This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/623/XTe4ReSimIGTL560yt2aDZ25Pjg.roa File: XTe4ReSimIGTL560yt2aDZ25Pjg.roa (raw, json) Hash identifier: osM0ugOPwVrHmYaTlXrMQzVipCUWfRKWS9QOfTcSX0w= Subject key identifier: 5D:37:B8:45:E4:A2:98:81:93:2F:9E:B4:CA:DD:9A:0D:9D:B9:3E:38 Certificate issuer: /CN=DEBFC900EDC34F81DA4827F1F9F63D04E0E2F756 Certificate serial: 0B11 Authority key identifier: DE:BF:C9:00:ED:C3:4F:81:DA:48:27:F1:F9:F6:3D:04:E0:E2:F7:56 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3r_JAO3DT4HaSCfx-fY9BODi91Y.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/623/XTe4ReSimIGTL560yt2aDZ25Pjg.roa Signing time: Mon 27 Oct 2025 02:39:24 +0000 ROA not before: Mon 27 Oct 2025 02:39:24 +0000 ROA not after: Fri 23 Oct 2026 03:01:03 +0000 asID: 58834 IP address blocks: 203.132.40.0/21 maxlen: 21 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/623/3r_JAO3DT4HaSCfx-fY9BODi91Y.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/623/3r_JAO3DT4HaSCfx-fY9BODi91Y.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3r_JAO3DT4HaSCfx-fY9BODi91Y.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 05 Dec 2025 01:17:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2833 (0xb11) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=DEBFC900EDC34F81DA4827F1F9F63D04E0E2F756 Validity Not Before: Oct 27 02:39:24 2025 GMT Not After : Oct 23 03:01:03 2026 GMT Subject: CN=5D37B845E4A29881932F9EB4CADD9A0D9DB93E38 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:de:20:c7:16:9a:ae:2d:ff:ce:91:34:d2:ae:79: d9:53:b9:df:57:d1:27:25:98:c4:f5:1a:d1:15:81: ae:27:ef:b4:3a:ca:24:bb:6f:62:af:5d:ad:53:3a: 99:52:9d:29:78:87:9b:5b:6c:51:d2:98:ac:e1:49: 8b:21:52:5c:df:96:17:4c:62:23:92:c8:d2:60:1b: 06:ba:d6:30:f9:10:73:61:6b:a8:61:90:f7:1a:04: 8f:a3:42:b5:e3:35:7c:f2:03:90:e8:30:41:37:8e: b3:44:03:64:e0:dc:46:e3:7e:d0:e5:9f:da:b6:b6: 45:f1:4e:79:0c:94:0d:34:7e:ca:3b:00:b2:0d:d1: cc:5b:70:80:7c:27:b6:f0:3f:04:d8:3f:2a:5d:62: ef:f4:4a:c5:66:da:dd:82:f0:62:fe:e9:b6:6a:b4: c7:19:66:69:00:a5:11:27:d9:ca:be:74:d8:82:4f: a3:3f:89:2d:dc:6b:88:9e:37:2e:c5:d9:76:9b:af: 85:24:85:6b:76:e0:50:0c:90:75:f8:81:d3:8b:9e: 36:fa:48:85:ec:0b:18:6e:8b:e5:fb:11:fe:0a:fd: 75:4a:05:af:99:9e:02:9e:11:65:a0:6f:46:ba:dc: 49:65:61:83:09:5d:3c:d7:cd:cc:4f:3d:a2:76:c4: 86:07 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5D:37:B8:45:E4:A2:98:81:93:2F:9E:B4:CA:DD:9A:0D:9D:B9:3E:38 X509v3 Authority Key Identifier: keyid:DE:BF:C9:00:ED:C3:4F:81:DA:48:27:F1:F9:F6:3D:04:E0:E2:F7:56 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/623/3r_JAO3DT4HaSCfx-fY9BODi91Y.