This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3098/DoYt_seNecD7gLiRfmoYE4aB08g.roa File: DoYt_seNecD7gLiRfmoYE4aB08g.roa (raw, json) Hash identifier: X5hkK65fTc02OZFsls9T5vYyou1HvCqGffADo9rzQXc= Subject key identifier: 0E:86:2D:FE:C7:8D:79:C0:FB:80:B8:91:7E:6A:18:13:86:81:D3:C8 Certificate issuer: /CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353 Certificate serial: 2519 Authority key identifier: D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/DoYt_seNecD7gLiRfmoYE4aB08g.roa Signing time: Wed 11 Jun 2025 16:09:09 +0000 ROA not before: Wed 11 Jun 2025 16:09:09 +0000 ROA not after: Fri 03 Apr 2026 08:00:09 +0000 asID: 146845 IP address blocks: 2407:9b40::/32 maxlen: 64 Validation: Failed, RFC 3779 resource not subset of parent's resources Certificate: Data: Version: 3 (0x2) Serial Number: 9497 (0x2519) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353 Validity Not Before: Jun 11 16:09:09 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=0E862DFEC78D79C0FB80B8917E6A18138681D3C8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9d:59:69:22:be:a7:5d:d8:58:0c:41:38:cb:df: e0:e5:8d:95:5c:de:87:7e:91:ec:8d:9e:60:c6:26: 66:b8:ff:e0:23:bb:e3:3f:6a:3d:23:c9:86:b6:1e: 47:32:06:a7:28:d1:f8:34:8d:3e:c7:9b:bf:54:4d: ec:db:b5:1a:ca:cf:1e:29:bc:60:93:1e:b8:f6:16: bb:88:64:f7:d9:b1:c9:ee:09:d9:9f:1f:4a:ba:b5: df:29:ed:73:70:d2:a0:42:75:a2:57:36:3a:0e:5c: a0:69:fc:37:45:fa:f1:84:90:b8:2e:2e:ee:59:05: 3a:6e:82:8c:52:dd:95:9c:a9:74:99:32:4e:92:02: ba:4a:d9:28:6a:1f:70:f5:85:58:9d:31:0b:96:3a: 29:8b:c1:03:50:c8:3f:f4:94:4d:59:e8:75:18:8a: 69:59:9b:e4:39:c4:0e:5f:36:70:8c:f0:3d:9b:2f: c8:37:9f:56:3d:dd:91:f8:17:44:76:42:d7:b5:b3: e2:ab:7b:62:6c:08:77:a0:81:30:2d:20:b1:83:36: f1:d8:10:85:01:b4:e6:71:ad:aa:0f:cd:22:ae:21: 82:40:be:16:d0:93:5a:55:0a:1f:ee:4b:f2:f3:a1: 32:6e:8e:c4:e1:ea:6e:2c:64:c7:28:ea:e3:9a:6c: 23:49 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0E:86:2D:FE:C7:8D:79:C0:FB:80:B8:91:7E:6A:18:13:86:81:D3:C8 X509v3 Authority Key Identifier: keyid:D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/0qtsm24WUzTAMtBR1fx9FUfk41M.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/DoYt_seNecD7gLiRfmoYE4aB08g.