This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1587/2-0e3Yjwz39ngLpkH7NmbMiiwbs.roa File: 2-0e3Yjwz39ngLpkH7NmbMiiwbs.roa (raw, json) Hash identifier: hB7oSQDUxiJakyUeZ5Wj5VG+rOG54G3hnVfnryQBknw= Subject key identifier: DB:ED:1E:DD:88:F0:CF:7F:67:80:BA:64:1F:B3:66:6C:C8:A2:C1:BB Certificate issuer: /CN=49449B46CAECE75D1C558061394DB402B6D009BE Certificate serial: 22AB Authority key identifier: 49:44:9B:46:CA:EC:E7:5D:1C:55:80:61:39:4D:B4:02:B6:D0:09:BE Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/SUSbRsrs510cVYBhOU20ArbQCb4.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1587/2-0e3Yjwz39ngLpkH7NmbMiiwbs.roa Signing time: Fri 19 Dec 2025 03:03:49 +0000 ROA not before: Fri 19 Dec 2025 03:03:49 +0000 ROA not after: Fri 23 Oct 2026 03:01:03 +0000 asID: 59033 IP address blocks: 202.160.141.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1587/SUSbRsrs510cVYBhOU20ArbQCb4.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1587/SUSbRsrs510cVYBhOU20ArbQCb4.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/SUSbRsrs510cVYBhOU20ArbQCb4.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 21 Dec 2025 22:40:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8875 (0x22ab) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=49449B46CAECE75D1C558061394DB402B6D009BE Validity Not Before: Dec 19 03:03:49 2025 GMT Not After : Oct 23 03:01:03 2026 GMT Subject: CN=DBED1EDD88F0CF7F6780BA641FB3666CC8A2C1BB Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:9c:37:87:65:26:b1:6c:02:a1:98:79:a1:9f: 7a:5d:58:28:55:bb:56:be:05:06:00:cb:e8:d0:c0: 2d:39:2a:35:8f:06:f1:52:16:b2:35:b8:99:78:61: 50:0d:b6:8f:27:76:5f:46:71:bc:ad:4a:f3:63:c0: 4e:91:71:e1:d2:6d:d6:b7:48:b2:65:b0:b6:25:77: e9:41:2d:e1:42:9c:c2:49:64:bf:70:f5:9d:36:7a: 8f:56:51:6a:23:8e:7f:67:58:12:ac:98:3f:30:d7: a1:0f:b0:12:ab:4a:5b:4c:7d:f9:a5:1d:d0:55:6b: 12:05:8b:f6:9f:18:02:9c:78:c1:8a:0b:4f:ad:88: 31:cb:da:0e:65:2a:94:40:41:73:23:38:6a:49:b1: d0:9f:01:e3:81:42:c2:41:4b:02:3c:7c:98:a4:fa: 97:bc:cd:47:1b:17:2d:54:5a:81:58:7e:46:23:fc: 6a:72:99:03:27:11:e0:d6:1d:14:8c:05:f2:c3:4a: 18:87:e8:8b:28:a5:42:d8:f5:26:92:79:26:b3:de: 90:80:44:f7:78:53:69:98:54:24:0f:bc:3d:95:c6: 0e:54:87:cf:90:32:18:a0:da:64:fe:d4:9b:65:c1: a2:12:c0:a8:da:18:5b:c8:56:27:6d:fd:52:c2:39: 35:73 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DB:ED:1E:DD:88:F0:CF:7F:67:80:BA:64:1F:B3:66:6C:C8:A2:C1:BB X509v3 Authority Key Identifier: keyid:49:44:9B:46:CA:EC:E7:5D:1C:55:80:61:39:4D:B4:02:B6:D0:09:BE X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1587/SUSbRsrs510cVYBhOU20ArbQCb4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/SUSbRsrs510cVYBhOU20ArbQCb4.