This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3098/o0tp8rxjNtW5SeD96BtYy6pFQlE.roa File: o0tp8rxjNtW5SeD96BtYy6pFQlE.roa (raw, json) Hash identifier: kiCtFPLrEKxtast2tbElFXSdVhD319lGvUdIc1E2iSQ= Subject key identifier: A3:4B:69:F2:BC:63:36:D5:B9:49:E0:FD:E8:1B:58:CB:AA:45:42:51 Certificate issuer: /CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353 Certificate serial: 25DA Authority key identifier: D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/o0tp8rxjNtW5SeD96BtYy6pFQlE.roa Signing time: Fri 13 Jun 2025 00:09:14 +0000 ROA not before: Fri 13 Jun 2025 00:09:14 +0000 ROA not after: Fri 03 Apr 2026 08:00:09 +0000 asID: 4812 IP address blocks: 2407:9b40::/32 maxlen: 64 Validation: Failed, RFC 3779 resource not subset of parent's resources Certificate: Data: Version: 3 (0x2) Serial Number: 9690 (0x25da) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353 Validity Not Before: Jun 13 00:09:14 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=A34B69F2BC6336D5B949E0FDE81B58CBAA454251 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:0f:d3:37:ea:ac:83:1f:e0:63:7d:bf:55:12: 9e:c3:0c:da:6d:f6:8c:c3:32:81:8d:51:42:f6:82: 81:d8:13:1d:5f:9e:f9:4a:a1:55:22:7a:92:9e:e8: a7:b3:f4:f2:e4:c5:f9:a3:30:2c:b0:a6:6a:dd:c4: 29:5e:04:5b:f6:c3:03:c2:c8:83:3a:10:56:1c:a0: 00:1b:ef:ff:78:e3:8e:04:4d:00:40:47:bd:29:c0: 8b:41:a2:f5:e0:6f:0a:e2:f3:d4:d9:8c:d2:03:97: d7:70:57:1c:2d:3a:3b:f3:e9:7c:16:3c:89:85:e5: 2f:40:5c:e2:07:58:a0:c0:5a:86:db:3b:99:50:6f: 6b:60:17:30:d4:09:67:3b:6c:ce:7a:a5:61:50:04: 05:9e:06:8f:f5:92:93:23:c9:be:09:b0:06:4e:af: 9f:4c:e0:fb:81:01:83:3d:ae:58:75:7e:dd:a9:d1: 62:bc:03:da:96:9e:74:a3:0a:af:80:9d:d1:dc:6e: 13:6d:09:9d:72:1b:49:32:84:46:13:21:ac:51:fe: a5:42:d3:5d:83:b0:c5:52:85:c8:41:04:2c:5f:ac: 30:ba:ee:9e:43:9d:e7:83:c6:6c:c7:98:34:db:31: 45:3a:46:ac:41:39:19:0c:6c:6c:a4:31:01:eb:61: 4f:97 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A3:4B:69:F2:BC:63:36:D5:B9:49:E0:FD:E8:1B:58:CB:AA:45:42:51 X509v3 Authority Key Identifier: keyid:D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/0qtsm24WUzTAMtBR1fx9FUfk41M.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/o0tp8rxjNtW5SeD96BtYy6pFQlE.