This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3098/4OJWO5TbZVFQttE1A8DrRUWNDfw.roa File: 4OJWO5TbZVFQttE1A8DrRUWNDfw.roa (raw, json) Hash identifier: B/y4BHjMijoJBe8fNTPPGhj7xQIprTN9+b6YJJJipEE= Subject key identifier: E0:E2:56:3B:94:DB:65:51:50:B6:D1:35:03:C0:EB:45:45:8D:0D:FC Certificate issuer: /CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353 Certificate serial: 2522 Authority key identifier: D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/4OJWO5TbZVFQttE1A8DrRUWNDfw.roa Signing time: Wed 11 Jun 2025 17:39:10 +0000 ROA not before: Wed 11 Jun 2025 17:39:10 +0000 ROA not after: Fri 03 Apr 2026 08:00:09 +0000 asID: 146845 IP address blocks: 2407:9b40::/32 maxlen: 64 Validation: Failed, RFC 3779 resource not subset of parent's resources Certificate: Data: Version: 3 (0x2) Serial Number: 9506 (0x2522) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353 Validity Not Before: Jun 11 17:39:10 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=E0E2563B94DB655150B6D13503C0EB45458D0DFC Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:80:95:fe:84:cd:49:e7:bd:d2:be:a0:8a:a5: 77:07:7d:37:3f:b5:be:00:7e:1b:ab:55:f2:c4:e3: a1:5f:72:78:51:cb:d6:1a:7d:3b:10:bf:77:56:e8: e5:a1:10:01:cc:e1:d7:f1:28:4a:0e:70:75:ef:b2: e9:ec:1b:20:5d:7e:a3:be:c9:74:d3:53:d6:b8:37: 54:57:63:1f:2f:cd:6f:ee:a6:1c:06:48:4e:30:fc: eb:18:db:96:b0:7b:78:fa:c5:2f:bf:63:06:6b:84: cc:fa:4e:46:dc:5a:2e:ee:e6:d6:e9:cb:77:2c:05: 0b:fe:d7:dc:03:5c:bc:21:dd:03:1b:93:09:6f:a3: 72:07:3e:d0:d5:ff:9d:7f:e6:6b:8b:c0:47:4b:35: 49:ca:d1:1f:b4:3b:84:38:f5:66:88:e4:fb:5b:3b: 23:c3:74:e6:e1:6f:a8:d3:93:f4:87:0e:95:43:0c: 5c:72:c3:79:a1:17:08:c9:42:b7:56:f9:38:a6:58: a1:57:38:27:48:2c:f8:26:b4:ef:16:0c:69:b9:61: 71:54:1d:ba:8c:70:5b:93:5a:97:c2:cb:b8:83:25: 94:d8:e8:b1:7b:57:f9:88:ea:9b:89:4a:86:07:01: 28:89:a2:80:8c:a3:fc:95:9b:4c:09:93:de:e3:e7: 56:f7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E0:E2:56:3B:94:DB:65:51:50:B6:D1:35:03:C0:EB:45:45:8D:0D:FC X509v3 Authority Key Identifier: keyid:D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/0qtsm24WUzTAMtBR1fx9FUfk41M.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/4OJWO5TbZVFQttE1A8DrRUWNDfw.