This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3272/GMo8tkwBdZTPbrQQkiUBAdJk5ZQ.roa File: GMo8tkwBdZTPbrQQkiUBAdJk5ZQ.roa (raw, json) Hash identifier: GdrPtNcWf4QmlrWLcgF9ri4AGhzt8ZM3bX9EIKp1oGQ= Subject key identifier: 18:CA:3C:B6:4C:01:75:94:CF:6E:B4:10:92:25:01:01:D2:64:E5:94 Certificate issuer: /CN=FD341E841C183777F8F91DF4FCDA0BB9EFA061BF Certificate serial: 0CA2 Authority key identifier: FD:34:1E:84:1C:18:37:77:F8:F9:1D:F4:FC:DA:0B:B9:EF:A0:61:BF Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/_TQehBwYN3f4-R30_NoLue-gYb8.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3272/GMo8tkwBdZTPbrQQkiUBAdJk5ZQ.roa Signing time: Wed 07 Jan 2026 15:11:33 +0000 ROA not before: Wed 07 Jan 2026 15:11:33 +0000 ROA not after: Fri 23 Oct 2026 03:01:03 +0000 asID: 401160 IP address blocks: 157.66.42.0/23 maxlen: 23 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3272/_TQehBwYN3f4-R30_NoLue-gYb8.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3272/_TQehBwYN3f4-R30_NoLue-gYb8.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/_TQehBwYN3f4-R30_NoLue-gYb8.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 10 Jan 2026 09:26:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3234 (0xca2) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=FD341E841C183777F8F91DF4FCDA0BB9EFA061BF Validity Not Before: Jan 7 15:11:33 2026 GMT Not After : Oct 23 03:01:03 2026 GMT Subject: CN=18CA3CB64C017594CF6EB41092250101D264E594 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9e:ee:34:a3:fd:c7:44:2b:95:f6:f6:e3:bc:74: 64:37:21:d6:d2:4d:be:56:77:9d:87:7a:15:58:13: c2:8c:76:72:22:5b:48:c2:7b:8e:93:33:e1:bd:ec: 38:1e:14:90:50:c9:e2:93:85:67:04:38:bc:08:40: 84:43:a3:07:fe:fb:81:4b:99:ee:e0:86:ed:a4:87: 34:09:b2:da:24:60:9b:cd:5a:15:12:3e:f0:5c:9b: 93:72:61:1e:25:69:b3:36:0f:1f:b0:82:ae:5d:21: a1:92:b8:36:ca:08:c2:86:a1:7f:f9:8f:89:bc:93: 66:89:28:ee:71:88:4b:f6:75:2f:12:50:a8:13:95: 79:2e:f1:4b:9e:81:da:1b:39:e7:0b:58:8c:91:b7: d5:b9:b4:63:8d:7c:da:ec:50:77:cd:f0:e5:27:50: df:27:8e:77:16:f4:9b:a3:38:d2:ee:6a:ec:e6:4b: 96:d6:9e:c7:05:35:12:db:0d:c5:31:4f:62:52:fc: 7d:21:1a:d4:91:16:c5:a6:28:0d:a9:85:75:9f:99: be:be:71:5e:9e:3d:5a:32:dd:ba:9a:6c:ec:4b:25: f4:17:37:30:e2:56:40:9b:53:63:06:21:35:ab:11: 40:0b:4e:b2:1d:96:93:2e:54:bc:db:0d:98:36:5f: ec:27 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 18:CA:3C:B6:4C:01:75:94:CF:6E:B4:10:92:25:01:01:D2:64:E5:94 X509v3 Authority Key Identifier: keyid:FD:34:1E:84:1C:18:37:77:F8:F9:1D:F4:FC:DA:0B:B9:EF:A0:61:BF X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3272/_TQehBwYN3f4-R30_NoLue-gYb8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/_TQehBwYN3f4-R30_NoLue-gYb8.