This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rps.cnnic.cn/repo/A1065579534394327043/0/AS24373.roa File: AS24373.roa (raw, json) Hash identifier: mv5XfOipqsqDjk1q6Kb/6qCmPErR3fPDkBeQZeBbuLQ= Subject key identifier: EC:70:03:FB:E9:CC:98:9D:9A:EB:1E:FF:BA:2D:09:FD:02:2A:31:82 Certificate issuer: /CN=1FFF263C64163BC58514B539C10375CCB553D75E Certificate serial: 4823DCF97100FED51EDC9BC3123F81D2C4111B14 Authority key identifier: 1F:FF:26:3C:64:16:3B:C5:85:14:B5:39:C1:03:75:CC:B5:53:D7:5E Authority info access: rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/1FFF263C64163BC58514B539C10375CCB553D75E.cer Subject info access: rsync://rpki-rps.cnnic.cn/repo/A1065579534394327043/0/AS24373.roa Signing time: Tue 20 Jan 2026 02:15:30 +0000 ROA not before: Tue 20 Jan 2026 02:10:30 +0000 ROA not after: Tue 19 Jan 2027 02:15:30 +0000 asID: 24373 IP address blocks: 45.252.8.0/22 maxlen: 24 45.252.12.0/22 maxlen: 24 45.252.16.0/22 maxlen: 24 45.252.20.0/22 maxlen: 24 45.252.24.0/22 maxlen: 24 45.252.28.0/22 maxlen: 24 45.252.32.0/22 maxlen: 24 45.252.36.0/22 maxlen: 24 45.252.40.0/22 maxlen: 24 45.252.44.0/22 maxlen: 24 45.252.48.0/22 maxlen: 24 45.252.100.0/22 maxlen: 24 45.252.144.0/22 maxlen: 24 103.6.228.0/24 maxlen: 24 103.220.248.0/22 maxlen: 24 103.220.252.0/22 maxlen: 24 103.221.0.0/22 maxlen: 24 103.221.4.0/22 maxlen: 24 103.221.8.0/22 maxlen: 24 103.221.12.0/22 maxlen: 24 103.221.16.0/22 maxlen: 24 103.221.20.0/22 maxlen: 24 103.221.24.0/22 maxlen: 24 103.221.28.0/22 maxlen: 24 103.221.32.0/22 maxlen: 24 103.221.36.0/22 maxlen: 24 103.221.40.0/22 maxlen: 24 103.221.44.0/22 maxlen: 24 103.221.48.0/22 maxlen: 24 103.221.92.0/22 maxlen: 24 2406:1e80::/48 maxlen: 64 Validation: OK Signature path: rsync://rpki-rps.cnnic.cn/repo/A1065579534394327043/0/1FFF263C64163BC58514B539C10375CCB553D75E.crl rsync://rpki-rps.cnnic.cn/repo/A1065579534394327043/0/1FFF263C64163BC58514B539C10375CCB553D75E.mft rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/1FFF263C64163BC58514B539C10375CCB553D75E.cer rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.crl rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pW6HKkA-e5zrlDGgj1QEAdL71xA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 21 Jan 2026 20:38:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 