This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/mnhA6AU8iRnj4QTockXGasVFZ5g.roa File: mnhA6AU8iRnj4QTockXGasVFZ5g.roa (raw, json) Hash identifier: EUj8hOcua0qA14vsi0AkjobG/fl+8y3Lj/1/MnyhOFw= Subject key identifier: 9A:78:40:E8:05:3C:89:19:E3:E1:04:E8:72:45:C6:6A:C5:45:67:98 Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA Certificate serial: 3586 Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/mnhA6AU8iRnj4QTockXGasVFZ5g.roa Signing time: Sat 30 Mar 2024 22:52:15 +0000 ROA not before: Sat 30 Mar 2024 22:52:15 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 24426 IP address blocks: 43.236.0.0/16 maxlen: 16 Validation: Failed, RFC 3779 resource not subset of parent's resources Certificate: Data: Version: 3 (0x2) Serial Number: 13702 (0x3586) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA Validity Not Before: Mar 30 22:52:15 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=9A7840E8053C8919E3E104E87245C66AC5456798 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:df:25:f5:20:0d:f7:ce:c3:a5:52:d4:2c:2c:16: aa:c2:a4:b4:fb:9e:94:f9:78:b1:30:69:b8:c6:7a: 59:fa:64:f2:d5:a1:1a:a0:fe:01:af:f5:b1:3d:d3: e8:cd:5b:50:f2:5f:c5:d7:41:5f:3c:3c:92:a3:d3: 6b:6b:d9:38:92:46:d9:57:82:03:e0:96:d7:33:05: 57:5a:cc:ca:20:24:4b:49:2d:98:90:8b:bc:6e:b9: 32:d5:22:03:6b:09:20:4d:1f:75:bb:2b:d9:9b:52: fd:3b:b0:8d:30:47:9f:3c:47:78:68:54:14:c6:c5: 6b:20:8f:10:ab:47:e7:22:77:b6:05:c1:51:9e:97: 4f:f5:7d:cb:16:f4:c5:23:d9:03:07:c1:af:7d:13: 8a:e8:35:5f:e5:81:9f:37:1a:5e:ee:4e:5d:56:0f: 2c:80:e5:0b:88:8a:f1:a0:aa:13:95:44:89:93:7e: e0:f9:94:1f:a6:ef:cb:8b:c5:26:64:33:ff:92:56: 4f:50:ab:86:c0:ce:7c:0c:08:40:5b:4b:aa:71:bb: 55:58:7b:6e:fa:4b:41:4c:c7:cc:0c:bc:ca:93:b8: 66:9e:23:6d:64:f3:55:31:68:d6:7b:7a:be:ee:6a: a7:25:f2:b9:e7:bd:a1:b8:86:2a:0c:1a:0f:20:32: 2b:41 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9A:78:40:E8:05:3C:89:19:E3:E1:04:E8:72:45:C6:6A:C5:45:67:98 X509v3 Authority Key Identifier: keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/mnhA6AU8iRnj4QTockXGasVFZ5g.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 43.236.0.0/16 Signature Algorithm: sha256WithRSAEncryption 22:48:9b:9d:46:b8:a9:16:e8:02:4b:cc:72:23:58:40:8e:aa: da:5b:4b:00:fb:63:57:f0:64:c8:ce:06:60:bd:5e:c6:44:3e: ad:bf:42:88:92:19:a8:63:95:f9:0a:8f:d4:93:93:12:5a:f4: f6:24:c2:2d:b8:20:55:33:00:33:ea:85:62:38:26:fd:51:04: a9:b0:9b:4c:15:67:77:cc:b6:60:18:a7:a2:37:c1:a0:87:1a: 07:73:a2:22:7a:af:07:12:ff:1f:47:7e:33:36:43:de:ee:5f: 5d:a1:39:ca:a3:a6:3d:aa:13:eb:e3:b9:fc:41:4f:8f:34:11: 87:4f:c7:20:14:24:de:d5:17:23:0e:ae:e1:2c:aa:7a:d1:9d: 52:ff:d5:47:ea:ce:06:fc:18:20:63:f6:0d:f9:ef:a4:91:6e: 0c:b7:29:6e:2d:93:cf:7d:d7:84:6e:14:1a:70:e7:8e:46:d3: 5c:c0:7d:1d:46:e2:20:14:b4:63:21:a4:07:b2:16:bf:a2:3d: 76:b0:8a:5a:85:93:85:a3:94:ae:e7:93:ea:22:5f:52:ee:c8: fd:0b:42:5b:29:4f:d0:3e:c8:06:c5:2d:d7:6d:90:b1:d8:1f: 45:b6:40:33:76:f6:d2:17:65:e9:e0:17:51:50:58:4f:b0:61: c2:81:71:72 -----BEGIN CERTIFICATE----- MIIE1DCCA7ygAwIBAgICNYYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDAzMzAy MjUyMTVaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDlBNzg0MEU4MDUzQzg5 MTlFM0UxMDRFODcyNDVDNjZBQzU0NTY3OTgwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDfJfUgDffOw6VS1CwsFqrCpLT7npT5eLEwabjGeln6ZPLVoRqg /gGv9bE90+jNW1DyX8XXQV88PJKj02tr2TiSRtlXggPgltczBVdazMogJEtJLZiQ i7xuuTLVIgNrCSBNH3W7K9mbUv07sI0wR588R3hoVBTGxWsgjxCrR+cid7YFwVGe l0/1fcsW9MUj2QMHwa99E4roNV/lgZ83Gl7uTl1WDyyA5QuIivGgqhOVRImTfuD5 lB+m78uLxSZkM/+SVk9Qq4bAznwMCEBbS6pxu1VYe276S0FMx8wMvMqTuGaeI21k 81UxaNZ7er7uaqcl8rnnvaG4hioMGg8gMitBAgMBAAGjggHwMIIB7DAdBgNVHQ4E FgQUmnhA6AU8iRnj4QTockXGasVFZ5gwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj 3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3 L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L21uaEE2QVU4aVJuajRR VG9ja1hHYXNWRlo1Zy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAIkibnUa4qRboAkvMciNYQI6q2ltLAPtj V/BkyM4GYL1exkQ+rb9CiJIZqGOV+QqP1JOTElr09iTCLbggVTMAM+qFYjgm/VEE qbCbTBVnd8y2YBinojfBoIcaB3OiInqvBxL/H0d+MzZD3u5fXaE5yqOmPaoT6+O5 /EFPjzQRh0/HIBQk3tUXIw6u4SyqetGdUv/VR+rOBvwYIGP2DfnvpJFuDLcpbi2T z33XhG4UGnDnjkbTXMB9HUbiIBS0YyGkB7IWv6I9drCKWoWThaOUrueT6iJfUu7I /QtCWylP0D7IBsUt122QsdgfRbZAM3b20hdl6eAXUVBYT7BhwoFxcg== -----END CERTIFICATE-----Generated at Mon Jan 12 09:41:04 2026 by rpki-client