This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3098/etICGMV3hvWDeRuzLH9rIdUPLHo.roa File: etICGMV3hvWDeRuzLH9rIdUPLHo.roa (raw, json) Hash identifier: YOehOAjt152j9cHY2JDqNi8Gc2v479kzyiIzVUGz0r0= Subject key identifier: 7A:D2:02:18:C5:77:86:F5:83:79:1B:B3:2C:7F:6B:21:D5:0F:2C:7A Certificate issuer: /CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353 Certificate serial: 210E Authority key identifier: D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/etICGMV3hvWDeRuzLH9rIdUPLHo.roa Signing time: Wed 04 Jun 2025 11:38:41 +0000 ROA not before: Wed 04 Jun 2025 11:38:41 +0000 ROA not after: Fri 03 Apr 2026 08:00:09 +0000 asID: 146845 IP address blocks: 2407:9b40::/32 maxlen: 64 Validation: Failed, RFC 3779 resource not subset of parent's resources Certificate: Data: Version: 3 (0x2) Serial Number: 8462 (0x210e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353 Validity Not Before: Jun 4 11:38:41 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=7AD20218C57786F583791BB32C7F6B21D50F2C7A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:0a:80:4b:90:95:a6:d6:e1:0f:c0:8d:ad:23: ea:21:4c:28:c7:c5:af:cb:b7:bb:ff:49:f9:d6:8a: de:a9:9c:9a:0a:b4:76:cd:5b:af:e4:c1:05:d7:b2: 1d:10:46:1c:10:a6:26:7d:e5:45:b2:fe:80:d5:25: 32:be:5a:37:8b:f7:e3:d5:53:78:d5:55:a1:d2:03: 96:08:69:3c:fc:e7:9b:88:cd:2d:eb:87:ce:d2:55: 9e:85:cc:50:c5:09:8b:aa:f4:ab:95:2e:6b:6f:c9: 89:d3:60:82:33:d7:06:fa:b5:e7:3d:25:b8:bc:b0: 06:e3:a6:80:2c:9c:91:90:a0:89:3b:e4:42:67:d8: 4c:57:1f:6d:88:af:75:0a:97:4f:78:d2:64:16:ed: 4f:b6:d7:36:d1:8f:16:e3:cc:9a:61:06:64:59:ae: 86:54:3d:7d:11:6d:a6:f5:91:ce:be:75:7c:15:b2: 60:41:2c:22:6b:a1:58:22:b0:3f:07:03:5e:22:24: aa:25:5c:42:72:78:38:21:7d:34:c7:86:d0:3d:f5: a5:5b:5c:b1:a4:6c:30:ba:08:f0:e2:b2:14:3a:d9: 7b:a1:4c:a1:3f:6e:ce:f4:37:74:69:a1:2c:d9:14: 84:72:58:c4:d7:41:81:d0:dc:a7:9c:8b:72:28:72: b8:23 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7A:D2:02:18:C5:77:86:F5:83:79:1B:B3:2C:7F:6B:21:D5:0F:2C:7A X509v3 Authority Key Identifier: keyid:D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/0qtsm24WUzTAMtBR1fx9FUfk41M.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/etICGMV3hvWDeRuzLH9rIdUPLHo.