This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/620/dHazAJqAIAQSBqCwcFeaQ37yMfM.roa File: dHazAJqAIAQSBqCwcFeaQ37yMfM.roa (raw, json) Hash identifier: bEGVe/82ByrTDM8kZVntlF9UnW9B/BtpGsiatr0O0To= Subject key identifier: 74:76:B3:00:9A:80:20:04:12:06:A0:B0:70:57:9A:43:7E:F2:31:F3 Certificate issuer: /CN=309C2A943B28DC0858C39B9208A1609C0973E49A Certificate serial: 0716 Authority key identifier: 30:9C:2A:94:3B:28:DC:08:58:C3:9B:92:08:A1:60:9C:09:73:E4:9A Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/MJwqlDso3AhYw5uSCKFgnAlz5Jo.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/620/dHazAJqAIAQSBqCwcFeaQ37yMfM.roa Signing time: Tue 30 Dec 2025 01:40:10 +0000 ROA not before: Tue 30 Dec 2025 01:40:10 +0000 ROA not after: Fri 23 Oct 2026 03:01:03 +0000 asID: 38340 IP address blocks: 114.28.253.0/24 maxlen: 32 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/620/MJwqlDso3AhYw5uSCKFgnAlz5Jo.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/620/MJwqlDso3AhYw5uSCKFgnAlz5Jo.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/MJwqlDso3AhYw5uSCKFgnAlz5Jo.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 19 Jan 2026 16:27:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1814 (0x716) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=309C2A943B28DC0858C39B9208A1609C0973E49A Validity Not Before: Dec 30 01:40:10 2025 GMT Not After : Oct 23 03:01:03 2026 GMT Subject: CN=7476B3009A8020041206A0B070579A437EF231F3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:7b:13:0b:9e:79:c5:dd:4a:6c:17:d7:dc:93: e2:cf:ce:75:2e:a9:21:91:dd:c1:99:2b:e5:5d:b6: 3a:66:0b:3f:16:28:47:42:83:64:5a:7a:3e:0c:82: f9:21:4d:71:bb:fd:dd:fd:e4:38:97:63:a6:8b:65: 96:11:0e:6c:98:ba:0b:0b:a0:09:7d:99:ce:cc:c3: d3:48:84:34:94:18:ae:0d:dd:ca:de:b1:5e:5a:4e: 53:d1:0a:98:22:15:d7:21:f5:dd:32:d6:1b:8a:01: 82:74:d0:71:93:10:78:cb:21:54:49:98:82:0c:37: 81:8d:4e:72:39:d1:19:77:b5:2d:70:11:a8:44:ea: a8:76:e5:51:a2:cc:f4:b6:f1:aa:21:c7:ae:42:85: b1:70:64:ce:d5:72:c4:8c:b2:59:4c:51:c7:66:28: ef:6c:5f:bd:61:ef:82:ba:83:86:7c:c0:1e:69:8c: 90:f2:32:b5:bb:0f:77:85:a9:7e:cd:fd:ca:2d:30: 63:21:cd:64:b4:80:80:89:43:2a:25:87:40:42:3f: 14:45:14:92:fe:b6:8d:03:94:13:92:49:ca:4b:d0: 49:19:e2:91:94:82:db:bd:59:8b:12:10:28:1d:ff: 8c:b9:c7:cd:30:62:0d:c5:13:1a:d1:cd:a8:d5:00: e0:73 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 74:76:B3:00:9A:80:20:04:12:06:A0:B0:70:57:9A:43:7E:F2:31:F3 X509v3 Authority Key Identifier: keyid:30:9C:2A:94:3B:28:DC:08:58:C3:9B:92:08:A1:60:9C:09:73:E4:9A X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/620/MJwqlDso3AhYw5uSCKFgnAlz5Jo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/MJwqlDso3AhYw5uSCKFgnAlz5Jo.