This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/623/IXDo4JZCUGfUj4shTbDs1sNYMkc.roa File: IXDo4JZCUGfUj4shTbDs1sNYMkc.roa (raw, json) Hash identifier: uQb2DTXbdmaq55U4JJBRwn1Egjjnk0HLDUzL2iq0N7M= Subject key identifier: 21:70:E8:E0:96:42:50:67:D4:8F:8B:21:4D:B0:EC:D6:C3:58:32:47 Certificate issuer: /CN=DEBFC900EDC34F81DA4827F1F9F63D04E0E2F756 Certificate serial: 0B00 Authority key identifier: DE:BF:C9:00:ED:C3:4F:81:DA:48:27:F1:F9:F6:3D:04:E0:E2:F7:56 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3r_JAO3DT4HaSCfx-fY9BODi91Y.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/623/IXDo4JZCUGfUj4shTbDs1sNYMkc.roa Signing time: Mon 27 Oct 2025 02:31:39 +0000 ROA not before: Mon 27 Oct 2025 02:31:39 +0000 ROA not after: Fri 23 Oct 2026 03:01:03 +0000 asID: 58834 IP address blocks: 119.2.192.0/18 maxlen: 18 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/623/3r_JAO3DT4HaSCfx-fY9BODi91Y.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/623/3r_JAO3DT4HaSCfx-fY9BODi91Y.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3r_JAO3DT4HaSCfx-fY9BODi91Y.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 05 Dec 2025 01:17:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2816 (0xb00) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=DEBFC900EDC34F81DA4827F1F9F63D04E0E2F756 Validity Not Before: Oct 27 02:31:39 2025 GMT Not After : Oct 23 03:01:03 2026 GMT Subject: CN=2170E8E096425067D48F8B214DB0ECD6C3583247 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9c:8a:08:d4:33:45:9f:37:93:19:ab:28:1b:58: 49:cf:f2:73:35:42:ed:2a:06:78:31:54:5a:c0:e7: 6e:87:30:ee:70:de:b1:02:8a:1d:f5:46:c1:78:4b: 4c:1e:0a:bd:6e:cd:91:86:ba:2e:e2:44:d1:85:b1: d7:05:1b:d7:63:42:80:c6:a7:d2:b7:94:93:2e:e0: 86:25:31:ea:c4:db:82:62:e7:3a:62:dc:34:1a:9e: e8:d3:6b:f6:b5:25:96:e9:8e:7b:b4:0a:35:2c:ff: c3:2a:56:78:67:6c:f5:9c:c7:05:51:c2:f4:c6:9d: cb:d9:97:c4:6e:75:79:b3:61:1e:fd:0f:77:6a:c8: b2:46:7a:f4:ff:bd:ad:f7:48:21:2b:c0:8e:40:1f: bb:1f:51:42:02:61:eb:e8:10:e7:8f:c7:29:4e:68: f3:de:98:b9:99:eb:58:d5:85:c2:58:42:ca:b1:47: ce:1e:56:0f:d0:5d:04:bd:d3:f6:00:1e:c8:27:78: 40:3f:b5:dd:9d:92:d9:23:cc:b1:57:32:68:b6:c6: e0:03:86:18:15:a4:84:b7:44:28:a5:37:f5:ce:c6: c0:c5:45:e7:b7:fe:11:0f:bb:5c:a3:6c:ee:7c:d1: 8c:77:19:3a:3c:c9:d9:0f:02:de:d0:72:7c:56:a6: 06:27 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 21:70:E8:E0:96:42:50:67:D4:8F:8B:21:4D:B0:EC:D6:C3:58:32:47 X509v3 Authority Key Identifier: keyid:DE:BF:C9:00:ED:C3:4F:81:DA:48:27:F1:F9:F6:3D:04:E0:E2:F7:56 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/623/3r_JAO3DT4HaSCfx-fY9BODi91Y.