This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3098/MTq-lhwe0WyaJ4PCL7oY7A1pfoo.roa File: MTq-lhwe0WyaJ4PCL7oY7A1pfoo.roa (raw, json) Hash identifier: /O/2hk2KPBdiIr5scZ2HlN/eYD/WojagdZ+VwKK14Ow= Subject key identifier: 31:3A:BE:96:1C:1E:D1:6C:9A:27:83:C2:2F:BA:18:EC:0D:69:7E:8A Certificate issuer: /CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353 Certificate serial: 1C22 Authority key identifier: D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/MTq-lhwe0WyaJ4PCL7oY7A1pfoo.roa Signing time: Mon 26 May 2025 17:38:06 +0000 ROA not before: Mon 26 May 2025 17:38:06 +0000 ROA not after: Fri 03 Apr 2026 08:00:09 +0000 asID: 146845 IP address blocks: 2407:9b40::/32 maxlen: 64 Validation: Failed, RFC 3779 resource not subset of parent's resources Certificate: Data: Version: 3 (0x2) Serial Number: 7202 (0x1c22) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353 Validity Not Before: May 26 17:38:06 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=313ABE961C1ED16C9A2783C22FBA18EC0D697E8A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e6:3c:9d:de:28:06:cd:f5:4b:3b:34:2c:d0:ea: b0:22:92:57:46:b9:0d:64:b2:17:e1:09:dd:aa:0e: fb:7b:23:63:45:d9:5d:24:6a:15:af:46:d6:f5:e6: 3b:0e:43:17:44:68:dd:3d:38:54:ab:cd:87:73:73: 09:f2:a0:57:08:2f:b8:7f:e2:26:a8:2a:9b:07:e1: f0:9f:c5:5e:62:1b:a1:4f:5b:93:52:46:43:20:ad: f2:f5:2b:f7:3a:89:88:ca:78:75:21:f2:b3:77:93: 14:73:ee:5c:69:82:b1:f2:c6:25:1a:6a:d8:a5:9e: 22:34:c8:f4:30:b0:d1:2b:08:d1:aa:2f:84:f0:59: bc:d2:f5:cc:33:3b:a4:d5:f4:cb:b8:8d:15:6d:5e: be:6e:39:5c:4a:05:ec:78:73:c8:b3:f7:16:b3:80: aa:a1:65:dd:34:7f:7c:8b:4c:c8:9b:22:f8:2a:d2: fb:86:2d:a6:74:a9:31:c6:15:ce:7a:c2:0c:9a:59: 4d:91:d2:05:8d:a3:5b:07:ed:23:2a:81:ed:96:ab: de:32:88:e1:da:37:65:d9:de:33:a6:59:03:6b:d3: 2b:e5:08:15:8d:d7:04:10:3d:79:d8:fb:b3:83:54: 04:74:ad:c2:fc:af:85:0a:c9:bd:52:a4:cc:e9:79: c4:79 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 31:3A:BE:96:1C:1E:D1:6C:9A:27:83:C2:2F:BA:18:EC:0D:69:7E:8A X509v3 Authority Key Identifier: keyid:D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/0qtsm24WUzTAMtBR1fx9FUfk41M.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/MTq-lhwe0WyaJ4PCL7oY7A1pfoo.