This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3098/ml_Ncv1td8i3cilXPZ6YkCp0NQY.roa File: ml_Ncv1td8i3cilXPZ6YkCp0NQY.roa (raw, json) Hash identifier: 40EluuT4UoRLI2AOHQpdMze1Tm9QFYsAvdGdafra+xQ= Subject key identifier: 9A:5F:CD:72:FD:6D:77:C8:B7:72:29:57:3D:9E:98:90:2A:74:35:06 Certificate issuer: /CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353 Certificate serial: 2249 Authority key identifier: D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/ml_Ncv1td8i3cilXPZ6YkCp0NQY.roa Signing time: Fri 06 Jun 2025 16:08:49 +0000 ROA not before: Fri 06 Jun 2025 16:08:49 +0000 ROA not after: Fri 03 Apr 2026 08:00:09 +0000 asID: 146845 IP address blocks: 2407:9b40::/32 maxlen: 64 Validation: Failed, RFC 3779 resource not subset of parent's resources Certificate: Data: Version: 3 (0x2) Serial Number: 8777 (0x2249) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353 Validity Not Before: Jun 6 16:08:49 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=9A5FCD72FD6D77C8B77229573D9E98902A743506 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:98:98:82:8d:eb:ae:b5:48:15:a2:9c:30:4b:21: b8:8f:a1:4a:09:d7:ea:e6:8b:69:21:bd:6f:78:e6: 8a:69:83:56:8b:78:8e:e1:bf:80:92:29:e8:dd:b2: 04:12:1f:26:cf:f9:42:16:b0:f1:5c:09:59:e8:87: a3:65:bf:db:25:47:17:d9:a2:c8:8f:0e:a4:9d:f4: ba:4f:79:32:8d:68:ba:fe:ae:01:f4:ae:12:d5:11: fd:78:ec:6c:65:8a:0f:b6:33:39:9b:27:05:2f:0c: af:1c:73:16:20:89:36:cc:42:44:ab:49:49:ae:b2: 24:34:c1:08:ad:b8:c8:61:2f:60:2b:cc:1b:e2:07: 57:03:a0:56:bb:4b:95:3d:ac:91:bf:89:bc:3f:15: ee:6e:36:6c:59:92:23:0a:9e:30:9b:d4:06:15:13: 02:d9:7d:77:28:cc:58:68:e4:14:7a:4e:a3:5b:c4: fe:f6:c4:85:9c:1b:b5:02:a4:9b:7b:10:46:6b:57: 3c:85:1a:66:85:6d:46:ab:99:8e:a3:5e:86:a7:1d: 38:df:22:f5:42:42:1a:7e:a5:0e:c1:82:fd:bd:ef: 7b:b8:c1:6f:2f:9d:b1:a1:8a:19:52:66:a6:01:21: 1d:03:e2:25:bd:b9:09:c4:fb:16:77:24:dc:af:e5: bb:a1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9A:5F:CD:72:FD:6D:77:C8:B7:72:29:57:3D:9E:98:90:2A:74:35:06 X509v3 Authority Key Identifier: keyid:D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/0qtsm24WUzTAMtBR1fx9FUfk41M.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/ml_Ncv1td8i3cilXPZ6YkCp0NQY.