This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1587/CC66mK8VQoMaqa4CKvxPQhz1twA.roa File: CC66mK8VQoMaqa4CKvxPQhz1twA.roa (raw, json) Hash identifier: MG9aMC/mrK8VaSsxhuHao/9NLyFIS1RwwF4nn/JeDDg= Subject key identifier: 08:2E:BA:98:AF:15:42:83:1A:A9:AE:02:2A:FC:4F:42:1C:F5:B7:00 Certificate issuer: /CN=49449B46CAECE75D1C558061394DB402B6D009BE Certificate serial: 22BC Authority key identifier: 49:44:9B:46:CA:EC:E7:5D:1C:55:80:61:39:4D:B4:02:B6:D0:09:BE Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/SUSbRsrs510cVYBhOU20ArbQCb4.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1587/CC66mK8VQoMaqa4CKvxPQhz1twA.roa Signing time: Fri 19 Dec 2025 03:07:13 +0000 ROA not before: Fri 19 Dec 2025 03:07:13 +0000 ROA not after: Fri 23 Oct 2026 03:01:03 +0000 asID: 132168 IP address blocks: 103.204.73.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1587/SUSbRsrs510cVYBhOU20ArbQCb4.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1587/SUSbRsrs510cVYBhOU20ArbQCb4.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/SUSbRsrs510cVYBhOU20ArbQCb4.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 21 Dec 2025 22:40:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8892 (0x22bc) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=49449B46CAECE75D1C558061394DB402B6D009BE Validity Not Before: Dec 19 03:07:13 2025 GMT Not After : Oct 23 03:01:03 2026 GMT Subject: CN=082EBA98AF1542831AA9AE022AFC4F421CF5B700 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d6:72:7b:bd:07:21:eb:a6:a7:cc:ec:d9:fe:76: af:ce:b5:1d:95:96:50:54:8d:0a:ca:8c:3b:18:08: 20:8b:ac:fe:8d:f3:a0:4d:0e:1b:79:d6:3d:35:bd: fc:b9:b2:81:0e:be:c5:a5:ed:3e:f0:ac:4d:e2:20: 18:d9:9c:bb:ef:3e:2f:1b:bb:88:68:61:22:3b:36: 66:94:e6:45:09:e1:47:b7:5b:40:4f:45:8f:70:de: 49:db:3b:ce:e0:7c:3b:d4:3e:8e:14:bc:43:8b:b4: b3:9d:9e:2b:a5:83:e1:36:4a:93:fb:bf:cf:fe:f3: be:76:d3:8e:c4:ea:02:51:b1:2f:8b:9c:8c:2f:5d: 03:55:31:6a:ce:27:6c:a5:96:0d:50:69:d0:3f:ad: bd:f0:65:0a:e3:d1:8a:a7:02:2a:62:24:a2:6d:9e: f3:6e:db:75:0b:16:3c:e3:cf:f6:22:22:aa:4a:57: a2:b4:cc:45:ee:f4:75:a0:e3:64:5b:ed:61:42:27: 87:1f:cc:cd:21:14:a9:6c:1b:a8:37:37:3e:f9:28: 0c:13:28:90:c8:a6:11:c4:60:b1:96:d0:5a:92:ed: 35:05:1f:58:09:bd:d6:65:d8:14:81:39:6c:a1:a2: d1:e5:e9:e4:33:42:39:a9:c6:23:67:e3:80:3e:24: dd:77 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 08:2E:BA:98:AF:15:42:83:1A:A9:AE:02:2A:FC:4F:42:1C:F5:B7:00 X509v3 Authority Key Identifier: keyid:49:44:9B:46:CA:EC:E7:5D:1C:55:80:61:39:4D:B4:02:B6:D0:09:BE X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1587/SUSbRsrs510cVYBhOU20ArbQCb4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/SUSbRsrs510cVYBhOU20ArbQCb4.