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3r_JAO3DT4HaSCfx-fY9BODi91Y.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/623/XTe4ReSimIGTL560yt2aDZ25Pjg.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 203.132.40.0/21 Signature Algorithm: sha256WithRSAEncryption 7b:1b:c4:aa:96:da:11:ae:21:31:71:2e:03:a3:2d:15:7c:f3: 71:09:17:78:75:5e:77:0d:79:29:15:19:de:a0:f3:0c:7b:71: cc:54:93:3b:be:7b:9e:69:92:ff:7d:37:af:43:31:47:78:d9: ed:db:52:0b:35:fb:a7:3b:96:8e:22:62:90:ae:03:49:15:c4: a7:52:6e:68:33:7a:90:8f:be:6e:1f:fa:c9:f7:67:5c:25:e8: 54:20:ae:9e:3a:da:b0:41:cf:0a:6f:7a:df:4a:d0:6b:d8:16: 16:63:76:37:21:a1:8e:25:6e:43:0f:10:ba:5b:5e:e6:45:2e: e0:05:e8:05:d5:ee:f1:02:4f:c3:e8:2a:16:f0:cd:05:a7:0b: a8:fc:64:19:6c:de:23:91:63:e4:89:31:99:79:c8:5c:96:4d: 91:7a:bf:9f:79:42:92:c1:cc:ab:e8:cc:ec:db:97:e2:83:c9: 6c:2a:14:19:57:0b:ac:6d:59:36:e0:42:fc:3f:5d:2c:36:88: 63:80:42:77:92:2d:6d:58:7e:42:8a:6c:fc:a1:1a:b5:5c:81: ab:a9:54:a3:f0:fd:b3:d9:d8:77:38:90:31:2a:6b:a7:ea:5d: 0f:99:8a:1a:74:1b:cd:31:59:ba:61:46:3b:16:74:d0:f5:63: 70:94:89:b5 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICCxEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoREVC RkM5MDBFREMzNEY4MURBNDgyN0YxRjlGNjNEMDRFMEUyRjc1NjAeFw0yNTEwMjcw MjM5MjRaFw0yNjEwMjMwMzAxMDNaMDMxMTAvBgNVBAMTKDVEMzdCODQ1RTRBMjk4 ODE5MzJGOUVCNENBREQ5QTBEOURCOTNFMzgwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDeIMcWmq4t/86RNNKuedlTud9X0SclmMT1GtEVga4n77Q6yiS7 b2KvXa1TOplSnSl4h5tbbFHSmKzhSYshUlzflhdMYiOSyNJgGwa61jD5EHNha6hh kPcaBI+jQrXjNXzyA5DoMEE3jrNEA2Tg3EbjftDln9q2tkXxTnkMlA00fso7ALIN 0cxbcIB8J7bwPwTYPypdYu/0SsVm2t2C8GL+6bZqtMcZZmkApREn2cq+dNiCT6M/ iS3ca4ieNy7F2Xabr4UkhWt24FAMkHX4gdOLnjb6SIXsCxhui+X7Ef4K/XVKBa+Z ngKeEWWgb0a63EllYYMJXTzXzcxPPaJ2xIYHAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUXTe4ReSimIGTL560yt2aDZ25PjgwHwYDVR0jBBgwFoAU3r/JAO3DT4HaSCfx +fY9BODi91YwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjIz LzNyX0pBTzNEVDRIYVNDZngtZlk5Qk9EaTkxWS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvM3JfSkFPM0RUNEhhU0NmeC1mWTlCT0RpOTFZLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjIzL1hUZTRSZVNpbUlHVEw1 NjB5dDJhRFoyNVBqZy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAPLhCgwDQYJKoZIhvcNAQELBQADggEBAHsbxKqW2hGuITFxLgOjLRV883EJF3h1 XncNeSkVGd6g8wx7ccxUkzu+e55pkv99N69DMUd42e3bUgs1+6c7lo4iYpCuA0kV xKdSbmgzepCPvm4f+sn3Z1wl6FQgrp462rBBzwpvet9K0GvYFhZjdjchoY4lbkMP ELpbXuZFLuAF6AXV7vECT8PoKhbwzQWnC6j8ZBls3iORY+SJMZl5yFyWTZF6v595 QpLBzKvozOzbl+KDyWwqFBlXC6xtWTbgQvw/XSw2iGOAQneSLW1YfkKKbPyhGrVc gaupVKPw/bPZ2Hc4kDEqa6fqXQ+Zihp0G80xWbphRjsWdND1Y3CUibU= -----END CERTIFICATE-----Generated at Fri Dec 5 00:30:38 2025 by rpki-client