This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3396/Avn43BaBZTTez8dzXXC5ev5n_E4.roa File: Avn43BaBZTTez8dzXXC5ev5n_E4.roa (raw, json) Hash identifier: Ub77vZnk4oLPBJQVHv+HVLLuQJPSrWkHLBI8wCAEF84= Subject key identifier: 02:F9:F8:DC:16:81:65:34:DE:CF:C7:73:5D:70:B9:7A:FE:67:FC:4E Certificate issuer: /CN=67B6C796F89103590FF1CC9071DFE4C0DF38FD4D Certificate serial: 01E8 Authority key identifier: 67:B6:C7:96:F8:91:03:59:0F:F1:CC:90:71:DF:E4:C0:DF:38:FD:4D Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Z7bHlviRA1kP8cyQcd_kwN84_U0.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3396/Avn43BaBZTTez8dzXXC5ev5n_E4.roa Signing time: Fri 02 Jan 2026 08:41:14 +0000 ROA not before: Fri 02 Jan 2026 08:41:14 +0000 ROA not after: Fri 23 Oct 2026 03:01:03 +0000 asID: 151232 IP address blocks: 140.210.0.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3396/Z7bHlviRA1kP8cyQcd_kwN84_U0.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3396/Z7bHlviRA1kP8cyQcd_kwN84_U0.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Z7bHlviRA1kP8cyQcd_kwN84_U0.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 19 Jan 2026 20:56:53 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 488 (0x1e8) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=67B6C796F89103590FF1CC9071DFE4C0DF38FD4D Validity Not Before: Jan 2 08:41:14 2026 GMT Not After : Oct 23 03:01:03 2026 GMT Subject: CN=02F9F8DC16816534DECFC7735D70B97AFE67FC4E Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d3:4e:42:10:82:75:b8:1c:ec:91:57:a3:0b:92: b8:fc:4d:e0:75:0a:91:c1:60:02:d2:7f:64:aa:3a: 23:20:b6:4e:c3:9c:69:73:d8:1d:40:3a:4e:ea:4a: e5:cc:e0:6a:11:c6:d0:97:e6:77:97:fd:08:35:be: f8:e3:2d:bf:ab:e0:82:7b:53:f8:89:e4:ac:0a:0e: af:8d:a9:8d:a0:20:e7:bf:dd:22:35:2b:42:0e:f2: 4c:12:28:0b:78:76:82:a5:13:ee:8c:e3:2b:10:99: f5:ee:35:40:48:1e:ab:e2:77:61:f5:78:0a:81:dc: d2:5c:0a:99:de:f3:ab:77:73:7f:16:bd:0f:31:52: 6d:1c:eb:d9:58:71:b0:cb:1b:57:c0:33:f0:0a:4f: 7d:ee:c6:3a:d4:eb:79:b1:b3:e4:2d:b2:6e:ef:4c: 08:7c:1e:55:3c:a6:e7:21:50:6e:c9:06:c2:52:36: d5:15:82:f5:5f:58:bb:c7:4e:06:6b:4c:3a:97:11: c2:b8:6b:06:4c:ce:bf:1e:dc:0f:6a:20:79:27:5e: 29:cc:39:90:4a:e2:d7:ff:a5:0b:b1:29:b6:80:85: ac:01:fa:08:56:19:f9:e5:9d:33:cb:a6:27:a0:e1: 30:2f:34:f3:16:52:f4:c0:33:27:98:77:b8:88:c1: 16:87 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 02:F9:F8:DC:16:81:65:34:DE:CF:C7:73:5D:70:B9:7A:FE:67:FC:4E X509v3 Authority Key Identifier: keyid:67:B6:C7:96:F8:91:03:59:0F:F1:CC:90:71:DF:E4:C0:DF:38:FD:4D X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3396/Z7bHlviRA1kP8cyQcd_kwN84_U0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Z7bHlviRA1kP8cyQcd_kwN84_U0.