This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3098/U_FkYEqxE_9z29NRuPyYcRLlgzU.roa File: U_FkYEqxE_9z29NRuPyYcRLlgzU.roa (raw, json) Hash identifier: s8CITitoDxxRqEVUI/Z3/lgh4xfzfsQzicC1ut/ze8k= Subject key identifier: 53:F1:64:60:4A:B1:13:FF:73:DB:D3:51:B8:FC:98:71:12:E5:83:35 Certificate issuer: /CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353 Certificate serial: 262A Authority key identifier: D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/U_FkYEqxE_9z29NRuPyYcRLlgzU.roa Signing time: Fri 13 Jun 2025 13:39:15 +0000 ROA not before: Fri 13 Jun 2025 13:39:15 +0000 ROA not after: Fri 03 Apr 2026 08:00:09 +0000 asID: 146845 IP address blocks: 2407:9b40::/32 maxlen: 64 Validation: Failed, RFC 3779 resource not subset of parent's resources Certificate: Data: Version: 3 (0x2) Serial Number: 9770 (0x262a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353 Validity Not Before: Jun 13 13:39:15 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=53F164604AB113FF73DBD351B8FC987112E58335 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:4b:0d:ab:fa:17:19:a5:c0:60:99:81:2a:c1: b3:3d:2a:ee:18:bb:e4:85:20:a4:7d:dc:5b:c7:06: 98:98:c6:83:39:07:fc:c0:81:20:a3:cd:e1:5c:18: 50:c7:dc:fc:28:70:96:b1:7b:eb:ac:a2:43:75:1f: 4d:bc:37:f7:ed:5b:f4:a9:86:ae:9e:2e:04:e9:3f: 62:a5:c6:c9:03:8c:0c:c5:fc:27:89:ac:a1:ef:28: 16:aa:56:ce:af:02:dd:dc:aa:3f:48:e4:f1:98:f0: 97:41:8c:b3:39:68:5f:a0:34:76:5b:be:c8:e9:4e: 32:1b:c1:0b:71:8c:d4:ba:15:7e:95:11:35:d0:7f: 4e:70:39:8d:25:ff:c4:9c:96:42:25:b0:30:3e:2e: f2:db:dd:14:11:61:c2:27:5d:67:28:ba:d9:64:d3: d4:af:70:ef:d6:e1:d8:6c:91:c6:53:df:9d:c3:32: 3d:bd:01:ee:48:93:b0:64:a6:b3:50:a4:db:4d:e0: 6e:fa:8c:e5:90:83:0c:f9:af:76:dd:87:09:2b:44: 4f:89:cf:9c:0e:be:c6:49:06:ee:54:48:18:f4:d2: 89:f1:0e:1b:76:17:f3:de:e0:72:d7:3b:f1:6e:3a: 0d:5c:1e:d9:4f:c9:4f:03:9c:b0:61:68:72:39:d0: 53:7b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 53:F1:64:60:4A:B1:13:FF:73:DB:D3:51:B8:FC:98:71:12:E5:83:35 X509v3 Authority Key Identifier: keyid:D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/0qtsm24WUzTAMtBR1fx9FUfk41M.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/U_FkYEqxE_9z29NRuPyYcRLlgzU.