This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1587/Ly4kn72rcf88QYYCJPpn7XYVjjY.roa File: Ly4kn72rcf88QYYCJPpn7XYVjjY.roa (raw, json) Hash identifier: SHVe6LojZkSZNK0iyzEwGhzwF3R29mQAUIkJssj3ccQ= Subject key identifier: 2F:2E:24:9F:BD:AB:71:FF:3C:41:86:02:24:FA:67:ED:76:15:8E:36 Certificate issuer: /CN=49449B46CAECE75D1C558061394DB402B6D009BE Certificate serial: 22A3 Authority key identifier: 49:44:9B:46:CA:EC:E7:5D:1C:55:80:61:39:4D:B4:02:B6:D0:09:BE Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/SUSbRsrs510cVYBhOU20ArbQCb4.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1587/Ly4kn72rcf88QYYCJPpn7XYVjjY.roa Signing time: Fri 19 Dec 2025 03:03:47 +0000 ROA not before: Fri 19 Dec 2025 03:03:47 +0000 ROA not after: Fri 23 Oct 2026 03:01:03 +0000 asID: 132168 IP address blocks: 202.160.142.0/23 maxlen: 23 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1587/SUSbRsrs510cVYBhOU20ArbQCb4.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1587/SUSbRsrs510cVYBhOU20ArbQCb4.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/SUSbRsrs510cVYBhOU20ArbQCb4.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 21 Dec 2025 22:40:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8867 (0x22a3) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=49449B46CAECE75D1C558061394DB402B6D009BE Validity Not Before: Dec 19 03:03:47 2025 GMT Not After : Oct 23 03:01:03 2026 GMT Subject: CN=2F2E249FBDAB71FF3C41860224FA67ED76158E36 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:0f:2c:40:d6:ae:42:10:37:e1:07:1b:6e:b9: 0e:c1:60:a4:e2:b3:99:06:7c:a3:9c:7f:fa:f3:7c: 93:cb:29:75:df:c1:1b:13:b0:bc:92:a1:6c:32:ef: 94:28:c8:fd:58:fc:a9:60:72:da:08:a7:0b:46:4c: f6:6c:1b:85:9d:af:06:02:b7:ef:6e:2c:d1:4e:ec: 4d:bc:94:e3:53:51:29:5e:a7:bc:af:79:82:2a:72: 4b:e3:93:a6:2d:9e:6f:20:68:1b:67:50:5e:19:21: 80:9a:de:cd:b2:74:88:d8:ca:d8:b8:67:df:e5:6e: e6:c2:a4:ae:17:b3:4d:77:2a:1a:9c:13:fe:58:bd: 2c:0e:e2:27:4a:5e:c2:89:30:c1:57:2a:97:fe:48: ac:d2:95:75:2d:1a:52:77:d2:3e:4d:fd:3d:27:dc: a7:a5:21:72:7a:59:c6:b0:b6:16:8b:89:1b:5d:5f: 07:55:9b:69:be:a8:97:cb:13:3c:44:18:79:72:a1: dc:ab:61:d7:45:21:9a:9f:2a:18:ef:e5:e7:fd:58: c7:b9:02:c8:f6:7a:39:bd:96:18:bf:13:26:42:1e: 61:15:6c:6b:db:1d:a3:ca:9a:fc:3c:55:70:90:81: 8b:ae:c5:d8:96:9a:33:e4:1d:47:a8:8d:51:da:4e: 5f:71 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2F:2E:24:9F:BD:AB:71:FF:3C:41:86:02:24:FA:67:ED:76:15:8E:36 X509v3 Authority Key Identifier: keyid:49:44:9B:46:CA:EC:E7:5D:1C:55:80:61:39:4D:B4:02:B6:D0:09:BE X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1587/SUSbRsrs510cVYBhOU20ArbQCb4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/SUSbRsrs510cVYBhOU20ArbQCb4.