This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rps.cnnic.cn/repo/A1065579534394327043/0/AS17621.roa File: AS17621.roa (raw, json) Hash identifier: W4lDrD0ugeGLSP20hlfrT6/IveugyXhLDuR4xYSnH+w= Subject key identifier: 03:08:36:D7:6F:84:D2:19:EC:A7:DF:AC:B5:79:4A:36:0C:3B:87:AD Certificate issuer: /CN=1FFF263C64163BC58514B539C10375CCB553D75E Certificate serial: 30B8F2E9FBBA74AE6D07BDB8F83C73F50147BA Authority key identifier: 1F:FF:26:3C:64:16:3B:C5:85:14:B5:39:C1:03:75:CC:B5:53:D7:5E Authority info access: rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/1FFF263C64163BC58514B539C10375CCB553D75E.cer Subject info access: rsync://rpki-rps.cnnic.cn/repo/A1065579534394327043/0/AS17621.roa Signing time: Tue 20 Jan 2026 02:15:31 +0000 ROA not before: Tue 20 Jan 2026 02:10:31 +0000 ROA not after: Tue 19 Jan 2027 02:15:31 +0000 asID: 17621 IP address blocks: 43.254.152.0/24 maxlen: 24 103.5.192.0/22 maxlen: 24 103.5.192.0/23 maxlen: 24 103.5.194.0/24 maxlen: 24 103.24.116.0/24 maxlen: 24 103.24.118.0/23 maxlen: 24 150.242.238.0/23 maxlen: 24 202.89.96.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rps.cnnic.cn/repo/A1065579534394327043/0/1FFF263C64163BC58514B539C10375CCB553D75E.crl rsync://rpki-rps.cnnic.cn/repo/A1065579534394327043/0/1FFF263C64163BC58514B539C10375CCB553D75E.mft rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/1FFF263C64163BC58514B539C10375CCB553D75E.cer rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.crl rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pW6HKkA-e5zrlDGgj1QEAdL71xA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 21 Jan 2026 20:38:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 30:b8:f2:e9:fb:ba:74:ae:6d:07:bd:b8:f8:3c:73:f5:01:47:ba Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1FFF263C64163BC58514B539C10375CCB553D75E Validity Not Before: Jan 20 02:10:31 2026 GMT Not After : Jan 19 02:15:31 2027 GMT Subject: CN=030836D76F84D219ECA7DFACB5794A360C3B87AD Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:d2:a1:26:b4:30:cb:4f:f3:ee:74:13:f3:3d: 5b:b3:4e:f5:3f:3b:cf:50:fd:d9:81:59:d6:1f:96: 28:45:fa:a2:17:de:f7:dc:16:6a:06:c5:26:92:c7: 65:a8:41:74:1c:69:20:1a:30:82:63:70:84:71:df: b5:8f:12:14:cb:78:d5:da:be:8d:33:05:ec:47:95: 0f:99:7a:48:45:a3:b2:5e:5a:32:c1:6e:58:be:3e: 0d:d0:db:e1:a5:50:c8:98:7e:12:a1:09:3a:99:b2: 76:9e:56:db:79:41:45:e5:47:65:91:91:35:ce:07: d0:0b:2a:74:d6:64:b6:52:7a:1c:f0:a6:15:20:2c: 62:7d:87:bd:77:9f:41:02:d6:9f:8b:0d:69:f4:3b: 19:9c:fd:49:b8:65:4b:b8:7a:47:3e:fa:2f:58:29: be:74:9a:e4:55:6e:ba:0e:08:da:00:f3:64:cb:2d: 7a:4a:d6:30:41:2f:7a:1d:2d:63:01:34:42:fd:a5: e1:74:db:99:09:36:7b:23:07:f3:0d:a4:6d:ce:66: 6a:01:68:de:cf:81:3b:a9:f6:9d:b2:fe:3a:32:1b: a0:dd:96:c0:59:6d:f2:30:c4:74:83:21:09:dd:e8: 6c:7f:af:f8:f5:8e:93:24:35:06:e1:a0:7e:49:ac: 10:4d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 03:08:36:D7:6F:84:D2:19:EC:A7:DF:AC:B5:79:4A:36:0C:3B:87:AD X509v3 Authority Key Identifier: keyid:1F:FF:26:3C:64:16:3B:C5:85:14:B5:39:C1:03:75:CC:B5:53:D7:5E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rps.cnnic.cn/repo/A1065579534394327043/0/1FFF263C64163BC58514B539C10375CCB553D75E.