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2407:9b40::/32 Signature Algorithm: sha256WithRSAEncryption a9:1f:77:f0:1d:e1:b9:b3:ba:21:af:9d:62:8a:4e:e3:18:67: 03:40:cc:67:87:95:ea:ed:bf:11:3c:5e:89:05:ab:ab:5b:28: 22:85:6c:7f:e8:fd:8f:05:7d:73:24:5f:28:56:ff:1c:d3:a0: 5e:c0:bb:db:9a:3c:11:0d:cd:41:26:a4:b9:30:7e:cc:40:0e: 82:18:63:5d:ca:4b:4b:1b:c6:0e:b8:6a:87:05:01:f8:c0:b9: ca:8d:d4:50:c1:69:a4:ac:3b:61:42:46:e8:99:ee:79:15:cf: 59:16:68:68:98:57:1e:d4:c4:57:88:26:2a:d4:19:92:17:92: aa:81:0e:cf:e2:0b:48:6c:24:47:47:ef:47:17:c8:59:07:f6: 02:59:b7:a7:78:b1:4b:a7:94:af:1c:e5:86:e2:23:9c:be:c7: 32:39:f8:94:60:a2:0c:0f:31:7b:d0:5b:be:86:51:f3:0f:6f: 8a:76:ea:7c:16:c4:02:2e:26:2f:3b:5f:a3:b1:de:2a:55:91: 5d:5d:dd:53:3c:35:e2:4b:1e:d7:0a:ff:fa:8f:96:cc:da:4d: 8e:81:55:92:2c:cc:b8:14:f6:a9:46:10:01:4e:d2:6b:56:62: 49:6f:fa:fc:7a:aa:92:80:48:24:1f:ed:6d:c0:f4:8c:e4:b8: d2:7f:c0:8f -----BEGIN CERTIFICATE----- MIIE2DCCA8CgAwIBAgICHCIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRDJB QjZDOUI2RTE2NTMzNEMwMzJEMDUxRDVGQzdEMTU0N0U0RTM1MzAeFw0yNTA1MjYx NzM4MDZaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDMxM0FCRTk2MUMxRUQx NkM5QTI3ODNDMjJGQkExOEVDMEQ2OTdFOEEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDmPJ3eKAbN9Us7NCzQ6rAikldGuQ1kshfhCd2qDvt7I2NF2V0k ahWvRtb15jsOQxdEaN09OFSrzYdzcwnyoFcIL7h/4iaoKpsH4fCfxV5iG6FPW5NS RkMgrfL1K/c6iYjKeHUh8rN3kxRz7lxpgrHyxiUaatilniI0yPQwsNErCNGqL4Tw WbzS9cwzO6TV9Mu4jRVtXr5uOVxKBex4c8iz9xazgKqhZd00f3yLTMibIvgq0vuG LaZ0qTHGFc56wgyaWU2R0gWNo1sH7SMqge2Wq94yiOHaN2XZ3jOmWQNr0yvlCBWN 1wQQPXnY+7ODVAR0rcL8r4UKyb1SpMzpecR5AgMBAAGjggH0MIIB8DAdBgNVHQ4E FgQUMTq+lhwe0WyaJ4PCL7oY7A1pfoowHwYDVR0jBBgwFoAU0qtsm24WUzTAMtBR 1fx9FUfk41MwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA5 OC8wcXRzbTI0V1V6VEFNdEJSMWZ4OUZVZms0MU0uY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwLzBxdHNtMjRXVXpUQU10QlIxZng5RlVmazQxTS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwOTgvTVRxLWxod2UwV3lh SjRQQ0w3b1k3QTFwZm9vLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIw BwMFACQHm0AwDQYJKoZIhvcNAQELBQADggEBAKkfd/Ad4bmzuiGvnWKKTuMYZwNA zGeHlertvxE8XokFq6tbKCKFbH/o/Y8FfXMkXyhW/xzToF7Au9uaPBENzUEmpLkw fsxADoIYY13KS0sbxg64aocFAfjAucqN1FDBaaSsO2FCRuiZ7nkVz1kWaGiYVx7U xFeIJirUGZIXkqqBDs/iC0hsJEdH70cXyFkH9gJZt6d4sUunlK8c5YbiI5y+xzI5 +JRgogwPMXvQW76GUfMPb4p26nwWxAIuJi87X6Ox3ipVkV1d3VM8NeJLHtcK//qP lszaTY6BVZIszLgU9qlGEAFO0mtWYklv+vx6qpKASCQf7W3A9IzkuNJ/wI8= -----END CERTIFICATE-----Generated at Thu Jan 8 23:15:04 2026 by rpki-client