This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3098/C1ivPOtEourUS9RqtK3hhYJsmd8.roa File: C1ivPOtEourUS9RqtK3hhYJsmd8.roa (raw, json) Hash identifier: NdY8h+Y5pnqYL+w5FVXJ+U7cNXHPMmrD/X5ekIob3MA= Subject key identifier: 0B:58:AF:3C:EB:44:A2:EA:D4:4B:D4:6A:B4:AD:E1:85:82:6C:99:DF Certificate issuer: /CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353 Certificate serial: 1ED1 Authority key identifier: D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/C1ivPOtEourUS9RqtK3hhYJsmd8.roa Signing time: Sat 31 May 2025 12:08:30 +0000 ROA not before: Sat 31 May 2025 12:08:30 +0000 ROA not after: Fri 03 Apr 2026 08:00:09 +0000 asID: 146845 IP address blocks: 2407:9b40::/32 maxlen: 64 Validation: Failed, RFC 3779 resource not subset of parent's resources Certificate: Data: Version: 3 (0x2) Serial Number: 7889 (0x1ed1) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353 Validity Not Before: May 31 12:08:30 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=0B58AF3CEB44A2EAD44BD46AB4ADE185826C99DF Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e0:ea:46:71:e9:96:ab:09:3e:17:1c:c4:2f:b4: 70:21:33:b0:ea:70:cd:f5:34:ea:e1:18:b5:b4:25: 77:0b:b8:06:45:a0:23:8c:8b:c6:cd:11:8a:f3:5e: 86:f9:2d:fd:aa:f7:e3:5d:d6:66:7a:a6:dc:12:40: 01:63:84:ba:79:ec:5a:f3:05:40:15:cb:31:7a:6d: e7:cb:27:72:f1:de:19:bd:ba:40:67:f3:a6:8b:c2: 55:d9:b5:ef:bd:38:f0:22:dc:36:37:63:62:07:29: d1:c6:c2:29:01:99:32:8c:de:ba:b8:2a:82:8a:f8: 9b:77:86:d0:de:ca:8c:f4:fd:03:b2:b1:25:f5:e6: b6:74:87:03:e5:40:9c:e0:a9:3c:37:92:8b:74:8f: 6c:5c:6a:e4:c2:08:91:80:4d:a2:83:00:e1:20:cf: fd:5a:00:83:22:7f:ba:5b:b8:27:33:02:8c:e4:cb: 04:72:d8:b6:da:53:8f:53:b6:10:fc:01:37:3f:4b: b6:be:00:20:10:83:65:50:b7:3f:b6:d9:53:40:6e: cf:d8:c2:46:12:ab:c0:0b:e4:7a:19:d8:86:13:e9: a7:48:2c:c9:52:80:27:f7:5b:c5:f8:e8:a9:3f:dd: 1c:05:73:ee:b1:64:b0:f8:e9:1b:6f:ae:3b:98:78: 19:e3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0B:58:AF:3C:EB:44:A2:EA:D4:4B:D4:6A:B4:AD:E1:85:82:6C:99:DF X509v3 Authority Key Identifier: keyid:D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/0qtsm24WUzTAMtBR1fx9FUfk41M.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/C1ivPOtEourUS9RqtK3hhYJsmd8.