This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3098/dFkOO36WGHnV-TRuQP5874bxw_c.roa File: dFkOO36WGHnV-TRuQP5874bxw_c.roa (raw, json) Hash identifier: rwVzY+5eVVNCwcTQF2NJDbdl0wuRpIjlXJEtcUUqR0s= Subject key identifier: 74:59:0E:3B:7E:96:18:79:D5:F9:34:6E:40:FE:7C:EF:86:F1:C3:F7 Certificate issuer: /CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353 Certificate serial: 1F5F Authority key identifier: D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/dFkOO36WGHnV-TRuQP5874bxw_c.roa Signing time: Sun 01 Jun 2025 11:38:38 +0000 ROA not before: Sun 01 Jun 2025 11:38:38 +0000 ROA not after: Fri 03 Apr 2026 08:00:09 +0000 asID: 4812 IP address blocks: 2407:9b40::/32 maxlen: 64 Validation: Failed, RFC 3779 resource not subset of parent's resources Certificate: Data: Version: 3 (0x2) Serial Number: 8031 (0x1f5f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353 Validity Not Before: Jun 1 11:38:38 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=74590E3B7E961879D5F9346E40FE7CEF86F1C3F7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:de:ea:be:bf:01:35:85:15:04:9d:e5:de:98:c1: 07:fe:5b:db:71:4a:3e:fe:e5:cf:09:b5:1f:cd:fd: ef:df:26:58:4b:b2:79:59:de:38:fb:c3:41:57:36: 4e:2f:39:03:a8:2e:55:cf:e4:5e:64:d9:58:d3:4b: c1:d1:ae:2a:c5:2f:2f:1c:12:e9:a3:0a:83:99:01: 52:c9:76:d7:e8:89:22:68:f5:27:07:83:9c:09:0c: 90:f6:42:3d:54:9c:2d:08:ed:fb:f6:3d:a2:a9:81: 38:86:8a:55:52:5a:f5:5d:01:77:ab:47:a4:a4:de: c9:a9:a0:58:ec:04:9d:fc:92:2c:ec:9b:fb:85:2b: 7b:65:9e:3b:a7:65:09:1a:65:fd:ec:67:1f:6c:3e: 84:d6:07:39:89:40:44:ae:a4:2e:d1:4f:f3:31:67: 8a:8d:48:31:5c:03:67:c3:09:bb:6e:6d:5d:83:b1: 32:bb:97:ad:e7:92:f8:d5:15:a3:1c:c0:f6:14:14: 32:83:bf:05:4d:86:82:2a:4c:68:84:88:b5:67:f8: 35:76:1a:9d:08:0f:14:e0:98:5a:46:a5:62:2b:40: 89:7e:61:0a:6c:3a:5c:50:e2:8e:bb:bb:df:31:c1: 8d:04:71:c7:63:48:b9:74:87:ad:6b:f2:63:a9:bf: 1b:ff Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 74:59:0E:3B:7E:96:18:79:D5:F9:34:6E:40:FE:7C:EF:86:F1:C3:F7 X509v3 Authority Key Identifier: keyid:D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/0qtsm24WUzTAMtBR1fx9FUfk41M.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/dFkOO36WGHnV-TRuQP5874bxw_c.