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3r_JAO3DT4HaSCfx-fY9BODi91Y.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/623/IXDo4JZCUGfUj4shTbDs1sNYMkc.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 119.2.192.0/18 Signature Algorithm: sha256WithRSAEncryption 33:b9:0f:18:63:3b:65:e2:e4:ef:3d:e7:df:75:c8:13:68:bb: 2a:83:e2:38:00:88:02:23:a3:b4:1c:12:bf:79:81:7f:e5:fd: 99:01:41:1b:ab:ee:06:e6:60:5a:9c:92:bf:83:a4:94:9b:9c: 38:cb:57:74:16:cf:56:f7:b6:45:b4:15:68:53:b3:45:d2:16: e4:e7:66:e2:04:2a:96:7f:b2:ff:88:88:20:2a:9a:6e:0f:e2: 37:75:a3:7d:6b:6c:63:85:6b:eb:cc:4d:7e:dc:eb:4c:4a:02: 0c:43:66:89:80:03:da:2b:4d:d3:ef:54:c0:d0:6a:f5:81:ee: 4f:95:63:e4:3c:e2:08:58:8f:69:57:68:ca:44:42:7d:a0:52: 8a:3c:c1:0b:55:a0:14:2d:9d:5a:bf:05:2b:4a:0a:43:5f:3f: 61:f4:d8:c1:08:c3:d3:e9:5d:17:52:8f:21:fc:ce:4f:91:ad: 1d:00:01:07:b8:54:16:39:76:3b:bc:81:40:23:2c:09:82:32: 9c:52:0b:aa:b0:75:40:c8:c4:3c:c1:33:d8:1f:b9:fd:da:23: 06:20:9c:bd:18:db:b3:77:6e:f3:24:05:1d:5c:90:36:43:aa: a3:52:a4:5e:fe:ba:3a:fd:59:60:b8:f2:07:82:65:5c:60:91: d2:d4:21:0e -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICCwAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoREVC RkM5MDBFREMzNEY4MURBNDgyN0YxRjlGNjNEMDRFMEUyRjc1NjAeFw0yNTEwMjcw MjMxMzlaFw0yNjEwMjMwMzAxMDNaMDMxMTAvBgNVBAMTKDIxNzBFOEUwOTY0MjUw NjdENDhGOEIyMTREQjBFQ0Q2QzM1ODMyNDcwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCcigjUM0WfN5MZqygbWEnP8nM1Qu0qBngxVFrA526HMO5w3rEC ih31RsF4S0weCr1uzZGGui7iRNGFsdcFG9djQoDGp9K3lJMu4IYlMerE24Ji5zpi 3DQanujTa/a1JZbpjnu0CjUs/8MqVnhnbPWcxwVRwvTGncvZl8RudXmzYR79D3dq yLJGevT/va33SCErwI5AH7sfUUICYevoEOePxylOaPPemLmZ61jVhcJYQsqxR84e Vg/QXQS90/YAHsgneEA/td2dktkjzLFXMmi2xuADhhgVpIS3RCilN/XOxsDFRee3 /hEPu1yjbO580Yx3GTo8ydkPAt7QcnxWpgYnAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUIXDo4JZCUGfUj4shTbDs1sNYMkcwHwYDVR0jBBgwFoAU3r/JAO3DT4HaSCfx +fY9BODi91YwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjIz LzNyX0pBTzNEVDRIYVNDZngtZlk5Qk9EaTkxWS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvM3JfSkFPM0RUNEhhU0NmeC1mWTlCT0RpOTFZLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjIzL0lYRG80SlpDVUdmVWo0 c2hUYkRzMXNOWU1rYy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAZ3AsAwDQYJKoZIhvcNAQELBQADggEBADO5DxhjO2Xi5O895991yBNouyqD4jgA iAIjo7QcEr95gX/l/ZkBQRur7gbmYFqckr+DpJSbnDjLV3QWz1b3tkW0FWhTs0XS FuTnZuIEKpZ/sv+IiCAqmm4P4jd1o31rbGOFa+vMTX7c60xKAgxDZomAA9orTdPv VMDQavWB7k+VY+Q84ghYj2lXaMpEQn2gUoo8wQtVoBQtnVq/BStKCkNfP2H02MEI w9PpXRdSjyH8zk+RrR0AAQe4VBY5dju8gUAjLAmCMpxSC6qwdUDIxDzBM9gfuf3a IwYgnL0Y27N3bvMkBR1ckDZDqqNSpF7+ujr9WWC48geCZVxgkdLUIQ4= -----END CERTIFICATE-----Generated at Fri Dec 5 00:30:37 2025 by rpki-client