This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3098/RasKjTEkp_SbuTi3DzM_jhPMDmY.roa File: RasKjTEkp_SbuTi3DzM_jhPMDmY.roa (raw, json) Hash identifier: FvBqjP7E+6hBFZD5Rlz61H4ylBAKaM2XtPN+m+wO8VQ= Subject key identifier: 45:AB:0A:8D:31:24:A7:F4:9B:B9:38:B7:0F:33:3F:8E:13:CC:0E:66 Certificate issuer: /CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353 Certificate serial: 2444 Authority key identifier: D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/RasKjTEkp_SbuTi3DzM_jhPMDmY.roa Signing time: Tue 10 Jun 2025 04:39:05 +0000 ROA not before: Tue 10 Jun 2025 04:39:05 +0000 ROA not after: Fri 03 Apr 2026 08:00:09 +0000 asID: 146845 IP address blocks: 2407:9b40::/32 maxlen: 64 Validation: Failed, RFC 3779 resource not subset of parent's resources Certificate: Data: Version: 3 (0x2) Serial Number: 9284 (0x2444) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353 Validity Not Before: Jun 10 04:39:05 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=45AB0A8D3124A7F49BB938B70F333F8E13CC0E66 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d6:36:7c:db:c3:68:d5:9d:53:ed:2b:0b:56:c2: 0f:f1:51:a6:15:6a:68:de:92:6a:14:61:ba:e2:00: cd:56:38:9d:f9:6e:95:8a:5c:2d:9a:45:c0:d1:9c: be:cc:a8:a7:21:52:d2:d6:de:3f:99:ae:df:35:b7: 7a:dc:f7:6e:40:c5:00:b9:b8:6c:b3:ee:79:2f:54: cd:69:5a:49:b6:2a:5d:ec:4d:c4:a3:ca:94:4f:a2: c2:9b:0c:1a:44:48:3e:af:f8:d8:e5:6e:b7:82:45: ca:d2:fa:9f:8c:37:de:34:cb:f2:c4:13:e0:bf:1f: 37:dd:6e:2b:8b:66:c4:91:4c:65:b5:df:1f:7b:be: 17:2a:4f:50:51:2d:2d:90:81:43:17:02:bb:27:aa: ed:e3:e1:d9:86:89:99:71:50:f2:bc:a4:b2:98:9f: 2c:1a:68:72:b8:05:d9:95:33:c0:8e:34:0a:48:1e: 1a:cb:67:bd:c2:1c:81:c1:97:ec:db:16:16:7e:e2: fe:64:a2:9c:57:4b:21:68:9c:61:55:f0:ae:a4:97: 5b:ad:d9:11:93:82:ac:fb:a9:d9:f9:21:78:ac:ca: be:5b:14:b8:b9:04:61:33:f6:30:4d:5d:0b:06:65: 81:43:5c:c5:d0:6b:ec:a4:b6:65:22:5f:96:9c:5c: 83:19 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 45:AB:0A:8D:31:24:A7:F4:9B:B9:38:B7:0F:33:3F:8E:13:CC:0E:66 X509v3 Authority Key Identifier: keyid:D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/0qtsm24WUzTAMtBR1fx9FUfk41M.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/RasKjTEkp_SbuTi3DzM_jhPMDmY.