This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/52/Y8kgU48kiNGqzq2nK5O5WiksDSk.roa File: Y8kgU48kiNGqzq2nK5O5WiksDSk.roa (raw, json) Hash identifier: 07wZbAajdfbJQDwAmVTQXXjUMgif2AwVmPfdEekWRyA= Subject key identifier: 63:C9:20:53:8F:24:88:D1:AA:CE:AD:A7:2B:93:B9:5A:29:2C:0D:29 Certificate issuer: /CN=DA1DABECF1945DFF53B620E0B6C410E91E4471B1 Certificate serial: 0629 Authority key identifier: DA:1D:AB:EC:F1:94:5D:FF:53:B6:20:E0:B6:C4:10:E9:1E:44:71:B1 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2h2r7PGUXf9TtiDgtsQQ6R5EcbE.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/52/Y8kgU48kiNGqzq2nK5O5WiksDSk.roa Signing time: Thu 06 Nov 2025 02:54:52 +0000 ROA not before: Thu 06 Nov 2025 02:54:52 +0000 ROA not after: Fri 23 Oct 2026 03:01:03 +0000 asID: 9812 IP address blocks: 223.248.0.0/14 maxlen: 14 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/52/2h2r7PGUXf9TtiDgtsQQ6R5EcbE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/52/2h2r7PGUXf9TtiDgtsQQ6R5EcbE.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2h2r7PGUXf9TtiDgtsQQ6R5EcbE.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 05 Dec 2025 01:17:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1577 (0x629) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=DA1DABECF1945DFF53B620E0B6C410E91E4471B1 Validity Not Before: Nov 6 02:54:52 2025 GMT Not After : Oct 23 03:01:03 2026 GMT Subject: CN=63C920538F2488D1AACEADA72B93B95A292C0D29 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:47:29:19:51:86:49:42:25:b0:db:01:22:21: 6c:cd:7c:93:8f:84:e4:fa:97:59:1f:89:ac:21:bc: 9e:88:e8:0b:07:b3:22:c7:4b:eb:9f:d2:23:8f:64: f2:d5:7f:8b:ca:d3:2d:88:13:9c:df:5e:20:a5:5f: 09:a5:72:24:63:5e:ef:35:2a:56:87:db:08:4c:77: 86:20:9b:62:ba:90:82:eb:40:95:a1:a3:05:cd:42: ba:c8:16:13:57:b4:e5:e3:ea:ac:87:da:96:6e:67: a0:c1:2e:fd:db:3a:18:51:bb:78:f4:ec:a1:b9:df: 1f:40:7f:d0:36:2d:9d:0b:b2:8d:e5:b8:5c:89:78: a2:ee:31:e8:44:07:3d:a3:8c:34:d5:ed:f2:6c:98: fd:e4:df:51:10:87:f9:9b:e8:26:57:7b:bd:cc:76: 57:08:ed:0b:68:d2:9a:93:af:0e:d8:2b:11:bf:d3: 30:ce:17:5c:8e:e3:3c:a5:23:0e:a2:76:ff:2b:37: 4b:bf:5c:b3:00:c5:4d:9a:a6:13:40:ce:09:e4:cc: 32:9e:24:85:df:43:73:a3:4f:24:97:0e:d8:7a:ff: ba:b5:76:05:5f:7a:65:ba:74:dd:b2:b4:61:3c:2f: 4b:27:1c:25:56:9c:28:f3:70:a6:72:00:42:69:92: 89:17 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 63:C9:20:53:8F:24:88:D1:AA:CE:AD:A7:2B:93:B9:5A:29:2C:0D:29 X509v3 Authority Key Identifier: keyid:DA:1D:AB:EC:F1:94:5D:FF:53:B6:20:E0:B6:C4:10:E9:1E:44:71:B1 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/52/2h2r7PGUXf9TtiDgtsQQ6R5EcbE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2h2r7PGUXf9TtiDgtsQQ6R5EcbE.