This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3098/VPY-Y6FtzwqhsQ_n4SpO4y5p83o.roa File: VPY-Y6FtzwqhsQ_n4SpO4y5p83o.roa (raw, json) Hash identifier: pJjHjbB8Jm0BgilrqzKkI5T0OHXy8WtcWYKR6wN0PxI= Subject key identifier: 54:F6:3E:63:A1:6D:CF:0A:A1:B1:0F:E7:E1:2A:4E:E3:2E:69:F3:7A Certificate issuer: /CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353 Certificate serial: 90AA Authority key identifier: D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/VPY-Y6FtzwqhsQ_n4SpO4y5p83o.roa Signing time: Sat 20 Dec 2025 09:10:09 +0000 ROA not before: Sat 20 Dec 2025 09:10:09 +0000 ROA not after: Fri 23 Oct 2026 03:01:03 +0000 asID: 4812 IP address blocks: 2407:9b40::/32 maxlen: 64 Validation: Failed, RFC 3779 resource not subset of parent's resources Certificate: Data: Version: 3 (0x2) Serial Number: 37034 (0x90aa) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353 Validity Not Before: Dec 20 09:10:09 2025 GMT Not After : Oct 23 03:01:03 2026 GMT Subject: CN=54F63E63A16DCF0AA1B10FE7E12A4EE32E69F37A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e0:f8:86:2a:8d:e0:f7:8d:e9:65:97:b6:f1:92: f7:05:5c:3b:d3:8e:11:d0:c4:2e:da:7b:35:ff:6b: 6b:59:36:cf:b5:e3:08:09:ed:70:a6:ba:e9:59:0c: 1b:c8:1f:a8:94:20:a3:2e:a3:cc:6e:ed:18:d0:2e: 2b:51:ce:b4:33:ba:aa:20:2c:9a:94:7b:44:20:5c: 50:ef:d7:56:cf:9c:94:ce:34:1c:09:30:7f:8a:91: ce:0c:f6:ec:c7:53:66:33:3e:4c:cc:88:97:a6:20: 7c:db:20:c6:cb:d3:f2:b6:cf:0e:b2:63:fa:8b:ce: 27:b1:dc:67:19:9e:6f:fa:02:46:39:75:47:d8:d1: e3:cb:a7:51:b0:08:6c:92:ca:cf:fc:87:cd:71:0b: 5e:32:23:0a:a7:94:bf:38:bb:4d:f8:4a:78:70:b9: 91:3f:9f:d0:ab:50:6f:78:9a:18:15:74:30:1c:72: c9:41:f9:e0:eb:d5:9f:c3:e6:4e:9c:48:94:2a:8c: f6:c9:1d:05:10:d7:f1:be:f6:84:96:7e:e3:b9:43: 37:bf:4f:70:a6:c4:17:d8:81:de:e3:73:55:3e:16: 18:20:0b:4e:44:a2:b2:8f:9a:7f:dd:0e:06:db:d9: 6a:89:3c:6b:99:8b:e6:f3:d8:f9:13:8f:52:41:fe: 29:bb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 54:F6:3E:63:A1:6D:CF:0A:A1:B1:0F:E7:E1:2A:4E:E3:2E:69:F3:7A X509v3 Authority Key Identifier: keyid:D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/0qtsm24WUzTAMtBR1fx9FUfk41M.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/VPY-Y6FtzwqhsQ_n4SpO4y5p83o.