This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3098/DttKDOcEEROLyILH1EduQ4XNRJQ.roa File: DttKDOcEEROLyILH1EduQ4XNRJQ.roa (raw, json) Hash identifier: oJdolOpBAWtqcQLr9g9npFvxNl0RAowJKgrqwE5PvZ4= Subject key identifier: 0E:DB:4A:0C:E7:04:11:13:8B:C8:82:C7:D4:47:6E:43:85:CD:44:94 Certificate issuer: /CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353 Certificate serial: 23AE Authority key identifier: D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/DttKDOcEEROLyILH1EduQ4XNRJQ.roa Signing time: Mon 09 Jun 2025 03:38:57 +0000 ROA not before: Mon 09 Jun 2025 03:38:57 +0000 ROA not after: Fri 03 Apr 2026 08:00:09 +0000 asID: 146845 IP address blocks: 2407:9b40::/32 maxlen: 64 Validation: Failed, RFC 3779 resource not subset of parent's resources Certificate: Data: Version: 3 (0x2) Serial Number: 9134 (0x23ae) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353 Validity Not Before: Jun 9 03:38:57 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=0EDB4A0CE70411138BC882C7D4476E4385CD4494 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:b4:0f:cb:21:e7:3f:ab:2e:43:57:9f:d0:a9: 63:0c:23:6a:43:88:4a:94:c9:25:f0:bd:18:15:32: 19:c0:b6:a6:f8:c6:bc:c3:3e:4a:30:17:bc:cb:18: e7:5e:c3:86:e5:46:29:03:9b:a5:de:87:29:b8:35: cf:59:ff:07:67:00:a3:98:36:04:60:41:ca:42:37: bc:fc:a2:92:32:b2:db:1c:43:05:99:5e:53:ef:fd: 6e:05:ff:77:cd:eb:19:5f:6a:6f:56:58:5a:25:56: 3c:76:8a:84:b5:b8:08:1e:56:fb:64:be:7a:7b:30: f6:f3:d6:20:4f:a1:c3:78:b2:6a:2c:87:35:67:65: 46:a5:c6:7c:22:58:7b:23:95:a1:41:eb:df:26:55: 93:ea:86:d3:22:b7:ba:35:9d:56:dc:3a:f7:02:e9: fa:47:f1:1a:72:1e:7d:71:39:70:60:80:01:99:07: c0:d1:2f:0f:aa:13:91:ad:78:d0:f0:7b:52:f8:50: 6e:dd:94:bc:7b:53:65:92:f4:66:c7:92:1c:31:ae: 5f:fd:03:77:5a:72:2a:c3:5a:60:7c:e6:c8:d9:58: 49:25:89:28:ce:c2:03:dd:42:2d:7c:c7:56:6f:0a: 1e:3f:16:20:6a:19:f3:25:2c:32:52:77:c2:4f:9d: 43:af Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0E:DB:4A:0C:E7:04:11:13:8B:C8:82:C7:D4:47:6E:43:85:CD:44:94 X509v3 Authority Key Identifier: keyid:D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/0qtsm24WUzTAMtBR1fx9FUfk41M.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/DttKDOcEEROLyILH1EduQ4XNRJQ.