This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1587/OACS064ctFNDpR47RroZKEqK-hI.roa File: OACS064ctFNDpR47RroZKEqK-hI.roa (raw, json) Hash identifier: sqyI57wkYopGNt2nD+pd63aO7rs4SfgjLNGCz+DJ+q8= Subject key identifier: 38:00:92:D3:AE:1C:B4:53:43:A5:1E:3B:46:BA:19:28:4A:8A:FA:12 Certificate issuer: /CN=49449B46CAECE75D1C558061394DB402B6D009BE Certificate serial: 22AF Authority key identifier: 49:44:9B:46:CA:EC:E7:5D:1C:55:80:61:39:4D:B4:02:B6:D0:09:BE Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/SUSbRsrs510cVYBhOU20ArbQCb4.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1587/OACS064ctFNDpR47RroZKEqK-hI.roa Signing time: Fri 19 Dec 2025 03:03:49 +0000 ROA not before: Fri 19 Dec 2025 03:03:49 +0000 ROA not after: Fri 23 Oct 2026 03:01:03 +0000 asID: 63689 IP address blocks: 202.160.141.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1587/SUSbRsrs510cVYBhOU20ArbQCb4.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1587/SUSbRsrs510cVYBhOU20ArbQCb4.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/SUSbRsrs510cVYBhOU20ArbQCb4.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 21 Dec 2025 22:40:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8879 (0x22af) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=49449B46CAECE75D1C558061394DB402B6D009BE Validity Not Before: Dec 19 03:03:49 2025 GMT Not After : Oct 23 03:01:03 2026 GMT Subject: CN=380092D3AE1CB45343A51E3B46BA19284A8AFA12 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:99:f2:7d:62:04:65:1c:cf:d0:98:2f:94:c6: 3c:7c:b9:67:73:b8:e5:52:e2:e5:50:3e:fb:e6:e7: 5d:4a:eb:1a:a0:73:07:a5:8b:62:95:8c:d1:4f:d4: cd:a2:cf:b7:8e:fc:8c:fc:1e:89:f5:b6:28:e6:34: a4:8e:81:21:6a:ef:fa:d9:71:13:5c:d0:e4:86:75: 5f:38:1b:13:2f:e9:1a:27:2e:1f:dc:a3:5c:1e:8b: e9:f0:d7:49:b4:06:c2:79:fb:10:75:6f:e5:07:bb: ce:28:9b:7f:52:07:c2:84:27:8e:17:94:c2:42:91: eb:fd:c2:8b:5a:6f:58:a4:fb:84:6a:4c:37:57:67: 2a:d4:ad:3b:39:6c:a2:44:b3:ca:ff:b2:4c:11:07: 22:38:0d:de:2d:83:6f:b2:f9:56:1b:16:7f:4a:62: 3a:ec:24:a1:a6:83:bd:ac:6d:24:f7:08:3d:34:35: 30:ac:c5:58:10:52:6e:7b:20:48:3a:9b:82:ec:61: 5e:07:66:54:27:18:88:04:0e:ac:a1:5f:47:f6:ba: b1:0f:d4:a3:1f:44:a2:f6:0f:52:f8:fb:70:a8:b5: 43:ae:60:f1:94:93:5b:06:02:92:b2:23:d9:e1:76: 76:b0:ca:23:5c:80:e5:dc:09:02:be:f1:c2:16:5e: d4:6f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 38:00:92:D3:AE:1C:B4:53:43:A5:1E:3B:46:BA:19:28:4A:8A:FA:12 X509v3 Authority Key Identifier: keyid:49:44:9B:46:CA:EC:E7:5D:1C:55:80:61:39:4D:B4:02:B6:D0:09:BE X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1587/SUSbRsrs510cVYBhOU20ArbQCb4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/SUSbRsrs510cVYBhOU20ArbQCb4.