This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/1xHMMJMJe09ha8cUM5-hcXfAM_M.roa File: 1xHMMJMJe09ha8cUM5-hcXfAM_M.roa (raw, json) Hash identifier: G2wTBciAqsDw64ViP8CxUtW207O7/khtxqnkXJkYM54= Subject key identifier: D7:11:CC:30:93:09:7B:4F:61:6B:C7:14:33:9F:A1:71:77:C0:33:F3 Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942 Certificate serial: 409C Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/1xHMMJMJe09ha8cUM5-hcXfAM_M.roa Signing time: Thu 04 Dec 2025 21:46:15 +0000 ROA not before: Thu 04 Dec 2025 21:46:15 +0000 ROA not after: Fri 23 Oct 2026 03:01:03 +0000 asID: 9391 IP address blocks: 124.29.0.0/17 maxlen: 17 Validation: Failed, RFC 3779 resource not subset of parent's resources Certificate: Data: Version: 3 (0x2) Serial Number: 16540 (0x409c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942 Validity Not Before: Dec 4 21:46:15 2025 GMT Not After : Oct 23 03:01:03 2026 GMT Subject: CN=D711CC3093097B4F616BC714339FA17177C033F3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:de:6e:eb:33:05:87:b3:08:31:46:cd:96:23:70: eb:a2:4c:25:36:5e:51:e7:c5:a6:df:c0:5d:50:8f: dd:de:a3:a0:5b:2e:81:49:0d:ae:be:fe:e2:17:2d: 9f:74:8f:69:0d:57:52:5b:1f:41:d2:c6:94:ce:4f: 9e:1e:77:71:6d:1a:ad:40:9d:30:fe:17:2d:9d:6b: 64:fa:2e:3f:51:30:cf:04:27:c4:ee:58:36:8b:00: 03:61:42:9e:a8:a1:dc:8e:28:ba:ae:c2:0c:77:e5: 0f:06:e1:0c:ba:82:40:48:e3:b3:a3:cf:ab:58:db: 7b:d9:e6:f0:6a:d0:2f:9c:89:ba:3d:02:f7:08:4b: 84:5b:a3:ae:11:ba:4b:fb:18:2b:0e:7b:38:46:8e: 51:f6:b8:d3:bc:51:81:93:1b:a3:29:56:cb:9f:02: c9:c9:35:07:fa:96:32:91:02:09:db:f5:78:00:c0: 65:da:94:96:db:4f:d7:7c:f3:e7:59:8e:1a:e4:fb: 1f:11:64:28:9f:8c:79:a3:cb:05:e2:5b:63:c3:6c: 55:48:53:58:75:05:b7:1e:41:8f:5a:03:83:cf:64: 59:76:8d:3d:9a:00:db:a6:5e:4f:22:ca:98:ee:94: fd:75:db:b1:9f:ca:24:9a:fc:bf:3e:e1:a1:e5:a2: cf:95 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D7:11:CC:30:93:09:7B:4F:61:6B:C7:14:33:9F:A1:71:77:C0:33:F3 X509v3 Authority Key Identifier: keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/1xHMMJMJe09ha8cUM5-hcXfAM_M.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 124.29.0.0/17 Signature Algorithm: sha256WithRSAEncryption 4b:3b:a6:e5:91:50:60:3b:d7:6a:81:b2:4d:f7:60:37:6f:f5: f3:f2:15:bb:08:1e:ca:2a:83:c7:b6:0f:1f:a8:c6:47:1f:05: 42:01:74:c9:c9:62:69:2c:be:f4:37:68:81:dc:42:d6:92:43: 68:16:0b:ba:11:73:57:ae:cb:d5:f3:94:2e:a0:af:da:47:ff: b0:0d:fd:bd:20:c2:61:9b:9f:9f:9c:61:f1:a7:bc:aa:e5:a6: 2b:f0:22:9e:37:bf:45:47:08:d2:fe:7e:e0:31:3c:e3:e7:3c: 9b:39:36:94:99:62:86:62:40:91:39:fc:9d:03:ea:cf:35:1a: ba:fc:93:8b:11:78:6a:e8:73:42:0e:a0:7e:69:a4:b8:8b:21: 4a:85:40:c1:03:da:ff:dd:f4:49:1e:1b:cc:b2:59:1e:0e:0f: 0c:93:e4:82:5f:41:ab:bb:3d:d3:86:9f:f8:c4:a2:e5:c9:1f: 04:e8:89:2d:72:12:62:1e:ae:bc:85:ef:8b:c6:96:d4:b8:01: de:9b:2e:35:bd:d5:8d:8c:60:6d:ff:fc:b4:f3:75:bd:19:a0: aa:0a:77:27:c0:50:94:39:c2:4e:f1:67:09:19:34:db:ae:9e: 6b:89:fc:2d:53:64:fd:db:b5:3c:f0:a9:35:a1:9d:89:4a:96: 04:98:a2:6b -----BEGIN CERTIFICATE----- MIIE0zCCA7ugAwIBAgICQJwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTEyMDQy MTQ2MTVaFw0yNjEwMjMwMzAxMDNaMDMxMTAvBgNVBAMTKEQ3MTFDQzMwOTMwOTdC NEY2MTZCQzcxNDMzOUZBMTcxNzdDMDMzRjMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDebuszBYezCDFGzZYjcOuiTCU2XlHnxabfwF1Qj93eo6BbLoFJ Da6+/uIXLZ90j2kNV1JbH0HSxpTOT54ed3FtGq1AnTD+Fy2da2T6Lj9RMM8EJ8Tu WDaLAANhQp6oodyOKLquwgx35Q8G4Qy6gkBI47Ojz6tY23vZ5vBq0C+cibo9AvcI S4Rbo64Rukv7GCsOezhGjlH2uNO8UYGTG6MpVsufAsnJNQf6ljKRAgnb9XgAwGXa lJbbT9d88+dZjhrk+x8RZCifjHmjywXiW2PDbFVIU1h1BbceQY9aA4PPZFl2jT2a ANumXk8iypjulP1127GfyiSa/L8+4aHlos+VAgMBAAGjggHvMIIB6zAdBgNVHQ4E FgQU1xHMMJMJe09ha8cUM5+hcXfAM/MwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni8xeEhNTUpNSmUwOWhhOGNV TTUtaGNYZkFNX00ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu Y24vcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQH fB0AMA0GCSqGSIb3DQEBCwUAA4IBAQBLO6blkVBgO9dqgbJN92A3b/Xz8hW7CB7K KoPHtg8fqMZHHwVCAXTJyWJpLL70N2iB3ELWkkNoFgu6EXNXrsvV85QuoK/aR/+w Df29IMJhm5+fnGHxp7yq5aYr8CKeN79FRwjS/n7gMTzj5zybOTaUmWKGYkCROfyd A+rPNRq6/JOLEXhq6HNCDqB+aaS4iyFKhUDBA9r/3fRJHhvMslkeDg8Mk+SCX0Gr uz3Thp/4xKLlyR8E6IktchJiHq68he+LxpbUuAHemy41vdWNjGBt//y083W9GaCq CncnwFCUOcJO8WcJGTTbrp5rifwtU2T927U88Kk1oZ2JSpYEmKJr -----END CERTIFICATE-----Generated at Fri Dec 5 00:30:35 2025 by rpki-client