This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3098/byVATyRjpC7MEydr41-oFdDRnfY.roa File: byVATyRjpC7MEydr41-oFdDRnfY.roa (raw, json) Hash identifier: gC3kd3OA4vW8Z7Dzb4oKxYEyt2cPcIDpV/ySIB6uvQo= Subject key identifier: 6F:25:40:4F:24:63:A4:2E:CC:13:27:6B:E3:5F:A8:15:D0:D1:9D:F6 Certificate issuer: /CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353 Certificate serial: 1F94 Authority key identifier: D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/byVATyRjpC7MEydr41-oFdDRnfY.roa Signing time: Sun 01 Jun 2025 20:38:35 +0000 ROA not before: Sun 01 Jun 2025 20:38:35 +0000 ROA not after: Fri 03 Apr 2026 08:00:09 +0000 asID: 146845 IP address blocks: 2407:9b40::/32 maxlen: 64 Validation: Failed, RFC 3779 resource not subset of parent's resources Certificate: Data: Version: 3 (0x2) Serial Number: 8084 (0x1f94) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353 Validity Not Before: Jun 1 20:38:35 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=6F25404F2463A42ECC13276BE35FA815D0D19DF6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:c6:d8:2f:f5:80:fd:a6:c7:83:30:bd:a7:2e: 3b:9e:f0:50:36:44:ee:61:22:a1:a6:aa:5e:e0:96: d6:5d:88:f1:4c:f2:40:98:9a:42:37:ad:cc:12:55: 09:20:27:de:5f:d4:a6:43:1e:51:23:b0:07:a5:d0: 8e:18:89:62:55:e7:9a:ac:8f:ed:af:31:b3:da:87: c9:2d:f5:f8:a8:7e:72:68:bd:ca:13:d3:b0:12:36: 8c:3e:45:be:8f:a3:67:6c:44:8a:6a:8e:c2:5b:56: 6c:c4:0b:55:28:04:59:bb:10:4d:86:a5:46:8b:2e: fd:6b:16:a2:e2:85:08:59:12:57:a8:b0:07:de:c7: 01:e5:1c:95:75:46:f4:34:fa:77:31:c7:d6:e8:6a: 1c:cd:f5:ed:96:d4:b0:d6:4a:94:01:e2:3f:2e:da: 42:40:04:75:40:c8:a4:bf:f0:04:20:a0:b3:db:76: 5c:9d:7c:a8:e0:55:98:13:d2:5a:ec:60:fb:54:71: 80:db:f7:10:33:0d:b5:50:d4:32:57:18:c2:8b:f1: 36:75:7d:51:2a:d6:fb:66:41:72:57:f8:1e:50:48: ba:cc:17:3d:49:f4:8d:8a:04:c4:4f:93:23:8e:56: db:17:e0:9a:af:d7:66:4d:44:0b:5e:96:cf:0e:ef: 2b:9d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6F:25:40:4F:24:63:A4:2E:CC:13:27:6B:E3:5F:A8:15:D0:D1:9D:F6 X509v3 Authority Key Identifier: keyid:D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/0qtsm24WUzTAMtBR1fx9FUfk41M.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/byVATyRjpC7MEydr41-oFdDRnfY.