This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3098/oA7T8UlkmRE_iBMfCxSiMEtHjcw.roa File: oA7T8UlkmRE_iBMfCxSiMEtHjcw.roa (raw, json) Hash identifier: 9Uep2UtbcFrxNOCtsw3gyWNmw4j0/+n6+gNNVS6UcrE= Subject key identifier: A0:0E:D3:F1:49:64:99:11:3F:88:13:1F:0B:14:A2:30:4B:47:8D:CC Certificate issuer: /CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353 Certificate serial: 263D Authority key identifier: D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/oA7T8UlkmRE_iBMfCxSiMEtHjcw.roa Signing time: Fri 13 Jun 2025 16:39:14 +0000 ROA not before: Fri 13 Jun 2025 16:39:14 +0000 ROA not after: Fri 03 Apr 2026 08:00:09 +0000 asID: 4812 IP address blocks: 2407:9b40::/32 maxlen: 64 Validation: Failed, RFC 3779 resource not subset of parent's resources Certificate: Data: Version: 3 (0x2) Serial Number: 9789 (0x263d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353 Validity Not Before: Jun 13 16:39:14 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=A00ED3F1496499113F88131F0B14A2304B478DCC Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d8:19:fe:4d:08:6a:9f:7b:d1:a5:09:c1:41:dd: 90:79:48:86:99:80:ec:8c:36:72:56:15:2d:d3:5e: 25:99:8b:ab:4e:e8:34:75:bc:62:61:fb:d3:1b:43: 30:71:d4:1f:50:9f:b9:4a:f5:92:bd:53:c5:ff:7b: eb:66:cf:13:71:71:60:08:fe:fb:bb:38:fb:2e:3d: 98:4e:c9:aa:75:3e:04:1c:49:ea:ec:ac:6f:ef:b4: c0:d1:23:df:0b:31:c3:de:e6:b3:06:0a:75:91:5e: cd:c0:91:f0:3d:ff:bd:aa:75:3e:23:2d:81:bf:a6: 16:95:c9:54:4a:73:a1:3f:18:c9:2d:b3:ab:9f:e7: 85:01:86:93:60:3c:03:14:81:2a:ca:98:ab:f0:51: 0f:dd:5f:20:c8:ab:b7:13:8c:4b:1c:23:fe:c2:44: 92:e4:e4:26:c5:cc:fa:ef:b8:46:26:72:7a:7b:59: da:24:7c:ee:e6:2d:cc:5d:d2:7f:47:e3:23:74:92: 9b:68:19:19:23:14:80:fd:3d:f8:4b:db:7f:26:27: a9:1a:af:5d:70:ce:7d:52:0d:1f:58:79:63:3a:43: 18:2b:e5:3a:c8:53:4a:60:c7:56:f6:7c:30:b2:41: d2:09:1d:3b:0e:74:9f:03:fb:3f:ae:92:0d:52:ac: b9:0d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A0:0E:D3:F1:49:64:99:11:3F:88:13:1F:0B:14:A2:30:4B:47:8D:CC X509v3 Authority Key Identifier: keyid:D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/0qtsm24WUzTAMtBR1fx9FUfk41M.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/oA7T8UlkmRE_iBMfCxSiMEtHjcw.