This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3098/UBfU8sP0QvTHHN7w0I5RjxjYRgo.roa File: UBfU8sP0QvTHHN7w0I5RjxjYRgo.roa (raw, json) Hash identifier: v+fTLGfOsoDodnfgfkqVn+q87haVHwGqxMSQ2H2OmNM= Subject key identifier: 50:17:D4:F2:C3:F4:42:F4:C7:1C:DE:F0:D0:8E:51:8F:18:D8:46:0A Certificate issuer: /CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353 Certificate serial: 2105 Authority key identifier: D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/UBfU8sP0QvTHHN7w0I5RjxjYRgo.roa Signing time: Wed 04 Jun 2025 10:08:47 +0000 ROA not before: Wed 04 Jun 2025 10:08:47 +0000 ROA not after: Fri 03 Apr 2026 08:00:09 +0000 asID: 146845 IP address blocks: 2407:9b40::/32 maxlen: 64 Validation: Failed, RFC 3779 resource not subset of parent's resources Certificate: Data: Version: 3 (0x2) Serial Number: 8453 (0x2105) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353 Validity Not Before: Jun 4 10:08:47 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=5017D4F2C3F442F4C71CDEF0D08E518F18D8460A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dc:96:ec:22:45:33:2e:4e:ec:eb:88:65:23:6a: e5:51:d1:af:e8:66:c8:fc:0b:3b:71:7c:e0:c8:4a: a6:8f:b5:20:e7:a2:ff:74:fd:37:76:75:d6:f8:f1: 6f:f5:72:be:31:b5:88:4f:09:ab:01:6e:ee:83:6c: 13:11:63:05:06:8c:57:c1:cd:d7:3d:e7:45:b7:e7: d1:c4:55:27:80:ef:71:91:d7:bc:31:dd:50:5b:45: 47:ee:d3:d4:ef:cc:67:37:72:27:e2:32:5f:4e:2a: 38:b9:c4:38:cd:57:2f:44:71:2c:5c:e9:ae:12:59: f4:14:44:e7:aa:da:d7:98:83:b3:be:67:83:c5:21: f3:38:3e:6b:4a:fc:f2:f3:49:7f:a1:00:ba:71:08: 94:02:92:32:3e:1b:d9:12:66:ba:ad:a5:d1:e4:e3: 30:e0:f0:d4:76:23:f0:5c:64:b6:3b:56:26:71:60: 05:61:c1:9a:6d:9b:b7:7e:d4:6a:be:a3:34:52:02: 0c:80:f3:92:d5:18:dd:98:8b:c2:43:66:c7:f5:43: 73:b8:f0:27:20:a5:31:ab:40:11:09:05:91:c2:5f: ef:e7:17:85:10:a1:4e:2b:5d:bb:9e:98:e4:5f:75: 18:5b:91:87:35:a9:e1:76:a7:1a:ec:f8:ec:7d:eb: 7b:6f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 50:17:D4:F2:C3:F4:42:F4:C7:1C:DE:F0:D0:8E:51:8F:18:D8:46:0A X509v3 Authority Key Identifier: keyid:D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/0qtsm24WUzTAMtBR1fx9FUfk41M.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/UBfU8sP0QvTHHN7w0I5RjxjYRgo.