This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3014/8MNExvDAsZl43srbMADNlQv39sQ.roa File: 8MNExvDAsZl43srbMADNlQv39sQ.roa (raw, json) Hash identifier: uOxaOVWRPhB97xSY5phLw1QNhQ1pZnVFFJDiYtbY46k= Subject key identifier: F0:C3:44:C6:F0:C0:B1:99:78:DE:CA:DB:30:00:CD:95:0B:F7:F6:C4 Certificate issuer: /CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9 Certificate serial: 1718 Authority key identifier: 3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/8MNExvDAsZl43srbMADNlQv39sQ.roa Signing time: Fri 14 Nov 2025 09:52:19 +0000 ROA not before: Fri 14 Nov 2025 09:52:19 +0000 ROA not after: Fri 23 Oct 2026 03:01:03 +0000 asID: 55990 IP address blocks: 124.71.248.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 05 Dec 2025 01:17:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5912 (0x1718) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9 Validity Not Before: Nov 14 09:52:19 2025 GMT Not After : Oct 23 03:01:03 2026 GMT Subject: CN=F0C344C6F0C0B19978DECADB3000CD950BF7F6C4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:0d:4b:a8:bd:34:8d:d2:88:ad:b3:b6:19:5b: 66:88:fc:29:68:72:67:fc:dd:34:d4:00:08:c4:1a: 27:af:05:54:9c:e7:af:c6:73:4a:7d:ed:e1:eb:c3: 7a:9e:37:f8:59:57:04:c5:f6:94:a3:e3:5e:00:98: 0f:24:2f:2e:5d:ed:be:4a:b6:b0:cf:d1:eb:30:8f: a8:f8:a4:12:d0:cb:2f:1f:9b:0d:fa:20:d7:a0:6d: 2f:ca:a3:18:a5:9f:ed:ad:49:d4:94:6c:90:38:4f: 43:54:ee:b0:0a:95:08:09:b0:37:cc:c6:47:9c:54: bc:76:78:21:ca:94:04:b6:c1:6c:3b:a2:3f:5e:a6: 17:0e:34:da:e4:78:15:30:8e:1f:6d:dc:34:d9:ed: f5:b3:51:8d:88:d3:3c:89:38:81:9c:a5:8e:e1:b1: 81:f7:3c:48:21:38:3c:07:74:03:8c:fd:0d:0a:15: 54:d2:f8:95:46:91:33:7b:10:24:b8:14:45:2c:05: 2c:26:97:c0:b5:ca:fd:77:24:50:1e:10:b7:6c:fc: 9b:cb:7c:12:32:f8:16:c2:4c:17:c4:78:e8:89:35: dc:27:01:4d:35:2f:7b:0d:5e:13:f2:4b:59:f3:49: 26:bf:af:96:d6:b2:06:02:89:aa:c7:e3:7c:10:5b: 21:3f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F0:C3:44:C6:F0:C0:B1:99:78:DE:CA:DB:30:00:CD:95:0B:F7:F6:C4 X509v3 Authority Key Identifier: keyid:3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/8MNExvDAsZl43srbMADNlQv39sQ.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 124.71.248.0/24 Signature Algorithm: sha256WithRSAEncryption 50:19:06:d4:06:9f:fa:c7:e4:03:50:bc:bf:e8:65:2d:0d:d8: 04:05:ec:9b:18:af:9f:55:e5:1b:a4:4b:06:6c:78:95:56:fc: 32:5c:5b:82:0e:67:06:f2:18:15:8a:e5:c4:ff:71:82:43:e5: 50:67:57:d6:a7:9b:28:d9:b9:41:c8:1e:08:2c:d2:be:fc:ea: 4f:be:8e:2a:cf:19:12:2b:9d:38:01:e5:d1:47:f1:52:14:dd: a9:77:eb:35:f9:04:d8:fb:02:43:6d:04:da:6d:0f:46:d8:ec: 38:32:35:59:4d:58:e1:8c:6d:2e:5c:d9:48:e3:b0:4d:45:73: 1b:df:f8:69:d1:ac:9b:81:29:9a:e5:53:15:5c:62:82:92:f2: 72:ea:df:c1:85:f8:7b:e2:e9:c3:47:2e:ef:e8:b1:e1:bc:05: 49:9e:e9:05:4c:cd:5d:36:e6:ac:a7:89:61:fc:89:c1:ba:18: 73:01:36:67:08:88:73:a0:5d:d8:a5:ed:98:d1:0b:fe:07:64: a7:0e:b0:f3:e6:b9:48:f9:62:2f:31:12:b8:fc:9a:94:0c:ee: d2:65:47:20:89:86:7b:be:86:f9:5d:2a:dd:5d:d6:3c:1b:94: fd:c7:4d:31:69:dd:96:fe:90:6a:14:a0:bf:37:40:d4:e8:7f: 64:c8:1a:b0 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICFxgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0FD RTEwQzgzODI5MkM2RkM3MDY1ODVCNDQ0RUJBRURDQTJBMTFCOTAeFw0yNTExMTQw OTUyMTlaFw0yNjEwMjMwMzAxMDNaMDMxMTAvBgNVBAMTKEYwQzM0NEM2RjBDMEIx OTk3OERFQ0FEQjMwMDBDRDk1MEJGN0Y2QzQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCsDUuovTSN0oits7YZW2aI/Clocmf83TTUAAjEGievBVSc56/G c0p97eHrw3qeN/hZVwTF9pSj414AmA8kLy5d7b5KtrDP0eswj6j4pBLQyy8fmw36 INegbS/Koxiln+2tSdSUbJA4T0NU7rAKlQgJsDfMxkecVLx2eCHKlAS2wWw7oj9e phcONNrkeBUwjh9t3DTZ7fWzUY2I0zyJOIGcpY7hsYH3PEghODwHdAOM/Q0KFVTS +JVGkTN7ECS4FEUsBSwml8C1yv13JFAeELds/JvLfBIy+BbCTBfEeOiJNdwnAU01 L3sNXhPyS1nzSSa/r5bWsgYCiarH43wQWyE/AgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQU8MNExvDAsZl43srbMADNlQv39sQwHwYDVR0jBBgwFoAUOs4QyDgpLG/HBlhb RE667coqEbkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzAx NC9PczRReURncExHX0hCbGhiUkU2Njdjb3FFYmsuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL09zNFF5RGdwTEdfSEJsaGJSRTY2N2NvcUViay5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwMTQvOE1ORXh2REFzWmw0 M3NyYk1BRE5sUXYzOXNRLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAHxH+DANBgkqhkiG9w0BAQsFAAOCAQEAUBkG1Aaf+sfkA1C8v+hlLQ3YBAXs mxivn1XlG6RLBmx4lVb8Mlxbgg5nBvIYFYrlxP9xgkPlUGdX1qebKNm5QcgeCCzS vvzqT76OKs8ZEiudOAHl0UfxUhTdqXfrNfkE2PsCQ20E2m0PRtjsODI1WU1Y4Yxt LlzZSOOwTUVzG9/4adGsm4EpmuVTFVxigpLycurfwYX4e+Lpw0cu7+ix4bwFSZ7p BUzNXTbmrKeJYfyJwboYcwE2ZwiIc6Bd2KXtmNEL/gdkpw6w8+a5SPliLzESuPya lAzu0mVHIImGe76G+V0q3V3WPBuU/cdNMWndlv6QahSgvzdA1Oh/ZMgasA== -----END CERTIFICATE-----Generated at Fri Dec 5 00:30:31 2025 by rpki-client