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1587/CC66mK8VQoMaqa4CKvxPQhz1twA.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.204.73.0/24 Signature Algorithm: sha256WithRSAEncryption 95:60:f4:58:92:0d:89:96:c1:58:2a:45:fe:fc:dc:0d:2f:56: 0a:ae:55:6e:a2:6e:c8:45:46:20:e2:93:f2:8a:25:50:19:3e: f3:a4:da:94:2f:d4:29:3c:d4:d5:44:83:43:c4:92:00:4a:1e: 12:36:ed:a4:bf:d0:fe:ef:ed:24:8c:b6:87:78:60:9b:f1:c4: c3:9f:5e:8b:0d:88:e2:b0:68:19:b6:f0:20:ca:88:67:d6:5a: cb:ae:92:1e:d3:7a:ce:89:73:0f:de:17:d1:9c:2e:72:d0:aa: 44:c9:73:b1:f2:d6:6a:88:87:91:8b:7e:00:48:b4:b4:d2:4e: 90:7c:8b:61:bc:0d:56:d7:e6:7b:8e:fa:bc:6b:49:ab:50:91: 06:ee:53:db:bb:8c:17:aa:d3:b2:00:8b:86:84:38:ec:e4:0e: 3e:25:4c:84:c2:6b:84:ba:2f:b8:d7:79:74:22:e2:e1:a4:8d: ed:79:dd:74:9f:6d:d7:8b:82:a1:fa:01:d5:7f:a4:49:e8:3f: 99:d3:39:7d:6d:8c:ea:06:76:7a:1e:c0:3a:88:77:13:73:64: f6:7f:c5:66:07:27:3e:38:61:bf:55:59:d0:28:00:fa:89:b4: e5:dc:81:fe:3a:3c:0b:18:3c:1f:39:2e:1f:5b:1e:7f:3b:9e: a9:6c:6e:8d -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICIrwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDk0 NDlCNDZDQUVDRTc1RDFDNTU4MDYxMzk0REI0MDJCNkQwMDlCRTAeFw0yNTEyMTkw MzA3MTNaFw0yNjEwMjMwMzAxMDNaMDMxMTAvBgNVBAMTKDA4MkVCQTk4QUYxNTQy ODMxQUE5QUUwMjJBRkM0RjQyMUNGNUI3MDAwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDWcnu9ByHrpqfM7Nn+dq/OtR2VllBUjQrKjDsYCCCLrP6N86BN Dht51j01vfy5soEOvsWl7T7wrE3iIBjZnLvvPi8bu4hoYSI7NmaU5kUJ4Ue3W0BP RY9w3knbO87gfDvUPo4UvEOLtLOdniulg+E2SpP7v8/+8752047E6gJRsS+LnIwv XQNVMWrOJ2yllg1QadA/rb3wZQrj0YqnAipiJKJtnvNu23ULFjzjz/YiIqpKV6K0 zEXu9HWg42Rb7WFCJ4cfzM0hFKlsG6g3Nz75KAwTKJDIphHEYLGW0FqS7TUFH1gJ vdZl2BSBOWyhotHl6eQzQjmpxiNn44A+JN13AgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUCC66mK8VQoMaqa4CKvxPQhz1twAwHwYDVR0jBBgwFoAUSUSbRsrs510cVYBh OU20ArbQCb4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTU4 Ny9TVVNiUnNyczUxMGNWWUJoT1UyMEFyYlFDYjQuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL1NVU2JSc3JzNTEwY1ZZQmhPVTIwQXJiUUNiNC5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzE1ODcvQ0M2Nm1LOFZRb01h cWE0Q0t2eFBRaHoxdHdBLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAGfMSTANBgkqhkiG9w0BAQsFAAOCAQEAlWD0WJINiZbBWCpF/vzcDS9WCq5V bqJuyEVGIOKT8oolUBk+86TalC/UKTzU1USDQ8SSAEoeEjbtpL/Q/u/tJIy2h3hg m/HEw59eiw2I4rBoGbbwIMqIZ9Zay66SHtN6zolzD94X0ZwuctCqRMlzsfLWaoiH kYt+AEi0tNJOkHyLYbwNVtfme476vGtJq1CRBu5T27uMF6rTsgCLhoQ47OQOPiVM hMJrhLovuNd5dCLi4aSN7XnddJ9t14uCofoB1X+kSeg/mdM5fW2M6gZ2eh7AOoh3 E3Nk9n/FZgcnPjhhv1VZ0CgA+om05dyB/jo8Cxg8HzkuH1sefzueqWxujQ== -----END CERTIFICATE-----Generated at Sun Dec 21 20:01:14 2025 by rpki-client