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2407:9b40::/32 Signature Algorithm: sha256WithRSAEncryption 18:2f:ad:59:4a:18:ff:e8:f7:dc:30:48:47:3a:bd:e4:6d:e6: 3a:8d:47:74:c7:59:17:7b:3a:71:68:3c:c2:7d:7a:98:90:27: c2:38:a8:34:85:53:60:88:d7:7f:67:ef:21:3b:50:36:a5:3b: 5f:31:7b:7c:49:16:41:77:be:46:ff:96:c5:90:78:13:83:c5: a0:67:db:44:f6:d2:d3:f2:1b:dd:b2:c8:1a:df:bb:ac:32:be: 66:3c:ce:7b:c9:80:09:29:aa:41:cc:69:58:c1:7e:56:60:6d: 7e:26:04:ca:fa:00:b7:33:69:a3:e8:ad:b9:df:c8:67:95:3e: 89:28:ae:de:68:0e:45:9f:69:b5:12:05:e7:9b:4a:ea:c0:82: 06:3d:91:16:fe:61:8f:fb:76:10:c6:73:3e:82:b7:36:0d:b5: da:45:60:e1:07:01:52:12:29:2e:00:f3:14:3c:cc:c4:13:ea: 3d:5a:7c:76:08:27:5a:d9:ba:93:89:c3:60:ab:7f:10:b5:08: 52:6a:c8:6d:10:88:fa:9f:c4:49:6d:0e:1d:6b:52:5c:18:af: d0:72:dd:ec:a8:3e:10:e9:54:20:03:7f:d2:d6:c2:23:fe:3a: e5:0a:0b:10:99:62:54:27:54:57:c1:27:3e:56:fe:38:fb:4b: b3:30:76:d2 -----BEGIN CERTIFICATE----- MIIE2DCCA8CgAwIBAgICH18wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRDJB QjZDOUI2RTE2NTMzNEMwMzJEMDUxRDVGQzdEMTU0N0U0RTM1MzAeFw0yNTA2MDEx MTM4MzhaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDc0NTkwRTNCN0U5NjE4 NzlENUY5MzQ2RTQwRkU3Q0VGODZGMUMzRjcwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDe6r6/ATWFFQSd5d6YwQf+W9txSj7+5c8JtR/N/e/fJlhLsnlZ 3jj7w0FXNk4vOQOoLlXP5F5k2VjTS8HRrirFLy8cEumjCoOZAVLJdtfoiSJo9ScH g5wJDJD2Qj1UnC0I7fv2PaKpgTiGilVSWvVdAXerR6Sk3smpoFjsBJ38kizsm/uF K3tlnjunZQkaZf3sZx9sPoTWBzmJQESupC7RT/MxZ4qNSDFcA2fDCbtubV2DsTK7 l63nkvjVFaMcwPYUFDKDvwVNhoIqTGiEiLVn+DV2Gp0IDxTgmFpGpWIrQIl+YQps OlxQ4o67u98xwY0EccdjSLl0h61r8mOpvxv/AgMBAAGjggH0MIIB8DAdBgNVHQ4E FgQUdFkOO36WGHnV+TRuQP5874bxw/cwHwYDVR0jBBgwFoAU0qtsm24WUzTAMtBR 1fx9FUfk41MwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA5 OC8wcXRzbTI0V1V6VEFNdEJSMWZ4OUZVZms0MU0uY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwLzBxdHNtMjRXVXpUQU10QlIxZng5RlVmazQxTS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwOTgvZEZrT08zNldHSG5W LVRSdVFQNTg3NGJ4d19jLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIw BwMFACQHm0AwDQYJKoZIhvcNAQELBQADggEBABgvrVlKGP/o99wwSEc6veRt5jqN R3THWRd7OnFoPMJ9epiQJ8I4qDSFU2CI139n7yE7UDalO18xe3xJFkF3vkb/lsWQ eBODxaBn20T20tPyG92yyBrfu6wyvmY8znvJgAkpqkHMaVjBflZgbX4mBMr6ALcz aaPorbnfyGeVPokort5oDkWfabUSBeebSurAggY9kRb+YY/7dhDGcz6CtzYNtdpF YOEHAVISKS4A8xQ8zMQT6j1afHYIJ1rZupOJw2CrfxC1CFJqyG0QiPqfxEltDh1r UlwYr9By3eyoPhDpVCADf9LWwiP+OuUKCxCZYlQnVFfBJz5W/jj7S7MwdtI= -----END CERTIFICATE-----Generated at Thu Jan 8 23:15:03 2026 by rpki-client