:9b: fb:a3:47:cc:01:b4:d0:80:69:96:2c:3c:c9:de:e8:e0:ce:00: 16:71:c6:91:21:7e:69:63:4d:65:b2:7e:70:c7:62:26:58:a1: 0b:51:7e:d5:95:c3:d7:65:a5:04:c9:a1:db:08:80:ba:0a:70: ab:39:e4:7e -----BEGIN CERTIFICATE----- MIIFGDCCBACgAwIBAgICaxIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNTA2MTIx NDQyMjBaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDk0RkREQ0VFRjUzRUIx QTQ1ODhCNTA2OUY1N0NDMjk1NzI5Q0VCQUUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDdk8trUG7+DWUr732yIApya2SSDlSxU3L4RvTwpnTm4oO+CZ5v AzoEcevL2t8Qtr3UTXuPWxHphPzaGTk+99vFTHchBYmPmYApx53DHdiS9+mZLfOi jIa2LXjvkGGh+GeC2j4aMMmwmWXTZNmEFXV4mSas1dD8P2G+LnvXCZu2joBwqobr kRIfzbPmKpEhF7qkNHb/Nn+nGWTlWpaKCLMttWWk5084m3FbHPDdVG9LiS8NfDyE gkdxIDYzTjpHDHSZUnub1r5IgJzM4sTtKa8SN4t4F9B8vdcfvsMGm+4+j45g/1nM jafn1SQEx+ldUdTTlXL2jBfuL8IN+GvWpovHAgMBAAGjggI0MIICMDAdBgNVHQ4E FgQUlP3c7vU+saRYi1Bp9XzClXKc664wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj 3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3 L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2xQM2M3dlUtc2FSWWkx QnA5WHpDbFhLYzY2NC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwYgYIKwYBBQUHAQcBAf8EUzBRME8EAgABMEkD BAIr7zADBAMr9gAwDAMEAiv2DAMEBCv2IDAMAwQCK/Y0AwQCK/ZgAwQCZyMwMAsD AwJn7AMEA2fsEDAMAwQCZ+wcAwQCZ+xgMA0GCSqGSIb3DQEBCwUAA4IBAQBcRtOV VQzbjJz3yiMbh4fS1ELuQAsDmuJLXO6JktG21ZysbPNmmvHnDPGEvVSKO18tF5J5 j920X7BAux3i3wdKVo5SgTgdBuaKv9M1NA+qEb59Khzx5Coeohmw90nK1Ltgnkfr Z3FO9u1NbU4BX7tdSkvw64qnawv3wvrxkdEkqHCAMJ1vEDxR5g8v9E+8PO1KBxih BnxGvVX78iR3MEKe1wWiQ+tEE/Tg80Ive3ddpuZ4aRFNmXKefBEdS/08uUPJZpYK GZv7o0fMAbTQgGmWLDzJ3ujgzgAWccaRIX5pY01lsn5wx2ImWKELUX7VlcPXZaUE yaHbCIC6CnCrOeR+ -----END CERTIFICATE-----Generated at Mon Jan 12 02:32:52 2026 by rpki-client