This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3098/coVy4U9Fth2L7ODcG9WgzFDXLio.roa File: coVy4U9Fth2L7ODcG9WgzFDXLio.roa (raw, json) Hash identifier: SkD/YS6vZ6WDp3bxQSOCSQCJnhGmIkwqDZ1r6JqJd6I= Subject key identifier: 72:85:72:E1:4F:45:B6:1D:8B:EC:E0:DC:1B:D5:A0:CC:50:D7:2E:2A Certificate issuer: /CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353 Certificate serial: 20EA Authority key identifier: D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/coVy4U9Fth2L7ODcG9WgzFDXLio.roa Signing time: Wed 04 Jun 2025 05:38:44 +0000 ROA not before: Wed 04 Jun 2025 05:38:44 +0000 ROA not after: Fri 03 Apr 2026 08:00:09 +0000 asID: 146845 IP address blocks: 2407:9b40::/32 maxlen: 64 Validation: Failed, RFC 3779 resource not subset of parent's resources Certificate: Data: Version: 3 (0x2) Serial Number: 8426 (0x20ea) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353 Validity Not Before: Jun 4 05:38:44 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=728572E14F45B61D8BECE0DC1BD5A0CC50D72E2A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:94:75:4a:34:36:6f:f7:3a:c6:fd:ce:6a:fd: f9:a1:f9:23:ba:ee:4f:b8:f1:8f:13:6b:3c:40:48: 8c:b2:bc:7c:d8:f9:9f:e5:80:7d:81:33:54:f4:d2: a7:27:f1:f3:3e:24:95:e5:5c:e9:96:e7:7a:d9:77: 3f:4f:2c:8d:f7:92:c3:7b:80:c1:65:e7:bf:f6:6e: fb:d4:8a:f3:f7:a2:2a:b8:84:b9:0c:9c:21:39:50: b9:dd:65:9c:35:57:a9:af:06:92:1a:aa:8c:d5:9e: b4:b0:21:8e:16:cb:0f:b5:a9:3a:a1:b6:ec:12:b7: 60:70:db:cf:53:fd:62:e2:32:25:97:14:a6:9e:32: 30:80:9c:d8:bb:0d:d7:2f:9f:d8:a1:6d:d4:41:bb: 4b:14:fd:ab:df:22:20:6d:b3:15:03:66:8e:e2:4f: ad:be:da:e5:0a:32:49:7c:03:9d:40:45:8f:c6:ba: 34:2b:22:75:8b:f2:3c:6e:72:0c:3b:25:30:cc:41: 69:af:84:b8:29:20:19:33:76:93:2f:cf:24:1f:ef: 3b:f4:9b:d0:18:0b:e2:ea:49:3c:78:db:03:0b:fe: 0a:8f:2f:b3:33:cf:df:fd:53:66:e2:75:b6:e5:e2: 8a:38:77:b0:72:38:ad:95:8d:8f:33:ac:dc:4a:79: ca:17 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 72:85:72:E1:4F:45:B6:1D:8B:EC:E0:DC:1B:D5:A0:CC:50:D7:2E:2A X509v3 Authority Key Identifier: keyid:D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/0qtsm24WUzTAMtBR1fx9FUfk41M.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/coVy4U9Fth2L7ODcG9WgzFDXLio.