This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3098/Ar5C1FHGEQgRibIPgYukZRTNUww.roa File: Ar5C1FHGEQgRibIPgYukZRTNUww.roa (raw, json) Hash identifier: GxIP36CEMuIEOrXeIkkPto23HQ1ENvGH5YZRWNEhDVU= Subject key identifier: 02:BE:42:D4:51:C6:11:08:11:89:B2:0F:81:8B:A4:65:14:CD:53:0C Certificate issuer: /CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353 Certificate serial: 2459 Authority key identifier: D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/Ar5C1FHGEQgRibIPgYukZRTNUww.roa Signing time: Tue 10 Jun 2025 08:09:05 +0000 ROA not before: Tue 10 Jun 2025 08:09:05 +0000 ROA not after: Fri 03 Apr 2026 08:00:09 +0000 asID: 146845 IP address blocks: 2407:9b40::/32 maxlen: 64 Validation: Failed, RFC 3779 resource not subset of parent's resources Certificate: Data: Version: 3 (0x2) Serial Number: 9305 (0x2459) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353 Validity Not Before: Jun 10 08:09:05 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=02BE42D451C611081189B20F818BA46514CD530C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:26:06:d2:89:5f:ac:41:a2:7d:c3:ef:24:74: f2:5a:74:b2:0b:a9:65:79:8b:27:bf:82:91:f1:3a: c1:a6:09:93:f7:25:8f:7c:19:2c:be:4a:b3:86:00: 17:1b:cc:b6:c6:97:2c:28:93:b4:d2:14:08:de:8d: b3:9d:a4:46:f4:e1:ec:4d:2c:fd:56:93:50:62:f6: b4:29:2e:ca:83:90:9d:21:c8:4e:e0:a4:09:55:a4: 29:5d:5d:eb:18:40:f1:21:09:d9:88:5f:85:68:8b: 17:0a:1a:7c:1d:ba:de:a8:5a:76:44:e5:12:ac:b5: ac:5b:60:59:7f:32:0a:16:64:7b:7d:d9:34:be:47: 58:4e:90:7a:e5:71:74:8e:e9:82:d3:84:25:4d:53: 4a:e3:c9:7e:cb:26:49:26:ca:1c:bc:12:33:a8:b8: c3:67:fb:d8:a5:c5:25:a1:e9:7e:32:5d:01:d2:05: 67:5d:db:50:8b:25:07:9b:62:55:10:c6:3d:df:0e: 1f:15:c7:a1:f8:7f:2d:50:e2:3d:3c:a3:a7:d6:65: 56:26:9b:6e:ae:fc:be:60:99:65:a0:c2:a8:7d:26: ca:c8:cc:aa:91:e6:60:52:f3:f1:38:86:37:a7:bd: 26:76:fd:19:c2:3a:19:5d:aa:95:64:86:46:2f:74: e2:c5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 02:BE:42:D4:51:C6:11:08:11:89:B2:0F:81:8B:A4:65:14:CD:53:0C X509v3 Authority Key Identifier: keyid:D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/0qtsm24WUzTAMtBR1fx9FUfk41M.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/Ar5C1FHGEQgRibIPgYukZRTNUww.