diff --git a/apis/v1alpha1/shared_types.go b/apis/v1alpha1/shared_types.go
index 0945fa69..8e61fa5f 100644
--- a/apis/v1alpha1/shared_types.go
+++ b/apis/v1alpha1/shared_types.go
@@ -134,6 +134,6 @@ type AdminNetworkPolicyIngressPeer struct {
 }
 
 // CIDR is an IP address range in CIDR notation (for example, "10.0.0.0/8" or "fd00::/8").
-// +kubebuilder:validation:XValidation:rule="isCIDR(self)",message="Invalid CIDR format provided"
+// +kubebuilder:validation:XValidation:rule="isCIDR(self) && cidr(self) == cidr(self).masked()",message="Invalid CIDR format provided"
 // +kubebuilder:validation:MaxLength=43
 type CIDR string
diff --git a/apis/v1alpha2/clusternetworkpolicy_types.go b/apis/v1alpha2/clusternetworkpolicy_types.go
index f0bfb0d4..a05a75c7 100644
--- a/apis/v1alpha2/clusternetworkpolicy_types.go
+++ b/apis/v1alpha2/clusternetworkpolicy_types.go
@@ -528,7 +528,7 @@ type PortRange struct {
 // CIDR is an IP address range in CIDR notation
 // (for example, "10.0.0.0/8" or "fd00::/8").
 //
-// +kubebuilder:validation:XValidation:rule="isCIDR(self)",message="Invalid CIDR format provided"
+// +kubebuilder:validation:XValidation:rule="isCIDR(self) && cidr(self) == cidr(self).masked()",message="Invalid CIDR format provided"
 // +kubebuilder:validation:MaxLength=43
 type CIDR string
 
diff --git a/config/crd/experimental/policy.networking.k8s.io_clusternetworkpolicies.yaml b/config/crd/experimental/policy.networking.k8s.io_clusternetworkpolicies.yaml
index c16b9696..c9aa0353 100644
--- a/config/crd/experimental/policy.networking.k8s.io_clusternetworkpolicies.yaml
+++ b/config/crd/experimental/policy.networking.k8s.io_clusternetworkpolicies.yaml
@@ -390,7 +390,7 @@ spec:
                               type: string
                               x-kubernetes-validations:
                               - message: Invalid CIDR format provided
-                                rule: isCIDR(self)
+                                rule: isCIDR(self) && cidr(self) == cidr(self).masked()
                             maxItems: 25
                             minItems: 1
                             type: array
diff --git a/config/crd/standard/policy.networking.k8s.io_clusternetworkpolicies.yaml b/config/crd/standard/policy.networking.k8s.io_clusternetworkpolicies.yaml
index 883f3de3..c90cc7fe 100644
--- a/config/crd/standard/policy.networking.k8s.io_clusternetworkpolicies.yaml
+++ b/config/crd/standard/policy.networking.k8s.io_clusternetworkpolicies.yaml
@@ -352,7 +352,7 @@ spec:
                               type: string
                               x-kubernetes-validations:
                               - message: Invalid CIDR format provided
-                                rule: isCIDR(self)
+                                rule: isCIDR(self) && cidr(self) == cidr(self).masked()
                             maxItems: 25
                             minItems: 1
                             type: array