This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/620/tt0DAygmgURvac7uzJRRCYzeLMc.roa File: tt0DAygmgURvac7uzJRRCYzeLMc.roa (raw, json) Hash identifier: R9TelUq5Kr5Ti8fNbGIQGm1bDgSgTe1U8bb925M6eCo= Subject key identifier: B6:DD:03:03:28:26:81:44:6F:69:CE:EE:CC:94:51:09:8C:DE:2C:C7 Certificate issuer: /CN=309C2A943B28DC0858C39B9208A1609C0973E49A Certificate serial: 0718 Authority key identifier: 30:9C:2A:94:3B:28:DC:08:58:C3:9B:92:08:A1:60:9C:09:73:E4:9A Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/MJwqlDso3AhYw5uSCKFgnAlz5Jo.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/620/tt0DAygmgURvac7uzJRRCYzeLMc.roa Signing time: Tue 30 Dec 2025 01:40:10 +0000 ROA not before: Tue 30 Dec 2025 01:40:10 +0000 ROA not after: Fri 23 Oct 2026 03:01:03 +0000 asID: 142132 IP address blocks: 114.28.196.0/24 maxlen: 32 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/620/MJwqlDso3AhYw5uSCKFgnAlz5Jo.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/620/MJwqlDso3AhYw5uSCKFgnAlz5Jo.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/MJwqlDso3AhYw5uSCKFgnAlz5Jo.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 19 Jan 2026 11:28:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1816 (0x718) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=309C2A943B28DC0858C39B9208A1609C0973E49A Validity Not Before: Dec 30 01:40:10 2025 GMT Not After : Oct 23 03:01:03 2026 GMT Subject: CN=B6DD0303282681446F69CEEECC9451098CDE2CC7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ef:b8:d2:76:ee:e8:87:d9:60:f3:72:75:40:f4: ce:2e:06:54:6a:c5:97:ad:72:16:cb:b0:b4:3c:9b: 35:3e:e4:8c:ef:dd:8d:df:0b:68:e4:e9:ed:3e:61: 09:f8:ec:86:36:3d:08:32:0b:56:73:a0:bc:f7:01: 75:35:c7:0f:86:96:73:c1:24:1a:ae:43:3b:23:1d: 76:b7:98:d6:60:21:cd:71:4f:7f:9a:99:ad:44:cd: e1:49:20:5b:35:3d:6a:78:6a:d1:84:0b:f4:f0:22: e1:f4:72:48:d1:7f:c6:1c:7c:ea:85:2f:4b:8b:ce: 43:14:bd:5b:83:47:1f:ea:db:08:fa:c6:74:b4:81: 86:65:97:0f:70:2b:da:a7:d9:f6:6d:d0:c4:33:63: 11:40:e9:cb:a6:71:6f:fa:f9:b4:ac:fe:8d:0a:22: 25:11:74:fc:3d:f4:98:e0:45:19:fb:3a:c0:6f:91: 8b:77:c2:09:bb:1e:22:a0:49:57:9b:ae:27:5c:05: 86:a0:73:fc:36:6b:13:c3:00:7d:7f:2c:82:95:cc: a7:f1:b9:f5:04:8e:ec:0f:3f:48:db:a1:ec:2b:6c: b0:85:89:3d:21:6e:b7:85:bd:3b:30:ca:bd:43:5b: 47:c5:2d:f4:20:da:8d:67:01:9c:70:71:6b:29:8f: b1:e7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B6:DD:03:03:28:26:81:44:6F:69:CE:EE:CC:94:51:09:8C:DE:2C:C7 X509v3 Authority Key Identifier: keyid:30:9C:2A:94:3B:28:DC:08:58:C3:9B:92:08:A1:60:9C:09:73:E4:9A X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/620/MJwqlDso3AhYw5uSCKFgnAlz5Jo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/MJwqlDso3AhYw5uSCKFgnAlz5Jo.