This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1587/HVmNPMhNb1Z0CA5872GOHd2erhQ.roa File: HVmNPMhNb1Z0CA5872GOHd2erhQ.roa (raw, json) Hash identifier: pTJrXJgVveTRVmCXTJpnx2NkUlTlv5n4m4bTPIGbAYM= Subject key identifier: 1D:59:8D:3C:C8:4D:6F:56:74:08:0E:7C:EF:61:8E:1D:DD:9E:AE:14 Certificate issuer: /CN=49449B46CAECE75D1C558061394DB402B6D009BE Certificate serial: 22BB Authority key identifier: 49:44:9B:46:CA:EC:E7:5D:1C:55:80:61:39:4D:B4:02:B6:D0:09:BE Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/SUSbRsrs510cVYBhOU20ArbQCb4.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1587/HVmNPMhNb1Z0CA5872GOHd2erhQ.roa Signing time: Fri 19 Dec 2025 03:07:13 +0000 ROA not before: Fri 19 Dec 2025 03:07:13 +0000 ROA not after: Fri 23 Oct 2026 03:01:03 +0000 asID: 132168 IP address blocks: 103.204.72.0/23 maxlen: 23 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1587/SUSbRsrs510cVYBhOU20ArbQCb4.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1587/SUSbRsrs510cVYBhOU20ArbQCb4.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/SUSbRsrs510cVYBhOU20ArbQCb4.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 21 Dec 2025 22:40:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8891 (0x22bb) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=49449B46CAECE75D1C558061394DB402B6D009BE Validity Not Before: Dec 19 03:07:13 2025 GMT Not After : Oct 23 03:01:03 2026 GMT Subject: CN=1D598D3CC84D6F5674080E7CEF618E1DDD9EAE14 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:dc:c4:7e:51:9f:32:e0:68:6c:f1:1e:20:fa: de:17:3a:7a:cc:46:25:ed:e5:76:4d:64:d8:7a:df: 3e:a4:c9:10:fb:1e:5b:5b:52:05:71:81:18:de:e5: 0a:b8:c2:9b:fc:da:27:0d:6e:c4:e7:b5:2d:f0:17: f3:25:ce:d9:99:f3:39:2d:33:79:f1:44:c0:dd:6e: 47:71:6b:e4:26:88:a5:05:08:e0:3e:1f:61:ab:35: b0:1e:36:5b:2c:fe:74:81:8b:7b:cc:0b:59:23:20: f1:ab:6c:7b:ec:f6:a7:96:57:ed:d8:84:65:35:ae: a8:af:59:39:28:d2:95:6b:2b:69:84:c4:7e:76:e3: d7:f7:ab:0f:a4:42:ef:73:e9:ca:8b:dc:a4:5d:9c: 2f:3a:c9:a4:33:34:80:26:c9:bc:c1:35:1c:93:cf: 25:48:48:92:3c:d1:2e:6a:30:3c:3f:55:7c:26:32: 4e:3c:63:f8:04:29:2f:c9:ee:07:35:3b:47:e2:9d: 8d:e0:e6:fc:f2:98:46:49:0a:58:fa:f4:51:0c:9c: 32:00:37:59:19:7c:dc:ec:f7:dd:7d:13:31:9b:ff: aa:c6:11:96:db:28:cb:d6:33:28:c5:56:9c:fc:10: b2:00:f6:d6:69:46:ae:48:9e:06:26:28:56:4c:fc: 5f:db Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1D:59:8D:3C:C8:4D:6F:56:74:08:0E:7C:EF:61:8E:1D:DD:9E:AE:14 X509v3 Authority Key Identifier: keyid:49:44:9B:46:CA:EC:E7:5D:1C:55:80:61:39:4D:B4:02:B6:D0:09:BE X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1587/SUSbRsrs510cVYBhOU20ArbQCb4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/SUSbRsrs510cVYBhOU20ArbQCb4.