This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/52/4h8nPy8hJOHOAa-6OIJFbGy0Y3s.roa File: 4h8nPy8hJOHOAa-6OIJFbGy0Y3s.roa (raw, json) Hash identifier: DB7h2YUI+Oio0qI5Nqa3BL07cl+qYyI5JCXOvTAAIKA= Subject key identifier: E2:1F:27:3F:2F:21:24:E1:CE:01:AF:BA:38:82:45:6C:6C:B4:63:7B Certificate issuer: /CN=DA1DABECF1945DFF53B620E0B6C410E91E4471B1 Certificate serial: 0619 Authority key identifier: DA:1D:AB:EC:F1:94:5D:FF:53:B6:20:E0:B6:C4:10:E9:1E:44:71:B1 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2h2r7PGUXf9TtiDgtsQQ6R5EcbE.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/52/4h8nPy8hJOHOAa-6OIJFbGy0Y3s.roa Signing time: Thu 06 Nov 2025 02:43:29 +0000 ROA not before: Thu 06 Nov 2025 02:43:29 +0000 ROA not after: Fri 23 Oct 2026 03:01:03 +0000 asID: 9812 IP address blocks: 58.24.0.0/15 maxlen: 15 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/52/2h2r7PGUXf9TtiDgtsQQ6R5EcbE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/52/2h2r7PGUXf9TtiDgtsQQ6R5EcbE.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2h2r7PGUXf9TtiDgtsQQ6R5EcbE.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 05 Dec 2025 01:17:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1561 (0x619) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=DA1DABECF1945DFF53B620E0B6C410E91E4471B1 Validity Not Before: Nov 6 02:43:29 2025 GMT Not After : Oct 23 03:01:03 2026 GMT Subject: CN=E21F273F2F2124E1CE01AFBA3882456C6CB4637B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9d:22:e5:cd:60:fc:b7:27:f0:85:62:2e:d8:05: 95:55:4f:22:a3:71:f3:88:2f:09:da:e7:41:7a:09: de:fc:81:fe:25:cb:f0:22:76:66:ca:f4:b2:7e:90: 84:eb:c0:a0:36:43:18:a4:c6:b1:ff:59:8c:d9:0a: 10:a5:be:8e:0c:24:a2:da:32:b9:3d:c3:a8:35:70: d9:36:e4:b0:fd:79:d3:2b:97:a2:fd:86:11:b8:da: df:0c:40:09:43:d9:a1:f5:47:90:97:b0:e4:3e:ac: 00:29:9d:85:1a:63:df:20:8f:e3:73:60:b2:f7:14: 76:41:a7:18:d0:23:45:0b:50:8d:19:46:44:02:72: 9f:1d:ae:37:4f:5c:11:f6:15:d7:36:23:50:a8:30: bc:a5:b3:79:b8:59:a8:17:46:0f:b6:db:0e:03:5f: cc:87:e8:bd:ae:85:3f:a1:fd:7b:a5:d9:10:52:08: c9:a9:d3:f1:c2:2d:fb:3f:fe:8a:2b:72:ee:1f:b2: 63:cf:a9:ee:69:90:1c:45:86:d2:be:d2:9e:de:b1: f6:4d:e4:19:3c:fe:c4:e2:87:72:7b:45:59:54:e3: b3:94:88:ef:2f:ba:19:a3:fe:a0:6e:d5:09:17:a4: 4b:63:df:5a:ee:36:be:7d:bf:16:2c:2b:8e:8d:fe: 6f:c3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E2:1F:27:3F:2F:21:24:E1:CE:01:AF:BA:38:82:45:6C:6C:B4:63:7B X509v3 Authority Key Identifier: keyid:DA:1D:AB:EC:F1:94:5D:FF:53:B6:20:E0:B6:C4:10:E9:1E:44:71:B1 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/52/2h2r7PGUXf9TtiDgtsQQ6R5EcbE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2h2r7PGUXf9TtiDgtsQQ6R5EcbE.