This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/620/CF2xtxE3DFMbEEivkGusBOHXgUs.roa File: CF2xtxE3DFMbEEivkGusBOHXgUs.roa (raw, json) Hash identifier: jDkKfGv9P7C/2xokEwoIm1zflm8uD3sPZE5h5GHKJbY= Subject key identifier: 08:5D:B1:B7:11:37:0C:53:1B:10:48:AF:90:6B:AC:04:E1:D7:81:4B Certificate issuer: /CN=309C2A943B28DC0858C39B9208A1609C0973E49A Certificate serial: 071C Authority key identifier: 30:9C:2A:94:3B:28:DC:08:58:C3:9B:92:08:A1:60:9C:09:73:E4:9A Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/MJwqlDso3AhYw5uSCKFgnAlz5Jo.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/620/CF2xtxE3DFMbEEivkGusBOHXgUs.roa Signing time: Tue 30 Dec 2025 01:40:12 +0000 ROA not before: Tue 30 Dec 2025 01:40:12 +0000 ROA not after: Fri 23 Oct 2026 03:01:03 +0000 asID: 24413 IP address blocks: 114.28.200.0/24 maxlen: 32 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/620/MJwqlDso3AhYw5uSCKFgnAlz5Jo.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/620/MJwqlDso3AhYw5uSCKFgnAlz5Jo.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/MJwqlDso3AhYw5uSCKFgnAlz5Jo.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 19 Jan 2026 16:27:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1820 (0x71c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=309C2A943B28DC0858C39B9208A1609C0973E49A Validity Not Before: Dec 30 01:40:12 2025 GMT Not After : Oct 23 03:01:03 2026 GMT Subject: CN=085DB1B711370C531B1048AF906BAC04E1D7814B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d4:8a:ce:d0:5e:3e:a4:fc:20:58:64:1e:26:63: 83:24:13:6b:68:ac:65:57:bc:fa:49:9e:eb:de:d4: 16:8f:5d:ad:32:61:74:fa:c2:73:90:e9:f1:82:54: 49:b7:88:f8:fa:e3:40:62:01:fb:25:66:08:16:e8: 87:b7:40:d2:24:a7:e2:cf:20:0b:97:b2:fb:a3:95: 9b:dd:00:6d:1d:6f:2a:7c:98:e6:03:27:49:85:3a: 09:c5:e9:8f:17:e7:c7:e6:c4:c2:74:52:86:1c:fc: c7:6c:40:7e:ef:6e:c6:74:f8:cb:66:4e:f5:51:49: 2d:20:1a:7d:c9:86:71:48:f6:0c:1b:83:01:e6:6e: 71:9c:15:b4:d7:cb:8b:61:3e:6c:39:b3:99:6a:8c: 0a:ae:ef:ba:80:7c:38:65:b4:c7:71:e3:d4:c2:e0: 65:3f:e6:e6:36:48:29:74:d7:b4:8b:a8:d3:e1:ef: 43:98:87:5d:63:75:95:12:28:70:6d:31:bd:f2:01: bc:f0:a9:05:3c:83:e2:9c:6e:a5:18:e6:ff:cd:1d: 25:e9:6a:4b:8e:d0:4d:d1:24:a2:a5:e9:fa:c3:2e: b9:1f:3f:39:11:56:ec:93:72:2b:0f:17:50:93:6a: ee:03:73:9c:e6:28:a6:0d:c1:10:2c:bf:39:ef:6b: 52:c1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 08:5D:B1:B7:11:37:0C:53:1B:10:48:AF:90:6B:AC:04:E1:D7:81:4B X509v3 Authority Key Identifier: keyid:30:9C:2A:94:3B:28:DC:08:58:C3:9B:92:08:A1:60:9C:09:73:E4:9A X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/620/MJwqlDso3AhYw5uSCKFgnAlz5Jo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/MJwqlDso3AhYw5uSCKFgnAlz5Jo.