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1587/OACS064ctFNDpR47RroZKEqK-hI.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 202.160.141.0/24 Signature Algorithm: sha256WithRSAEncryption 08:e1:57:40:76:9d:8a:ad:3b:39:01:d8:27:06:2d:f2:0e:9b: 45:8f:d8:a1:f8:42:8b:cf:c6:81:81:b1:c5:50:2a:d8:cc:02: 5c:e6:cf:e5:78:af:97:65:34:03:01:4f:7a:11:fb:2e:3f:69: f8:9b:7b:bb:05:33:a0:cb:10:58:57:80:be:80:21:a8:ac:1c: eb:97:78:a9:9e:29:5a:45:98:dd:b8:2a:47:bd:11:7f:e1:3e: 59:7f:c2:9b:72:37:ec:f8:27:a4:4e:88:51:eb:44:80:17:80: b7:72:9c:c0:90:02:41:e7:6e:5c:16:5f:26:c5:74:68:73:a7: 2b:a1:bd:16:bb:0a:f8:4d:3d:d3:89:89:16:06:9c:34:f5:7a: a1:38:be:81:ec:5b:2a:7a:7c:48:b4:d3:e3:81:22:d8:37:36: 7d:75:6f:2a:da:19:90:5b:3a:35:0d:be:5d:94:01:37:a4:6d: 98:55:38:c6:40:1e:a2:eb:99:c0:54:10:7d:98:3a:51:a3:06: 82:24:93:42:9a:38:37:a3:77:81:11:3d:d6:6c:2b:62:67:da: e0:7f:53:97:9c:d9:9f:17:eb:e7:95:84:f9:ad:59:dc:30:19: 18:75:c0:aa:f9:ce:0c:a8:12:a2:1d:10:ec:92:c6:f9:b2:73: fb:c4:fb:53 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICIq8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDk0 NDlCNDZDQUVDRTc1RDFDNTU4MDYxMzk0REI0MDJCNkQwMDlCRTAeFw0yNTEyMTkw MzAzNDlaFw0yNjEwMjMwMzAxMDNaMDMxMTAvBgNVBAMTKDM4MDA5MkQzQUUxQ0I0 NTM0M0E1MUUzQjQ2QkExOTI4NEE4QUZBMTIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC7mfJ9YgRlHM/QmC+Uxjx8uWdzuOVS4uVQPvvm511K6xqgcwel i2KVjNFP1M2iz7eO/Iz8Hon1tijmNKSOgSFq7/rZcRNc0OSGdV84GxMv6RonLh/c o1wei+nw10m0BsJ5+xB1b+UHu84om39SB8KEJ44XlMJCkev9wotab1ik+4RqTDdX ZyrUrTs5bKJEs8r/skwRByI4Dd4tg2+y+VYbFn9KYjrsJKGmg72sbST3CD00NTCs xVgQUm57IEg6m4LsYV4HZlQnGIgEDqyhX0f2urEP1KMfRKL2D1L4+3CotUOuYPGU k1sGApKyI9nhdnawyiNcgOXcCQK+8cIWXtRvAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUOACS064ctFNDpR47RroZKEqK+hIwHwYDVR0jBBgwFoAUSUSbRsrs510cVYBh OU20ArbQCb4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTU4 Ny9TVVNiUnNyczUxMGNWWUJoT1UyMEFyYlFDYjQuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL1NVU2JSc3JzNTEwY1ZZQmhPVTIwQXJiUUNiNC5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzE1ODcvT0FDUzA2NGN0Rk5E cFI0N1Jyb1pLRXFLLWhJLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAMqgjTANBgkqhkiG9w0BAQsFAAOCAQEACOFXQHadiq07OQHYJwYt8g6bRY/Y ofhCi8/GgYGxxVAq2MwCXObP5Xivl2U0AwFPehH7Lj9p+Jt7uwUzoMsQWFeAvoAh qKwc65d4qZ4pWkWY3bgqR70Rf+E+WX/Cm3I37PgnpE6IUetEgBeAt3KcwJACQedu XBZfJsV0aHOnK6G9FrsK+E0904mJFgacNPV6oTi+gexbKnp8SLTT44Ei2Dc2fXVv KtoZkFs6NQ2+XZQBN6RtmFU4xkAeouuZwFQQfZg6UaMGgiSTQpo4N6N3gRE91mwr Ymfa4H9Tl5zZnxfr55WE+a1Z3DAZGHXAqvnODKgSoh0Q7JLG+bJz+8T7Uw== -----END CERTIFICATE-----Generated at Sun Dec 21 20:02:08 2025 by rpki-client