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/52/4h8nPy8hJOHOAa-6OIJFbGy0Y3s.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 58.24.0.0/15 Signature Algorithm: sha256WithRSAEncryption a8:57:05:73:03:09:c0:e9:66:b5:6a:de:e1:d6:78:9e:79:12: eb:dd:f9:ef:4b:3a:fd:51:d7:f5:d9:65:b4:99:19:6d:f5:e7: 0b:ad:a9:79:09:de:49:fa:1c:a9:0e:26:53:e9:3e:ac:95:c3: 82:e4:fc:60:b4:73:03:dd:85:52:22:cf:33:e0:81:44:ce:dd: af:1b:62:84:ed:d5:b3:c6:3a:18:68:2a:77:1d:81:e2:0d:55: 04:e8:0b:c2:33:f9:a0:81:a9:a0:5a:d7:74:f2:9d:ef:c3:54: 83:50:34:eb:ec:ac:a1:47:6f:fc:d7:ff:73:9d:84:53:86:db: 0a:89:09:8a:52:4d:eb:0b:97:45:1d:43:0d:a0:d5:6b:0c:0d: 3b:0d:4e:3d:a5:88:b1:1b:f2:b8:bb:dd:ec:7e:22:8c:5d:4e: 28:3c:e0:b7:8f:28:b2:82:b5:85:e5:73:42:11:fd:d9:5e:55: 7a:9a:f7:da:52:dc:c9:e4:b9:c9:4e:ec:77:dc:97:06:1e:20: dd:00:66:cc:2f:72:c9:d8:f1:88:21:14:44:28:12:d2:05:e7: 6b:9d:c1:35:6d:9d:9c:7d:f7:0c:e1:c0:cb:04:63:35:78:57: 74:e4:bc:be:a3:6e:9f:b8:f2:6a:2b:f2:9a:35:c7:0e:7a:a9: 3c:7a:e5:9e -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgICBhkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoREEx REFCRUNGMTk0NURGRjUzQjYyMEUwQjZDNDEwRTkxRTQ0NzFCMTAeFw0yNTExMDYw MjQzMjlaFw0yNjEwMjMwMzAxMDNaMDMxMTAvBgNVBAMTKEUyMUYyNzNGMkYyMTI0 RTFDRTAxQUZCQTM4ODI0NTZDNkNCNDYzN0IwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCdIuXNYPy3J/CFYi7YBZVVTyKjcfOILwna50F6Cd78gf4ly/Ai dmbK9LJ+kITrwKA2QxikxrH/WYzZChClvo4MJKLaMrk9w6g1cNk25LD9edMrl6L9 hhG42t8MQAlD2aH1R5CXsOQ+rAApnYUaY98gj+NzYLL3FHZBpxjQI0ULUI0ZRkQC cp8drjdPXBH2Fdc2I1CoMLyls3m4WagXRg+22w4DX8yH6L2uhT+h/Xul2RBSCMmp 0/HCLfs//oorcu4fsmPPqe5pkBxFhtK+0p7esfZN5Bk8/sTih3J7RVlU47OUiO8v uhmj/qBu1QkXpEtj31ruNr59vxYsK46N/m/DAgMBAAGjggHuMIIB6jAdBgNVHQ4E FgQU4h8nPy8hJOHOAa+6OIJFbGy0Y3swHwYDVR0jBBgwFoAU2h2r7PGUXf9TtiDg tsQQ6R5EcbEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTIv MmgycjdQR1VYZjlUdGlEZ3RzUVE2UjVFY2JFLmNybDBjBggrBgEFBQcBAQRXMFUw UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE MDAwMC8yaDJyN1BHVVhmOVR0aURndHNRUTZSNUVjYkUuY2VyMA4GA1UdDwEB/wQE AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC81Mi80aDhuUHk4aEpPSE9BYS02 T0lKRmJHeTBZM3Mucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMB OhgwDQYJKoZIhvcNAQELBQADggEBAKhXBXMDCcDpZrVq3uHWeJ55Euvd+e9LOv1R 1/XZZbSZGW315wutqXkJ3kn6HKkOJlPpPqyVw4Lk/GC0cwPdhVIizzPggUTO3a8b YoTt1bPGOhhoKncdgeINVQToC8Iz+aCBqaBa13Tyne/DVINQNOvsrKFHb/zX/3Od hFOG2wqJCYpSTesLl0UdQw2g1WsMDTsNTj2liLEb8ri73ex+IoxdTig84LePKLKC tYXlc0IR/dleVXqa99pS3MnkuclO7HfclwYeIN0AZswvcsnY8YghFEQoEtIF52ud wTVtnZx99wzhwMsEYzV4V3TkvL6jbp+48mor8po1xw56qTx65Z4= -----END CERTIFICATE-----Generated at Fri Dec 5 00:30:36 2025 by rpki-client