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2407:9b40::/32 Signature Algorithm: sha256WithRSAEncryption a9:64:0b:c1:77:81:bd:56:30:29:3f:a2:12:97:4e:74:7c:cc: 8b:98:88:0f:7c:d0:39:7c:e4:e3:03:7d:2f:de:de:5d:4c:3a: f9:86:87:e4:2c:5e:d5:e6:06:ca:f1:e1:b1:55:31:7e:be:b7: 74:e6:79:e5:40:89:c4:22:a9:3a:83:05:73:5e:45:b9:e8:b2: be:d0:43:fc:fa:02:3e:f4:15:85:5b:4b:a2:66:60:1e:50:33: 77:88:3b:61:21:1b:ed:ef:aa:4d:ba:a3:95:10:12:7c:5f:b9: f3:fa:a9:20:38:06:7e:58:40:43:9b:f5:00:7a:c7:d5:8e:f6: 9a:4e:e8:9b:b4:6c:a7:0b:cf:3b:65:6f:5a:ea:5e:c0:ba:db: 3d:02:84:e3:9b:b8:83:9d:36:00:a0:11:88:b0:e3:94:20:01: 04:b8:f3:03:53:69:56:fa:c2:0b:c6:b9:7d:90:b9:67:03:db: fa:54:b6:ac:7f:96:21:47:15:6e:7e:9e:6b:a9:37:92:e4:78: 90:99:aa:05:0f:b7:95:35:29:27:38:a4:20:07:00:dc:3a:97: 05:99:01:bc:fe:aa:51:de:c2:f3:e4:0c:3f:a3:20:f3:b3:19: 26:3d:cf:f6:01:ea:a7:a9:4b:b5:2f:09:6f:2a:b1:ae:fd:ed: 1d:75:d2:82 -----BEGIN CERTIFICATE----- MIIE2DCCA8CgAwIBAgICI64wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRDJB QjZDOUI2RTE2NTMzNEMwMzJEMDUxRDVGQzdEMTU0N0U0RTM1MzAeFw0yNTA2MDkw MzM4NTdaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDBFREI0QTBDRTcwNDEx MTM4QkM4ODJDN0Q0NDc2RTQzODVDRDQ0OTQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDOtA/LIec/qy5DV5/QqWMMI2pDiEqUySXwvRgVMhnAtqb4xrzD PkowF7zLGOdew4blRikDm6Xehym4Nc9Z/wdnAKOYNgRgQcpCN7z8opIystscQwWZ XlPv/W4F/3fN6xlfam9WWFolVjx2ioS1uAgeVvtkvnp7MPbz1iBPocN4smoshzVn ZUalxnwiWHsjlaFB698mVZPqhtMit7o1nVbcOvcC6fpH8RpyHn1xOXBggAGZB8DR Lw+qE5GteNDwe1L4UG7dlLx7U2WS9GbHkhwxrl/9A3dacirDWmB85sjZWEkliSjO wgPdQi18x1ZvCh4/FiBqGfMlLDJSd8JPnUOvAgMBAAGjggH0MIIB8DAdBgNVHQ4E FgQUDttKDOcEEROLyILH1EduQ4XNRJQwHwYDVR0jBBgwFoAU0qtsm24WUzTAMtBR 1fx9FUfk41MwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA5 OC8wcXRzbTI0V1V6VEFNdEJSMWZ4OUZVZms0MU0uY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwLzBxdHNtMjRXVXpUQU10QlIxZng5RlVmazQxTS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwOTgvRHR0S0RPY0VFUk9M eUlMSDFFZHVRNFhOUkpRLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIw BwMFACQHm0AwDQYJKoZIhvcNAQELBQADggEBAKlkC8F3gb1WMCk/ohKXTnR8zIuY iA980Dl85OMDfS/e3l1MOvmGh+QsXtXmBsrx4bFVMX6+t3TmeeVAicQiqTqDBXNe Rbnosr7QQ/z6Aj70FYVbS6JmYB5QM3eIO2EhG+3vqk26o5UQEnxfufP6qSA4Bn5Y QEOb9QB6x9WO9ppO6Ju0bKcLzztlb1rqXsC62z0ChOObuIOdNgCgEYiw45QgAQS4 8wNTaVb6wgvGuX2QuWcD2/pUtqx/liFHFW5+nmupN5LkeJCZqgUPt5U1KSc4pCAH ANw6lwWZAbz+qlHewvPkDD+jIPOzGSY9z/YB6qepS7UvCW8qsa797R110oI= -----END CERTIFICATE-----Generated at Mon Jan 12 13:07:16 2026 by rpki-client