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1587/Ly4kn72rcf88QYYCJPpn7XYVjjY.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 202.160.142.0/23 Signature Algorithm: sha256WithRSAEncryption 82:11:83:f9:e4:0a:5d:0d:5f:66:ac:79:5e:bf:66:d8:38:ac: df:74:d5:a1:38:ed:14:ea:56:eb:e4:7b:c9:25:fc:c8:77:6c: 50:e8:40:4e:56:4a:6c:ab:0b:cf:f7:f2:73:00:52:be:e7:dd: 22:ab:1d:2c:ab:7d:43:29:e8:3c:71:67:72:34:b3:e0:f1:ee: 1b:3d:0e:47:9e:78:05:55:46:fa:bf:47:30:6c:21:1f:59:1f: ba:83:e5:de:11:f5:1d:e5:6b:90:5d:e4:59:18:48:54:19:0b: d0:99:8a:d0:4c:4e:1c:75:0c:be:19:6f:4f:91:a1:57:1b:70: cb:e1:a6:b1:5c:ed:32:3a:f7:35:0a:77:ae:15:98:70:6a:09: a5:c0:a7:65:61:71:6e:86:61:6b:07:b5:f3:70:47:70:fa:9a: a3:e2:4d:d5:ac:26:98:eb:04:4b:ac:f4:12:6a:ae:7a:20:fd: 48:51:2e:2e:e9:de:67:87:33:2b:a2:46:25:52:51:9a:53:fc: 34:a7:66:ed:91:52:40:64:11:09:aa:db:d7:b0:d2:d4:ff:0d: eb:cd:98:05:5a:6e:fe:cc:da:f7:b6:24:5d:22:57:9a:7e:fe: 43:24:23:08:67:46:41:fb:ff:62:d2:5c:9e:ee:59:5a:d2:da: e7:ef:19:a4 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICIqMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDk0 NDlCNDZDQUVDRTc1RDFDNTU4MDYxMzk0REI0MDJCNkQwMDlCRTAeFw0yNTEyMTkw MzAzNDdaFw0yNjEwMjMwMzAxMDNaMDMxMTAvBgNVBAMTKDJGMkUyNDlGQkRBQjcx RkYzQzQxODYwMjI0RkE2N0VENzYxNThFMzYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDBDyxA1q5CEDfhBxtuuQ7BYKTis5kGfKOcf/rzfJPLKXXfwRsT sLySoWwy75QoyP1Y/KlgctoIpwtGTPZsG4WdrwYCt+9uLNFO7E28lONTUSlep7yv eYIqckvjk6Ytnm8gaBtnUF4ZIYCa3s2ydIjYyti4Z9/lbubCpK4Xs013KhqcE/5Y vSwO4idKXsKJMMFXKpf+SKzSlXUtGlJ30j5N/T0n3KelIXJ6WcawthaLiRtdXwdV m2m+qJfLEzxEGHlyodyrYddFIZqfKhjv5ef9WMe5Asj2ejm9lhi/EyZCHmEVbGvb HaPKmvw8VXCQgYuuxdiWmjPkHUeojVHaTl9xAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQULy4kn72rcf88QYYCJPpn7XYVjjYwHwYDVR0jBBgwFoAUSUSbRsrs510cVYBh OU20ArbQCb4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTU4 Ny9TVVNiUnNyczUxMGNWWUJoT1UyMEFyYlFDYjQuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL1NVU2JSc3JzNTEwY1ZZQmhPVTIwQXJiUUNiNC5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzE1ODcvTHk0a243MnJjZjg4 UVlZQ0pQcG43WFlWampZLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAcqgjjANBgkqhkiG9w0BAQsFAAOCAQEAghGD+eQKXQ1fZqx5Xr9m2Dis33TV oTjtFOpW6+R7ySX8yHdsUOhATlZKbKsLz/fycwBSvufdIqsdLKt9QynoPHFncjSz 4PHuGz0OR554BVVG+r9HMGwhH1kfuoPl3hH1HeVrkF3kWRhIVBkL0JmK0ExOHHUM vhlvT5GhVxtwy+GmsVztMjr3NQp3rhWYcGoJpcCnZWFxboZhawe183BHcPqao+JN 1awmmOsES6z0EmqueiD9SFEuLuneZ4czK6JGJVJRmlP8NKdm7ZFSQGQRCarb17DS 1P8N682YBVpu/sza97YkXSJXmn7+QyQjCGdGQfv/YtJcnu5ZWtLa5+8ZpA== -----END CERTIFICATE-----Generated at Sun Dec 21 20:03:16 2025 by rpki-client