This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3098/Dtyv5mtfH4P990zFM3lkNAWuFRE.roa File: Dtyv5mtfH4P990zFM3lkNAWuFRE.roa (raw, json) Hash identifier: lBhejzP/US7vzWOOrjWSFyOT/e1X6GFxnyVCx5rOmPk= Subject key identifier: 0E:DC:AF:E6:6B:5F:1F:83:FD:F7:4C:C5:33:79:64:34:05:AE:15:11 Certificate issuer: /CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353 Certificate serial: 2210 Authority key identifier: D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/Dtyv5mtfH4P990zFM3lkNAWuFRE.roa Signing time: Fri 06 Jun 2025 06:38:48 +0000 ROA not before: Fri 06 Jun 2025 06:38:48 +0000 ROA not after: Fri 03 Apr 2026 08:00:09 +0000 asID: 146845 IP address blocks: 2407:9b40::/32 maxlen: 64 Validation: Failed, RFC 3779 resource not subset of parent's resources Certificate: Data: Version: 3 (0x2) Serial Number: 8720 (0x2210) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353 Validity Not Before: Jun 6 06:38:48 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=0EDCAFE66B5F1F83FDF74CC53379643405AE1511 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:3a:cd:a4:c1:36:28:98:6d:62:0c:1c:bc:d5: ba:f7:ea:a8:01:79:19:65:a8:b8:4b:e3:05:9c:05: ba:14:8a:85:8d:c9:33:e2:0b:32:77:83:02:22:fd: c9:48:6f:37:56:f0:eb:c0:2e:8b:49:50:51:47:7f: eb:5c:7a:3f:f8:9e:3c:5a:b8:d2:a3:db:d3:91:d4: b3:29:cf:85:c3:27:88:43:ea:8a:7f:70:ae:35:92: c2:67:37:09:55:32:da:23:ef:e8:9c:2a:78:4c:a3: 39:c6:bd:ad:85:c3:00:17:83:d5:a8:01:03:6e:b8: e5:ef:29:7c:47:4c:b1:51:6f:a7:13:2a:7f:52:53: da:43:09:57:f5:be:01:69:4c:e2:fa:9f:3e:3b:7b: 88:66:c7:2f:aa:7a:88:d4:20:5b:b7:38:f0:79:20: 93:ea:d9:ac:28:69:04:c6:3e:ab:98:ad:7d:d1:f8: 56:ee:ab:ea:dc:6d:25:c2:fd:4d:53:e9:52:34:87: 83:7f:1d:24:01:22:e5:95:01:68:2f:c8:5f:36:7b: d7:49:68:bb:8d:76:5b:f6:3b:14:56:62:19:9c:8e: 91:cd:de:9a:2d:4e:28:f6:a8:69:7e:df:af:44:cc: d0:8c:ac:42:06:91:0d:dd:f4:9d:5e:99:a4:b2:ee: 33:ad Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0E:DC:AF:E6:6B:5F:1F:83:FD:F7:4C:C5:33:79:64:34:05:AE:15:11 X509v3 Authority Key Identifier: keyid:D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/0qtsm24WUzTAMtBR1fx9FUfk41M.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/Dtyv5mtfH4P990zFM3lkNAWuFRE.