This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3098/WkxxrKoqTQJE8W3W2AuI-TPz2_I.roa File: WkxxrKoqTQJE8W3W2AuI-TPz2_I.roa (raw, json) Hash identifier: l2jcJhwLCqRKuOaonJG1KcjnKRKrKOenyVYyY+aoGY0= Subject key identifier: 5A:4C:71:AC:AA:2A:4D:02:44:F1:6D:D6:D8:0B:88:F9:33:F3:DB:F2 Certificate issuer: /CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353 Certificate serial: 26BE Authority key identifier: D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/WkxxrKoqTQJE8W3W2AuI-TPz2_I.roa Signing time: Sat 14 Jun 2025 14:19:25 +0000 ROA not before: Sat 14 Jun 2025 14:19:25 +0000 ROA not after: Fri 03 Apr 2026 08:00:09 +0000 asID: 4812 IP address blocks: 2407:9b40::/32 maxlen: 64 Validation: Failed, RFC 3779 resource not subset of parent's resources Certificate: Data: Version: 3 (0x2) Serial Number: 9918 (0x26be) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353 Validity Not Before: Jun 14 14:19:25 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=5A4C71ACAA2A4D0244F16DD6D80B88F933F3DBF2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:99:00:99:a8:43:9e:a8:bb:99:42:bb:7b:de: b2:36:65:74:f4:38:3e:98:af:89:b9:89:e1:77:cc: 8b:19:04:f2:05:1e:a9:81:2e:2f:d8:41:c5:27:18: d4:f8:87:ec:e6:2f:09:d9:74:80:d4:c3:ad:7f:dc: 01:a3:70:10:7f:91:72:36:39:8d:6b:8d:a7:05:ad: 21:0e:8b:f7:cb:d3:6c:97:fa:5d:49:a9:89:0c:b8: 02:fd:9c:ba:16:d7:5a:32:ea:d7:5e:60:02:b0:71: ec:77:a9:8d:4e:e8:71:cb:82:58:0b:7f:08:06:fc: 14:66:cb:3c:2a:22:78:11:1c:f6:2c:d3:88:08:16: ae:3d:f7:ed:1d:6f:04:cf:47:ee:9d:29:05:f0:a0: 95:45:ec:d2:c4:1e:53:55:5c:67:22:f1:be:d6:4a: 45:96:9d:9e:7c:b0:4b:cd:c0:9e:e9:94:0c:e6:55: 80:f5:ed:9c:fe:b8:ae:a6:58:64:02:f9:1e:69:63: a6:88:4e:67:56:c3:2b:dd:2d:f5:5f:a3:76:29:c8: cb:b4:b3:0c:48:a0:ad:80:a1:cd:6e:26:a1:fc:35: 7b:e0:bb:3b:6b:f9:68:c1:f7:26:0f:81:02:6e:d7: f5:53:06:89:6c:27:2a:e0:86:d5:c0:69:1a:81:ac: 18:53 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5A:4C:71:AC:AA:2A:4D:02:44:F1:6D:D6:D8:0B:88:F9:33:F3:DB:F2 X509v3 Authority Key Identifier: keyid:D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/0qtsm24WUzTAMtBR1fx9FUfk41M.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/WkxxrKoqTQJE8W3W2AuI-TPz2_I.