This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1663/1AsOal6ri0RFBRxZrzgmGTr8Ix8.roa File: 1AsOal6ri0RFBRxZrzgmGTr8Ix8.roa (raw, json) Hash identifier: 6GvzpaUFBxtZQ0qYNP1joL/cc1SGplpOVhK9fzMKJLE= Subject key identifier: D4:0B:0E:6A:5E:AB:8B:44:45:05:1C:59:AF:38:26:19:3A:FC:23:1F Certificate issuer: /CN=8AE4CF78B49DF0B2C1D29D32E48A943AE4F41ACC Certificate serial: CCB0 Authority key identifier: 8A:E4:CF:78:B4:9D:F0:B2:C1:D2:9D:32:E4:8A:94:3A:E4:F4:1A:CC Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1663/1AsOal6ri0RFBRxZrzgmGTr8Ix8.roa Signing time: Sun 21 Dec 2025 09:39:59 +0000 ROA not before: Sun 21 Dec 2025 09:39:59 +0000 ROA not after: Fri 23 Oct 2026 03:01:03 +0000 asID: 63612 IP address blocks: 43.227.80.0/20 maxlen: 20 Validation: Failed, RFC 3779 resource not subset of parent's resources Certificate: Data: Version: 3 (0x2) Serial Number: 52400 (0xccb0) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8AE4CF78B49DF0B2C1D29D32E48A943AE4F41ACC Validity Not Before: Dec 21 09:39:59 2025 GMT Not After : Oct 23 03:01:03 2026 GMT Subject: CN=D40B0E6A5EAB8B4445051C59AF3826193AFC231F Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:b9:a0:c0:e4:5e:b6:d7:ad:76:6a:ce:cf:85: ff:cb:be:8b:8b:d2:0f:57:b3:a4:7f:62:2f:ab:29: 9a:f6:09:c4:c9:e6:42:f5:67:93:73:4f:09:80:89: 0a:0e:24:b8:02:92:e8:e5:e6:1c:13:09:78:40:e3: df:a0:6d:a9:60:68:ae:51:ff:99:16:23:9a:d0:fd: ec:1f:0c:62:95:d2:44:00:39:48:fb:7a:fa:07:bd: 93:5a:29:84:60:4a:cc:50:e6:33:1a:56:9f:b1:77: 63:f6:f9:2d:8d:b9:c8:e9:d0:8f:29:f3:9f:f3:4d: 4e:81:44:64:af:cd:79:d2:36:c8:6a:19:af:1f:1a: 52:66:00:3d:ac:4c:43:0c:78:84:da:de:ca:ab:52: 5d:b2:05:01:a4:8f:04:ad:a6:bf:17:67:20:b8:54: 03:1e:a1:2f:9d:3e:fa:09:ee:bb:69:3e:68:3e:4a: 90:41:73:80:00:51:95:b2:48:7d:a6:e3:d4:74:10: b5:27:e8:99:c5:67:dd:54:f0:5f:33:2f:2f:81:99: 6b:f6:81:ed:dc:cb:58:2f:cd:a5:67:b0:ba:ef:ea: 1d:44:d9:53:ce:37:9a:ba:e4:fa:fa:d3:81:ba:b8: 26:e0:27:66:ba:4f:d2:bd:62:48:80:5a:c0:cb:0a: cd:55 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D4:0B:0E:6A:5E:AB:8B:44:45:05:1C:59:AF:38:26:19:3A:FC:23:1F X509v3 Authority Key Identifier: keyid:8A:E4:CF:78:B4:9D:F0:B2:C1:D2:9D:32:E4:8A:94:3A:E4:F4:1A:CC X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1663/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1663/1AsOal6ri0RFBRxZrzgmGTr8Ix8.