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2407:9b40::/32 Signature Algorithm: sha256WithRSAEncryption 42:8d:8b:f3:06:48:c4:3b:6c:69:7e:42:f0:2d:7b:a1:cc:52: f3:79:f7:90:67:b1:4b:91:c4:f6:c4:49:e3:b6:f9:ec:ea:5d: 64:68:d1:01:1f:2f:6c:20:84:37:7b:66:26:59:a6:9b:5b:47: 13:34:a1:9d:61:2a:08:f1:0f:5f:c8:2f:13:4e:60:05:55:72: 1b:f2:75:50:3a:9b:c8:19:50:12:2f:07:33:7d:66:2b:c8:a0: 00:7e:c3:51:e5:cd:df:22:9b:e6:5c:10:76:9f:3a:cb:29:81: 86:3f:89:14:e4:f1:db:31:59:79:cc:df:c5:ec:e7:84:00:e7: aa:77:b2:a6:17:fc:38:fd:0a:72:c3:c6:f5:1a:93:af:83:d4: d3:05:b8:b3:96:97:5a:7b:82:78:36:1d:07:fa:4c:71:46:c6: 55:7e:6d:86:0d:ff:66:57:6a:96:21:98:6c:3a:ab:32:e3:d0: 52:80:2e:7e:0f:b8:dc:1a:2d:c8:0d:1b:16:4c:2f:f8:a4:b9: c2:be:11:75:6e:9c:85:f7:2c:69:30:fc:89:5e:c2:09:e8:3b: 57:d5:29:b5:e8:d8:1e:6f:c0:bf:19:a6:cf:5e:d0:c8:ab:17: f3:c5:e0:a5:4b:a6:30:cd:78:48:83:72:0f:68:bb:bf:ac:72: 74:89:b8:fe -----BEGIN CERTIFICATE----- MIIE2DCCA8CgAwIBAgICHtEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRDJB QjZDOUI2RTE2NTMzNEMwMzJEMDUxRDVGQzdEMTU0N0U0RTM1MzAeFw0yNTA1MzEx MjA4MzBaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDBCNThBRjNDRUI0NEEy RUFENDRCRDQ2QUI0QURFMTg1ODI2Qzk5REYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDg6kZx6ZarCT4XHMQvtHAhM7DqcM31NOrhGLW0JXcLuAZFoCOM i8bNEYrzXob5Lf2q9+Nd1mZ6ptwSQAFjhLp57FrzBUAVyzF6befLJ3Lx3hm9ukBn 86aLwlXZte+9OPAi3DY3Y2IHKdHGwikBmTKM3rq4KoKK+Jt3htDeyoz0/QOysSX1 5rZ0hwPlQJzgqTw3kot0j2xcauTCCJGATaKDAOEgz/1aAIMif7pbuCczAozkywRy 2LbaU49TthD8ATc/S7a+ACAQg2VQtz+22VNAbs/YwkYSq8AL5HoZ2IYT6adILMlS gCf3W8X46Kk/3RwFc+6xZLD46RtvrjuYeBnjAgMBAAGjggH0MIIB8DAdBgNVHQ4E FgQUC1ivPOtEourUS9RqtK3hhYJsmd8wHwYDVR0jBBgwFoAU0qtsm24WUzTAMtBR 1fx9FUfk41MwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA5 OC8wcXRzbTI0V1V6VEFNdEJSMWZ4OUZVZms0MU0uY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwLzBxdHNtMjRXVXpUQU10QlIxZng5RlVmazQxTS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwOTgvQzFpdlBPdEVvdXJV UzlScXRLM2hoWUpzbWQ4LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIw BwMFACQHm0AwDQYJKoZIhvcNAQELBQADggEBAEKNi/MGSMQ7bGl+QvAte6HMUvN5 95BnsUuRxPbESeO2+ezqXWRo0QEfL2wghDd7ZiZZpptbRxM0oZ1hKgjxD1/ILxNO YAVVchvydVA6m8gZUBIvBzN9ZivIoAB+w1Hlzd8im+ZcEHafOsspgYY/iRTk8dsx WXnM38Xs54QA56p3sqYX/Dj9CnLDxvUak6+D1NMFuLOWl1p7gng2HQf6THFGxlV+ bYYN/2ZXapYhmGw6qzLj0FKALn4PuNwaLcgNGxZML/ikucK+EXVunIX3LGkw/Ile wgnoO1fVKbXo2B5vwL8Zps9e0MirF/PF4KVLpjDNeEiDcg9ou7+scnSJuP4= -----END CERTIFICATE-----Generated at Mon Jan 12 15:20:31 2026 by rpki-client