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2407:9b40::/32 Signature Algorithm: sha256WithRSAEncryption 84:32:56:e5:a6:09:dc:0f:f8:e7:08:52:37:24:7c:4a:a0:57: 74:2a:01:40:20:27:ce:8b:62:6f:80:f0:d2:0b:e7:3a:90:07: 78:2b:28:47:18:1b:f0:f5:14:2f:59:d3:a7:37:11:d9:50:6b: ee:f5:10:f4:b5:85:5e:ae:9a:7a:36:e1:d6:29:fa:7b:2c:5e: 01:2e:aa:01:81:35:31:fb:35:d9:26:9b:fa:42:60:03:71:75: 5d:87:d6:19:16:5e:0e:5e:22:a5:40:de:70:21:3c:e5:5d:4c: 12:27:d7:12:d9:ab:5b:6c:06:43:6b:aa:72:0c:c5:c2:bb:13: f0:38:e3:f8:3c:fa:2a:4f:e8:fc:94:50:a8:d2:80:f5:ba:87: 34:ad:f3:80:b8:dd:6c:31:83:4c:f6:6a:3a:a8:fb:31:0f:15: a7:c3:a6:e5:ab:2f:8d:3b:10:65:00:a5:d5:b6:1c:cf:79:38: 8e:2b:82:8e:4d:f6:73:6b:4f:e8:a2:76:63:42:08:eb:bb:3e: 34:40:55:1e:b4:9c:93:1e:3b:24:17:eb:c5:a0:19:d2:d2:c5: b3:2f:e2:de:48:77:c3:8b:26:8a:a4:c1:0b:df:3c:aa:b1:af: fe:5b:24:34:85:f0:1c:fa:49:5a:07:c2:a2:60:53:1d:f8:3c: d0:94:d8:c7 -----BEGIN CERTIFICATE----- MIIE2DCCA8CgAwIBAgICIOowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRDJB QjZDOUI2RTE2NTMzNEMwMzJEMDUxRDVGQzdEMTU0N0U0RTM1MzAeFw0yNTA2MDQw NTM4NDRaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDcyODU3MkUxNEY0NUI2 MUQ4QkVDRTBEQzFCRDVBMENDNTBENzJFMkEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCnlHVKNDZv9zrG/c5q/fmh+SO67k+48Y8TazxASIyyvHzY+Z/l gH2BM1T00qcn8fM+JJXlXOmW53rZdz9PLI33ksN7gMFl57/2bvvUivP3oiq4hLkM nCE5ULndZZw1V6mvBpIaqozVnrSwIY4Wyw+1qTqhtuwSt2Bw289T/WLiMiWXFKae MjCAnNi7Ddcvn9ihbdRBu0sU/avfIiBtsxUDZo7iT62+2uUKMkl8A51ARY/GujQr InWL8jxucgw7JTDMQWmvhLgpIBkzdpMvzyQf7zv0m9AYC+LqSTx42wML/gqPL7Mz z9/9U2bidbbl4oo4d7ByOK2VjY8zrNxKecoXAgMBAAGjggH0MIIB8DAdBgNVHQ4E FgQUcoVy4U9Fth2L7ODcG9WgzFDXLiowHwYDVR0jBBgwFoAU0qtsm24WUzTAMtBR 1fx9FUfk41MwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA5 OC8wcXRzbTI0V1V6VEFNdEJSMWZ4OUZVZms0MU0uY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwLzBxdHNtMjRXVXpUQU10QlIxZng5RlVmazQxTS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwOTgvY29WeTRVOUZ0aDJM N09EY0c5V2d6RkRYTGlvLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIw BwMFACQHm0AwDQYJKoZIhvcNAQELBQADggEBAIQyVuWmCdwP+OcIUjckfEqgV3Qq AUAgJ86LYm+A8NIL5zqQB3grKEcYG/D1FC9Z06c3EdlQa+71EPS1hV6umno24dYp +nssXgEuqgGBNTH7Ndkmm/pCYANxdV2H1hkWXg5eIqVA3nAhPOVdTBIn1xLZq1ts BkNrqnIMxcK7E/A44/g8+ipP6PyUUKjSgPW6hzSt84C43Wwxg0z2ajqo+zEPFafD puWrL407EGUApdW2HM95OI4rgo5N9nNrT+iidmNCCOu7PjRAVR60nJMeOyQX68Wg GdLSxbMv4t5Id8OLJoqkwQvfPKqxr/5bJDSF8Bz6SVoHwqJgUx34PNCU2Mc= -----END CERTIFICATE-----Generated at Thu Jan 8 10:56:10 2026 by rpki-client