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3272/GMo8tkwBdZTPbrQQkiUBAdJk5ZQ.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 157.66.42.0/23 Signature Algorithm: sha256WithRSAEncryption 01:d7:19:40:7b:ff:8c:e9:21:45:fe:c2:65:a7:a2:a0:ff:a7: 2b:1c:69:21:db:52:18:b0:17:1e:51:3b:bf:f4:d6:03:7c:e2: 64:ab:64:b7:5d:fc:20:3b:f2:76:fa:41:af:fc:5a:52:88:2e: 7e:af:db:0d:5e:94:8b:11:87:f8:18:8f:a4:d3:03:06:4c:56: f1:6b:da:49:9f:bc:5d:e5:0f:fd:45:58:30:c0:b3:4a:59:90: dd:cd:ac:7d:47:46:a0:53:a3:1f:ce:49:b2:ae:a4:7a:5d:4c: 6d:ea:4c:0d:35:f2:c3:60:ab:56:60:6d:80:1e:ae:ac:9a:31: cc:9b:fd:d0:5c:4e:a6:48:6c:d3:2d:95:18:ab:c8:a5:d6:09: 99:c6:fa:e9:3f:c4:53:38:54:37:33:5a:ef:82:4c:a3:63:dd: 99:df:58:9a:9b:de:03:d6:9c:67:7c:f1:a5:82:12:8f:7c:cb: 6a:8d:25:82:ba:33:5f:bc:5f:8d:fd:5b:ec:68:d4:c0:7b:fd: 64:e4:9b:96:49:28:01:24:e4:ba:f7:c9:6c:38:f2:81:50:af: 7d:c1:53:28:4a:40:fb:dc:fd:51:7b:0f:3c:cd:20:b6:97:82: 80:9c:d2:88:5a:98:3a:bd:53:8e:cf:5c:c4:2c:b2:16:71:28: a7:e2:0d:17 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICDKIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkQz NDFFODQxQzE4Mzc3N0Y4RjkxREY0RkNEQTBCQjlFRkEwNjFCRjAeFw0yNjAxMDcx NTExMzNaFw0yNjEwMjMwMzAxMDNaMDMxMTAvBgNVBAMTKDE4Q0EzQ0I2NEMwMTc1 OTRDRjZFQjQxMDkyMjUwMTAxRDI2NEU1OTQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCe7jSj/cdEK5X29uO8dGQ3IdbSTb5Wd52HehVYE8KMdnIiW0jC e46TM+G97DgeFJBQyeKThWcEOLwIQIRDowf++4FLme7ghu2khzQJstokYJvNWhUS PvBcm5NyYR4labM2Dx+wgq5dIaGSuDbKCMKGoX/5j4m8k2aJKO5xiEv2dS8SUKgT lXku8UuegdobOecLWIyRt9W5tGONfNrsUHfN8OUnUN8njncW9JujONLuauzmS5bW nscFNRLbDcUxT2JS/H0hGtSRFsWmKA2phXWfmb6+cV6ePVoy3bqabOxLJfQXNzDi VkCbU2MGITWrEUALTrIdlpMuVLzbDZg2X+wnAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUGMo8tkwBdZTPbrQQkiUBAdJk5ZQwHwYDVR0jBBgwFoAU/TQehBwYN3f4+R30 /NoLue+gYb8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzI3 Mi9fVFFlaEJ3WU4zZjQtUjMwX05vTHVlLWdZYjguY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL19UUWVoQndZTjNmNC1SMzBfTm9MdWUtZ1liOC5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMyNzIvR01vOHRrd0JkWlRQ YnJRUWtpVUJBZEprNVpRLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAZ1CKjANBgkqhkiG9w0BAQsFAAOCAQEAAdcZQHv/jOkhRf7CZaeioP+nKxxp IdtSGLAXHlE7v/TWA3ziZKtkt138IDvydvpBr/xaUogufq/bDV6UixGH+BiPpNMD BkxW8WvaSZ+8XeUP/UVYMMCzSlmQ3c2sfUdGoFOjH85Jsq6kel1MbepMDTXyw2Cr VmBtgB6urJoxzJv90FxOpkhs0y2VGKvIpdYJmcb66T/EUzhUNzNa74JMo2Pdmd9Y mpveA9acZ3zxpYISj3zLao0lgrozX7xfjf1b7GjUwHv9ZOSblkkoASTkuvfJbDjy gVCvfcFTKEpA+9z9UXsPPM0gtpeCgJzSiFqYOr1Tjs9cxCyyFnEop+INFw== -----END CERTIFICATE-----Generated at Sat Jan 10 08:56:36 2026 by rpki-client