This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3098/k3lIr1DPLShXB1Nw1SGE8rJDcz4.roa File: k3lIr1DPLShXB1Nw1SGE8rJDcz4.roa (raw, json) Hash identifier: fubJfMgKb2vP2bq16U48MwSIoZ0VREGMPAjL10gH7/Y= Subject key identifier: 93:79:48:AF:50:CF:2D:28:57:07:53:70:D5:21:84:F2:B2:43:73:3E Certificate issuer: /CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353 Certificate serial: 9118 Authority key identifier: D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/k3lIr1DPLShXB1Nw1SGE8rJDcz4.roa Signing time: Sun 21 Dec 2025 03:40:04 +0000 ROA not before: Sun 21 Dec 2025 03:40:04 +0000 ROA not after: Fri 23 Oct 2026 03:01:03 +0000 asID: 146845 IP address blocks: 2407:9b40::/32 maxlen: 64 Validation: Failed, RFC 3779 resource not subset of parent's resources Certificate: Data: Version: 3 (0x2) Serial Number: 37144 (0x9118) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353 Validity Not Before: Dec 21 03:40:04 2025 GMT Not After : Oct 23 03:01:03 2026 GMT Subject: CN=937948AF50CF2D2857075370D52184F2B243733E Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:8b:78:a3:4e:9a:aa:43:ac:4e:c0:3f:b6:99: c4:8f:b9:d4:d1:b4:90:f3:89:41:38:e4:f8:a0:bd: 26:a9:a1:8f:5c:db:43:11:4d:a6:c5:78:04:08:a4: f0:0c:82:43:44:a3:7b:9d:b8:f7:00:38:3d:b8:fa: 09:67:a6:67:4e:1b:e3:7a:7f:a7:aa:57:f8:37:cc: 3f:54:3c:f6:3e:c9:70:3a:9f:e3:96:11:e3:05:b1: de:52:f5:5e:d8:43:82:37:96:1f:52:c2:28:90:3f: f6:87:01:41:cf:e8:6f:39:12:4a:f1:c2:5d:bb:4c: 59:3e:40:2f:43:4d:82:0b:49:5e:84:80:5c:82:62: 25:94:31:77:ac:bf:e2:e0:30:f2:64:0d:bf:1d:96: f2:80:37:92:52:1f:21:fc:fa:c7:e5:21:cf:98:83: 76:1b:73:a4:7f:8a:89:3b:91:b3:14:9e:2b:15:b0: b3:c0:f7:d2:3c:dc:3d:28:c0:d9:10:e3:c9:16:e1: 7a:ea:f3:ec:b4:25:19:8a:02:db:a7:51:2a:aa:5d: 70:cc:20:23:90:98:fb:f4:36:85:38:b6:29:d4:3b: 48:b7:53:42:a8:3e:82:83:0b:1f:64:26:02:cb:e0: a5:1e:a8:98:07:a8:c5:73:c8:e9:ae:0d:7e:cf:6f: 3d:57 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 93:79:48:AF:50:CF:2D:28:57:07:53:70:D5:21:84:F2:B2:43:73:3E X509v3 Authority Key Identifier: keyid:D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/0qtsm24WUzTAMtBR1fx9FUfk41M.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/k3lIr1DPLShXB1Nw1SGE8rJDcz4.