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/620/tt0DAygmgURvac7uzJRRCYzeLMc.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 114.28.196.0/24 Signature Algorithm: sha256WithRSAEncryption 82:68:60:b2:43:7e:17:d3:4b:ae:c0:48:34:5e:62:21:74:e4: 7b:69:fd:1a:e4:8b:5d:11:5b:df:f1:2f:10:15:9a:6c:1c:59: e2:b5:2d:23:8c:35:a3:a9:e8:0a:dd:d7:31:87:fe:aa:61:ea: 9e:cd:17:b9:f1:86:eb:4f:cf:2d:20:d3:5c:c6:04:bf:53:9a: c0:9c:78:a8:11:2c:3f:7d:6c:83:e0:55:2c:6b:d8:bb:dc:ae: e3:34:54:cd:30:d8:5e:4f:07:a6:7f:e5:85:03:d6:a8:b2:34: 77:2c:6d:f5:04:bc:87:b3:b4:42:18:0f:4d:21:0c:a7:25:40: 55:9b:48:b3:aa:2d:71:ea:d3:08:51:99:70:47:19:06:86:62: 15:39:0d:bb:18:89:1f:30:73:a8:6e:a8:f0:99:d8:6a:bd:cc: 22:24:03:1e:c5:85:90:40:fb:65:d5:4d:ed:4c:55:38:72:54: 33:8d:aa:6d:22:9d:8e:69:31:10:a1:64:b3:b0:92:6f:e2:a2: 92:23:8e:ff:40:8e:0a:c5:7a:79:40:4d:ed:59:5c:c5:b1:28: a1:26:2c:dd:02:b5:e2:b4:bf:02:39:2a:2d:2c:8e:48:f8:84: ee:7a:32:5d:f6:1c:bf:f7:18:f3:97:79:09:d6:7f:57:13:dd: 40:43:a2:e2 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICBxgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzA5 QzJBOTQzQjI4REMwODU4QzM5QjkyMDhBMTYwOUMwOTczRTQ5QTAeFw0yNTEyMzAw MTQwMTBaFw0yNjEwMjMwMzAxMDNaMDMxMTAvBgNVBAMTKEI2REQwMzAzMjgyNjgx NDQ2RjY5Q0VFRUNDOTQ1MTA5OENERTJDQzcwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDvuNJ27uiH2WDzcnVA9M4uBlRqxZetchbLsLQ8mzU+5Izv3Y3f C2jk6e0+YQn47IY2PQgyC1ZzoLz3AXU1xw+GlnPBJBquQzsjHXa3mNZgIc1xT3+a ma1EzeFJIFs1PWp4atGEC/TwIuH0ckjRf8YcfOqFL0uLzkMUvVuDRx/q2wj6xnS0 gYZllw9wK9qn2fZt0MQzYxFA6cumcW/6+bSs/o0KIiURdPw99JjgRRn7OsBvkYt3 wgm7HiKgSVebridcBYagc/w2axPDAH1/LIKVzKfxufUEjuwPP0jboewrbLCFiT0h breFvTswyr1DW0fFLfQg2o1nAZxwcWspj7HnAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUtt0DAygmgURvac7uzJRRCYzeLMcwHwYDVR0jBBgwFoAUMJwqlDso3AhYw5uS CKFgnAlz5JowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjIw L01Kd3FsRHNvM0FoWXc1dVNDS0ZnbkFsejVKby5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvTUp3cWxEc28zQWhZdzV1U0NLRmduQWx6NUpvLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjIwL3R0MERBeWdtZ1VSdmFj N3V6SlJSQ1l6ZUxNYy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAByHMQwDQYJKoZIhvcNAQELBQADggEBAIJoYLJDfhfTS67ASDReYiF05Htp/Rrk i10RW9/xLxAVmmwcWeK1LSOMNaOp6Ard1zGH/qph6p7NF7nxhutPzy0g01zGBL9T msCceKgRLD99bIPgVSxr2LvcruM0VM0w2F5PB6Z/5YUD1qiyNHcsbfUEvIeztEIY D00hDKclQFWbSLOqLXHq0whRmXBHGQaGYhU5DbsYiR8wc6huqPCZ2Gq9zCIkAx7F hZBA+2XVTe1MVThyVDONqm0inY5pMRChZLOwkm/iopIjjv9AjgrFenlATe1ZXMWx KKEmLN0CteK0vwI5Ki0sjkj4hO56Ml32HL/3GPOXeQnWf1cT3UBDouI= -----END CERTIFICATE-----Generated at Mon Jan 19 11:22:34 2026 by rpki-client