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1587/HVmNPMhNb1Z0CA5872GOHd2erhQ.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.204.72.0/23 Signature Algorithm: sha256WithRSAEncryption 5c:a3:cd:d5:83:81:47:05:43:b8:9d:57:04:31:a6:f8:c5:a9: bc:b5:c0:9e:66:dd:7d:29:c7:dc:46:de:d0:10:4f:2f:4c:d2: 1b:a1:74:b8:3e:7b:0b:81:38:8e:28:9c:1a:7b:81:0f:85:e6: 86:8d:25:0a:ba:64:fd:23:b6:b3:ed:c1:bf:17:8a:d0:eb:0b: cb:b3:4c:bc:84:26:f4:af:84:a7:f3:02:77:1e:f7:74:a8:92: ed:34:67:7e:b4:76:c6:c0:a0:9f:4f:78:42:ea:2a:dd:f8:0a: 4b:33:bb:68:97:89:e9:b2:73:29:3e:4b:a1:d3:eb:e0:50:45: 43:f8:db:4e:48:74:37:3b:2a:10:88:6c:49:dc:c4:5c:99:bd: 19:23:31:39:8d:bb:55:3c:5e:85:79:4d:6e:4d:d2:0f:64:11: 2b:1d:cc:3e:90:ac:b9:44:81:2a:90:f4:e6:c5:36:29:70:86: b0:0a:c0:b9:ea:df:57:0f:86:3f:42:30:e4:25:76:57:bb:32: 0c:6f:82:a1:d8:df:b1:7a:01:65:dd:88:db:c9:43:84:d3:3d: 9c:93:ab:b9:48:1c:5e:02:5a:f7:dc:26:4d:0d:fb:3c:13:be: a8:c6:27:ec:f4:eb:1e:4f:3f:60:38:6e:1b:2c:0d:32:38:96: ea:5d:a7:d0 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICIrswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDk0 NDlCNDZDQUVDRTc1RDFDNTU4MDYxMzk0REI0MDJCNkQwMDlCRTAeFw0yNTEyMTkw MzA3MTNaFw0yNjEwMjMwMzAxMDNaMDMxMTAvBgNVBAMTKDFENTk4RDNDQzg0RDZG NTY3NDA4MEU3Q0VGNjE4RTFEREQ5RUFFMTQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDO3MR+UZ8y4Ghs8R4g+t4XOnrMRiXt5XZNZNh63z6kyRD7Hltb UgVxgRje5Qq4wpv82icNbsTntS3wF/MlztmZ8zktM3nxRMDdbkdxa+QmiKUFCOA+ H2GrNbAeNlss/nSBi3vMC1kjIPGrbHvs9qeWV+3YhGU1rqivWTko0pVrK2mExH52 49f3qw+kQu9z6cqL3KRdnC86yaQzNIAmybzBNRyTzyVISJI80S5qMDw/VXwmMk48 Y/gEKS/J7gc1O0finY3g5vzymEZJClj69FEMnDIAN1kZfNzs9919EzGb/6rGEZbb KMvWMyjFVpz8ELIA9tZpRq5IngYmKFZM/F/bAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUHVmNPMhNb1Z0CA5872GOHd2erhQwHwYDVR0jBBgwFoAUSUSbRsrs510cVYBh OU20ArbQCb4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTU4 Ny9TVVNiUnNyczUxMGNWWUJoT1UyMEFyYlFDYjQuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL1NVU2JSc3JzNTEwY1ZZQmhPVTIwQXJiUUNiNC5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzE1ODcvSFZtTlBNaE5iMVow Q0E1ODcyR09IZDJlcmhRLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAWfMSDANBgkqhkiG9w0BAQsFAAOCAQEAXKPN1YOBRwVDuJ1XBDGm+MWpvLXA nmbdfSnH3Ebe0BBPL0zSG6F0uD57C4E4jiicGnuBD4Xmho0lCrpk/SO2s+3BvxeK 0OsLy7NMvIQm9K+Ep/MCdx73dKiS7TRnfrR2xsCgn094Quoq3fgKSzO7aJeJ6bJz KT5LodPr4FBFQ/jbTkh0NzsqEIhsSdzEXJm9GSMxOY27VTxehXlNbk3SD2QRKx3M PpCsuUSBKpD05sU2KXCGsArAuerfVw+GP0Iw5CV2V7syDG+CodjfsXoBZd2I28lD hNM9nJOruUgcXgJa99wmTQ37PBO+qMYn7PTrHk8/YDhuGywNMjiW6l2n0A== -----END CERTIFICATE-----Generated at Sun Dec 21 19:58:30 2025 by rpki-client