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2407:9b40::/32 Signature Algorithm: sha256WithRSAEncryption 65:3d:69:15:5e:ba:4f:48:48:8d:72:06:57:00:c2:25:ae:b7: 77:0b:a2:af:8c:b4:f4:de:9f:97:5a:85:0c:87:d0:21:c5:cf: 7e:73:b7:9f:c2:0c:24:05:0c:38:c7:d6:3d:db:bc:cc:96:9f: d8:74:46:67:61:42:c1:fb:1a:de:3e:3f:af:d3:f4:26:ca:9e: e4:39:7f:95:f4:6d:f9:2c:34:ea:cc:64:01:ab:7b:ee:ba:5c: 3a:21:89:62:96:be:55:76:b6:8b:8b:63:ec:69:1c:60:45:52: 3d:50:ab:e4:d3:d6:0a:0a:7a:a9:93:ac:72:b6:3e:1c:d7:8c: 93:77:84:19:97:84:b3:9d:cd:f7:0a:95:e8:7b:f0:1e:0e:7c: e1:c5:d7:cb:9e:f6:5a:57:ab:cd:89:36:fd:0d:9c:2c:bc:8b: 8f:2e:c3:7f:b0:61:b9:29:01:25:37:e8:3c:fd:9d:b2:39:38: 0e:18:f1:d9:7b:d7:ec:72:76:03:36:59:8f:3e:33:46:6b:d5: 1d:51:0c:96:2a:fa:f6:57:f8:01:aa:6a:90:70:f0:7a:3d:79: 69:dd:99:51:87:69:ea:a2:fa:36:2c:1a:a0:6b:88:ff:ba:a1: 9e:6f:ab:05:90:31:68:a3:d4:88:95:83:33:22:d1:f1:04:95: 44:b1:26:1a -----BEGIN CERTIFICATE----- MIIE2DCCA8CgAwIBAgICJRkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRDJB QjZDOUI2RTE2NTMzNEMwMzJEMDUxRDVGQzdEMTU0N0U0RTM1MzAeFw0yNTA2MTEx NjA5MDlaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDBFODYyREZFQzc4RDc5 QzBGQjgwQjg5MTdFNkExODEzODY4MUQzQzgwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCdWWkivqdd2FgMQTjL3+DljZVc3od+keyNnmDGJma4/+Aju+M/ aj0jyYa2HkcyBqco0fg0jT7Hm79UTezbtRrKzx4pvGCTHrj2FruIZPfZscnuCdmf H0q6td8p7XNw0qBCdaJXNjoOXKBp/DdF+vGEkLguLu5ZBTpugoxS3ZWcqXSZMk6S ArpK2ShqH3D1hVidMQuWOimLwQNQyD/0lE1Z6HUYimlZm+Q5xA5fNnCM8D2bL8g3 n1Y93ZH4F0R2Qte1s+Kre2JsCHeggTAtILGDNvHYEIUBtOZxraoPzSKuIYJAvhbQ k1pVCh/uS/LzoTJujsTh6m4sZMco6uOabCNJAgMBAAGjggH0MIIB8DAdBgNVHQ4E FgQUDoYt/seNecD7gLiRfmoYE4aB08gwHwYDVR0jBBgwFoAU0qtsm24WUzTAMtBR 1fx9FUfk41MwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA5 OC8wcXRzbTI0V1V6VEFNdEJSMWZ4OUZVZms0MU0uY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwLzBxdHNtMjRXVXpUQU10QlIxZng5RlVmazQxTS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwOTgvRG9ZdF9zZU5lY0Q3 Z0xpUmZtb1lFNGFCMDhnLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIw BwMFACQHm0AwDQYJKoZIhvcNAQELBQADggEBAGU9aRVeuk9ISI1yBlcAwiWut3cL oq+MtPTen5dahQyH0CHFz35zt5/CDCQFDDjH1j3bvMyWn9h0RmdhQsH7Gt4+P6/T 9CbKnuQ5f5X0bfksNOrMZAGre+66XDohiWKWvlV2touLY+xpHGBFUj1Qq+TT1goK eqmTrHK2PhzXjJN3hBmXhLOdzfcKleh78B4OfOHF18ue9lpXq82JNv0NnCy8i48u w3+wYbkpASU36Dz9nbI5OA4Y8dl71+xydgM2WY8+M0Zr1R1RDJYq+vZX+AGqapBw 8Ho9eWndmVGHaeqi+jYsGqBriP+6oZ5vqwWQMWij1IiVgzMi0fEElUSxJho= -----END CERTIFICATE-----Generated at Sun Jan 11 19:19:13 2026 by rpki-client