This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1587/Mx8BSOCJYKRzu_hU2jJuL8PVoUQ.roa File: Mx8BSOCJYKRzu_hU2jJuL8PVoUQ.roa (raw, json) Hash identifier: Dmenb/i5OvHB+BRmR83L1I06RlaEqQgNcWSsKPc7mrQ= Subject key identifier: 33:1F:01:48:E0:89:60:A4:73:BB:F8:54:DA:32:6E:2F:C3:D5:A1:44 Certificate issuer: /CN=49449B46CAECE75D1C558061394DB402B6D009BE Certificate serial: 22AE Authority key identifier: 49:44:9B:46:CA:EC:E7:5D:1C:55:80:61:39:4D:B4:02:B6:D0:09:BE Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/SUSbRsrs510cVYBhOU20ArbQCb4.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1587/Mx8BSOCJYKRzu_hU2jJuL8PVoUQ.roa Signing time: Fri 19 Dec 2025 03:03:49 +0000 ROA not before: Fri 19 Dec 2025 03:03:49 +0000 ROA not after: Fri 23 Oct 2026 03:01:03 +0000 asID: 63689 IP address blocks: 202.160.140.0/23 maxlen: 23 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1587/SUSbRsrs510cVYBhOU20ArbQCb4.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1587/SUSbRsrs510cVYBhOU20ArbQCb4.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/SUSbRsrs510cVYBhOU20ArbQCb4.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 21 Dec 2025 22:40:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8878 (0x22ae) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=49449B46CAECE75D1C558061394DB402B6D009BE Validity Not Before: Dec 19 03:03:49 2025 GMT Not After : Oct 23 03:01:03 2026 GMT Subject: CN=331F0148E08960A473BBF854DA326E2FC3D5A144 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:da:ad:19:78:ab:36:2e:9d:84:41:ae:75:48:a1: e6:83:af:0d:50:bd:22:ed:3f:a1:5d:dd:5d:90:10: e6:ee:ce:5d:47:ba:d6:18:6a:ca:6e:09:40:a4:de: 0d:ea:4a:6c:cb:b9:e8:60:a8:44:da:12:41:62:93: 1f:b1:11:11:ab:f6:2e:11:62:23:7b:69:90:03:43: a9:ab:c0:e5:dd:bf:3b:e8:a4:9e:15:1c:51:3f:a2: 3f:13:b0:28:a5:a1:d6:31:c7:b9:14:87:8e:a2:62: 7d:a0:cd:a7:e9:0b:f5:4a:86:6c:82:19:7a:38:25: 7b:1f:83:99:80:87:a0:d2:e0:16:40:15:c5:99:d8: 63:ed:fa:08:83:0e:c1:c9:60:9d:49:bc:4c:12:47: 67:0e:c9:e7:c9:74:7a:f8:b6:b8:0e:93:95:a2:76: 25:48:14:c5:b0:51:d6:b4:fe:67:1d:8a:8f:a8:54: 5a:25:15:c1:f3:f9:1f:5c:39:6d:af:6f:c6:aa:48: 7d:4f:db:37:2d:cf:49:c0:ba:d4:26:32:22:52:cc: bc:b3:b0:e2:66:cc:28:05:6a:12:73:19:57:29:46: d8:71:0c:fe:19:27:9a:69:ce:b6:63:d2:3c:73:27: 9b:c5:16:8d:48:12:04:09:e0:1c:88:32:ee:f9:92: 1a:87 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 33:1F:01:48:E0:89:60:A4:73:BB:F8:54:DA:32:6E:2F:C3:D5:A1:44 X509v3 Authority Key Identifier: keyid:49:44:9B:46:CA:EC:E7:5D:1C:55:80:61:39:4D:B4:02:B6:D0:09:BE X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1587/SUSbRsrs510cVYBhOU20ArbQCb4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/SUSbRsrs510cVYBhOU20ArbQCb4.