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/620/CF2xtxE3DFMbEEivkGusBOHXgUs.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 114.28.200.0/24 Signature Algorithm: sha256WithRSAEncryption 23:df:30:bf:e6:0f:e2:9e:ca:f5:7b:fc:4c:89:e4:4d:3a:6b: d8:f7:c9:98:31:89:cd:92:4c:f3:d8:4c:3a:51:ea:ed:45:e6: 13:93:51:96:8b:78:80:b7:61:d7:02:9b:73:1a:6b:83:fb:1b: 97:e0:b0:29:7a:54:35:41:01:65:2e:c1:a1:16:38:dc:15:75: 82:0a:ed:f6:89:81:fe:5b:6e:af:1d:ea:75:37:33:22:43:84: 6b:7f:09:46:8b:54:86:44:a4:fc:8d:23:82:61:a4:c4:ea:50: 60:bf:ba:32:5c:98:26:ac:e4:08:f8:d8:d0:63:e6:c0:0a:f6: d3:0d:1c:69:6c:6a:b7:f0:fb:a8:56:eb:e9:d5:58:2f:2a:41: 7a:be:44:69:3d:6b:00:18:f7:52:fe:4b:6b:c1:b6:5b:2b:26: 3c:8c:ac:b7:fa:3d:78:5e:c1:8b:d5:75:5d:67:f1:43:52:75: ba:a7:1d:b1:9d:1a:de:3a:00:c9:76:4e:fe:da:c1:e6:49:54: 3f:f2:18:67:b8:ad:fb:e7:a4:a1:49:5b:bc:f0:21:cb:76:dc: ab:21:97:8d:9f:25:e5:17:50:ac:48:b8:92:39:d2:d6:92:69: 01:de:5e:f4:93:02:6b:10:04:42:80:af:94:fb:46:ff:da:c8: fd:65:be:5b -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICBxwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzA5 QzJBOTQzQjI4REMwODU4QzM5QjkyMDhBMTYwOUMwOTczRTQ5QTAeFw0yNTEyMzAw MTQwMTJaFw0yNjEwMjMwMzAxMDNaMDMxMTAvBgNVBAMTKDA4NURCMUI3MTEzNzBD NTMxQjEwNDhBRjkwNkJBQzA0RTFENzgxNEIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDUis7QXj6k/CBYZB4mY4MkE2torGVXvPpJnuve1BaPXa0yYXT6 wnOQ6fGCVEm3iPj640BiAfslZggW6Ie3QNIkp+LPIAuXsvujlZvdAG0dbyp8mOYD J0mFOgnF6Y8X58fmxMJ0UoYc/MdsQH7vbsZ0+MtmTvVRSS0gGn3JhnFI9gwbgwHm bnGcFbTXy4thPmw5s5lqjAqu77qAfDhltMdx49TC4GU/5uY2SCl017SLqNPh70OY h11jdZUSKHBtMb3yAbzwqQU8g+KcbqUY5v/NHSXpakuO0E3RJKKl6frDLrkfPzkR VuyTcisPF1CTau4Dc5zmKKYNwRAsvznva1LBAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUCF2xtxE3DFMbEEivkGusBOHXgUswHwYDVR0jBBgwFoAUMJwqlDso3AhYw5uS CKFgnAlz5JowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjIw L01Kd3FsRHNvM0FoWXc1dVNDS0ZnbkFsejVKby5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvTUp3cWxEc28zQWhZdzV1U0NLRmduQWx6NUpvLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjIwL0NGMnh0eEUzREZNYkVF aXZrR3VzQk9IWGdVcy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAByHMgwDQYJKoZIhvcNAQELBQADggEBACPfML/mD+KeyvV7/EyJ5E06a9j3yZgx ic2STPPYTDpR6u1F5hOTUZaLeIC3YdcCm3Maa4P7G5fgsCl6VDVBAWUuwaEWONwV dYIK7faJgf5bbq8d6nU3MyJDhGt/CUaLVIZEpPyNI4JhpMTqUGC/ujJcmCas5Aj4 2NBj5sAK9tMNHGlsarfw+6hW6+nVWC8qQXq+RGk9awAY91L+S2vBtlsrJjyMrLf6 PXhewYvVdV1n8UNSdbqnHbGdGt46AMl2Tv7aweZJVD/yGGe4rfvnpKFJW7zwIct2 3Kshl42fJeUXUKxIuJI50taSaQHeXvSTAmsQBEKAr5T7Rv/ayP1lvls= -----END CERTIFICATE-----Generated at Mon Jan 19 14:37:21 2026 by rpki-client