This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3098/W8B8f2DtFfDtNpnCfEH2gnMz20A.roa File: W8B8f2DtFfDtNpnCfEH2gnMz20A.roa (raw, json) Hash identifier: MSKJ3rktivTIXfIaSgHJCICS6JPKBakUEUp//fKOYdM= Subject key identifier: 5B:C0:7C:7F:60:ED:15:F0:ED:36:99:C2:7C:41:F6:82:73:33:DB:40 Certificate issuer: /CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353 Certificate serial: 1ED7 Authority key identifier: D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/W8B8f2DtFfDtNpnCfEH2gnMz20A.roa Signing time: Sat 31 May 2025 13:08:28 +0000 ROA not before: Sat 31 May 2025 13:08:28 +0000 ROA not after: Fri 03 Apr 2026 08:00:09 +0000 asID: 146845 IP address blocks: 2407:9b40::/32 maxlen: 64 Validation: Failed, RFC 3779 resource not subset of parent's resources Certificate: Data: Version: 3 (0x2) Serial Number: 7895 (0x1ed7) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353 Validity Not Before: May 31 13:08:28 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=5BC07C7F60ED15F0ED3699C27C41F6827333DB40 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:43:c4:35:56:92:6f:53:cd:94:8e:ad:88:56: ee:66:d3:81:e1:49:29:d5:dd:b5:72:48:d0:51:e5: ac:41:78:73:43:4e:13:f3:51:31:0f:1c:bf:7c:bd: d0:26:a6:93:07:24:f0:96:07:f4:6c:05:c5:44:23: 0d:77:7f:bf:ac:78:0f:f2:d5:2d:a4:ac:52:2b:94: f8:53:3d:09:ff:70:a4:44:76:3e:2c:64:02:31:92: 32:b9:89:cf:c9:4f:81:aa:76:44:7c:4e:10:6d:21: 5c:df:f1:dc:fb:97:9c:67:de:f5:af:05:bc:e2:4a: 36:4f:8a:86:13:44:fb:a1:f4:3b:d4:5b:bc:f7:30: e6:fc:82:aa:28:64:80:b6:b7:b4:ac:bf:3e:ca:9c: b2:17:3c:5f:16:23:96:27:34:31:fb:51:f2:ea:90: 00:8d:a8:c2:c1:42:80:0a:72:fb:1a:37:a3:44:e4: ba:9c:f8:d5:01:f7:db:8d:ec:0a:58:1f:c5:7b:a0: b0:12:95:be:75:9f:83:14:7b:04:0f:6b:05:13:15: 82:9b:bb:e9:f8:4f:03:dd:cf:51:a5:e3:bf:9d:a0: 86:20:03:f6:e0:89:64:c5:59:4e:b0:e4:8e:e8:0c: b8:0f:6e:f1:89:65:04:0d:4d:4e:f9:97:aa:58:c9: e3:4f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5B:C0:7C:7F:60:ED:15:F0:ED:36:99:C2:7C:41:F6:82:73:33:DB:40 X509v3 Authority Key Identifier: keyid:D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/0qtsm24WUzTAMtBR1fx9FUfk41M.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/W8B8f2DtFfDtNpnCfEH2gnMz20A.