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2407:9b40::/32 Signature Algorithm: sha256WithRSAEncryption 36:bc:da:90:25:93:e2:7d:2f:0e:a7:9a:a1:d9:88:3e:86:70: 28:7d:a8:e8:ee:63:d4:8e:a2:d0:c3:f8:a5:f7:d0:9f:0a:e5: 26:5b:70:66:c4:97:a2:64:30:00:c7:40:77:2a:69:c6:02:74: fe:80:08:32:f5:f8:df:76:3a:96:2f:54:81:fe:c5:2b:61:d4: 26:5e:e8:a9:7e:0c:d5:9e:7f:fa:39:1b:37:68:7b:c2:bd:1f: 9f:14:1a:0b:04:76:99:5a:51:65:1e:17:d4:8c:91:43:f2:17: 16:47:06:77:a8:a8:7a:ae:40:ee:fb:d8:dd:52:6d:4c:0d:0d: 48:6b:3d:f3:ba:d2:55:6e:93:74:98:16:da:28:42:fe:08:01: d0:be:78:33:30:13:15:92:eb:3a:bc:4b:3f:48:90:5d:d8:92: 0e:97:55:57:15:73:f4:e3:bc:78:89:ac:8a:4c:0c:cb:45:b1: 29:45:6d:2e:16:d6:2d:b8:fe:7f:66:c0:8d:f1:b9:4a:67:e3: 39:c1:ba:a6:9c:38:75:5c:69:09:0b:c8:5d:32:4f:2c:ac:fb: ce:01:b2:e5:1d:7f:ac:79:19:e5:dd:35:d8:86:13:8a:43:cf: 65:70:d4:86:d2:91:40:d1:77:cf:e8:8e:75:27:3f:05:ab:f9: 8b:2a:84:17 -----BEGIN CERTIFICATE----- MIIE2DCCA8CgAwIBAgICIQUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRDJB QjZDOUI2RTE2NTMzNEMwMzJEMDUxRDVGQzdEMTU0N0U0RTM1MzAeFw0yNTA2MDQx MDA4NDdaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDUwMTdENEYyQzNGNDQy RjRDNzFDREVGMEQwOEU1MThGMThEODQ2MEEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDcluwiRTMuTuzriGUjauVR0a/oZsj8CztxfODISqaPtSDnov90 /Td2ddb48W/1cr4xtYhPCasBbu6DbBMRYwUGjFfBzdc950W359HEVSeA73GR17wx 3VBbRUfu09TvzGc3cifiMl9OKji5xDjNVy9EcSxc6a4SWfQUROeq2teYg7O+Z4PF IfM4PmtK/PLzSX+hALpxCJQCkjI+G9kSZrqtpdHk4zDg8NR2I/BcZLY7ViZxYAVh wZptm7d+1Gq+ozRSAgyA85LVGN2Yi8JDZsf1Q3O48CcgpTGrQBEJBZHCX+/nF4UQ oU4rXbuemORfdRhbkYc1qeF2pxrs+Ox963tvAgMBAAGjggH0MIIB8DAdBgNVHQ4E FgQUUBfU8sP0QvTHHN7w0I5RjxjYRgowHwYDVR0jBBgwFoAU0qtsm24WUzTAMtBR 1fx9FUfk41MwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA5 OC8wcXRzbTI0V1V6VEFNdEJSMWZ4OUZVZms0MU0uY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwLzBxdHNtMjRXVXpUQU10QlIxZng5RlVmazQxTS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwOTgvVUJmVThzUDBRdlRI SE43dzBJNVJqeGpZUmdvLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIw BwMFACQHm0AwDQYJKoZIhvcNAQELBQADggEBADa82pAlk+J9Lw6nmqHZiD6GcCh9 qOjuY9SOotDD+KX30J8K5SZbcGbEl6JkMADHQHcqacYCdP6ACDL1+N92OpYvVIH+ xSth1CZe6Kl+DNWef/o5Gzdoe8K9H58UGgsEdplaUWUeF9SMkUPyFxZHBneoqHqu QO772N1SbUwNDUhrPfO60lVuk3SYFtooQv4IAdC+eDMwExWS6zq8Sz9IkF3Ykg6X VVcVc/TjvHiJrIpMDMtFsSlFbS4W1i24/n9mwI3xuUpn4znBuqacOHVcaQkLyF0y Tyys+84BsuUdf6x5GeXdNdiGE4pDz2Vw1IbSkUDRd8/ojnUnPwWr+YsqhBc= -----END CERTIFICATE-----Generated at Mon Jan 12 15:29:42 2026 by rpki-client