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2407:9b40::/32 Signature Algorithm: sha256WithRSAEncryption ad:40:9f:30:c3:ab:fe:2b:d0:77:86:77:56:0d:8a:b2:5a:39: 5f:eb:d0:39:55:c2:1b:3f:51:9c:f1:d3:a7:bc:10:e5:98:6c: 1c:ca:4e:ba:bd:f5:30:5b:12:92:03:99:1e:5e:47:6e:ea:80: 59:ef:e7:aa:e7:03:13:db:e0:5c:cb:f6:7f:15:e0:9e:73:7d: 8d:60:fd:3f:f7:c7:d1:a6:51:57:92:c1:1c:f6:93:6a:3d:be: 68:72:5e:c9:b9:64:9b:7d:25:5e:0d:9b:f0:bb:6c:38:11:6a: 30:4f:78:eb:a9:ba:f2:43:4d:27:2a:fc:99:b7:cd:fe:c2:53: 38:2c:3d:b5:28:e7:01:72:b8:28:30:80:39:a8:02:3c:0d:93: dc:92:a7:3e:97:83:7d:7f:b8:a8:d7:34:6b:49:3d:fb:23:d3: 6b:24:88:8a:76:fa:a1:c5:af:3e:b5:ef:f0:35:92:49:b0:71: 1c:f0:09:8e:1d:98:b8:30:b4:c8:3a:50:ad:a2:d3:50:05:76: e6:2a:ab:da:8d:de:37:59:26:90:b6:59:e2:61:a8:81:b3:85: 59:74:93:9d:bb:49:15:32:e6:54:e1:e5:dd:ea:f3:7e:f8:75: 33:80:b5:69:f7:79:90:44:b9:d7:54:8a:7a:ae:72:3f:2a:f6: 49:ce:70:b7 -----BEGIN CERTIFICATE----- MIIE2TCCA8GgAwIBAgIDAJEYMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKEQy QUI2QzlCNkUxNjUzMzRDMDMyRDA1MUQ1RkM3RDE1NDdFNEUzNTMwHhcNMjUxMjIx MDM0MDA0WhcNMjYxMDIzMDMwMTAzWjAzMTEwLwYDVQQDEyg5Mzc5NDhBRjUwQ0Yy RDI4NTcwNzUzNzBENTIxODRGMkIyNDM3MzNFMIIBIjANBgkqhkiG9w0BAQEFAAOC AQ8AMIIBCgKCAQEArYt4o06aqkOsTsA/tpnEj7nU0bSQ84lBOOT4oL0mqaGPXNtD EU2mxXgECKTwDIJDRKN7nbj3ADg9uPoJZ6ZnThvjen+nqlf4N8w/VDz2PslwOp/j lhHjBbHeUvVe2EOCN5YfUsIokD/2hwFBz+hvORJK8cJdu0xZPkAvQ02CC0lehIBc gmIllDF3rL/i4DDyZA2/HZbygDeSUh8h/PrH5SHPmIN2G3Okf4qJO5GzFJ4rFbCz wPfSPNw9KMDZEOPJFuF66vPstCUZigLbp1Eqql1wzCAjkJj79DaFOLYp1DtIt1NC qD6CgwsfZCYCy+ClHqiYB6jFc8jprg1+z289VwIDAQABo4IB9DCCAfAwHQYDVR0O BBYEFJN5SK9Qzy0oVwdTcNUhhPKyQ3M+MB8GA1UdIwQYMBaAFNKrbJtuFlM0wDLQ UdX8fRVH5ONTMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwXQYDVR0fBFYwVDBS oFCgToZMcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMw OTgvMHF0c20yNFdVelRBTXRCUjFmeDlGVWZrNDFNLmNybDBjBggrBgEFBQcBAQRX MFUwUwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYy RTNEMDAwMC8wcXRzbTI0V1V6VEFNdEJSMWZ4OUZVZms0MU0uY2VyMA4GA1UdDwEB /wQEAwIHgDCBnQYIKwYBBQUHAQsEgZAwgY0wWAYIKwYBBQUHMAuGTHJzeW5jOi8v cnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC8zMDk4L2szbElyMURQTFNo WEIxTncxU0dFOHJKRGN6NC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5j bm5pYy5jbi9ycmRwL25vdGlmeS54bWwwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgAC MAcDBQAkB5tAMA0GCSqGSIb3DQEBCwUAA4IBAQCtQJ8ww6v+K9B3hndWDYqyWjlf 69A5VcIbP1Gc8dOnvBDlmGwcyk66vfUwWxKSA5keXkdu6oBZ7+eq5wMT2+Bcy/Z/ FeCec32NYP0/98fRplFXksEc9pNqPb5ocl7JuWSbfSVeDZvwu2w4EWowT3jrqbry Q00nKvyZt83+wlM4LD21KOcBcrgoMIA5qAI8DZPckqc+l4N9f7io1zRrST37I9Nr JIiKdvqhxa8+te/wNZJJsHEc8AmOHZi4MLTIOlCtotNQBXbmKqvajd43WSaQtlni YaiBs4VZdJOdu0kVMuZU4eXd6vN++HUzgLVp93mQRLnXVIp6rnI/KvZJznC3 -----END CERTIFICATE-----Generated at Sun Dec 21 06:27:01 2025 by rpki-client