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2407:9b40::/32 Signature Algorithm: sha256WithRSAEncryption 57:73:e7:8e:01:8a:e7:0b:fc:fe:b6:18:1a:3c:94:f9:98:fc: d7:7b:df:a0:89:d7:4c:d8:89:e7:8c:52:eb:05:e0:dd:df:c5: 93:72:51:7a:17:c9:b4:e6:b9:3a:57:68:d6:1c:71:bc:a1:eb: 3b:1b:83:a3:6f:ec:7e:48:53:da:53:06:0f:16:af:09:9b:c9: 20:d4:08:47:f4:5f:12:ee:4b:5d:f4:82:7a:b8:85:20:42:97: c6:65:f3:d8:c3:73:b0:36:5a:dc:4e:64:27:02:25:28:af:ea: f5:4d:d3:95:d6:5f:60:b5:cc:10:34:26:7a:28:7f:43:6f:f3: b5:b9:04:c2:95:4c:41:c9:2e:31:60:37:fd:06:c9:72:b2:3b: 9d:3e:e7:b5:aa:37:c3:d5:80:c2:88:36:50:94:09:07:e9:56: 2a:25:aa:e1:a1:8c:56:2d:de:c9:d0:2d:77:f1:2b:c8:db:0f: 59:e4:7b:8b:31:79:df:70:cd:26:7c:e0:25:17:28:09:f0:79: 48:87:ca:34:ca:13:9e:f7:13:c2:48:00:19:b6:7c:3d:61:ff: cb:be:e2:0e:4b:b3:db:63:52:16:ee:87:92:09:ba:bd:e5:c9: cb:e2:c0:82:22:7b:a6:75:b2:c9:29:b6:26:53:91:05:4f:5c: ba:dd:05:ef -----BEGIN CERTIFICATE----- MIIE2DCCA8CgAwIBAgICJiowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRDJB QjZDOUI2RTE2NTMzNEMwMzJEMDUxRDVGQzdEMTU0N0U0RTM1MzAeFw0yNTA2MTMx MzM5MTVaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDUzRjE2NDYwNEFCMTEz RkY3M0RCRDM1MUI4RkM5ODcxMTJFNTgzMzUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC9Sw2r+hcZpcBgmYEqwbM9Ku4Yu+SFIKR93FvHBpiYxoM5B/zA gSCjzeFcGFDH3PwocJaxe+usokN1H028N/ftW/Sphq6eLgTpP2KlxskDjAzF/CeJ rKHvKBaqVs6vAt3cqj9I5PGY8JdBjLM5aF+gNHZbvsjpTjIbwQtxjNS6FX6VETXQ f05wOY0l/8SclkIlsDA+LvLb3RQRYcInXWcoutlk09SvcO/W4dhskcZT353DMj29 Ae5Ik7BkprNQpNtN4G76jOWQgwz5r3bdhwkrRE+Jz5wOvsZJBu5USBj00onxDht2 F/Pe4HLXO/FuOg1cHtlPyU8DnLBhaHI50FN7AgMBAAGjggH0MIIB8DAdBgNVHQ4E FgQUU/FkYEqxE/9z29NRuPyYcRLlgzUwHwYDVR0jBBgwFoAU0qtsm24WUzTAMtBR 1fx9FUfk41MwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA5 OC8wcXRzbTI0V1V6VEFNdEJSMWZ4OUZVZms0MU0uY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwLzBxdHNtMjRXVXpUQU10QlIxZng5RlVmazQxTS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwOTgvVV9Ga1lFcXhFXzl6 MjlOUnVQeVljUkxsZ3pVLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIw BwMFACQHm0AwDQYJKoZIhvcNAQELBQADggEBAFdz544BiucL/P62GBo8lPmY/Nd7 36CJ10zYieeMUusF4N3fxZNyUXoXybTmuTpXaNYccbyh6zsbg6Nv7H5IU9pTBg8W rwmbySDUCEf0XxLuS130gnq4hSBCl8Zl89jDc7A2WtxOZCcCJSiv6vVN05XWX2C1 zBA0Jnoof0Nv87W5BMKVTEHJLjFgN/0GyXKyO50+57WqN8PVgMKINlCUCQfpViol quGhjFYt3snQLXfxK8jbD1nke4sxed9wzSZ84CUXKAnweUiHyjTKE573E8JIABm2 fD1h/8u+4g5Ls9tjUhbuh5IJur3lycviwIIie6Z1sskptiZTkQVPXLrdBe8= -----END CERTIFICATE-----Generated at Mon Jan 12 16:48:05 2026 by rpki-client