This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1587/Qm0klUCCXkSSv30KeIQl4sai7hE.roa File: Qm0klUCCXkSSv30KeIQl4sai7hE.roa (raw, json) Hash identifier: dGZZyMVI9UPZU12pr0hXsV6oXuS2uKNCMNZc++4Y32g= Subject key identifier: 42:6D:24:95:40:82:5E:44:92:BF:7D:0A:78:84:25:E2:C6:A2:EE:11 Certificate issuer: /CN=49449B46CAECE75D1C558061394DB402B6D009BE Certificate serial: 22BF Authority key identifier: 49:44:9B:46:CA:EC:E7:5D:1C:55:80:61:39:4D:B4:02:B6:D0:09:BE Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/SUSbRsrs510cVYBhOU20ArbQCb4.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1587/Qm0klUCCXkSSv30KeIQl4sai7hE.roa Signing time: Fri 19 Dec 2025 03:07:14 +0000 ROA not before: Fri 19 Dec 2025 03:07:14 +0000 ROA not after: Fri 23 Oct 2026 03:01:03 +0000 asID: 132168 IP address blocks: 103.204.72.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1587/SUSbRsrs510cVYBhOU20ArbQCb4.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1587/SUSbRsrs510cVYBhOU20ArbQCb4.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/SUSbRsrs510cVYBhOU20ArbQCb4.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 21 Dec 2025 22:40:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8895 (0x22bf) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=49449B46CAECE75D1C558061394DB402B6D009BE Validity Not Before: Dec 19 03:07:14 2025 GMT Not After : Oct 23 03:01:03 2026 GMT Subject: CN=426D249540825E4492BF7D0A788425E2C6A2EE11 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:92:c3:4f:36:26:a9:83:11:05:63:6a:b8:72: c4:44:51:53:1c:49:17:3f:77:c6:dc:38:06:9e:99: f3:88:56:3e:37:ef:8a:10:b1:ab:fd:c9:99:cb:1f: 2f:50:2d:79:f7:e9:be:a4:d4:f8:c3:28:ce:1c:6b: 2b:0c:ab:4c:5c:77:53:cd:83:25:25:56:1e:40:3a: 8f:f4:a3:d4:61:e5:79:52:9f:ac:59:e9:0c:6e:97: d3:16:c2:d6:46:3a:c0:1c:00:ff:15:58:76:66:b2: 12:97:a0:99:6e:cb:f2:ba:64:1c:0b:01:f3:28:67: f5:a1:51:9b:4b:0c:84:ea:0e:43:bf:4e:38:dc:08: f4:b3:04:c6:cf:98:44:1c:aa:db:27:3d:54:be:d4: 32:b3:f7:0b:48:26:f1:55:bc:d6:9f:02:bc:60:ab: e3:c8:e9:40:9a:f7:07:11:d8:cb:82:2b:fe:62:75: ab:03:c0:5f:96:4e:c2:b4:67:7b:42:61:ad:51:b2: 1b:e0:78:e4:59:e8:17:de:c0:49:09:2f:42:ab:db: 5e:4f:ef:27:47:9d:d3:e3:d2:10:86:77:24:ef:0d: a6:7e:55:d9:68:28:5e:98:95:17:39:1d:48:5b:bb: 47:3f:21:4b:5f:27:c2:d6:09:9b:89:67:82:23:3e: 82:4d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 42:6D:24:95:40:82:5E:44:92:BF:7D:0A:78:84:25:E2:C6:A2:EE:11 X509v3 Authority Key Identifier: keyid:49:44:9B:46:CA:EC:E7:5D:1C:55:80:61:39:4D:B4:02:B6:D0:09:BE X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1587/SUSbRsrs510cVYBhOU20ArbQCb4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/SUSbRsrs510cVYBhOU20ArbQCb4.