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2407:9b40::/32 Signature Algorithm: sha256WithRSAEncryption 28:6c:65:27:c5:55:8d:79:1d:e0:dc:a1:cf:24:8a:56:43:d2: 00:24:ea:38:7e:5c:54:c5:56:56:b6:83:4f:34:4d:84:24:55: ca:bc:e2:bf:2b:05:a1:64:bc:dd:30:55:27:56:1a:36:4c:09: 00:93:10:36:f6:54:40:20:d5:35:bb:1d:00:51:98:cf:9d:e7: d5:df:f3:ad:f6:80:24:f7:af:59:5c:ec:2f:6e:b7:56:60:15: 74:b8:24:19:bc:12:13:17:8d:97:ca:9b:c5:b1:73:1e:66:fd: 13:fb:46:e5:df:fe:cc:ad:21:44:b9:cf:43:00:79:51:85:9d: fc:5e:95:9a:74:f7:e3:81:39:77:b4:cc:ee:5a:da:33:48:d2: 5f:24:4c:15:b7:aa:c6:e2:02:47:cd:6e:b0:1a:d6:15:9a:34: 65:15:a1:6a:1e:01:0c:fc:59:4e:48:9d:65:fd:79:6f:54:9f: b3:1b:ba:8b:45:d6:63:31:ce:47:25:6a:bf:2b:97:0e:2c:ba: ee:2e:8a:8b:6d:cb:fa:ed:fe:00:24:78:d5:09:f1:7a:99:fa: f1:b5:ac:92:fb:27:78:ce:c0:fe:44:59:91:6f:54:0b:a9:74: 9a:c6:f2:12:a1:1f:f9:81:ca:a6:ae:43:3c:64:bd:e3:c3:09: 8e:7d:d5:84 -----BEGIN CERTIFICATE----- MIIE2DCCA8CgAwIBAgICJj0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRDJB QjZDOUI2RTE2NTMzNEMwMzJEMDUxRDVGQzdEMTU0N0U0RTM1MzAeFw0yNTA2MTMx NjM5MTRaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKEEwMEVEM0YxNDk2NDk5 MTEzRjg4MTMxRjBCMTRBMjMwNEI0NzhEQ0MwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDYGf5NCGqfe9GlCcFB3ZB5SIaZgOyMNnJWFS3TXiWZi6tO6DR1 vGJh+9MbQzBx1B9Qn7lK9ZK9U8X/e+tmzxNxcWAI/vu7OPsuPZhOyap1PgQcSers rG/vtMDRI98LMcPe5rMGCnWRXs3AkfA9/72qdT4jLYG/phaVyVRKc6E/GMkts6uf 54UBhpNgPAMUgSrKmKvwUQ/dXyDIq7cTjEscI/7CRJLk5CbFzPrvuEYmcnp7Wdok fO7mLcxd0n9H4yN0kptoGRkjFID9PfhL238mJ6kar11wzn1SDR9YeWM6Qxgr5TrI U0pgx1b2fDCyQdIJHTsOdJ8D+z+ukg1SrLkNAgMBAAGjggH0MIIB8DAdBgNVHQ4E FgQUoA7T8UlkmRE/iBMfCxSiMEtHjcwwHwYDVR0jBBgwFoAU0qtsm24WUzTAMtBR 1fx9FUfk41MwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA5 OC8wcXRzbTI0V1V6VEFNdEJSMWZ4OUZVZms0MU0uY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwLzBxdHNtMjRXVXpUQU10QlIxZng5RlVmazQxTS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwOTgvb0E3VDhVbGttUkVf aUJNZkN4U2lNRXRIamN3LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIw BwMFACQHm0AwDQYJKoZIhvcNAQELBQADggEBAChsZSfFVY15HeDcoc8kilZD0gAk 6jh+XFTFVla2g080TYQkVcq84r8rBaFkvN0wVSdWGjZMCQCTEDb2VEAg1TW7HQBR mM+d59Xf8632gCT3r1lc7C9ut1ZgFXS4JBm8EhMXjZfKm8Wxcx5m/RP7RuXf/syt IUS5z0MAeVGFnfxelZp09+OBOXe0zO5a2jNI0l8kTBW3qsbiAkfNbrAa1hWaNGUV oWoeAQz8WU5InWX9eW9Un7MbuotF1mMxzkclar8rlw4suu4uiotty/rt/gAkeNUJ 8XqZ+vG1rJL7J3jOwP5EWZFvVAupdJrG8hKhH/mByqauQzxkvePDCY591YQ= -----END CERTIFICATE-----Generated at Mon Jan 12 13:07:36 2026 by rpki-client