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/620/dHazAJqAIAQSBqCwcFeaQ37yMfM.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 114.28.253.0/24 Signature Algorithm: sha256WithRSAEncryption 7b:58:cb:f1:09:fc:61:ff:ba:13:b2:64:c7:20:c3:ba:b8:4f: 2e:77:4e:7a:de:3e:75:3e:0e:1b:bd:74:73:43:d7:83:bc:28: 50:91:63:d4:01:15:71:56:2f:7a:11:32:41:f1:3d:e7:36:68: d8:d6:20:40:5c:db:e9:7c:b4:3f:5d:f0:04:bd:31:c9:5f:a6: 77:34:f3:82:f4:e2:15:5a:25:e1:23:76:7e:20:d6:f2:a2:e4: e2:56:41:4a:7a:30:8b:f8:20:77:30:d2:09:e8:05:77:2d:90: 79:f1:11:b8:20:9d:3b:a7:ba:52:82:79:18:27:f2:5f:7b:52: 82:e9:84:7a:e8:96:57:e3:75:c0:84:17:5d:a7:9d:e8:42:7d: e3:3f:19:d2:80:a6:02:3a:cc:b3:91:03:53:a0:66:3c:3c:ba: 39:0a:d2:c2:20:f9:9e:03:f9:e0:46:53:c2:e5:8b:63:f9:c0: 5d:58:36:2a:da:35:22:a2:21:4b:ac:72:16:f7:92:9f:22:09: 1c:53:43:02:0b:20:65:f5:7c:00:61:32:d7:31:ee:26:09:17: 57:4b:23:87:97:58:67:13:9e:d2:7a:33:4e:d0:41:a4:24:da: d2:78:af:9b:34:0d:27:4a:4a:79:40:dd:be:61:b1:ef:e5:97: d2:ce:35:13 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICBxYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzA5 QzJBOTQzQjI4REMwODU4QzM5QjkyMDhBMTYwOUMwOTczRTQ5QTAeFw0yNTEyMzAw MTQwMTBaFw0yNjEwMjMwMzAxMDNaMDMxMTAvBgNVBAMTKDc0NzZCMzAwOUE4MDIw MDQxMjA2QTBCMDcwNTc5QTQzN0VGMjMxRjMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCzexMLnnnF3UpsF9fck+LPznUuqSGR3cGZK+VdtjpmCz8WKEdC g2Raej4MgvkhTXG7/d395DiXY6aLZZYRDmyYugsLoAl9mc7Mw9NIhDSUGK4N3cre sV5aTlPRCpgiFdch9d0y1huKAYJ00HGTEHjLIVRJmIIMN4GNTnI50Rl3tS1wEahE 6qh25VGizPS28aohx65ChbFwZM7VcsSMsllMUcdmKO9sX71h74K6g4Z8wB5pjJDy MrW7D3eFqX7N/cotMGMhzWS0gICJQyolh0BCPxRFFJL+to0DlBOSScpL0EkZ4pGU gtu9WYsSECgd/4y5x80wYg3FExrRzajVAOBzAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUdHazAJqAIAQSBqCwcFeaQ37yMfMwHwYDVR0jBBgwFoAUMJwqlDso3AhYw5uS CKFgnAlz5JowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjIw L01Kd3FsRHNvM0FoWXc1dVNDS0ZnbkFsejVKby5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvTUp3cWxEc28zQWhZdzV1U0NLRmduQWx6NUpvLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjIwL2RIYXpBSnFBSUFRU0Jx Q3djRmVhUTM3eU1mTS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAByHP0wDQYJKoZIhvcNAQELBQADggEBAHtYy/EJ/GH/uhOyZMcgw7q4Ty53Tnre PnU+Dhu9dHND14O8KFCRY9QBFXFWL3oRMkHxPec2aNjWIEBc2+l8tD9d8AS9Mclf pnc084L04hVaJeEjdn4g1vKi5OJWQUp6MIv4IHcw0gnoBXctkHnxEbggnTunulKC eRgn8l97UoLphHrollfjdcCEF12nnehCfeM/GdKApgI6zLORA1OgZjw8ujkK0sIg +Z4D+eBGU8Lli2P5wF1YNiraNSKiIUuschb3kp8iCRxTQwILIGX1fABhMtcx7iYJ F1dLI4eXWGcTntJ6M07QQaQk2tJ4r5s0DSdKSnlA3b5hse/ll9LONRM= -----END CERTIFICATE-----Generated at Mon Jan 19 14:37:35 2026 by rpki-client