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1587/Qm0klUCCXkSSv30KeIQl4sai7hE.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.204.72.0/24 Signature Algorithm: sha256WithRSAEncryption 86:a8:45:a3:32:c3:23:77:72:7c:61:0d:94:47:64:ac:b8:56: 21:2a:6c:56:1f:9a:d0:d1:73:c4:ad:3e:fb:94:c4:7f:94:39: 51:8e:7c:8e:2a:6a:57:08:4e:86:1b:fc:bc:1d:57:e1:9d:7c: 0c:aa:d8:06:cd:62:11:e3:0e:03:d1:ea:44:2d:e1:69:9a:5d: b0:b2:8d:24:59:fe:66:55:e3:81:18:51:70:4a:d0:05:b0:cc: 15:93:7c:94:02:3a:83:7c:0a:ac:46:a2:56:cc:03:ea:70:71: 72:c8:5b:c2:6a:3b:f5:08:27:db:e5:9c:bc:e2:80:63:3a:a1: a8:18:6f:41:35:79:f9:4e:9e:3b:16:cf:db:31:3c:51:6b:3c: cb:5c:a8:f5:da:a7:de:ad:8e:f4:cb:e1:07:30:be:0c:55:e4: ea:e2:4d:5b:6e:33:ba:34:65:dc:47:a1:ba:bd:ed:58:e0:1b: ba:ae:99:0c:a1:fa:c9:c8:8b:d6:4e:79:73:76:0a:b4:fa:19: fc:e8:dc:67:67:09:16:ab:81:73:3f:1f:54:d4:9d:84:98:5b: f5:4b:fe:05:88:a3:a4:e7:b1:1b:f5:c3:5a:f5:b2:53:63:ef: db:8c:dc:9b:ac:d5:c0:6c:c5:b8:fb:a4:e1:8b:15:21:4d:21: 62:7c:dd:65 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICIr8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDk0 NDlCNDZDQUVDRTc1RDFDNTU4MDYxMzk0REI0MDJCNkQwMDlCRTAeFw0yNTEyMTkw MzA3MTRaFw0yNjEwMjMwMzAxMDNaMDMxMTAvBgNVBAMTKDQyNkQyNDk1NDA4MjVF NDQ5MkJGN0QwQTc4ODQyNUUyQzZBMkVFMTEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCoksNPNiapgxEFY2q4csREUVMcSRc/d8bcOAaemfOIVj4374oQ sav9yZnLHy9QLXn36b6k1PjDKM4caysMq0xcd1PNgyUlVh5AOo/0o9Rh5XlSn6xZ 6Qxul9MWwtZGOsAcAP8VWHZmshKXoJluy/K6ZBwLAfMoZ/WhUZtLDITqDkO/Tjjc CPSzBMbPmEQcqtsnPVS+1DKz9wtIJvFVvNafArxgq+PI6UCa9wcR2MuCK/5idasD wF+WTsK0Z3tCYa1RshvgeORZ6BfewEkJL0Kr215P7ydHndPj0hCGdyTvDaZ+Vdlo KF6YlRc5HUhbu0c/IUtfJ8LWCZuJZ4IjPoJNAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUQm0klUCCXkSSv30KeIQl4sai7hEwHwYDVR0jBBgwFoAUSUSbRsrs510cVYBh OU20ArbQCb4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTU4 Ny9TVVNiUnNyczUxMGNWWUJoT1UyMEFyYlFDYjQuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL1NVU2JSc3JzNTEwY1ZZQmhPVTIwQXJiUUNiNC5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzE1ODcvUW0wa2xVQ0NYa1NT djMwS2VJUWw0c2FpN2hFLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAGfMSDANBgkqhkiG9w0BAQsFAAOCAQEAhqhFozLDI3dyfGENlEdkrLhWISps Vh+a0NFzxK0++5TEf5Q5UY58jipqVwhOhhv8vB1X4Z18DKrYBs1iEeMOA9HqRC3h aZpdsLKNJFn+ZlXjgRhRcErQBbDMFZN8lAI6g3wKrEaiVswD6nBxcshbwmo79Qgn 2+WcvOKAYzqhqBhvQTV5+U6eOxbP2zE8UWs8y1yo9dqn3q2O9MvhBzC+DFXk6uJN W24zujRl3Eehur3tWOAbuq6ZDKH6yciL1k55c3YKtPoZ/OjcZ2cJFquBcz8fVNSd hJhb9Uv+BYijpOexG/XDWvWyU2Pv24zcm6zVwGzFuPuk4YsVIU0hYnzdZQ== -----END CERTIFICATE-----Generated at Sun Dec 21 20:03:15 2025 by rpki-client