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2407:9b40::/32 Signature Algorithm: sha256WithRSAEncryption 4c:eb:50:f2:a6:ff:f9:60:c2:fa:e7:28:c8:c7:b4:c2:ff:3a: 30:9c:b9:39:53:d3:5a:0c:cf:26:8f:ca:f4:7d:48:5c:75:7d: 3b:d0:de:53:96:6e:75:0d:75:9e:2d:52:4c:85:e8:72:02:2d: 70:b8:44:4a:43:08:6d:48:8b:b4:a3:b3:f7:03:6f:2d:87:06: 02:0d:99:99:09:af:9b:86:95:81:73:26:3d:96:96:c6:bd:9c: 30:af:f7:f1:95:c3:99:c3:32:65:e9:88:f6:a5:da:f0:26:04: 0b:3c:20:f6:39:64:44:2c:03:14:4b:32:24:60:f8:c5:51:f7: 79:25:eb:a6:14:18:54:f0:e4:0b:a6:ef:ea:97:18:98:84:b6: 89:57:36:cb:5e:05:0d:42:33:91:35:30:e0:82:2c:70:ef:58: ee:f7:4c:39:df:a2:20:28:d9:de:ba:f8:84:47:cc:e0:b6:fe: 6b:9a:28:ae:7e:f5:88:f4:90:f4:fe:16:00:1f:9e:95:1f:d3: a0:80:c4:14:1f:a0:4f:f8:21:23:6a:b0:97:e4:8d:15:32:82: c7:25:2e:07:0a:00:45:60:98:88:16:e2:0f:9e:48:d6:43:12: fa:46:bb:28:a0:34:7d:1f:12:e6:d5:65:94:79:e5:44:cf:e1: c4:a4:5c:78 -----BEGIN CERTIFICATE----- MIIE2DCCA8CgAwIBAgICIhAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRDJB QjZDOUI2RTE2NTMzNEMwMzJEMDUxRDVGQzdEMTU0N0U0RTM1MzAeFw0yNTA2MDYw NjM4NDhaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDBFRENBRkU2NkI1RjFG ODNGREY3NENDNTMzNzk2NDM0MDVBRTE1MTEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDCOs2kwTYomG1iDBy81br36qgBeRllqLhL4wWcBboUioWNyTPi CzJ3gwIi/clIbzdW8OvALotJUFFHf+tcej/4njxauNKj29OR1LMpz4XDJ4hD6op/ cK41ksJnNwlVMtoj7+icKnhMoznGva2FwwAXg9WoAQNuuOXvKXxHTLFRb6cTKn9S U9pDCVf1vgFpTOL6nz47e4hmxy+qeojUIFu3OPB5IJPq2awoaQTGPquYrX3R+Fbu q+rcbSXC/U1T6VI0h4N/HSQBIuWVAWgvyF82e9dJaLuNdlv2OxRWYhmcjpHN3pot Tij2qGl+369EzNCMrEIGkQ3d9J1emaSy7jOtAgMBAAGjggH0MIIB8DAdBgNVHQ4E FgQUDtyv5mtfH4P990zFM3lkNAWuFREwHwYDVR0jBBgwFoAU0qtsm24WUzTAMtBR 1fx9FUfk41MwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA5 OC8wcXRzbTI0V1V6VEFNdEJSMWZ4OUZVZms0MU0uY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwLzBxdHNtMjRXVXpUQU10QlIxZng5RlVmazQxTS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwOTgvRHR5djVtdGZINFA5 OTB6Rk0zbGtOQVd1RlJFLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIw BwMFACQHm0AwDQYJKoZIhvcNAQELBQADggEBAEzrUPKm//lgwvrnKMjHtML/OjCc uTlT01oMzyaPyvR9SFx1fTvQ3lOWbnUNdZ4tUkyF6HICLXC4REpDCG1Ii7Sjs/cD by2HBgINmZkJr5uGlYFzJj2Wlsa9nDCv9/GVw5nDMmXpiPal2vAmBAs8IPY5ZEQs AxRLMiRg+MVR93kl66YUGFTw5Aum7+qXGJiEtolXNsteBQ1CM5E1MOCCLHDvWO73 TDnfoiAo2d66+IRHzOC2/muaKK5+9Yj0kPT+FgAfnpUf06CAxBQfoE/4ISNqsJfk jRUygsclLgcKAEVgmIgW4g+eSNZDEvpGuyigNH0fEubVZZR55UTP4cSkXHg= -----END CERTIFICATE-----Generated at Sun Jan 11 14:34:06 2026 by rpki-client