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2407:9b40::/32 Signature Algorithm: sha256WithRSAEncryption 92:e3:d5:d7:b5:39:39:a4:40:07:7c:75:cc:e7:3a:80:d1:f7: c2:6e:90:2d:16:c4:7d:bc:b5:45:dc:85:30:27:32:ad:c6:76: 6d:e0:98:31:ca:8f:a7:bf:b2:b4:6f:28:05:36:53:86:8d:e9: 89:91:53:88:e4:27:f2:c7:e0:4b:b0:7f:b6:5f:74:52:9e:ae: ef:e7:66:51:47:a4:ec:e6:51:ac:14:8d:9a:5a:44:8a:53:a3: 10:96:2a:c4:73:e7:6e:06:12:f0:0c:8a:20:d7:6b:da:5c:38: 8b:5b:b7:b8:8d:42:e7:bc:1c:c8:ab:ca:fb:ac:3a:35:e7:15: 8b:58:21:8c:d8:b0:73:f5:d0:86:79:1a:01:0f:0e:25:f9:f5: 24:07:c6:7c:e8:41:2f:43:80:43:8a:79:71:48:7c:f3:8a:f2: 32:72:b7:d2:ab:f7:cd:ec:98:03:ab:d3:8d:92:7b:88:17:54: ae:58:94:00:fe:85:f4:55:c8:94:a9:ca:fd:c8:6c:10:49:a7: 5b:c3:6d:4a:6a:08:4a:89:7a:5d:ca:d9:72:69:0d:7f:b8:46: 42:d6:bb:77:2f:ee:77:30:0c:6b:00:f0:d6:3d:93:20:ca:6c: 9d:ac:8e:ef:7e:3f:cf:92:b4:71:76:4e:14:06:ad:28:92:be: 6e:ed:2e:e4 -----BEGIN CERTIFICATE----- MIIE2DCCA8CgAwIBAgICJEQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRDJB QjZDOUI2RTE2NTMzNEMwMzJEMDUxRDVGQzdEMTU0N0U0RTM1MzAeFw0yNTA2MTAw NDM5MDVaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDQ1QUIwQThEMzEyNEE3 RjQ5QkI5MzhCNzBGMzMzRjhFMTNDQzBFNjYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDWNnzbw2jVnVPtKwtWwg/xUaYVamjekmoUYbriAM1WOJ35bpWK XC2aRcDRnL7MqKchUtLW3j+Zrt81t3rc925AxQC5uGyz7nkvVM1pWkm2Kl3sTcSj ypRPosKbDBpESD6v+NjlbreCRcrS+p+MN940y/LEE+C/HzfdbiuLZsSRTGW13x97 vhcqT1BRLS2QgUMXArsnqu3j4dmGiZlxUPK8pLKYnywaaHK4BdmVM8CONApIHhrL Z73CHIHBl+zbFhZ+4v5kopxXSyFonGFV8K6kl1ut2RGTgqz7qdn5IXisyr5bFLi5 BGEz9jBNXQsGZYFDXMXQa+yktmUiX5acXIMZAgMBAAGjggH0MIIB8DAdBgNVHQ4E FgQURasKjTEkp/SbuTi3DzM/jhPMDmYwHwYDVR0jBBgwFoAU0qtsm24WUzTAMtBR 1fx9FUfk41MwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA5 OC8wcXRzbTI0V1V6VEFNdEJSMWZ4OUZVZms0MU0uY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwLzBxdHNtMjRXVXpUQU10QlIxZng5RlVmazQxTS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwOTgvUmFzS2pURWtwX1Ni dVRpM0R6TV9qaFBNRG1ZLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIw BwMFACQHm0AwDQYJKoZIhvcNAQELBQADggEBAJLj1de1OTmkQAd8dcznOoDR98Ju kC0WxH28tUXchTAnMq3Gdm3gmDHKj6e/srRvKAU2U4aN6YmRU4jkJ/LH4Euwf7Zf dFKeru/nZlFHpOzmUawUjZpaRIpToxCWKsRz524GEvAMiiDXa9pcOItbt7iNQue8 HMiryvusOjXnFYtYIYzYsHP10IZ5GgEPDiX59SQHxnzoQS9DgEOKeXFIfPOK8jJy t9Kr983smAOr042Se4gXVK5YlAD+hfRVyJSpyv3IbBBJp1vDbUpqCEqJel3K2XJp DX+4RkLWu3cv7ncwDGsA8NY9kyDKbJ2sju9+P8+StHF2ThQGrSiSvm7tLuQ= -----END CERTIFICATE-----Generated at Sun Jan 11 23:54:47 2026 by rpki-client