This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3098/I6OOtVGHaGhp-TGFfDizLRZtTu8.roa File: I6OOtVGHaGhp-TGFfDizLRZtTu8.roa (raw, json) Hash identifier: 7wPWs/UN81XeqRfsWURU+ExcdDZ6ctD4ONNqVThi1iM= Subject key identifier: 23:A3:8E:B5:51:87:68:68:69:F9:31:85:7C:38:B3:2D:16:6D:4E:EF Certificate issuer: /CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353 Certificate serial: 1FAF Authority key identifier: D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/I6OOtVGHaGhp-TGFfDizLRZtTu8.roa Signing time: Mon 02 Jun 2025 01:08:35 +0000 ROA not before: Mon 02 Jun 2025 01:08:35 +0000 ROA not after: Fri 03 Apr 2026 08:00:09 +0000 asID: 146845 IP address blocks: 2407:9b40::/32 maxlen: 64 Validation: Failed, RFC 3779 resource not subset of parent's resources Certificate: Data: Version: 3 (0x2) Serial Number: 8111 (0x1faf) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353 Validity Not Before: Jun 2 01:08:35 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=23A38EB55187686869F931857C38B32D166D4EEF Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:96:9c:b0:d4:0c:d1:ac:68:73:23:d9:06:39:c8: 06:a0:f0:b6:2d:29:cf:86:e6:c4:16:71:f0:ba:18: 80:9c:88:3c:b8:0f:a8:cd:b9:e9:8c:93:1a:08:52: 89:01:92:f5:2c:2d:9c:b9:69:9d:45:5c:60:37:43: eb:66:aa:9c:3c:f8:19:4c:99:5f:bf:98:f3:05:15: 0e:aa:d4:4a:0c:fd:c0:f2:78:42:06:4b:32:cf:ba: 66:0c:be:6f:0d:60:d1:16:b4:13:b0:43:5e:68:c4: d9:bc:99:cc:9c:a7:9b:78:ef:6c:f2:2c:46:9f:45: e0:b3:77:97:84:9d:1a:b4:03:61:29:c9:f3:35:dc: 44:d5:b3:b1:85:80:40:30:54:44:56:92:64:57:4e: a1:ce:d0:cb:55:a8:d3:17:4c:ed:bd:7f:f4:dc:33: 44:bd:67:25:ed:a7:78:32:21:72:65:1f:6a:99:91: 61:d5:86:27:82:39:8f:87:2f:fc:10:77:3f:41:b0: 22:fc:38:cd:d5:34:7a:28:0d:44:b3:e9:06:fa:f5: 9f:11:d2:9d:23:60:98:29:37:b3:16:3b:75:f6:10: 1e:a4:b2:fa:5f:26:43:0d:80:67:e1:28:bf:5d:1d: 25:c4:95:29:63:a1:d4:bc:08:13:e2:6e:17:f0:5f: e5:4f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 23:A3:8E:B5:51:87:68:68:69:F9:31:85:7C:38:B3:2D:16:6D:4E:EF X509v3 Authority Key Identifier: keyid:D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/0qtsm24WUzTAMtBR1fx9FUfk41M.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/I6OOtVGHaGhp-TGFfDizLRZtTu8.