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3396/Avn43BaBZTTez8dzXXC5ev5n_E4.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 140.210.0.0/22 Signature Algorithm: sha256WithRSAEncryption 22:b4:45:47:70:03:84:5c:df:7a:4b:de:e6:00:2d:c8:62:f7: 8d:07:09:10:4f:75:6b:95:25:4f:7e:d2:b5:f0:be:97:7b:1c: ec:e8:cb:d7:fb:8b:c4:22:1f:3b:22:14:9e:c1:7f:65:84:33: 76:37:f5:dd:cd:de:0c:0c:4f:8b:e5:b4:e5:c9:f3:16:49:6f: 1e:16:78:e3:c5:c7:a7:c1:8a:9e:05:77:de:10:5a:6c:a8:0e: e0:eb:65:ce:fa:3f:d7:5c:e7:30:9d:79:80:9c:b3:31:cd:82: 04:cd:cd:20:94:84:38:50:28:38:45:27:27:01:94:94:a9:14: 65:bd:5b:43:da:e1:3b:7b:ec:23:a2:95:ed:19:88:a2:ff:f0: 30:73:4f:cf:5e:49:1d:5b:bc:af:39:28:30:76:94:72:3e:98: 4f:e2:ff:2e:0e:5a:60:5c:a3:c8:60:5b:dd:ce:4e:4f:39:52: 62:3b:a3:33:65:de:3a:86:88:aa:14:54:65:29:c5:06:b2:be: f3:91:ce:ba:fc:8d:17:cb:5b:63:6b:0c:6a:4b:fb:3c:bf:43: 6b:cf:04:7b:07:88:1e:6f:f3:1f:fd:2b:ae:05:ab:a0:46:29: 14:a0:a1:b7:45:f1:ef:83:f2:d7:73:a2:ac:53:bf:a0:e6:a1: 16:94:ba:ed -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICAegwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNjdC NkM3OTZGODkxMDM1OTBGRjFDQzkwNzFERkU0QzBERjM4RkQ0RDAeFw0yNjAxMDIw ODQxMTRaFw0yNjEwMjMwMzAxMDNaMDMxMTAvBgNVBAMTKDAyRjlGOERDMTY4MTY1 MzRERUNGQzc3MzVENzBCOTdBRkU2N0ZDNEUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDTTkIQgnW4HOyRV6MLkrj8TeB1CpHBYALSf2SqOiMgtk7DnGlz 2B1AOk7qSuXM4GoRxtCX5neX/Qg1vvjjLb+r4IJ7U/iJ5KwKDq+NqY2gIOe/3SI1 K0IO8kwSKAt4doKlE+6M4ysQmfXuNUBIHqvid2H1eAqB3NJcCpne86t3c38WvQ8x Um0c69lYcbDLG1fAM/AKT33uxjrU63mxs+Qtsm7vTAh8HlU8puchUG7JBsJSNtUV gvVfWLvHTgZrTDqXEcK4awZMzr8e3A9qIHknXinMOZBK4tf/pQuxKbaAhawB+ghW GfnlnTPLpieg4TAvNPMWUvTAMyeYd7iIwRaHAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUAvn43BaBZTTez8dzXXC5ev5n/E4wHwYDVR0jBBgwFoAUZ7bHlviRA1kP8cyQ cd/kwN84/U0wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzM5 Ni9aN2JIbHZpUkExa1A4Y3lRY2Rfa3dOODRfVTAuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL1o3YkhsdmlSQTFrUDhjeVFjZF9rd044NF9VMC5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMzOTYvQXZuNDNCYUJaVFRl ejhkelhYQzVldjVuX0U0LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAozSADANBgkqhkiG9w0BAQsFAAOCAQEAIrRFR3ADhFzfekve5gAtyGL3jQcJ EE91a5UlT37StfC+l3sc7OjL1/uLxCIfOyIUnsF/ZYQzdjf13c3eDAxPi+W05cnz FklvHhZ448XHp8GKngV33hBabKgO4Otlzvo/11znMJ15gJyzMc2CBM3NIJSEOFAo OEUnJwGUlKkUZb1bQ9rhO3vsI6KV7RmIov/wMHNPz15JHVu8rzkoMHaUcj6YT+L/ Lg5aYFyjyGBb3c5OTzlSYjujM2XeOoaIqhRUZSnFBrK+85HOuvyNF8tbY2sMakv7 PL9Da88EeweIHm/zH/0rrgWroEYpFKCht0Xx74Py13OirFO/oOahFpS67Q== -----END CERTIFICATE-----Generated at Mon Jan 19 18:24:13 2026 by rpki-client