This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/620/Ipsai1_qBHxnvBwz89wZRTHbbr4.roa File: Ipsai1_qBHxnvBwz89wZRTHbbr4.roa (raw, json) Hash identifier: yMWST7Owb8MBd4H/L9eEjMUFBy6N0wQYxSq3wD5JZ/o= Subject key identifier: 22:9B:1A:8B:5F:EA:04:7C:67:BC:1C:33:F3:DC:19:45:31:DB:6E:BE Certificate issuer: /CN=309C2A943B28DC0858C39B9208A1609C0973E49A Certificate serial: 0719 Authority key identifier: 30:9C:2A:94:3B:28:DC:08:58:C3:9B:92:08:A1:60:9C:09:73:E4:9A Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/MJwqlDso3AhYw5uSCKFgnAlz5Jo.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/620/Ipsai1_qBHxnvBwz89wZRTHbbr4.roa Signing time: Tue 30 Dec 2025 01:40:10 +0000 ROA not before: Tue 30 Dec 2025 01:40:10 +0000 ROA not after: Fri 23 Oct 2026 03:01:03 +0000 asID: 142132 IP address blocks: 114.28.233.0/24 maxlen: 32 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/620/MJwqlDso3AhYw5uSCKFgnAlz5Jo.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/620/MJwqlDso3AhYw5uSCKFgnAlz5Jo.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/MJwqlDso3AhYw5uSCKFgnAlz5Jo.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 19 Jan 2026 11:28:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1817 (0x719) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=309C2A943B28DC0858C39B9208A1609C0973E49A Validity Not Before: Dec 30 01:40:10 2025 GMT Not After : Oct 23 03:01:03 2026 GMT Subject: CN=229B1A8B5FEA047C67BC1C33F3DC194531DB6EBE Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:05:87:f2:41:1f:06:93:52:7d:b7:af:d5:8f: 00:28:bc:9d:9e:07:8d:56:16:fd:74:65:6a:4d:b9: e3:8c:10:85:44:e5:18:d4:c4:1f:dc:79:a1:77:14: 62:82:fa:4c:1e:4c:9c:65:4f:08:be:00:78:9a:f4: 73:2a:47:b0:80:12:32:64:ab:cb:ea:5c:cc:60:30: 8c:49:f9:15:b3:8c:21:95:ab:70:f2:44:08:82:b3: fa:5a:13:35:3b:60:b7:ae:36:82:cd:86:f5:17:8a: 31:05:30:8b:17:c5:47:1c:94:96:40:cc:42:4a:04: 94:50:03:2e:ae:7b:a6:5a:e5:01:13:86:91:1e:f9: af:1f:38:28:7b:ae:6c:cf:bd:05:60:4b:ce:90:6c: 11:18:b5:ce:4a:86:5b:f4:35:e7:51:d0:13:f8:0a: c5:db:3d:1e:5d:4a:7d:df:8d:58:46:21:26:79:08: 16:5a:a3:0f:aa:cc:ea:ac:83:ab:7e:2d:78:2b:14: 88:40:e8:52:6a:4c:1a:06:7d:dd:b7:40:ac:8f:28: 7b:cb:05:a9:fd:e5:e3:74:2a:53:aa:d1:9e:d3:5b: 23:7b:d8:61:c9:03:71:65:24:da:ff:e9:a1:7f:6c: c9:d6:47:61:f0:03:8b:00:36:a5:61:82:9e:e2:16: 90:0f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 22:9B:1A:8B:5F:EA:04:7C:67:BC:1C:33:F3:DC:19:45:31:DB:6E:BE X509v3 Authority Key Identifier: keyid:30:9C:2A:94:3B:28:DC:08:58:C3:9B:92:08:A1:60:9C:09:73:E4:9A X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/620/MJwqlDso3AhYw5uSCKFgnAlz5Jo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/MJwqlDso3AhYw5uSCKFgnAlz5Jo.