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2407:9b40::/32 Signature Algorithm: sha256WithRSAEncryption a1:9d:c3:13:a4:03:ca:a9:13:c8:3e:2c:72:57:c0:44:ba:b8: bc:3f:07:02:a8:22:fe:6f:0b:2e:43:60:01:50:b4:71:89:0a: bf:e0:a0:48:0f:f4:b4:85:8a:2c:86:46:cd:ec:c1:a7:33:a3: 28:9b:56:d6:b0:84:a7:72:cb:a4:b8:f6:89:9e:73:b6:00:ad: 00:a0:23:70:ec:2e:df:06:bf:e5:4f:60:b4:bf:66:0d:de:cd: f4:6c:ca:35:47:a2:cb:db:38:5c:9e:e3:b5:97:57:e5:1a:01: 72:6e:f9:9e:cc:8f:72:8b:38:e2:36:f4:3b:0d:b1:ec:a3:56: 1c:fc:a1:5e:f1:6a:ec:8f:24:c8:db:59:1d:35:cb:d1:73:ed: 7c:dd:93:ff:60:26:88:9d:72:c7:fa:fc:64:60:63:51:93:63: 3a:dc:d8:f0:8c:b1:80:ce:aa:16:73:f6:cc:7e:bf:f1:29:c4: 9f:9f:2b:33:cb:0b:9e:30:37:7a:b2:6f:ac:53:0c:f5:c9:3b: e4:ca:2d:5c:8d:10:ce:c0:1c:23:74:0d:79:63:32:fc:c2:42: 09:29:d1:1e:d2:37:47:48:52:60:df:4b:bb:55:eb:a1:65:38: 2b:be:c0:cf:47:83:2b:18:4c:d4:f4:ea:eb:77:a9:be:a4:87: 6d:a0:4b:4c -----BEGIN CERTIFICATE----- MIIE2DCCA8CgAwIBAgICJdowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRDJB QjZDOUI2RTE2NTMzNEMwMzJEMDUxRDVGQzdEMTU0N0U0RTM1MzAeFw0yNTA2MTMw MDA5MTRaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKEEzNEI2OUYyQkM2MzM2 RDVCOTQ5RTBGREU4MUI1OENCQUE0NTQyNTEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC3D9M36qyDH+Bjfb9VEp7DDNpt9ozDMoGNUUL2goHYEx1fnvlK oVUiepKe6Kez9PLkxfmjMCywpmrdxCleBFv2wwPCyIM6EFYcoAAb7/94444ETQBA R70pwItBovXgbwri89TZjNIDl9dwVxwtOjvz6XwWPImF5S9AXOIHWKDAWobbO5lQ b2tgFzDUCWc7bM56pWFQBAWeBo/1kpMjyb4JsAZOr59M4PuBAYM9rlh1ft2p0WK8 A9qWnnSjCq+AndHcbhNtCZ1yG0kyhEYTIaxR/qVC012DsMVShchBBCxfrDC67p5D neeDxmzHmDTbMUU6RqxBORkMbGykMQHrYU+XAgMBAAGjggH0MIIB8DAdBgNVHQ4E FgQUo0tp8rxjNtW5SeD96BtYy6pFQlEwHwYDVR0jBBgwFoAU0qtsm24WUzTAMtBR 1fx9FUfk41MwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA5 OC8wcXRzbTI0V1V6VEFNdEJSMWZ4OUZVZms0MU0uY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwLzBxdHNtMjRXVXpUQU10QlIxZng5RlVmazQxTS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwOTgvbzB0cDhyeGpOdFc1 U2VEOTZCdFl5NnBGUWxFLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIw BwMFACQHm0AwDQYJKoZIhvcNAQELBQADggEBAKGdwxOkA8qpE8g+LHJXwES6uLw/ BwKoIv5vCy5DYAFQtHGJCr/goEgP9LSFiiyGRs3swaczoyibVtawhKdyy6S49ome c7YArQCgI3DsLt8Gv+VPYLS/Zg3ezfRsyjVHosvbOFye47WXV+UaAXJu+Z7Mj3KL OOI29DsNseyjVhz8oV7xauyPJMjbWR01y9Fz7Xzdk/9gJoidcsf6/GRgY1GTYzrc 2PCMsYDOqhZz9sx+v/EpxJ+fKzPLC54wN3qyb6xTDPXJO+TKLVyNEM7AHCN0DXlj MvzCQgkp0R7SN0dIUmDfS7tV66FlOCu+wM9HgysYTNT06ut3qb6kh22gS0w= -----END CERTIFICATE-----Generated at Mon Jan 12 06:16:09 2026 by rpki-client