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/1FFF263C64163BC58514B539C10375CCB553D75E.cer Subject Information Access: Signed Object - URI:rsync://rpki-rps.cnnic.cn/repo/A1065579534394327043/0/AS17621.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.254.152.0/24 103.5.192.0/22 103.24.116.0/24 103.24.118.0/23 150.242.238.0/23 202.89.96.0/24 Signature Algorithm: sha256WithRSAEncryption 2d:8b:6f:e7:92:f7:1d:fd:ee:03:86:c1:bb:eb:e0:61:8f:24: b5:06:eb:8e:64:57:50:cb:2e:20:b0:e8:e5:66:8d:6e:dc:56: 24:01:07:6e:6b:0d:0b:37:b6:14:81:5a:72:96:c5:f0:ad:22: e0:03:bf:0a:dc:fc:76:9a:0b:7f:23:28:fa:9d:94:fc:9d:6e: c3:16:08:76:4a:03:3c:48:d3:0e:8e:34:f9:dd:c5:af:d5:08: 82:33:e6:a9:7b:d5:af:1c:27:03:a8:8d:e6:d1:38:e7:b3:c2: 75:b9:e6:e1:05:12:a3:25:f9:1e:ff:4a:fe:1b:62:6e:5c:e4: a2:d2:4d:d6:ec:b6:c2:88:af:4e:e4:3c:59:73:76:7e:c5:97: 83:26:78:63:37:da:c0:e2:b7:24:e9:6c:6d:94:cd:84:0c:33: e3:c5:3b:aa:ac:e7:a3:a9:c4:83:e7:9e:5b:66:e0:f3:6f:f9: 51:5f:13:1a:4b:fb:58:dc:99:a4:c7:35:70:2e:5d:d3:97:a4: 36:ed:38:ea:71:f0:00:f5:6e:3d:65:5d:73:b6:da:1d:13:06: aa:ec:0d:ae:d1:13:b9:19:24:85:0c:0b:c2:09:46:d9:bb:bf: 47:14:14:a8:b9:ec:e3:65:19:76:ad:6b:34:db:a2:8f:be:7a: 8e:8f:fc:b6 -----BEGIN CERTIFICATE----- MIIE9jCCA96gAwIBAgITMLjy6fu6dK5tB724+Dxz9QFHujANBgkqhkiG9w0BAQsF ADAzMTEwLwYDVQQDEygxRkZGMjYzQzY0MTYzQkM1ODUxNEI1MzlDMTAzNzVDQ0I1 NTNENzVFMB4XDTI2MDEyMDAyMTAzMVoXDTI3MDExOTAyMTUzMVowMzExMC8GA1UE AxMoMDMwODM2RDc2Rjg0RDIxOUVDQTdERkFDQjU3OTRBMzYwQzNCODdBRDCCASIw DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMDSoSa0MMtP8+50E/M9W7NO9T87 z1D92YFZ1h+WKEX6ohfe99wWagbFJpLHZahBdBxpIBowgmNwhHHftY8SFMt41dq+ jTMF7EeVD5l6SEWjsl5aMsFuWL4+DdDb4aVQyJh+EqEJOpmydp5W23lBReVHZZGR Nc4H0AsqdNZktlJ6HPCmFSAsYn2HvXefQQLWn4sNafQ7GZz9SbhlS7h6Rz76L1gp vnSa5FVuug4I2gDzZMstekrWMEEveh0tYwE0Qv2l4XTbmQk2eyMH8w2kbc5magFo 3s+BO6n2nbL+OjIboN2WwFlt8jDEdIMhCd3obH+v+PWOkyQ1BuGgfkmsEE0CAwEA AaOCAgEwggH9MB0GA1UdDgQWBBQDCDbXb4TSGeyn36y1eUo2DDuHrTAfBgNVHSME GDAWgBQf/yY8ZBY7xYUUtTnBA3XMtVPXXjAOBgNVHQ8BAf8EBAMCB4AwcwYDVR0f BGwwajBooGagZIZicnN5bmM6Ly9ycGtpLXJwcy5jbm5pYy5jbi9yZXBvL0ExMDY1 NTc5NTM0Mzk0MzI3MDQzLzAvMUZGRjI2M0M2NDE2M0JDNTg1MTRCNTM5QzEwMzc1 Q0NCNTUzRDc1RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3lu YzovL3Jwa2ktcnBzLmNubmljLmNuL3JlcG8vQTEwNTUzOTA3NzUwOTA2NzU3MTUv MS8xRkZGMjYzQzY0MTYzQkM1ODUxNEI1MzlDMTAzNzVDQ0I1NTNENzVFLmNlcjBd BggrBgEFBQcBCwRRME8wTQYIKwYBBQUHMAuGQXJzeW5jOi8vcnBraS1ycHMuY25u aWMuY24vcmVwby9BMTA2NTU3OTUzNDM5NDMyNzA0My8wL0FTMTc2MjEucm9hMBgG A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwPQYIKwYBBQUHAQcBAf8ELjAsMCoEAgAB MCQDBAAr/pgDBAJnBcADBABnGHQDBAFnGHYDBAGW8u4DBADKWWAwDQYJKoZIhvcN AQELBQADggEBAC2Lb+eS9x397gOGwbvr4GGPJLUG645kV1DLLiCw6OVmjW7cViQB B25rDQs3thSBWnKWxfCtIuADvwrc/HaaC38jKPqdlPydbsMWCHZKAzxI0w6ONPnd xa/VCIIz5ql71a8cJwOojebROOezwnW55uEFEqMl+R7/Sv4bYm5c5KLSTdbstsKI r07kPFlzdn7Fl4MmeGM32sDityTpbG2UzYQMM+PFO6qs56OpxIPnnltm4PNv+VFf ExpL+1jcmaTHNXAuXdOXpDbtOOpx8AD1bj1lXXO22h0TBqrsDa7RE7kZJIUMC8IJ Rtm7v0cUFKi57ONlGXatazTboo++eo6P/LY= -----END CERTIFICATE-----Generated at Wed Jan 21 12:28:44 2026 by rpki-client