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/52/Y8kgU48kiNGqzq2nK5O5WiksDSk.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 223.248.0.0/14 Signature Algorithm: sha256WithRSAEncryption 37:99:b6:94:0f:a8:a8:5e:74:4c:2a:26:29:e3:35:65:07:5b: 8a:1c:17:c5:46:22:8c:b9:7e:62:4f:04:58:af:69:6b:d9:d5: de:86:26:29:20:96:73:61:1b:91:bb:0f:57:12:44:5f:65:ef: 3e:c4:3b:72:fa:9f:2c:8b:bb:76:89:44:80:36:20:a0:e1:42: 27:a4:a9:65:e7:47:03:39:9f:ff:d5:e7:60:f3:7c:01:c4:88: b0:37:22:c2:35:87:56:64:7c:aa:67:48:64:c7:d2:a2:fa:cc: 0f:67:f8:10:2f:b0:4d:e4:df:a2:c6:9e:01:02:dd:03:4a:74: 5c:e1:89:f5:13:fb:19:c1:ed:dd:c4:40:a3:56:e2:28:ea:ca: 23:a2:25:16:14:a9:2a:19:e0:93:42:bd:26:28:e1:b5:04:28: 1e:21:38:e2:9e:b1:4e:a1:f0:e3:52:6c:35:bb:8f:34:d3:9a: 2a:7f:df:20:91:47:bb:a0:9b:a9:af:ef:c0:ad:47:3a:ac:7b: d3:83:f0:75:70:90:75:d9:86:ff:10:c3:33:b1:ef:ab:af:b4: 37:9f:68:f1:57:ae:13:e5:00:94:97:92:40:4f:b2:29:07:b2: 98:b2:0b:f7:7e:72:ea:db:34:9f:f0:9e:26:b1:da:03:5d:36: d1:ca:ea:80 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgICBikwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoREEx REFCRUNGMTk0NURGRjUzQjYyMEUwQjZDNDEwRTkxRTQ0NzFCMTAeFw0yNTExMDYw MjU0NTJaFw0yNjEwMjMwMzAxMDNaMDMxMTAvBgNVBAMTKDYzQzkyMDUzOEYyNDg4 RDFBQUNFQURBNzJCOTNCOTVBMjkyQzBEMjkwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCnRykZUYZJQiWw2wEiIWzNfJOPhOT6l1kfiawhvJ6I6AsHsyLH S+uf0iOPZPLVf4vK0y2IE5zfXiClXwmlciRjXu81KlaH2whMd4Ygm2K6kILrQJWh owXNQrrIFhNXtOXj6qyH2pZuZ6DBLv3bOhhRu3j07KG53x9Af9A2LZ0Lso3luFyJ eKLuMehEBz2jjDTV7fJsmP3k31EQh/mb6CZXe73MdlcI7Qto0pqTrw7YKxG/0zDO F1yO4zylIw6idv8rN0u/XLMAxU2aphNAzgnkzDKeJIXfQ3OjTySXDth6/7q1dgVf emW6dN2ytGE8L0snHCVWnCjzcKZyAEJpkokXAgMBAAGjggHuMIIB6jAdBgNVHQ4E FgQUY8kgU48kiNGqzq2nK5O5WiksDSkwHwYDVR0jBBgwFoAU2h2r7PGUXf9TtiDg tsQQ6R5EcbEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTIv MmgycjdQR1VYZjlUdGlEZ3RzUVE2UjVFY2JFLmNybDBjBggrBgEFBQcBAQRXMFUw UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE MDAwMC8yaDJyN1BHVVhmOVR0aURndHNRUTZSNUVjYkUuY2VyMA4GA1UdDwEB/wQE AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC81Mi9ZOGtnVTQ4a2lOR3F6cTJu SzVPNVdpa3NEU2sucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMC 3/gwDQYJKoZIhvcNAQELBQADggEBADeZtpQPqKhedEwqJinjNWUHW4ocF8VGIoy5 fmJPBFivaWvZ1d6GJikglnNhG5G7D1cSRF9l7z7EO3L6nyyLu3aJRIA2IKDhQiek qWXnRwM5n//V52DzfAHEiLA3IsI1h1ZkfKpnSGTH0qL6zA9n+BAvsE3k36LGngEC 3QNKdFzhifUT+xnB7d3EQKNW4ijqyiOiJRYUqSoZ4JNCvSYo4bUEKB4hOOKesU6h 8ONSbDW7jzTTmip/3yCRR7ugm6mv78CtRzqse9OD8HVwkHXZhv8QwzOx76uvtDef aPFXrhPlAJSXkkBPsikHspiyC/d+curbNJ/wniax2gNdNtHK6oA= -----END CERTIFICATE-----Generated at Fri Dec 5 00:30:49 2025 by rpki-client