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/620/Ipsai1_qBHxnvBwz89wZRTHbbr4.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 114.28.233.0/24 Signature Algorithm: sha256WithRSAEncryption 1e:8d:0d:b2:05:60:e6:c1:67:81:2e:59:14:bb:21:92:18:2c: 68:a4:30:b0:46:83:35:7d:42:95:a0:02:e6:e1:d1:d8:e8:e4: 70:02:ce:26:3e:e7:b8:51:2a:21:ba:fd:94:60:ef:6f:24:9e: ec:37:e3:e7:1d:55:05:51:80:c0:f5:e4:86:80:62:5e:14:70: a2:d2:d1:ac:cf:f8:0a:bd:e1:62:7f:57:98:03:b4:19:d3:8a: 7c:14:18:a8:51:0f:d5:b0:d5:51:d1:a9:56:d2:4c:93:a3:fc: 03:f7:d9:86:dd:e6:23:6f:ff:2f:26:f1:61:dc:b4:ea:87:24: 67:50:75:20:57:d8:d9:95:70:d3:8c:cf:77:36:c6:76:d9:a5: 30:0e:59:0f:49:81:56:f3:53:63:59:2a:39:9a:52:e2:11:b8: 0d:73:68:b5:fc:00:45:aa:2f:71:21:b8:cc:1e:2b:46:f3:ea: d4:bc:5f:ed:9a:6e:e8:8b:69:0e:57:c9:e0:c7:2c:6c:dd:ac: 19:6a:93:5a:a6:19:9f:fa:e9:9b:a0:2c:ba:b0:47:88:89:9a: e1:b7:18:2e:8e:5c:5b:ca:d9:4a:4a:e5:82:49:b9:a4:49:23: 87:b7:46:aa:a1:de:83:06:4c:c2:1b:60:b4:4a:01:d3:84:b8: f4:02:be:90 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICBxkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzA5 QzJBOTQzQjI4REMwODU4QzM5QjkyMDhBMTYwOUMwOTczRTQ5QTAeFw0yNTEyMzAw MTQwMTBaFw0yNjEwMjMwMzAxMDNaMDMxMTAvBgNVBAMTKDIyOUIxQThCNUZFQTA0 N0M2N0JDMUMzM0YzREMxOTQ1MzFEQjZFQkUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC5BYfyQR8Gk1J9t6/VjwAovJ2eB41WFv10ZWpNueOMEIVE5RjU xB/ceaF3FGKC+kweTJxlTwi+AHia9HMqR7CAEjJkq8vqXMxgMIxJ+RWzjCGVq3Dy RAiCs/paEzU7YLeuNoLNhvUXijEFMIsXxUcclJZAzEJKBJRQAy6ue6Za5QEThpEe +a8fOCh7rmzPvQVgS86QbBEYtc5Khlv0NedR0BP4CsXbPR5dSn3fjVhGISZ5CBZa ow+qzOqsg6t+LXgrFIhA6FJqTBoGfd23QKyPKHvLBan95eN0KlOq0Z7TWyN72GHJ A3FlJNr/6aF/bMnWR2HwA4sANqVhgp7iFpAPAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUIpsai1/qBHxnvBwz89wZRTHbbr4wHwYDVR0jBBgwFoAUMJwqlDso3AhYw5uS CKFgnAlz5JowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjIw L01Kd3FsRHNvM0FoWXc1dVNDS0ZnbkFsejVKby5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvTUp3cWxEc28zQWhZdzV1U0NLRmduQWx6NUpvLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjIwL0lwc2FpMV9xQkh4bnZC d3o4OXdaUlRIYmJyNC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAByHOkwDQYJKoZIhvcNAQELBQADggEBAB6NDbIFYObBZ4EuWRS7IZIYLGikMLBG gzV9QpWgAubh0djo5HACziY+57hRKiG6/ZRg728knuw34+cdVQVRgMD15IaAYl4U cKLS0azP+Aq94WJ/V5gDtBnTinwUGKhRD9Ww1VHRqVbSTJOj/AP32Ybd5iNv/y8m 8WHctOqHJGdQdSBX2NmVcNOMz3c2xnbZpTAOWQ9JgVbzU2NZKjmaUuIRuA1zaLX8 AEWqL3EhuMweK0bz6tS8X+2abuiLaQ5XyeDHLGzdrBlqk1qmGZ/66ZugLLqwR4iJ muG3GC6OXFvK2UpK5YJJuaRJI4e3Rqqh3oMGTMIbYLRKAdOEuPQCvpA= -----END CERTIFICATE-----Generated at Mon Jan 19 11:22:33 2026 by rpki-client