This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3098/Sd6QT-H7pX2syz7I9Z6mluzflbY.roa File: Sd6QT-H7pX2syz7I9Z6mluzflbY.roa (raw, json) Hash identifier: SDn7gPRJ+Ixk+Mf9w+/2MadDNi8f8XZh7WK00adrLqE= Subject key identifier: 49:DE:90:4F:E1:FB:A5:7D:AC:CB:3E:C8:F5:9E:A6:96:EC:DF:95:B6 Certificate issuer: /CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353 Certificate serial: 1F8B Authority key identifier: D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/Sd6QT-H7pX2syz7I9Z6mluzflbY.roa Signing time: Sun 01 Jun 2025 19:08:41 +0000 ROA not before: Sun 01 Jun 2025 19:08:41 +0000 ROA not after: Fri 03 Apr 2026 08:00:09 +0000 asID: 146845 IP address blocks: 2407:9b40::/32 maxlen: 64 Validation: Failed, RFC 3779 resource not subset of parent's resources Certificate: Data: Version: 3 (0x2) Serial Number: 8075 (0x1f8b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353 Validity Not Before: Jun 1 19:08:41 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=49DE904FE1FBA57DACCB3EC8F59EA696ECDF95B6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:72:e2:42:c9:bb:f6:90:33:09:a5:4a:98:5f: 42:eb:bb:82:3b:aa:55:78:b8:6e:ae:16:9e:ad:96: cb:34:64:eb:01:df:91:54:fa:25:76:85:33:34:35: 98:df:05:80:92:52:2b:18:94:40:ef:d9:50:3f:11: 13:f3:51:50:9f:24:2c:71:95:02:a1:c8:21:64:6a: 67:82:36:ca:9e:e1:3c:ef:a3:10:a8:36:a8:4b:ec: 63:66:13:68:c3:3d:af:ab:35:77:40:b1:cf:10:85: 0b:db:0d:33:b9:09:2a:3e:31:7e:de:4c:53:01:53: 2e:0c:60:53:95:77:a1:6d:bb:c8:f7:4b:87:58:00: c5:f2:56:b6:2f:4f:1a:a5:c5:34:b3:b0:dc:2c:2d: 1a:b4:db:59:07:2b:a6:c2:b8:ce:00:e1:ec:1d:30: c9:5f:d8:6f:3c:d4:63:52:23:67:9c:27:51:8b:ce: 21:32:5f:e7:3c:47:7d:a5:ec:cd:06:83:8a:fc:1f: 6d:e6:b8:85:a1:fc:d4:86:b7:65:bd:28:e6:0d:4e: 2a:9c:5f:c3:b0:c9:8e:f2:7e:a1:66:21:b3:e6:bc: c3:a8:ab:07:f6:23:42:63:b6:6e:d6:ac:ea:06:d4: 9c:cd:ed:1c:70:87:e7:08:61:39:75:86:76:09:d1: aa:75 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 49:DE:90:4F:E1:FB:A5:7D:AC:CB:3E:C8:F5:9E:A6:96:EC:DF:95:B6 X509v3 Authority Key Identifier: keyid:D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/0qtsm24WUzTAMtBR1fx9FUfk41M.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/Sd6QT-H7pX2syz7I9Z6mluzflbY.