This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/CWnXX-ggpbwCYgLXfokIXhy84Gs.roa File: CWnXX-ggpbwCYgLXfokIXhy84Gs.roa (raw, json) Hash identifier: u81G4wETlz7F60wChrAoER0G3zGsf5tKQHsUKnm5vqk= Subject key identifier: 09:69:D7:5F:E8:20:A5:BC:02:62:02:D7:7E:89:08:5E:1C:BC:E0:6B Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942 Certificate serial: 51B4 Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/CWnXX-ggpbwCYgLXfokIXhy84Gs.roa Signing time: Mon 19 Jan 2026 12:26:36 +0000 ROA not before: Mon 19 Jan 2026 12:26:36 +0000 ROA not after: Fri 23 Oct 2026 03:01:03 +0000 asID: 9391 IP address blocks: 124.29.0.0/17 maxlen: 17 Validation: Failed, RFC 3779 resource not subset of parent's resources Certificate: Data: Version: 3 (0x2) Serial Number: 20916 (0x51b4) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942 Validity Not Before: Jan 19 12:26:36 2026 GMT Not After : Oct 23 03:01:03 2026 GMT Subject: CN=0969D75FE820A5BC026202D77E89085E1CBCE06B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:8e:4c:66:58:33:d9:6c:8c:ee:82:64:9f:82: b5:60:30:c1:00:97:ec:0a:52:9a:59:da:c8:53:15: 65:7a:86:17:2e:6e:29:91:7c:cc:06:b2:ee:93:1e: 9a:00:1f:4b:0d:40:9e:34:84:aa:5b:e3:73:13:0a: a6:d9:f7:79:42:6d:06:ac:f3:18:22:fd:71:0c:95: e7:c6:02:51:e2:08:48:b4:f8:7d:5e:5d:29:cd:d0: 19:ad:8e:de:b2:cf:cd:9e:50:69:79:7c:6d:53:06: 7a:12:f8:44:74:35:d5:43:14:1f:93:5c:f1:d1:7b: 7f:99:7e:eb:9e:eb:12:2a:df:04:06:ec:d1:23:30: d0:1b:5e:ca:b9:1a:ec:b9:b5:c5:87:d9:26:5f:e2: d8:58:86:c4:31:ea:cf:1e:55:a4:5f:04:6a:f7:e1: f1:68:58:ec:08:44:44:e7:d7:5e:62:42:27:6b:51: e9:e3:30:c6:35:a1:31:7b:e3:17:6f:b2:b6:66:b1: bf:e7:1f:20:1b:1e:88:53:b1:e6:4c:68:24:b8:08: a6:af:05:67:33:aa:b3:26:5a:53:5a:29:f7:a7:7d: ef:b7:eb:37:5b:f7:8f:11:7d:d6:ac:41:5d:a3:f9: 3d:4f:89:a0:53:30:3e:53:84:e3:be:e1:c6:fd:04: 14:9d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 09:69:D7:5F:E8:20:A5:BC:02:62:02:D7:7E:89:08:5E:1C:BC:E0:6B X509v3 Authority Key Identifier: keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/CWnXX-ggpbwCYgLXfokIXhy84Gs.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 124.29.0.0/17 Signature Algorithm: sha256WithRSAEncryption b0:40:16:50:b3:d9:9b:0c:d0:6f:0f:db:3b:21:5e:53:ea:20: 78:3f:c6:4f:7c:2a:a1:71:ba:50:97:0b:1e:00:2a:e2:e5:98: 04:3d:c9:7f:f4:aa:c3:36:46:57:12:3c:92:cf:cd:bd:fb:4a: 5a:05:bc:3b:a6:97:89:dd:f0:66:80:bc:53:c6:d5:41:44:e9: 43:08:76:54:39:05:9f:2e:78:e4:2b:09:71:b1:61:7a:01:fc: 70:a9:2f:9e:6f:33:91:70:5a:90:b4:a3:43:be:b7:b1:db:6a: 5e:66:24:03:02:a2:6c:4c:f7:5a:ab:78:a1:20:b5:c3:8c:a0: be:cf:a7:92:d0:ff:55:2e:c6:05:95:72:33:6a:c3:b3:7d:cd: 00:33:35:4d:c2:d7:14:ec:f8:7e:3d:33:15:81:be:94:01:31: 45:4b:bd:0f:29:97:cd:ed:b2:8b:53:03:46:22:99:a4:43:0e: 8d:42:37:c4:83:6c:4d:4b:dd:cb:35:37:8b:db:74:21:0c:3f: 37:19:b8:86:83:ba:2d:eb:d9:c8:ed:67:33:14:56:ea:09:45: d3:72:d3:bc:02:99:89:bd:c1:b0:2d:8b:9d:bb:8f:6f:1c:f2: 3e:21:1b:c4:b4:84:be:eb:00:73:e4:10:ca:49:88:63:db:e2: f0:ac:1c:6c -----BEGIN CERTIFICATE----- MIIE0zCCA7ugAwIBAgICUbQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNjAxMTkx MjI2MzZaFw0yNjEwMjMwMzAxMDNaMDMxMTAvBgNVBAMTKDA5NjlENzVGRTgyMEE1 QkMwMjYyMDJENzdFODkwODVFMUNCQ0UwNkIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDDjkxmWDPZbIzugmSfgrVgMMEAl+wKUppZ2shTFWV6hhcubimR fMwGsu6THpoAH0sNQJ40hKpb43MTCqbZ93lCbQas8xgi/XEMlefGAlHiCEi0+H1e XSnN0Bmtjt6yz82eUGl5fG1TBnoS+ER0NdVDFB+TXPHRe3+Zfuue6xIq3wQG7NEj MNAbXsq5Guy5tcWH2SZf4thYhsQx6s8eVaRfBGr34fFoWOwIRETn115iQidrUenj MMY1oTF74xdvsrZmsb/nHyAbHohTseZMaCS4CKavBWczqrMmWlNaKfenfe+36zdb 948RfdasQV2j+T1PiaBTMD5ThOO+4cb9BBSdAgMBAAGjggHvMIIB6zAdBgNVHQ4E FgQUCWnXX+ggpbwCYgLXfokIXhy84GswHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9DV25YWC1nZ3Bid0NZZ0xY Zm9rSVhoeTg0R3Mucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu Y24vcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQH fB0AMA0GCSqGSIb3DQEBCwUAA4IBAQCwQBZQs9mbDNBvD9s7IV5T6iB4P8ZPfCqh cbpQlwseACri5ZgEPcl/9KrDNkZXEjySz829+0paBbw7ppeJ3fBmgLxTxtVBROlD CHZUOQWfLnjkKwlxsWF6AfxwqS+ebzORcFqQtKNDvrex22peZiQDAqJsTPdaq3ih ILXDjKC+z6eS0P9VLsYFlXIzasOzfc0AMzVNwtcU7Ph+PTMVgb6UATFFS70PKZfN 7bKLUwNGIpmkQw6NQjfEg2xNS93LNTeL23QhDD83GbiGg7ot69nI7WczFFbqCUXT ctO8ApmJvcGwLYudu49vHPI+IRvEtIS+6wBz5BDKSYhj2+LwrBxs -----END CERTIFICATE-----Generated at Mon Jan 19 15:28:03 2026 by rpki-client