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2407:9b40::/32 Signature Algorithm: sha256WithRSAEncryption 8d:31:be:b1:47:bd:78:f2:b9:b6:c3:1f:b7:84:78:4b:72:e8: 89:57:7a:2c:d2:7a:31:17:f3:b5:fc:b7:17:3a:bd:7a:f9:4d: ab:46:c4:e2:0e:52:5c:b2:32:63:32:07:53:40:be:be:0e:bc: b3:e0:b2:57:e7:15:70:a6:71:fd:e1:7c:f6:8a:4a:5f:a3:a2: 41:62:0a:a8:e8:7a:c1:dd:b3:99:af:42:7a:2f:73:23:73:10: 37:02:ba:9c:49:0f:97:6e:23:85:09:7f:07:6a:60:90:aa:f0: 50:d0:3f:6d:e5:90:9c:b8:32:96:ed:78:56:48:51:b5:d4:31: 55:b1:bb:1c:97:cb:ff:48:f4:51:5b:a7:af:79:ff:55:69:9b: 36:11:8b:1b:07:7f:d6:17:af:83:3f:18:fb:63:60:71:39:fa: f0:15:db:6b:43:0d:0e:85:fd:0f:7b:a0:23:e1:9b:fd:ab:4b: 94:7b:7d:11:1d:54:42:6d:37:d0:74:1d:98:41:6c:24:c7:86: bc:2c:82:04:0f:63:16:80:64:ea:c7:ad:87:9d:5c:f0:7a:cd: 4e:7e:7a:6a:bf:11:af:6b:e3:da:6d:5a:a7:26:05:18:d6:4a: 84:17:3f:83:14:51:ca:3f:26:4a:93:bc:97:3e:8e:46:a5:18: c5:68:78:b2 -----BEGIN CERTIFICATE----- MIIE2DCCA8CgAwIBAgICIQ4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRDJB QjZDOUI2RTE2NTMzNEMwMzJEMDUxRDVGQzdEMTU0N0U0RTM1MzAeFw0yNTA2MDQx MTM4NDFaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDdBRDIwMjE4QzU3Nzg2 RjU4Mzc5MUJCMzJDN0Y2QjIxRDUwRjJDN0EwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDECoBLkJWm1uEPwI2tI+ohTCjHxa/Lt7v/SfnWit6pnJoKtHbN W6/kwQXXsh0QRhwQpiZ95UWy/oDVJTK+WjeL9+PVU3jVVaHSA5YIaTz855uIzS3r h87SVZ6FzFDFCYuq9KuVLmtvyYnTYIIz1wb6tec9Jbi8sAbjpoAsnJGQoIk75EJn 2ExXH22Ir3UKl0940mQW7U+21zbRjxbjzJphBmRZroZUPX0Rbab1kc6+dXwVsmBB LCJroVgisD8HA14iJKolXEJyeDghfTTHhtA99aVbXLGkbDC6CPDishQ62XuhTKE/ bs70N3RpoSzZFIRyWMTXQYHQ3Keci3IocrgjAgMBAAGjggH0MIIB8DAdBgNVHQ4E FgQUetICGMV3hvWDeRuzLH9rIdUPLHowHwYDVR0jBBgwFoAU0qtsm24WUzTAMtBR 1fx9FUfk41MwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA5 OC8wcXRzbTI0V1V6VEFNdEJSMWZ4OUZVZms0MU0uY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwLzBxdHNtMjRXVXpUQU10QlIxZng5RlVmazQxTS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwOTgvZXRJQ0dNVjNodldE ZVJ1ekxIOXJJZFVQTEhvLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIw BwMFACQHm0AwDQYJKoZIhvcNAQELBQADggEBAI0xvrFHvXjyubbDH7eEeEty6IlX eizSejEX87X8txc6vXr5TatGxOIOUlyyMmMyB1NAvr4OvLPgslfnFXCmcf3hfPaK Sl+jokFiCqjoesHds5mvQnovcyNzEDcCupxJD5duI4UJfwdqYJCq8FDQP23lkJy4 MpbteFZIUbXUMVWxuxyXy/9I9FFbp695/1VpmzYRixsHf9YXr4M/GPtjYHE5+vAV 22tDDQ6F/Q97oCPhm/2rS5R7fREdVEJtN9B0HZhBbCTHhrwsggQPYxaAZOrHrYed XPB6zU5+emq/Ea9r49ptWqcmBRjWSoQXP4MUUco/JkqTvJc+jkalGMVoeLI= -----END CERTIFICATE-----Generated at Mon Jan 12 16:46:39 2026 by rpki-client