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2407:9b40::/32 Signature Algorithm: sha256WithRSAEncryption 81:a1:4f:f7:27:3a:6b:51:1f:76:38:c6:eb:51:52:cb:fb:20: fd:e2:98:1c:e6:da:c7:3b:31:d7:7b:f9:51:74:f9:4e:85:26: ba:ac:8c:e4:ee:6c:bf:c0:15:59:42:d7:d1:b8:49:89:69:f9: df:2d:df:30:09:47:fb:b6:1b:55:39:89:b6:16:f8:f7:ab:4d: 71:5c:ce:27:c2:9e:9e:9a:8f:74:24:0c:f4:fd:c1:ee:b9:94: c4:5c:62:b4:cf:10:20:df:6a:3a:68:12:c8:8a:5c:77:40:96: 5d:55:7f:da:e4:07:f6:95:76:ab:1b:2e:c3:dc:21:51:67:bc: 83:c4:e9:8d:5c:53:8b:93:55:c0:a4:2c:99:d5:95:e3:b1:fb: 95:f8:ca:55:bb:02:b3:80:a3:f3:22:01:c9:1b:6a:29:a5:10: ee:79:22:93:36:73:68:b4:65:76:8e:b3:80:17:9c:a4:f4:fc: 11:dc:a6:86:41:20:62:44:aa:fc:09:30:74:5b:79:70:71:33: 1d:d2:93:02:67:b6:32:9c:d2:5b:6f:c5:c2:dc:a0:19:65:ad: c8:9a:0a:2b:cf:ce:d4:a5:52:8c:b1:48:e4:ae:c0:a7:5d:1c: 4a:f7:74:f8:01:a0:34:f1:1b:49:55:c5:e9:34:0b:27:f1:a3: 24:da:21:f7 -----BEGIN CERTIFICATE----- MIIE2DCCA8CgAwIBAgICH4swDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRDJB QjZDOUI2RTE2NTMzNEMwMzJEMDUxRDVGQzdEMTU0N0U0RTM1MzAeFw0yNTA2MDEx OTA4NDFaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDQ5REU5MDRGRTFGQkE1 N0RBQ0NCM0VDOEY1OUVBNjk2RUNERjk1QjYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC2cuJCybv2kDMJpUqYX0Lru4I7qlV4uG6uFp6tlss0ZOsB35FU +iV2hTM0NZjfBYCSUisYlEDv2VA/ERPzUVCfJCxxlQKhyCFkameCNsqe4TzvoxCo NqhL7GNmE2jDPa+rNXdAsc8QhQvbDTO5CSo+MX7eTFMBUy4MYFOVd6Ftu8j3S4dY AMXyVrYvTxqlxTSzsNwsLRq021kHK6bCuM4A4ewdMMlf2G881GNSI2ecJ1GLziEy X+c8R32l7M0Gg4r8H23muIWh/NSGt2W9KOYNTiqcX8OwyY7yfqFmIbPmvMOoqwf2 I0Jjtm7WrOoG1JzN7Rxwh+cIYTl1hnYJ0ap1AgMBAAGjggH0MIIB8DAdBgNVHQ4E FgQUSd6QT+H7pX2syz7I9Z6mluzflbYwHwYDVR0jBBgwFoAU0qtsm24WUzTAMtBR 1fx9FUfk41MwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA5 OC8wcXRzbTI0V1V6VEFNdEJSMWZ4OUZVZms0MU0uY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwLzBxdHNtMjRXVXpUQU10QlIxZng5RlVmazQxTS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwOTgvU2Q2UVQtSDdwWDJz eXo3STlaNm1sdXpmbGJZLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIw BwMFACQHm0AwDQYJKoZIhvcNAQELBQADggEBAIGhT/cnOmtRH3Y4xutRUsv7IP3i mBzm2sc7Mdd7+VF0+U6FJrqsjOTubL/AFVlC19G4SYlp+d8t3zAJR/u2G1U5ibYW +PerTXFczifCnp6aj3QkDPT9we65lMRcYrTPECDfajpoEsiKXHdAll1Vf9rkB/aV dqsbLsPcIVFnvIPE6Y1cU4uTVcCkLJnVleOx+5X4ylW7ArOAo/MiAckbaimlEO55 IpM2c2i0ZXaOs4AXnKT0/BHcpoZBIGJEqvwJMHRbeXBxMx3SkwJntjKc0ltvxcLc oBllrciaCivPztSlUoyxSOSuwKddHEr3dPgBoDTxG0lVxek0CyfxoyTaIfc= -----END CERTIFICATE-----Generated at Mon Jan 12 16:01:39 2026 by rpki-client