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2407:9b40::/32 Signature Algorithm: sha256WithRSAEncryption 41:3c:4d:b0:5a:23:9c:b0:e6:9c:f3:18:86:b3:b6:df:65:50: 55:50:22:64:4c:f5:4d:16:a7:c0:98:ed:29:bd:48:0f:d0:7a: 56:a9:ff:78:08:9d:a1:04:f1:3f:0a:c9:ad:57:70:5f:d8:b3: 41:eb:14:5f:ed:0e:25:df:c4:f7:4f:ab:b6:c1:5f:bb:7e:f8: 77:89:7a:73:0b:27:e5:af:55:20:68:14:24:5c:e1:bb:00:26: 23:70:68:db:68:1e:1a:40:85:72:d0:91:a8:c0:f2:78:c7:e1: 78:ed:aa:5b:17:6c:19:59:7e:22:21:4d:41:84:49:08:e6:29: c3:4e:3a:df:3e:cd:a6:3a:81:90:63:fe:32:f7:c5:60:3a:bc: df:db:c7:85:7c:90:02:f0:b5:d4:52:25:fe:c4:f3:b5:9d:06: d3:ff:e1:5c:b7:f3:c5:0e:f1:c1:70:bf:31:dd:f9:7f:22:3e: 17:7d:0f:ed:5d:78:a4:c7:74:81:b7:28:d3:0e:95:5b:ae:70: d2:26:31:21:b7:9f:6a:14:9a:59:46:4c:25:d6:d2:17:fc:ca: ad:e6:51:b0:e0:8f:0c:63:37:2e:ef:77:45:13:84:9c:91:e3: 6d:62:0b:d6:a8:ed:6f:83:0f:97:c2:b0:22:9c:48:b1:56:78: 07:84:47:dc -----BEGIN CERTIFICATE----- MIIE2DCCA8CgAwIBAgICH5QwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRDJB QjZDOUI2RTE2NTMzNEMwMzJEMDUxRDVGQzdEMTU0N0U0RTM1MzAeFw0yNTA2MDEy MDM4MzVaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDZGMjU0MDRGMjQ2M0E0 MkVDQzEzMjc2QkUzNUZBODE1RDBEMTlERjYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDCxtgv9YD9pseDML2nLjue8FA2RO5hIqGmql7gltZdiPFM8kCY mkI3rcwSVQkgJ95f1KZDHlEjsAel0I4YiWJV55qsj+2vMbPah8kt9fiofnJovcoT 07ASNow+Rb6Po2dsRIpqjsJbVmzEC1UoBFm7EE2GpUaLLv1rFqLihQhZEleosAfe xwHlHJV1RvQ0+ncxx9boahzN9e2W1LDWSpQB4j8u2kJABHVAyKS/8AQgoLPbdlyd fKjgVZgT0lrsYPtUcYDb9xAzDbVQ1DJXGMKL8TZ1fVEq1vtmQXJX+B5QSLrMFz1J 9I2KBMRPkyOOVtsX4Jqv12ZNRAtels8O7yudAgMBAAGjggH0MIIB8DAdBgNVHQ4E FgQUbyVATyRjpC7MEydr41+oFdDRnfYwHwYDVR0jBBgwFoAU0qtsm24WUzTAMtBR 1fx9FUfk41MwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA5 OC8wcXRzbTI0V1V6VEFNdEJSMWZ4OUZVZms0MU0uY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwLzBxdHNtMjRXVXpUQU10QlIxZng5RlVmazQxTS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwOTgvYnlWQVR5UmpwQzdN RXlkcjQxLW9GZERSbmZZLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIw BwMFACQHm0AwDQYJKoZIhvcNAQELBQADggEBAEE8TbBaI5yw5pzzGIaztt9lUFVQ ImRM9U0Wp8CY7Sm9SA/Qelap/3gInaEE8T8Kya1XcF/Ys0HrFF/tDiXfxPdPq7bB X7t++HeJenMLJ+WvVSBoFCRc4bsAJiNwaNtoHhpAhXLQkajA8njH4XjtqlsXbBlZ fiIhTUGESQjmKcNOOt8+zaY6gZBj/jL3xWA6vN/bx4V8kALwtdRSJf7E87WdBtP/ 4Vy388UO8cFwvzHd+X8iPhd9D+1deKTHdIG3KNMOlVuucNImMSG3n2oUmllGTCXW 0hf8yq3mUbDgjwxjNy7vd0UThJyR421iC9ao7W+DD5fCsCKcSLFWeAeER9w= -----END CERTIFICATE-----Generated at Mon Jan 12 13:07:07 2026 by rpki-client