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2407:9b40::/32 Signature Algorithm: sha256WithRSAEncryption a3:d5:a2:77:f9:0f:28:49:24:67:6a:f8:82:5a:61:38:fa:21: 02:83:97:84:d8:3d:29:16:35:53:a4:1e:c0:86:ed:55:5b:ab: fb:a8:93:ea:f3:81:71:56:de:6d:b6:49:95:c8:c2:67:57:47: 51:64:88:0d:13:5a:f7:1f:75:3b:2b:7a:04:84:1f:9c:4e:8a: 60:2a:e2:f4:c0:8d:87:6c:f3:9c:0f:18:d2:b1:e1:e2:7f:b8: 54:2f:69:88:75:2b:ab:5d:0b:14:aa:73:d3:99:e8:28:d8:3c: 94:12:2e:5c:65:b1:16:c4:db:5f:59:91:c5:49:ff:a3:68:18: 4e:6c:84:8e:f7:08:56:55:44:c0:96:40:c7:8e:b0:11:9c:68: 58:46:db:9c:1f:76:a3:8b:40:0d:c9:64:9e:bb:bb:fd:28:57: a1:4d:54:7d:69:65:2d:bc:fb:20:d6:7f:0d:6d:bd:90:14:ec: 2c:14:35:25:17:d8:c5:03:2a:44:fe:c3:7b:49:5e:52:41:56: 1b:05:10:c0:da:63:30:44:99:05:9f:aa:df:0c:21:b9:d3:15: 02:2c:53:43:1c:c4:41:34:e5:cf:ad:bd:92:38:67:2d:78:e1: 1d:b2:ef:9d:e9:30:c3:e1:13:dc:4b:f7:86:44:96:01:0c:51: 6e:46:a6:ac -----BEGIN CERTIFICATE----- MIIE2DCCA8CgAwIBAgICHtcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRDJB QjZDOUI2RTE2NTMzNEMwMzJEMDUxRDVGQzdEMTU0N0U0RTM1MzAeFw0yNTA1MzEx MzA4MjhaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDVCQzA3QzdGNjBFRDE1 RjBFRDM2OTlDMjdDNDFGNjgyNzMzM0RCNDAwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCxQ8Q1VpJvU82Ujq2IVu5m04HhSSnV3bVySNBR5axBeHNDThPz UTEPHL98vdAmppMHJPCWB/RsBcVEIw13f7+seA/y1S2krFIrlPhTPQn/cKREdj4s ZAIxkjK5ic/JT4GqdkR8ThBtIVzf8dz7l5xn3vWvBbziSjZPioYTRPuh9DvUW7z3 MOb8gqooZIC2t7Ssvz7KnLIXPF8WI5YnNDH7UfLqkACNqMLBQoAKcvsaN6NE5Lqc +NUB99uN7ApYH8V7oLASlb51n4MUewQPawUTFYKbu+n4TwPdz1Gl47+doIYgA/bg iWTFWU6w5I7oDLgPbvGJZQQNTU75l6pYyeNPAgMBAAGjggH0MIIB8DAdBgNVHQ4E FgQUW8B8f2DtFfDtNpnCfEH2gnMz20AwHwYDVR0jBBgwFoAU0qtsm24WUzTAMtBR 1fx9FUfk41MwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA5 OC8wcXRzbTI0V1V6VEFNdEJSMWZ4OUZVZms0MU0uY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwLzBxdHNtMjRXVXpUQU10QlIxZng5RlVmazQxTS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwOTgvVzhCOGYyRHRGZkR0 TnBuQ2ZFSDJnbk16MjBBLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIw BwMFACQHm0AwDQYJKoZIhvcNAQELBQADggEBAKPVonf5DyhJJGdq+IJaYTj6IQKD l4TYPSkWNVOkHsCG7VVbq/uok+rzgXFW3m22SZXIwmdXR1FkiA0TWvcfdTsregSE H5xOimAq4vTAjYds85wPGNKx4eJ/uFQvaYh1K6tdCxSqc9OZ6CjYPJQSLlxlsRbE 219ZkcVJ/6NoGE5shI73CFZVRMCWQMeOsBGcaFhG25wfdqOLQA3JZJ67u/0oV6FN VH1pZS28+yDWfw1tvZAU7CwUNSUX2MUDKkT+w3tJXlJBVhsFEMDaYzBEmQWfqt8M IbnTFQIsU0McxEE05c+tvZI4Zy144R2y753pMMPhE9xL94ZElgEMUW5Gpqw= -----END CERTIFICATE-----Generated at Sun Jan 11 19:54:12 2026 by rpki-client