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1587/Mx8BSOCJYKRzu_hU2jJuL8PVoUQ.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 202.160.140.0/23 Signature Algorithm: sha256WithRSAEncryption 8c:d0:c3:a8:00:51:9c:80:4d:24:38:28:a4:e9:81:83:6a:60: d6:52:cb:83:27:7b:13:10:38:4b:73:f5:98:10:98:e8:ec:4c: 7a:6c:2b:97:4a:e8:3e:c9:d7:19:20:8b:e2:32:53:42:ee:f7: ff:15:32:a5:6e:87:a0:51:f2:4d:43:d3:99:9a:1e:df:19:bf: 17:8e:ab:a7:51:65:0e:43:e2:99:48:88:8e:83:21:64:bf:c5: 12:1c:a4:72:9b:dd:49:0e:58:60:72:ad:a5:5d:df:21:8b:ec: 52:06:4e:bc:c8:f5:4e:33:52:5b:1e:57:0d:1b:f4:a6:3e:f0: 9f:19:72:ce:55:bf:4e:98:2e:cb:a1:7a:88:8d:f7:d8:a6:2c: c9:ec:93:7f:08:ee:e8:ae:5b:11:dc:8b:99:38:ce:1b:d0:69: 3c:2b:43:f2:33:94:74:30:8e:49:40:33:59:04:ae:cd:15:f3: 72:6d:9c:e6:05:29:0a:6c:69:0a:20:f1:7b:22:2c:31:eb:c5: 21:f9:29:64:89:20:ec:d0:6c:dc:1e:a8:00:7b:fe:44:e0:1a: 55:60:a5:56:5d:86:58:11:56:2b:de:45:d2:7d:e3:67:0b:4b: e4:58:5e:4b:0b:4a:7c:4e:86:17:3f:9b:21:3e:d5:84:65:c3: 54:08:e8:25 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICIq4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDk0 NDlCNDZDQUVDRTc1RDFDNTU4MDYxMzk0REI0MDJCNkQwMDlCRTAeFw0yNTEyMTkw MzAzNDlaFw0yNjEwMjMwMzAxMDNaMDMxMTAvBgNVBAMTKDMzMUYwMTQ4RTA4OTYw QTQ3M0JCRjg1NERBMzI2RTJGQzNENUExNDQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDarRl4qzYunYRBrnVIoeaDrw1QvSLtP6Fd3V2QEObuzl1HutYY aspuCUCk3g3qSmzLuehgqETaEkFikx+xERGr9i4RYiN7aZADQ6mrwOXdvzvopJ4V HFE/oj8TsCilodYxx7kUh46iYn2gzafpC/VKhmyCGXo4JXsfg5mAh6DS4BZAFcWZ 2GPt+giDDsHJYJ1JvEwSR2cOyefJdHr4trgOk5WidiVIFMWwUda0/mcdio+oVFol FcHz+R9cOW2vb8aqSH1P2zctz0nAutQmMiJSzLyzsOJmzCgFahJzGVcpRthxDP4Z J5ppzrZj0jxzJ5vFFo1IEgQJ4ByIMu75khqHAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUMx8BSOCJYKRzu/hU2jJuL8PVoUQwHwYDVR0jBBgwFoAUSUSbRsrs510cVYBh OU20ArbQCb4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTU4 Ny9TVVNiUnNyczUxMGNWWUJoT1UyMEFyYlFDYjQuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL1NVU2JSc3JzNTEwY1ZZQmhPVTIwQXJiUUNiNC5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzE1ODcvTXg4QlNPQ0pZS1J6 dV9oVTJqSnVMOFBWb1VRLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAcqgjDANBgkqhkiG9w0BAQsFAAOCAQEAjNDDqABRnIBNJDgopOmBg2pg1lLL gyd7ExA4S3P1mBCY6OxMemwrl0roPsnXGSCL4jJTQu73/xUypW6HoFHyTUPTmZoe 3xm/F46rp1FlDkPimUiIjoMhZL/FEhykcpvdSQ5YYHKtpV3fIYvsUgZOvMj1TjNS Wx5XDRv0pj7wnxlyzlW/Tpguy6F6iI332KYsyeyTfwju6K5bEdyLmTjOG9BpPCtD 8jOUdDCOSUAzWQSuzRXzcm2c5gUpCmxpCiDxeyIsMevFIfkpZIkg7NBs3B6oAHv+ ROAaVWClVl2GWBFWK95F0n3jZwtL5FheSwtKfE6GFz+bIT7VhGXDVAjoJQ== -----END CERTIFICATE-----Generated at Sun Dec 21 20:06:53 2025 by rpki-client