This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/M_7B-9T7PuzK-UlwEFukNIzrjIo.roa File: M_7B-9T7PuzK-UlwEFukNIzrjIo.roa (raw, json) Hash identifier: g/9mm3AiZwvJPt+efMqWEA4ndjOodwEpadnCmni3I5I= Subject key identifier: 33:FE:C1:FB:D4:FB:3E:EC:CA:F9:49:70:10:5B:A4:34:8C:EB:8C:8A Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA Certificate serial: 6288 Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/M_7B-9T7PuzK-UlwEFukNIzrjIo.roa Signing time: Tue 20 May 2025 20:10:57 +0000 ROA not before: Tue 20 May 2025 20:10:57 +0000 ROA not after: Fri 03 Apr 2026 08:00:09 +0000 asID: 24426 IP address blocks: 43.239.48.0/22 maxlen: 22 43.246.0.0/22 maxlen: 22 43.246.4.0/22 maxlen: 22 43.246.12.0/22 maxlen: 22 43.246.16.0/22 maxlen: 22 43.246.20.0/22 maxlen: 22 43.246.24.0/22 maxlen: 22 43.246.28.0/22 maxlen: 22 43.246.32.0/22 maxlen: 22 43.246.36.0/22 maxlen: 22 43.246.40.0/22 maxlen: 22 43.246.44.0/22 maxlen: 22 43.246.52.0/22 maxlen: 22 43.246.56.0/22 maxlen: 22 43.246.60.0/22 maxlen: 22 43.246.64.0/22 maxlen: 22 43.246.68.0/22 maxlen: 22 43.246.72.0/22 maxlen: 22 43.246.76.0/22 maxlen: 22 43.246.80.0/22 maxlen: 22 43.246.84.0/22 maxlen: 22 43.246.88.0/22 maxlen: 22 43.246.92.0/22 maxlen: 22 43.246.96.0/22 maxlen: 22 103.35.48.0/22 maxlen: 22 103.236.0.0/22 maxlen: 22 103.236.4.0/22 maxlen: 22 103.236.8.0/22 maxlen: 22 103.236.12.0/22 maxlen: 22 103.236.16.0/22 maxlen: 22 103.236.20.0/22 maxlen: 22 103.236.28.0/22 maxlen: 22 103.236.32.0/22 maxlen: 22 103.236.36.0/22 maxlen: 22 103.236.40.0/22 maxlen: 22 103.236.44.0/22 maxlen: 22 103.236.48.0/22 maxlen: 22 103.236.52.0/22 maxlen: 22 103.236.56.0/22 maxlen: 22 103.236.60.0/22 maxlen: 22 103.236.64.0/22 maxlen: 22 103.236.68.0/22 maxlen: 22 103.236.72.0/22 maxlen: 22 103.236.76.0/22 maxlen: 22 103.236.80.0/22 maxlen: 22 103.236.84.0/22 maxlen: 22 103.236.88.0/22 maxlen: 22 103.236.92.0/22 maxlen: 22 103.236.96.0/22 maxlen: 22 Validation: Failed, RFC 3779 resource not subset of parent's resources Certificate: Data: Version: 3 (0x2) Serial Number: 25224 (0x6288) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA Validity Not Before: May 20 20:10:57 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=33FEC1FBD4FB3EECCAF94970105BA4348CEB8C8A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:50:2a:9e:b8:61:04:3b:13:a1:44:aa:88:c4: 97:b4:3d:7c:c1:52:d0:30:45:64:24:fa:c3:ea:5e: 02:22:c8:c8:e6:e8:73:3b:51:7f:89:87:30:71:19: f4:ee:b7:c0:34:b3:44:ba:7e:05:f0:07:0d:05:c0: ed:7d:e5:e6:78:84:20:a6:05:f3:9e:fe:09:22:08: 23:8d:6b:f0:97:13:dd:c8:d5:0e:cc:3d:6e:f4:04: 2d:63:94:04:00:52:c2:af:07:4f:63:0f:86:dd:20: b0:18:37:20:c0:62:67:7d:6d:6b:0c:80:2c:a5:1d: 97:37:7d:85:9d:b1:18:8f:30:72:3f:93:41:a2:91: 62:41:72:49:3b:df:2f:ad:d6:3e:66:83:7f:0f:a1: 4b:01:d7:05:5a:22:ac:4a:be:27:3a:44:fc:3a:fe: ed:4b:46:66:63:9a:d0:a8:7c:d8:fb:c1:5e:6d:ba: ca:50:11:d2:1e:ec:b9:84:04:60:e6:67:bc:0e:c2: 45:cf:7b:f2:fc:c1:b2:55:85:d5:c0:ec:0c:b9:f8: a2:15:84:51:c4:db:43:1f:1b:45:98:76:e7:c2:4a: 0a:0b:75:d2:1c:bf:d9:4e:18:ee:fa:49:66:81:81: 51:7c:ed:e4:09:fd:70:d3:57:ed:ed:34:8d:64:4a: 24:a9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 33:FE:C1:FB:D4:FB:3E:EC:CA:F9:49:70:10:5B:A4:34:8C:EB:8C:8A X509v3 Authority Key Identifier: keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/M_7B-9T7PuzK-UlwEFukNIzrjIo.