This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3098/K23nt4a5EmxF1klHSYu5SMZ71dE.roa File: K23nt4a5EmxF1klHSYu5SMZ71dE.roa (raw, json) Hash identifier: BZswfgMJlCvHF/RtiBqWXv+hq9K3mtwrSaUgI3Jrb9g= Subject key identifier: 2B:6D:E7:B7:86:B9:12:6C:45:D6:49:47:49:8B:B9:48:C6:7B:D5:D1 Certificate issuer: /CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353 Certificate serial: 2678 Authority key identifier: D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/K23nt4a5EmxF1klHSYu5SMZ71dE.roa Signing time: Sat 14 Jun 2025 02:39:17 +0000 ROA not before: Sat 14 Jun 2025 02:39:17 +0000 ROA not after: Fri 03 Apr 2026 08:00:09 +0000 asID: 146845 IP address blocks: 2407:9b40::/32 maxlen: 64 Validation: Failed, RFC 3779 resource not subset of parent's resources Certificate: Data: Version: 3 (0x2) Serial Number: 9848 (0x2678) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353 Validity Not Before: Jun 14 02:39:17 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=2B6DE7B786B9126C45D64947498BB948C67BD5D1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d3:4a:16:c8:64:6c:31:e7:5d:f5:7c:a6:62:73: ed:1f:b7:42:44:40:52:b9:ad:1a:64:ae:9f:ba:ef: c7:49:04:df:b1:c4:ca:b1:b4:d3:10:84:05:65:52: 3a:4d:b7:89:fd:c5:49:37:97:db:04:83:9c:3e:fa: fe:44:4a:01:4d:8f:28:81:76:83:5f:cd:4e:b4:16: a6:da:76:15:80:18:5f:77:95:db:6f:29:1d:70:00: bc:55:2c:e9:b5:b1:37:e2:8f:58:90:f3:38:5c:ac: 14:fe:25:7c:ed:e3:88:dc:fa:c8:db:2c:c3:f9:aa: f4:0c:c7:2f:9a:72:bc:b7:cc:c3:08:e3:2c:d2:d4: eb:41:db:bf:76:4d:73:34:b3:37:9a:39:60:ab:ee: 75:6a:20:ef:94:33:b1:6c:9c:82:10:8e:e6:64:ca: 24:d3:24:55:0c:89:78:d7:5b:bf:16:5b:38:68:d3: f2:2b:64:39:db:da:b7:70:b1:a8:79:de:d5:ee:c9: c8:b7:4c:42:b0:ed:3c:fc:27:4e:7a:13:70:ed:a8: 75:c4:52:4a:69:86:d5:f7:dc:ba:93:c7:c9:bf:e3: 72:b1:76:31:d5:f9:3d:5e:3b:c9:36:b1:c4:05:6d: 1e:5d:f1:75:8c:64:43:e8:21:59:12:ab:22:94:8a: 7b:61 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2B:6D:E7:B7:86:B9:12:6C:45:D6:49:47:49:8B:B9:48:C6:7B:D5:D1 X509v3 Authority Key Identifier: keyid:D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/0qtsm24WUzTAMtBR1fx9FUfk41M.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/K23nt4a5EmxF1klHSYu5SMZ71dE.