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2407:9b40::/32 Signature Algorithm: sha256WithRSAEncryption 4f:db:35:a5:3f:82:84:11:32:2c:d7:e8:ec:72:a8:93:b9:54: f9:cb:3b:d8:79:af:96:c0:27:8d:56:59:21:6f:90:95:be:f7: 39:03:6d:76:af:fc:67:63:e3:e6:76:65:6e:f0:bd:2b:b3:9e: ce:3e:88:24:72:73:d3:5d:ea:5d:9f:40:b6:b3:ec:1b:3a:d3: cc:c0:08:a7:31:0f:47:91:da:ed:80:aa:26:08:db:8e:06:2f: db:43:74:e3:93:11:a8:c5:15:a4:5d:5e:32:90:b7:9e:91:53: 86:3b:29:01:5b:69:62:9d:a7:24:7a:71:8b:16:2c:e0:47:c7: 80:4a:73:1f:eb:a8:47:36:11:a2:1e:c3:bc:f9:65:25:4d:0d: 59:4c:3d:19:18:6a:3d:ed:01:35:8f:b5:45:42:94:cd:a6:4f: 93:9b:4d:82:6e:4a:10:9b:58:54:96:8d:9b:7a:8c:56:01:19: df:43:74:d9:b4:34:16:db:6b:f4:80:98:8e:22:4e:b5:5b:f7: 53:68:14:67:3d:68:79:f7:46:66:f8:05:bc:5e:14:01:42:b7: 28:59:a7:79:1a:be:2d:6a:2d:07:2a:75:f8:0a:2e:92:6f:56: 79:e6:41:8f:06:b7:eb:df:ae:50:c8:d4:31:57:57:af:00:a7: d9:b3:53:da -----BEGIN CERTIFICATE----- MIIE2DCCA8CgAwIBAgICH68wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRDJB QjZDOUI2RTE2NTMzNEMwMzJEMDUxRDVGQzdEMTU0N0U0RTM1MzAeFw0yNTA2MDIw MTA4MzVaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDIzQTM4RUI1NTE4NzY4 Njg2OUY5MzE4NTdDMzhCMzJEMTY2RDRFRUYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCWnLDUDNGsaHMj2QY5yAag8LYtKc+G5sQWcfC6GICciDy4D6jN uemMkxoIUokBkvUsLZy5aZ1FXGA3Q+tmqpw8+BlMmV+/mPMFFQ6q1EoM/cDyeEIG SzLPumYMvm8NYNEWtBOwQ15oxNm8mcycp5t472zyLEafReCzd5eEnRq0A2EpyfM1 3ETVs7GFgEAwVERWkmRXTqHO0MtVqNMXTO29f/TcM0S9ZyXtp3gyIXJlH2qZkWHV hieCOY+HL/wQdz9BsCL8OM3VNHooDUSz6Qb69Z8R0p0jYJgpN7MWO3X2EB6ksvpf JkMNgGfhKL9dHSXElSljodS8CBPibhfwX+VPAgMBAAGjggH0MIIB8DAdBgNVHQ4E FgQUI6OOtVGHaGhp+TGFfDizLRZtTu8wHwYDVR0jBBgwFoAU0qtsm24WUzTAMtBR 1fx9FUfk41MwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA5 OC8wcXRzbTI0V1V6VEFNdEJSMWZ4OUZVZms0MU0uY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwLzBxdHNtMjRXVXpUQU10QlIxZng5RlVmazQxTS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwOTgvSTZPT3RWR0hhR2hw LVRHRmZEaXpMUlp0VHU4LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIw BwMFACQHm0AwDQYJKoZIhvcNAQELBQADggEBAE/bNaU/goQRMizX6OxyqJO5VPnL O9h5r5bAJ41WWSFvkJW+9zkDbXav/Gdj4+Z2ZW7wvSuzns4+iCRyc9Nd6l2fQLaz 7Bs608zACKcxD0eR2u2AqiYI244GL9tDdOOTEajFFaRdXjKQt56RU4Y7KQFbaWKd pyR6cYsWLOBHx4BKcx/rqEc2EaIew7z5ZSVNDVlMPRkYaj3tATWPtUVClM2mT5Ob TYJuShCbWFSWjZt6jFYBGd9DdNm0NBbba/SAmI4iTrVb91NoFGc9aHn3Rmb4Bbxe FAFCtyhZp3kavi1qLQcqdfgKLpJvVnnmQY8Gt+vfrlDI1DFXV68Ap9mzU9o= -----END CERTIFICATE-----Generated at Mon Jan 12 22:25:11 2026 by rpki-client