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 43.239.48.0/22 43.246.0.0/21 43.246.12.0-43.246.47.255 43.246.52.0-43.246.99.255 103.35.48.0/22 103.236.0.0-103.236.23.255 103.236.28.0-103.236.99.255 Signature Algorithm: sha256WithRSAEncryption 57:95:37:34:cc:44:b4:f2:73:d8:5d:f0:fd:6c:84:e5:51:fc: b0:c5:94:aa:e1:69:ac:a3:49:7e:b9:b8:19:5b:c8:09:c4:2e: 6a:3d:f6:98:0f:77:49:3f:25:84:88:ff:92:9d:8f:c2:56:65: 5d:d9:f0:26:e7:38:e8:71:35:55:67:b7:c2:ee:2e:69:cd:ed: 92:62:6f:00:72:31:44:ca:20:a4:c4:48:83:2e:53:5e:cf:5d: ac:a5:dc:a6:23:e9:59:21:ac:62:d5:0d:4e:14:be:eb:0c:20: 58:9b:bb:28:d3:c8:a2:f7:71:5a:ce:f6:3d:b4:44:47:20:44: 40:30:c4:6a:18:ae:db:75:62:0b:ae:56:45:e4:a2:8b:4c:52: f2:38:03:79:d9:57:5d:49:e3:60:6d:f2:10:34:a3:9a:86:4e: 82:6f:ce:bc:57:ab:9c:68:40:dd:e0:90:09:20:58:25:ba:c5: 17:43:6c:eb:ba:3a:3f:a1:d9:82:c6:f9:76:ce:7f:08:f1:11: 12:64:36:ce:0c:8a:52:67:7e:f3:89:ab:f3:c2:b9:f7:f9:ec: dd:af:fb:a5:d6:f1:43:2f:9e:15:49:cd:9a:9c:d4:d0:7a:67: 9f:08:48:e2:09:e8:01:78:62:6c:25:15:c4:68:b7:a5:2a:9b: 9f:cc:90:45 -----BEGIN CERTIFICATE----- MIIFGDCCBACgAwIBAgICYogwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNTA1MjAy MDEwNTdaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDMzRkVDMUZCRDRGQjNF RUNDQUY5NDk3MDEwNUJBNDM0OENFQjhDOEEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDLUCqeuGEEOxOhRKqIxJe0PXzBUtAwRWQk+sPqXgIiyMjm6HM7 UX+JhzBxGfTut8A0s0S6fgXwBw0FwO195eZ4hCCmBfOe/gkiCCONa/CXE93I1Q7M PW70BC1jlAQAUsKvB09jD4bdILAYNyDAYmd9bWsMgCylHZc3fYWdsRiPMHI/k0Gi kWJBckk73y+t1j5mg38PoUsB1wVaIqxKvic6RPw6/u1LRmZjmtCofNj7wV5tuspQ EdIe7LmEBGDmZ7wOwkXPe/L8wbJVhdXA7Ay5+KIVhFHE20MfG0WYdufCSgoLddIc v9lOGO76SWaBgVF87eQJ/XDTV+3tNI1kSiSpAgMBAAGjggI0MIICMDAdBgNVHQ4E FgQUM/7B+9T7PuzK+UlwEFukNIzrjIowHwYDVR0jBBgwFoAUvevthkDLplk9qfmj 3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3 L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L01fN0ItOVQ3UHV6Sy1V bHdFRnVrTkl6cmpJby5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwYgYIKwYBBQUHAQcBAf8EUzBRME8EAgABMEkD BAIr7zADBAMr9gAwDAMEAiv2DAMEBCv2IDAMAwQCK/Y0AwQCK/ZgAwQCZyMwMAsD AwJn7AMEA2fsEDAMAwQCZ+wcAwQCZ+xgMA0GCSqGSIb3DQEBCwUAA4IBAQBXlTc0 zES08nPYXfD9bITlUfywxZSq4Wmso0l+ubgZW8gJxC5qPfaYD3dJPyWEiP+SnY/C VmVd2fAm5zjocTVVZ7fC7i5pze2SYm8AcjFEyiCkxEiDLlNez12spdymI+lZIaxi 1Q1OFL7rDCBYm7so08ii93FazvY9tERHIERAMMRqGK7bdWILrlZF5KKLTFLyOAN5 2VddSeNgbfIQNKOahk6Cb868V6ucaEDd4JAJIFglusUXQ2zrujo/odmCxvl2zn8I 8RESZDbODIpSZ37ziavzwrn3+ezdr/ul1vFDL54VSc2anNTQemefCEjiCegBeGJs JRXEaLelKpufzJBF -----END CERTIFICATE-----Generated at Tue Dec 23 18:09:48 2025 by rpki-client