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2407:9b40::/32 Signature Algorithm: sha256WithRSAEncryption b2:62:a5:32:b7:8e:38:12:b5:c9:f3:2a:90:fc:90:61:24:35: 25:d2:26:4c:09:ae:10:67:af:82:44:79:6b:f5:91:99:92:01: ca:be:23:02:55:db:82:23:7c:21:43:42:49:49:a4:1c:3c:cb: 52:64:38:2e:83:c7:74:7f:fb:5f:ca:6a:36:e7:27:e4:bb:b3: 71:39:9e:44:ca:9d:60:b2:8f:84:22:f3:b3:87:da:2b:3f:16: fc:d2:2e:15:a4:45:45:a6:57:4b:30:8f:c6:db:b9:fb:19:26: 6d:23:1c:4d:a8:f6:06:04:a0:c2:a3:98:b4:46:d5:9a:da:23: 3a:20:8d:40:e6:af:ce:51:3d:26:7e:ed:1c:af:72:33:e3:b1: 57:f0:4e:34:1d:7d:0b:38:61:66:2b:34:e5:11:44:a8:ce:eb: 4c:18:51:3b:c8:05:2a:7f:b3:55:cf:47:28:7f:d4:60:c2:33: 66:9d:d8:32:78:bb:fe:d7:d2:e8:69:8f:8f:ff:eb:31:f5:90: 18:11:ac:08:1b:7f:f0:a4:a3:f4:92:6a:9c:4f:80:56:ff:45: 05:49:41:fc:8f:dc:a7:3e:45:27:f7:a4:b0:fb:ed:eb:bb:19: f5:fe:22:1c:03:1d:3a:c8:54:8e:f6:99:7d:8b:ca:fe:a2:0b: 87:cc:e0:93 -----BEGIN CERTIFICATE----- MIIE2DCCA8CgAwIBAgICIkkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRDJB QjZDOUI2RTE2NTMzNEMwMzJEMDUxRDVGQzdEMTU0N0U0RTM1MzAeFw0yNTA2MDYx NjA4NDlaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDlBNUZDRDcyRkQ2RDc3 QzhCNzcyMjk1NzNEOUU5ODkwMkE3NDM1MDYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCYmIKN6661SBWinDBLIbiPoUoJ1+rmi2khvW945oppg1aLeI7h v4CSKejdsgQSHybP+UIWsPFcCVnoh6Nlv9slRxfZosiPDqSd9LpPeTKNaLr+rgH0 rhLVEf147Gxlig+2MzmbJwUvDK8ccxYgiTbMQkSrSUmusiQ0wQituMhhL2ArzBvi B1cDoFa7S5U9rJG/ibw/Fe5uNmxZkiMKnjCb1AYVEwLZfXcozFho5BR6TqNbxP72 xIWcG7UCpJt7EEZrVzyFGmaFbUarmY6jXoanHTjfIvVCQhp+pQ7Bgv2973u4wW8v nbGhihlSZqYBIR0D4iW9uQnE+xZ3JNyv5buhAgMBAAGjggH0MIIB8DAdBgNVHQ4E FgQUml/Ncv1td8i3cilXPZ6YkCp0NQYwHwYDVR0jBBgwFoAU0qtsm24WUzTAMtBR 1fx9FUfk41MwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA5 OC8wcXRzbTI0V1V6VEFNdEJSMWZ4OUZVZms0MU0uY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwLzBxdHNtMjRXVXpUQU10QlIxZng5RlVmazQxTS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwOTgvbWxfTmN2MXRkOGkz Y2lsWFBaNllrQ3AwTlFZLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIw BwMFACQHm0AwDQYJKoZIhvcNAQELBQADggEBALJipTK3jjgStcnzKpD8kGEkNSXS JkwJrhBnr4JEeWv1kZmSAcq+IwJV24IjfCFDQklJpBw8y1JkOC6Dx3R/+1/Kajbn J+S7s3E5nkTKnWCyj4Qi87OH2is/FvzSLhWkRUWmV0swj8bbufsZJm0jHE2o9gYE oMKjmLRG1ZraIzogjUDmr85RPSZ+7RyvcjPjsVfwTjQdfQs4YWYrNOURRKjO60wY UTvIBSp/s1XPRyh/1GDCM2ad2DJ4u/7X0uhpj4//6zH1kBgRrAgbf/Cko/SSapxP gFb/RQVJQfyP3Kc+RSf3pLD77eu7GfX+IhwDHTrIVI72mX2Lyv6iC4fM4JM= -----END CERTIFICATE-----Generated at Mon Jan 12 05:56:14 2026 by rpki-client