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2407:9b40::/32 Signature Algorithm: sha256WithRSAEncryption 3c:29:4c:dc:05:cc:07:09:08:74:d3:07:a6:65:20:08:26:78: e9:1c:45:8b:af:3d:0a:68:17:56:9b:c3:4a:d7:b2:95:ca:98: 00:24:21:31:c1:53:9e:6d:fe:c8:75:2b:3f:aa:b4:7a:8c:0d: fc:30:c1:47:55:aa:e5:5b:76:5f:54:8f:af:d2:ab:e5:03:52: 31:35:a2:91:79:f8:3d:29:a1:a8:20:8d:94:41:d6:5f:87:b2: 6c:1f:d6:8b:45:9f:88:5b:44:31:05:03:1d:c4:30:3d:b0:b6: a0:14:4b:6f:c4:89:3f:c8:53:9a:0b:3e:bd:72:18:25:56:2b: 6a:a4:b9:35:15:d8:12:66:ca:c6:b6:4a:5a:b0:8c:cd:d5:0c: 1a:fc:4c:8f:f4:11:61:89:29:15:58:28:a1:e7:13:46:c4:38: d4:da:b3:be:5c:c4:f8:5e:ee:08:f3:e6:f3:ab:5c:6b:12:da: 73:5f:6d:21:a3:21:51:d8:3e:09:49:71:ae:2b:80:8a:04:c0: 90:ad:81:48:42:81:c0:c3:8c:b2:d7:39:46:bc:ee:c7:c8:81: 41:a1:cc:ea:93:6e:26:45:22:15:c1:5f:e9:91:82:07:7f:f5: cc:f9:c1:7e:35:9e:a7:59:9f:99:c0:9d:09:e7:82:f0:c4:ee: b4:59:0b:a1 -----BEGIN CERTIFICATE----- MIIE2DCCA8CgAwIBAgICJr4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRDJB QjZDOUI2RTE2NTMzNEMwMzJEMDUxRDVGQzdEMTU0N0U0RTM1MzAeFw0yNTA2MTQx NDE5MjVaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDVBNEM3MUFDQUEyQTRE MDI0NEYxNkRENkQ4MEI4OEY5MzNGM0RCRjIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCqmQCZqEOeqLuZQrt73rI2ZXT0OD6Yr4m5ieF3zIsZBPIFHqmB Li/YQcUnGNT4h+zmLwnZdIDUw61/3AGjcBB/kXI2OY1rjacFrSEOi/fL02yX+l1J qYkMuAL9nLoW11oy6tdeYAKwcex3qY1O6HHLglgLfwgG/BRmyzwqIngRHPYs04gI Fq499+0dbwTPR+6dKQXwoJVF7NLEHlNVXGci8b7WSkWWnZ58sEvNwJ7plAzmVYD1 7Zz+uK6mWGQC+R5pY6aITmdWwyvdLfVfo3YpyMu0swxIoK2Aoc1uJqH8NXvguztr +WjB9yYPgQJu1/VTBolsJyrghtXAaRqBrBhTAgMBAAGjggH0MIIB8DAdBgNVHQ4E FgQUWkxxrKoqTQJE8W3W2AuI+TPz2/IwHwYDVR0jBBgwFoAU0qtsm24WUzTAMtBR 1fx9FUfk41MwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA5 OC8wcXRzbTI0V1V6VEFNdEJSMWZ4OUZVZms0MU0uY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwLzBxdHNtMjRXVXpUQU10QlIxZng5RlVmazQxTS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwOTgvV2t4eHJLb3FUUUpF OFczVzJBdUktVFB6Ml9JLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIw BwMFACQHm0AwDQYJKoZIhvcNAQELBQADggEBADwpTNwFzAcJCHTTB6ZlIAgmeOkc RYuvPQpoF1abw0rXspXKmAAkITHBU55t/sh1Kz+qtHqMDfwwwUdVquVbdl9Uj6/S q+UDUjE1opF5+D0poaggjZRB1l+Hsmwf1otFn4hbRDEFAx3EMD2wtqAUS2/EiT/I U5oLPr1yGCVWK2qkuTUV2BJmysa2SlqwjM3VDBr8TI/0EWGJKRVYKKHnE0bEONTa s75cxPhe7gjz5vOrXGsS2nNfbSGjIVHYPglJca4rgIoEwJCtgUhCgcDDjLLXOUa8 7sfIgUGhzOqTbiZFIhXBX+mRggd/9cz5wX41nqdZn5nAnQnngvDE7rRZC6E= -----END CERTIFICATE-----Generated at Mon Jan 12 16:03:47 2026 by rpki-client