48:23:dc:f9:71:00:fe:d5:1e:dc:9b:c3:12:3f:81:d2:c4:11:1b:14 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1FFF263C64163BC58514B539C10375CCB553D75E Validity Not Before: Jan 20 02:10:30 2026 GMT Not After : Jan 19 02:15:30 2027 GMT Subject: CN=EC7003FBE9CC989D9AEB1EFFBA2D09FD022A3182 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:77:29:69:8b:19:58:e1:58:25:8c:8f:3c:44: 86:3f:36:85:45:20:30:d8:55:ab:3a:03:58:b9:a2: c6:f5:69:78:97:1e:bc:fa:c6:3f:02:44:05:77:ed: da:01:68:c8:9e:6e:e0:00:6e:e6:bc:e9:65:67:21: 10:b3:26:08:27:ac:28:b9:91:47:b2:3c:78:d0:f4: 40:df:4d:7f:02:ca:6f:b4:87:bf:e6:16:1d:c3:90: 01:53:fc:58:91:6d:a1:8b:35:4f:06:9c:a9:bb:08: 30:84:75:de:67:8b:35:7d:e6:08:63:d9:4f:fb:25: d2:a0:08:94:ce:d4:db:ce:cc:95:fd:4f:b7:85:92: e7:f7:02:ea:95:45:22:4e:85:16:52:3a:42:84:f9: ed:09:39:b9:db:c3:3e:df:88:b8:7d:bf:8a:52:04: 98:d0:3a:3d:14:85:68:75:ae:58:5a:93:3a:33:a2: a3:66:27:bc:a2:2c:5c:64:b1:09:1a:b7:78:c8:50: 30:68:ed:1c:eb:23:2c:3f:a1:c5:43:06:ca:2b:85: 11:68:7d:29:fa:e3:b9:4b:96:5c:02:aa:e3:41:48: 31:2c:78:44:cc:d1:b0:9c:32:42:bc:22:db:5b:3e: 53:3f:26:9c:ab:29:f2:ee:ca:f9:52:78:61:d6:53: f2:b1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EC:70:03:FB:E9:CC:98:9D:9A:EB:1E:FF:BA:2D:09:FD:02:2A:31:82 X509v3 Authority Key Identifier: keyid:1F:FF:26:3C:64:16:3B:C5:85:14:B5:39:C1:03:75:CC:B5:53:D7:5E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rps.cnnic.cn/repo/A1065579534394327043/0/1FFF263C64163BC58514B539C10375CCB553D75E.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/1FFF263C64163BC58514B539C10375CCB553D75E.cer Subject Information Access: Signed Object - URI:rsync://rpki-rps.cnnic.cn/repo/A1065579534394327043/0/AS24373.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.252.8.0-45.252.51.255 45.252.100.0/22 45.252.144.0/22 103.6.228.0/24 103.220.248.0-103.221.51.255 103.221.92.0/22 IPv6: 2406:1e80::/48 Signature Algorithm: sha256WithRSAEncryption 73:22:ec:5a:37:eb:e3:d4:2c:92:b8:68:dd:b6:a6:97:eb:74: 3d:fd:e5:cd:25:20:1a:2e:92:92:8d:8b:18:b3:8b:20:d6:98: d8:46:5d:31:a4:55:c6:02:76:e1:5d:27:df:2b:8e:88:07:b9: 2d:73:fb:6d:ca:8c:c4:ec:ec:e4:27:6a:69:cd:eb:07:75:ac: d1:c3:50:5b:36:36:71:5d:2a:55:0e:fc:5d:58:d2:d4:65:77: be:e3:13:0a:99:aa:c5:04:65:13:6a:cf:a3:24:5f:55:cb:21: 2f:be:5b:37:17:c7:3e:3a:e2:50:8b:de:72:9b:74:93:8d:c7: e6:cd:f5:8f:95:f5:2f:08:42:6c:ac:b3:98:d8:0e:db:13:80: e8:1f:63:d7:0a:0e:97:45:2a:dc:9b:3d:bb:25:11:de:2c:cd: 31:95:a1:cf:b6:9c:44:dd:f1:92:61:65:80:34:1a:e2:b1:cf: 70:fc:79:a4:f2:7c:19:98:1d:4c:7a:9b:24:9e:01:f8:aa:bd: 5e:74:40:76:71:29:96:e0:ae:c0:21:cb:11:fa:08:73:54:8b: d9:9e:6f:a4:e3:69:4a:ad:1f:5f:f1:2e:30:5c:64:6d:47:12: d7:d3:4a:75:bf:6a:80:df:7e:e1:43:ee:49:ee:38:45:c9:4a: e4:75:97:10 -----BEGIN CERTIFICATE----- MIIFGDCCBACgAwIBAgIUSCPc+XEA/tUe3JvDEj+B0sQRGxQwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMUZGRjI2M0M2NDE2M0JDNTg1MTRCNTM5QzEwMzc1Q0NC NTUzRDc1RTAeFw0yNjAxMjAwMjEwMzBaFw0yNzAxMTkwMjE1MzBaMDMxMTAvBgNV BAMTKEVDNzAwM0ZCRTlDQzk4OUQ5QUVCMUVGRkJBMkQwOUZEMDIyQTMxODIwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDMdylpixlY4VgljI88RIY/NoVF IDDYVas6A1i5osb1aXiXHrz6xj8CRAV37doBaMiebuAAbua86WVnIRCzJggnrCi5 kUeyPHjQ9EDfTX8Cym+0h7/mFh3DkAFT/FiRbaGLNU8GnKm7CDCEdd5nizV95ghj 2U/7JdKgCJTO1NvOzJX9T7eFkuf3AuqVRSJOhRZSOkKE+e0JObnbwz7fiLh9v4pS BJjQOj0UhWh1rlhakzozoqNmJ7yiLFxksQkat3jIUDBo7RzrIyw/ocVDBsorhRFo fSn647lLllwCquNBSDEseETM0bCcMkK8IttbPlM/JpyrKfLuyvlSeGHWU/KxAgMB AAGjggIiMIICHjAdBgNVHQ4EFgQU7HAD++nMmJ2a6x7/ui0J/QIqMYIwHwYDVR0j BBgwFoAUH/8mPGQWO8WFFLU5wQN1zLVT114wDgYDVR0PAQH/BAQDAgeAMHMGA1Ud HwRsMGowaKBmoGSGYnJzeW5jOi8vcnBraS1ycHMuY25uaWMuY24vcmVwby9BMTA2 NTU3OTUzNDM5NDMyNzA0My8wLzFGRkYyNjNDNjQxNjNCQzU4NTE0QjUzOUMxMDM3 NUNDQjU1M0Q3NUUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5 bmM6Ly9ycGtpLXJwcy5jbm5pYy5jbi9yZXBvL0ExMDU1MzkwNzc1MDkwNjc1NzE1 LzEvMUZGRjI2M0M2NDE2M0JDNTg1MTRCNTM5QzEwMzc1Q0NCNTUzRDc1RS5jZXIw XQYIKwYBBQUHAQsEUTBPME0GCCsGAQUFBzALhkFyc3luYzovL3Jwa2ktcnBzLmNu bmljLmNuL3JlcG8vQTEwNjU1Nzk1MzQzOTQzMjcwNDMvMC9BUzI0MzczLnJvYTAY BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMF4GCCsGAQUFBwEHAQH/BE8wTTA6BAIA ATA0MAwDBAMt/AgDBAIt/DADBAIt/GQDBAIt/JADBABnBuQwDAMEA2fc+AMEAmfd MAMEAmfdXDAPBAIAAjAJAwcAJAYegAAAMA0GCSqGSIb3DQEBCwUAA4IBAQBzIuxa N+vj1CySuGjdtqaX63Q9/eXNJSAaLpKSjYsYs4sg1pjYRl0xpFXGAnbhXSffK46I B7ktc/ttyozE7OzkJ2ppzesHdazRw1BbNjZxXSpVDvxdWNLUZXe+4xMKmarFBGUT as+jJF9VyyEvvls3F8c+OuJQi95ym3STjcfmzfWPlfUvCEJsrLOY2A7bE4DoH2PX Cg6XRSrcmz27JRHeLM0xlaHPtpxE3fGSYWWANBrisc9w/Hmk8nwZmB1MepskngH4 qr1edEB2cSmW4K7AIcsR+ghzVIvZnm+k42lKrR9f8S4wXGRtRxLX00p1v2qA337h Q+5J7jhFyUrkdZcQ -----END CERTIFICATE-----Generated at Wed Jan 21 12:28:42 2026 by rpki-client