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2407:9b40::/32 Signature Algorithm: sha256WithRSAEncryption aa:44:c2:8b:3c:f0:76:b2:c5:96:b8:bf:a1:f3:c5:ff:fc:26: 1e:ec:3e:a0:3e:e8:66:ea:64:22:24:38:e1:3b:f7:38:fb:9a: e5:34:dd:31:66:a1:96:f3:2f:23:c1:31:f0:b1:88:c9:5e:30: 59:88:95:ad:a9:bd:67:2c:c1:68:5b:97:d9:07:e4:11:52:49: 5c:c2:e9:b5:fe:94:cf:9e:3a:21:3e:ff:13:04:fa:c6:b9:31: 62:c3:77:85:88:d9:15:21:53:54:61:85:7e:99:d7:e4:a6:c6: 2e:fb:19:a3:de:a7:e6:76:d9:19:8d:bb:76:46:59:84:e8:63: b0:6b:21:28:3c:67:ed:29:5b:8d:48:3b:3c:22:9a:47:7f:a4: d3:28:90:11:c1:66:f0:49:ac:9c:6d:30:81:8d:06:99:20:48: 7f:77:74:69:e5:01:3f:b6:28:be:c0:55:09:64:92:2e:84:ed: 97:a2:65:8c:b7:f5:b0:57:0d:db:11:0f:b8:8f:14:ef:62:b6: 48:12:46:04:1f:e5:1b:fb:d6:48:30:31:19:f7:ec:22:1b:51: 01:44:90:f3:94:5d:af:5b:d4:e7:09:9a:66:d9:fb:67:bf:87: 25:3c:b1:e0:43:c4:9c:46:c3:bf:35:18:b8:18:3e:70:0e:b4: 1d:1e:02:d0 -----BEGIN CERTIFICATE----- MIIE2DCCA8CgAwIBAgICJFkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRDJB QjZDOUI2RTE2NTMzNEMwMzJEMDUxRDVGQzdEMTU0N0U0RTM1MzAeFw0yNTA2MTAw ODA5MDVaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDAyQkU0MkQ0NTFDNjEx MDgxMTg5QjIwRjgxOEJBNDY1MTRDRDUzMEMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC6JgbSiV+sQaJ9w+8kdPJadLILqWV5iye/gpHxOsGmCZP3JY98 GSy+SrOGABcbzLbGlywok7TSFAjejbOdpEb04exNLP1Wk1Bi9rQpLsqDkJ0hyE7g pAlVpCldXesYQPEhCdmIX4VoixcKGnwdut6oWnZE5RKstaxbYFl/MgoWZHt92TS+ R1hOkHrlcXSO6YLThCVNU0rjyX7LJkkmyhy8EjOouMNn+9ilxSWh6X4yXQHSBWdd 21CLJQebYlUQxj3fDh8Vx6H4fy1Q4j08o6fWZVYmm26u/L5gmWWgwqh9JsrIzKqR 5mBS8/E4hjenvSZ2/RnCOhldqpVkhkYvdOLFAgMBAAGjggH0MIIB8DAdBgNVHQ4E FgQUAr5C1FHGEQgRibIPgYukZRTNUwwwHwYDVR0jBBgwFoAU0qtsm24WUzTAMtBR 1fx9FUfk41MwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA5 OC8wcXRzbTI0V1V6VEFNdEJSMWZ4OUZVZms0MU0uY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwLzBxdHNtMjRXVXpUQU10QlIxZng5RlVmazQxTS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwOTgvQXI1QzFGSEdFUWdS aWJJUGdZdWtaUlROVXd3LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIw BwMFACQHm0AwDQYJKoZIhvcNAQELBQADggEBAKpEwos88HayxZa4v6Hzxf/8Jh7s PqA+6GbqZCIkOOE79zj7muU03TFmoZbzLyPBMfCxiMleMFmIla2pvWcswWhbl9kH 5BFSSVzC6bX+lM+eOiE+/xME+sa5MWLDd4WI2RUhU1RhhX6Z1+Smxi77GaPep+Z2 2RmNu3ZGWYToY7BrISg8Z+0pW41IOzwimkd/pNMokBHBZvBJrJxtMIGNBpkgSH93 dGnlAT+2KL7AVQlkki6E7ZeiZYy39bBXDdsRD7iPFO9itkgSRgQf5Rv71kgwMRn3 7CIbUQFEkPOUXa9b1OcJmmbZ+2e/hyU8seBDxJxGw781GLgYPnAOtB0eAtA= -----END CERTIFICATE-----Generated at Mon Jan 12 06:30:59 2026 by rpki-client