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1587/2-0e3Yjwz39ngLpkH7NmbMiiwbs.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 202.160.141.0/24 Signature Algorithm: sha256WithRSAEncryption 81:3d:44:d9:89:e9:a9:ab:99:6c:f8:bc:10:4e:fb:f0:58:aa: a0:f1:ae:f0:9c:30:e1:71:34:51:8a:8d:eb:53:43:5e:93:62: 94:0e:d1:6a:5a:b1:c0:70:43:23:45:1a:67:67:05:6c:a0:08: e3:1d:3b:66:5e:44:37:69:9a:64:b1:a1:0a:ae:33:e9:90:24: ed:1e:db:2e:f2:5d:d8:ce:54:72:a8:26:0e:6e:73:12:05:ee: 98:c4:4d:a6:a3:52:7b:eb:ef:28:06:43:c3:97:a4:e3:99:6f: aa:b9:2f:70:14:84:58:ec:6d:36:cf:21:97:ae:fc:d5:d5:b5: 36:25:b2:50:d4:68:60:48:63:de:9b:72:21:37:04:78:8d:ef: 0e:ae:e4:89:52:fd:8e:41:f6:95:7a:5f:17:6c:94:c1:ea:d8: cf:ff:f4:c3:bf:77:dd:12:ca:58:0b:cf:a0:2f:ef:3c:9b:9b: cc:a2:71:35:f7:01:3c:8b:c9:f5:59:ce:ed:d3:39:36:b0:2d: 8f:4e:69:24:6c:59:17:ea:6b:9b:b2:1d:1c:3d:9e:bd:6f:69: 8d:22:e2:b3:80:56:56:55:e1:73:58:6b:aa:e0:e9:d8:65:e8: d7:b6:e9:48:05:2f:e3:a1:1f:58:0f:c9:ea:a2:97:00:00:fe: 20:ae:44:5f -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICIqswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDk0 NDlCNDZDQUVDRTc1RDFDNTU4MDYxMzk0REI0MDJCNkQwMDlCRTAeFw0yNTEyMTkw MzAzNDlaFw0yNjEwMjMwMzAxMDNaMDMxMTAvBgNVBAMTKERCRUQxRUREODhGMENG N0Y2NzgwQkE2NDFGQjM2NjZDQzhBMkMxQkIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDBnDeHZSaxbAKhmHmhn3pdWChVu1a+BQYAy+jQwC05KjWPBvFS FrI1uJl4YVANto8ndl9GcbytSvNjwE6RceHSbda3SLJlsLYld+lBLeFCnMJJZL9w 9Z02eo9WUWojjn9nWBKsmD8w16EPsBKrSltMffmlHdBVaxIFi/afGAKceMGKC0+t iDHL2g5lKpRAQXMjOGpJsdCfAeOBQsJBSwI8fJik+pe8zUcbFy1UWoFYfkYj/Gpy mQMnEeDWHRSMBfLDShiH6IsopULY9SaSeSaz3pCARPd4U2mYVCQPvD2Vxg5Uh8+Q Mhig2mT+1JtlwaISwKjaGFvIVidt/VLCOTVzAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQU2+0e3Yjwz39ngLpkH7NmbMiiwbswHwYDVR0jBBgwFoAUSUSbRsrs510cVYBh OU20ArbQCb4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTU4 Ny9TVVNiUnNyczUxMGNWWUJoT1UyMEFyYlFDYjQuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL1NVU2JSc3JzNTEwY1ZZQmhPVTIwQXJiUUNiNC5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzE1ODcvMi0wZTNZand6Mzlu Z0xwa0g3Tm1iTWlpd2JzLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAMqgjTANBgkqhkiG9w0BAQsFAAOCAQEAgT1E2YnpqauZbPi8EE778FiqoPGu 8Jww4XE0UYqN61NDXpNilA7RalqxwHBDI0UaZ2cFbKAI4x07Zl5EN2maZLGhCq4z 6ZAk7R7bLvJd2M5UcqgmDm5zEgXumMRNpqNSe+vvKAZDw5ek45lvqrkvcBSEWOxt Ns8hl6781dW1NiWyUNRoYEhj3ptyITcEeI3vDq7kiVL9jkH2lXpfF2yUwerYz//0 w7933RLKWAvPoC/vPJubzKJxNfcBPIvJ9VnO7dM5NrAtj05pJGxZF+prm7IdHD2e vW9pjSLis4BWVlXhc1hrquDp2GXo17bpSAUv46EfWA/J6qKXAAD+IK5EXw== -----END CERTIFICATE-----Generated at Sun Dec 21 20:00:08 2025 by rpki-client