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2407:9b40::/32 Signature Algorithm: sha256WithRSAEncryption 4f:b7:4f:46:b8:cb:02:61:ad:f4:2f:b1:66:8f:26:a9:27:dc: 15:60:2e:85:8f:90:0a:a4:3f:a3:f6:a3:48:9c:0b:e7:36:ee: f8:29:9c:6e:30:e6:d2:16:f1:dd:cd:fc:07:b8:0b:57:ea:a7: 07:76:1c:31:aa:fd:41:cc:8d:3e:c3:72:c6:1d:f5:c2:a1:8d: 38:24:d3:03:73:4b:97:36:9c:46:78:c9:8f:19:ee:48:81:f3: c3:c6:4d:83:9d:c0:84:04:89:21:c7:be:39:3b:5c:36:9f:0f: 5d:de:cb:e2:79:10:e8:4d:b7:c0:b0:77:24:22:da:09:d8:49: f0:c2:42:5b:43:d6:ac:1e:33:a9:da:d9:af:db:4e:3a:56:ef: 87:b8:bd:f8:c5:76:9a:1e:f5:3d:ee:5e:b4:32:0b:d7:bf:a3: 0e:f1:ca:b3:1a:d1:c8:0c:20:36:90:94:98:9e:f9:23:a1:8f: 09:ea:93:5d:a9:f1:c6:a5:d7:56:a4:a8:d2:9d:71:a9:95:cb: 01:72:35:78:a9:dc:c9:99:30:25:7f:0f:49:e2:24:e9:16:b9: 1c:17:e8:43:28:e8:e5:7a:55:c0:8a:18:77:6a:dc:31:cd:f7: 08:9f:d6:cd:f1:2c:3c:04:33:16:70:96:04:6c:94:93:f1:17: 19:cc:4d:a8 -----BEGIN CERTIFICATE----- MIIE2TCCA8GgAwIBAgIDAJCqMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKEQy QUI2QzlCNkUxNjUzMzRDMDMyRDA1MUQ1RkM3RDE1NDdFNEUzNTMwHhcNMjUxMjIw MDkxMDA5WhcNMjYxMDIzMDMwMTAzWjAzMTEwLwYDVQQDEyg1NEY2M0U2M0ExNkRD RjBBQTFCMTBGRTdFMTJBNEVFMzJFNjlGMzdBMIIBIjANBgkqhkiG9w0BAQEFAAOC AQ8AMIIBCgKCAQEA4PiGKo3g943pZZe28ZL3BVw7044R0MQu2ns1/2trWTbPteMI Ce1wprrpWQwbyB+olCCjLqPMbu0Y0C4rUc60M7qqICyalHtEIFxQ79dWz5yUzjQc CTB/ipHODPbsx1NmMz5MzIiXpiB82yDGy9Pyts8OsmP6i84nsdxnGZ5v+gJGOXVH 2NHjy6dRsAhsksrP/IfNcQteMiMKp5S/OLtN+Ep4cLmRP5/Qq1BveJoYFXQwHHLJ Qfng69Wfw+ZOnEiUKoz2yR0FENfxvvaEln7juUM3v09wpsQX2IHe43NVPhYYIAtO RKKyj5p/3Q4G29lqiTxrmYvm89j5E49SQf4puwIDAQABo4IB9DCCAfAwHQYDVR0O BBYEFFT2PmOhbc8KobEP5+EqTuMuafN6MB8GA1UdIwQYMBaAFNKrbJtuFlM0wDLQ UdX8fRVH5ONTMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwXQYDVR0fBFYwVDBS oFCgToZMcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMw OTgvMHF0c20yNFdVelRBTXRCUjFmeDlGVWZrNDFNLmNybDBjBggrBgEFBQcBAQRX MFUwUwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYy RTNEMDAwMC8wcXRzbTI0V1V6VEFNdEJSMWZ4OUZVZms0MU0uY2VyMA4GA1UdDwEB /wQEAwIHgDCBnQYIKwYBBQUHAQsEgZAwgY0wWAYIKwYBBQUHMAuGTHJzeW5jOi8v cnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC8zMDk4L1ZQWS1ZNkZ0endx aHNRX240U3BPNHk1cDgzby5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5j bm5pYy5jbi9ycmRwL25vdGlmeS54bWwwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgAC MAcDBQAkB5tAMA0GCSqGSIb3DQEBCwUAA4IBAQBPt09GuMsCYa30L7FmjyapJ9wV YC6Fj5AKpD+j9qNInAvnNu74KZxuMObSFvHdzfwHuAtX6qcHdhwxqv1BzI0+w3LG HfXCoY04JNMDc0uXNpxGeMmPGe5IgfPDxk2DncCEBIkhx745O1w2nw9d3svieRDo TbfAsHckItoJ2EnwwkJbQ9asHjOp2tmv2046Vu+HuL34xXaaHvU97l60MgvXv6MO 8cqzGtHIDCA2kJSYnvkjoY8J6pNdqfHGpddWpKjSnXGplcsBcjV4qdzJmTAlfw9J 4iTpFrkcF+hDKOjlelXAihh3atwxzfcIn9bN8Sw8BDMWcJYEbJST8RcZzE2o -----END CERTIFICATE-----Generated at Sun Dec 21 01:08:34 2025 by rpki-client