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 43.227.80.0/20 Signature Algorithm: sha256WithRSAEncryption b3:5f:5a:51:b0:72:68:0d:88:76:20:79:9e:ce:6a:61:5f:7c: 4c:aa:27:95:77:87:95:8f:f7:fa:85:e1:ac:f5:f3:94:28:38: 59:30:4b:1c:e6:6e:9d:97:a8:44:3c:14:97:78:d2:40:65:84: 87:ea:95:54:7f:3a:a3:2d:fc:f7:1e:1a:ff:c4:8e:5a:14:81: 8d:36:2d:63:59:c6:0b:a8:1d:7f:b4:69:3e:80:a4:5e:ae:40: 99:5e:4b:57:2f:4d:29:77:87:0e:05:1e:bd:ef:b7:65:35:66: e6:2e:6f:f3:ee:39:76:a6:75:90:a2:10:9b:ff:42:35:75:89: 51:b6:80:10:8b:0a:a9:ad:6e:85:34:2d:56:c2:31:93:89:14: 3e:ee:60:99:dc:d2:06:d2:d8:1d:20:ee:ab:1d:66:17:b4:7b: 31:b9:65:c6:6f:57:a1:50:3e:10:38:a6:49:e3:16:1b:47:90: 88:23:6b:f7:b6:70:a9:1b:1e:68:24:4d:b5:c3:c8:6c:65:24: da:71:4a:9b:60:a2:68:5f:49:83:82:93:fa:6a:24:9b:21:33: 52:0f:c7:ee:a4:ed:52:c1:43:3b:de:7e:88:70:bf:f3:a5:ac: 71:61:8a:6d:e0:11:cc:3c:aa:a8:41:ac:eb:aa:a2:13:2d:5f: c1:6e:e6:26 -----BEGIN CERTIFICATE----- MIIE2DCCA8CgAwIBAgIDAMywMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDhB RTRDRjc4QjQ5REYwQjJDMUQyOUQzMkU0OEE5NDNBRTRGNDFBQ0MwHhcNMjUxMjIx MDkzOTU5WhcNMjYxMDIzMDMwMTAzWjAzMTEwLwYDVQQDEyhENDBCMEU2QTVFQUI4 QjQ0NDUwNTFDNTlBRjM4MjYxOTNBRkMyMzFGMIIBIjANBgkqhkiG9w0BAQEFAAOC AQ8AMIIBCgKCAQEArrmgwORettetdmrOz4X/y76Li9IPV7Okf2Ivqyma9gnEyeZC 9WeTc08JgIkKDiS4ApLo5eYcEwl4QOPfoG2pYGiuUf+ZFiOa0P3sHwxildJEADlI +3r6B72TWimEYErMUOYzGlafsXdj9vktjbnI6dCPKfOf801OgURkr8150jbIahmv HxpSZgA9rExDDHiE2t7Kq1JdsgUBpI8Eraa/F2cguFQDHqEvnT76Ce67aT5oPkqQ QXOAAFGVskh9puPUdBC1J+iZxWfdVPBfMy8vgZlr9oHt3MtYL82lZ7C67+odRNlT zjeauuT6+tOBurgm4Cdmuk/SvWJIgFrAywrNVQIDAQABo4IB8zCCAe8wHQYDVR0O BBYEFNQLDmpeq4tERQUcWa84Jhk6/CMfMB8GA1UdIwQYMBaAFIrkz3i0nfCywdKd MuSKlDrk9BrMMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwXQYDVR0fBFYwVDBS oFCgToZMcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzE2 NjMvaXVUUGVMU2Q4TExCMHAweTVJcVVPdVQwR3N3LmNybDBjBggrBgEFBQcBAQRX MFUwUwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYy RTNEMDAwMC9pdVRQZUxTZDhMTEIwcDB5NUlxVU91VDBHc3cuY2VyMA4GA1UdDwEB /wQEAwIHgDCBnQYIKwYBBQUHAQsEgZAwgY0wWAYIKwYBBQUHMAuGTHJzeW5jOi8v cnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC8xNjYzLzFBc09hbDZyaTBS RkJSeFpyemdtR1RyOEl4OC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5j bm5pYy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB MAYDBAQr41AwDQYJKoZIhvcNAQELBQADggEBALNfWlGwcmgNiHYgeZ7OamFffEyq J5V3h5WP9/qF4az185QoOFkwSxzmbp2XqEQ8FJd40kBlhIfqlVR/OqMt/PceGv/E jloUgY02LWNZxguoHX+0aT6ApF6uQJleS1cvTSl3hw4FHr3vt2U1ZuYub/PuOXam dZCiEJv/QjV1iVG2gBCLCqmtboU0LVbCMZOJFD7uYJnc0gbS2B0g7qsdZhe0ezG5 ZcZvV6FQPhA4pknjFhtHkIgja/e2cKkbHmgkTbXDyGxlJNpxSptgomhfSYOCk/pq JJshM1IPx+6k7VLBQzvefohwv/OlrHFhim3gEcw8qqhBrOuqohMtX8Fu5iY= -----END CERTIFICATE-----Generated at Sun Dec 21 12:26:49 2025 by rpki-client