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2407:9b40::/32 Signature Algorithm: sha256WithRSAEncryption 76:fe:7d:f8:7f:4f:ea:4e:51:b4:e5:42:29:c8:ae:0c:5c:76: 89:b9:45:eb:8a:69:e1:0d:2f:c7:5f:5e:b4:36:ee:95:0f:3d: fc:be:12:ff:cf:3b:db:cb:28:61:89:fd:e7:92:6a:12:86:0e: 3e:8b:5c:b1:7b:e3:06:d2:36:ae:c4:15:98:e3:c5:e6:be:36: fb:98:8e:4c:31:90:0c:af:e7:f4:fd:0b:b4:5e:ec:d3:a7:f6: 92:8e:41:64:2a:b7:40:39:46:f4:ab:47:fb:19:2f:86:3b:8b: e9:a4:4a:50:da:40:0d:b3:69:c4:c8:19:e8:45:64:c6:0e:d2: 9e:dd:32:d1:0d:44:7f:28:10:cf:da:43:b3:66:68:a8:07:52: 73:d6:cf:b3:5e:d4:26:b9:81:eb:60:e5:4b:7d:00:37:5e:45: eb:a6:4a:73:54:5f:21:32:d5:40:62:25:07:ff:da:42:8c:15: 5d:3d:b5:3e:18:25:23:74:91:53:f6:b6:fd:6c:a8:f9:2d:8e: bd:c8:2f:96:2f:02:6a:c4:34:a5:c3:10:9e:30:e7:bb:42:24: 9f:18:f2:af:88:7e:01:72:a6:37:62:1e:9c:a0:f0:b3:ed:00: 53:e5:0f:d3:fb:17:20:60:1b:db:a5:68:c3:9b:de:e7:87:ba: 1b:d8:1e:ad -----BEGIN CERTIFICATE----- MIIE2DCCA8CgAwIBAgICJSIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRDJB QjZDOUI2RTE2NTMzNEMwMzJEMDUxRDVGQzdEMTU0N0U0RTM1MzAeFw0yNTA2MTEx NzM5MTBaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKEUwRTI1NjNCOTREQjY1 NTE1MEI2RDEzNTAzQzBFQjQ1NDU4RDBERkMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDAgJX+hM1J573SvqCKpXcHfTc/tb4AfhurVfLE46FfcnhRy9Ya fTsQv3dW6OWhEAHM4dfxKEoOcHXvsunsGyBdfqO+yXTTU9a4N1RXYx8vzW/uphwG SE4w/OsY25awe3j6xS+/YwZrhMz6TkbcWi7u5tbpy3csBQv+19wDXLwh3QMbkwlv o3IHPtDV/51/5muLwEdLNUnK0R+0O4Q49WaI5PtbOyPDdObhb6jTk/SHDpVDDFxy w3mhFwjJQrdW+TimWKFXOCdILPgmtO8WDGm5YXFUHbqMcFuTWpfCy7iDJZTY6LF7 V/mI6puJSoYHASiJooCMo/yVm0wJk97j51b3AgMBAAGjggH0MIIB8DAdBgNVHQ4E FgQU4OJWO5TbZVFQttE1A8DrRUWNDfwwHwYDVR0jBBgwFoAU0qtsm24WUzTAMtBR 1fx9FUfk41MwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA5 OC8wcXRzbTI0V1V6VEFNdEJSMWZ4OUZVZms0MU0uY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwLzBxdHNtMjRXVXpUQU10QlIxZng5RlVmazQxTS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwOTgvNE9KV081VGJaVkZR dHRFMUE4RHJSVVdORGZ3LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIw BwMFACQHm0AwDQYJKoZIhvcNAQELBQADggEBAHb+ffh/T+pOUbTlQinIrgxcdom5 ReuKaeENL8dfXrQ27pUPPfy+Ev/PO9vLKGGJ/eeSahKGDj6LXLF74wbSNq7EFZjj xea+NvuYjkwxkAyv5/T9C7Re7NOn9pKOQWQqt0A5RvSrR/sZL4Y7i+mkSlDaQA2z acTIGehFZMYO0p7dMtENRH8oEM/aQ7NmaKgHUnPWz7Ne1Ca5getg5Ut9ADdeReum SnNUXyEy1UBiJQf/2kKMFV09tT4YJSN0kVP2tv1sqPktjr3IL5YvAmrENKXDEJ4w 57tCJJ8Y8q+IfgFypjdiHpyg8LPtAFPlD9P7FyBgG9ulaMOb3ueHuhvYHq0= -----END CERTIFICATE-----Generated at Mon Jan 12 23:32:40 2026 by rpki-client