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2407:9b40::/32 Signature Algorithm: sha256WithRSAEncryption 29:fb:4e:47:d9:e3:86:33:cd:dc:26:8d:4d:7b:9a:15:53:20: 7c:30:17:ca:87:d0:ad:65:35:29:f3:e5:4c:06:a3:38:cd:60: cd:08:1a:45:74:89:40:e1:76:e2:02:39:2c:f9:fe:a5:fd:2b: bd:a4:d4:73:62:a8:7f:be:77:a2:50:90:54:f4:14:92:62:1f: 09:d8:20:0d:85:03:03:ee:db:0b:9a:26:c7:4e:b8:7e:74:92: 3c:87:78:de:c0:13:13:83:27:d7:96:a3:6f:c0:69:ea:22:6a: b2:39:e7:7a:f3:f3:d6:da:7c:ed:b4:8b:cf:6c:01:db:85:76: 70:b9:1c:20:f9:21:15:d4:6a:89:cc:c9:8c:49:9e:51:22:2f: 9e:63:18:64:d3:03:d5:78:42:c5:0b:b8:04:10:84:f7:0c:61: ee:23:61:d3:01:0c:96:d8:a5:ff:90:b2:78:cc:4f:2d:54:15: af:16:85:84:30:53:f3:dd:4d:ee:2b:06:c0:ae:bd:4e:9e:cc: 36:b0:0c:8d:a9:2e:69:e4:73:9f:2a:a0:f6:03:5f:53:b1:f6: ce:1e:e5:4a:bd:7c:1e:e0:8e:03:06:e1:66:32:13:f6:6f:a0: c5:9d:9c:85:f2:a8:fa:bc:8b:8c:81:45:e0:2b:12:cb:66:1b: 0f:66:e4:7e -----BEGIN CERTIFICATE----- MIIE2DCCA8CgAwIBAgICJngwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRDJB QjZDOUI2RTE2NTMzNEMwMzJEMDUxRDVGQzdEMTU0N0U0RTM1MzAeFw0yNTA2MTQw MjM5MTdaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDJCNkRFN0I3ODZCOTEy NkM0NUQ2NDk0NzQ5OEJCOTQ4QzY3QkQ1RDEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDTShbIZGwx5131fKZic+0ft0JEQFK5rRpkrp+678dJBN+xxMqx tNMQhAVlUjpNt4n9xUk3l9sEg5w++v5ESgFNjyiBdoNfzU60FqbadhWAGF93ldtv KR1wALxVLOm1sTfij1iQ8zhcrBT+JXzt44jc+sjbLMP5qvQMxy+acry3zMMI4yzS 1OtB2792TXM0szeaOWCr7nVqIO+UM7FsnIIQjuZkyiTTJFUMiXjXW78WWzho0/Ir ZDnb2rdwsah53tXuyci3TEKw7Tz8J056E3DtqHXEUkpphtX33LqTx8m/43KxdjHV +T1eO8k2scQFbR5d8XWMZEPoIVkSqyKUinthAgMBAAGjggH0MIIB8DAdBgNVHQ4E FgQUK23nt4a5EmxF1klHSYu5SMZ71dEwHwYDVR0jBBgwFoAU0qtsm24WUzTAMtBR 1fx9FUfk41MwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA5 OC8wcXRzbTI0V1V6VEFNdEJSMWZ4OUZVZms0MU0uY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwLzBxdHNtMjRXVXpUQU10QlIxZng5RlVmazQxTS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwOTgvSzIzbnQ0YTVFbXhG MWtsSFNZdTVTTVo3MWRFLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIw BwMFACQHm0AwDQYJKoZIhvcNAQELBQADggEBACn7TkfZ44YzzdwmjU17mhVTIHww F8qH0K1lNSnz5UwGozjNYM0IGkV0iUDhduICOSz5/qX9K72k1HNiqH++d6JQkFT0 FJJiHwnYIA2FAwPu2wuaJsdOuH50kjyHeN7AExODJ9eWo2/AaeoiarI553rz89ba fO20i89sAduFdnC5HCD5IRXUaonMyYxJnlEiL55jGGTTA9V4QsULuAQQhPcMYe4j YdMBDJbYpf+QsnjMTy1UFa8WhYQwU/PdTe4rBsCuvU6ezDawDI2pLmnkc58qoPYD X1Ox9s4e5Uq9fB7gjgMG4WYyE/ZvoMWdnIXyqPq8i4yBReArEstmGw9m5H4= -----END CERTIFICATE-----Generated at Mon Jan 12 04:05:41 2026 by rpki-client