This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3098/p8ExE3xRsZu8zdNBYkDDnD1qmwc.roa File: p8ExE3xRsZu8zdNBYkDDnD1qmwc.roa (raw, json) Hash identifier: ePI3RqAOBeaaVE/rm4J1v6CIdF9lh4vdBruw55UAmP8= Subject key identifier: A7:C1:31:13:7C:51:B1:9B:BC:CD:D3:41:62:40:C3:9C:3D:6A:9B:07 Certificate issuer: /CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353 Certificate serial: 20F3 Authority key identifier: D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/p8ExE3xRsZu8zdNBYkDDnD1qmwc.roa Signing time: Wed 04 Jun 2025 07:08:41 +0000 ROA not before: Wed 04 Jun 2025 07:08:41 +0000 ROA not after: Fri 03 Apr 2026 08:00:09 +0000 asID: 146845 IP address blocks: 2407:9b40::/32 maxlen: 64 Validation: Failed, RFC 3779 resource not subset of parent's resources Certificate: Data: Version: 3 (0x2) Serial Number: 8435 (0x20f3) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353 Validity Not Before: Jun 4 07:08:41 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=A7C131137C51B19BBCCDD3416240C39C3D6A9B07 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e1:2d:c3:d9:72:87:61:73:eb:21:56:c5:50:ab: 45:1f:9a:5b:04:f5:6e:e9:f4:16:89:39:7d:67:39: 94:3f:0c:61:96:f8:19:3f:be:1e:26:35:1c:d7:b9: 10:71:56:8b:cb:9e:9d:1c:d0:1c:22:1d:3b:01:0f: fa:84:cc:48:39:45:66:b7:8a:f4:92:7b:7a:46:29: c3:4b:91:34:91:1e:a9:60:a1:ae:d2:fd:70:9b:23: 1b:f7:5a:86:64:e8:c0:ae:50:5a:59:5a:91:54:c5: d8:20:ae:ba:a1:c0:d6:80:b5:70:f8:f7:10:08:4d: fc:8c:d4:8e:09:3d:76:be:b1:98:38:eb:7d:82:53: 6d:f4:4a:ba:c8:ba:7a:65:96:33:00:ec:a2:86:43: 78:fb:f4:b9:b0:48:22:90:ed:e7:fe:d0:f1:fd:28: 19:78:2c:d1:c7:c4:8e:78:06:5f:4b:db:c0:53:0e: 1f:eb:36:07:59:3b:e5:b4:da:1c:20:b1:c2:7f:d0: f4:11:85:07:43:12:21:40:6f:f3:c0:4c:5e:73:3b: 90:c7:76:77:c6:49:d5:20:1f:87:e1:4e:8d:91:7c: 0e:9c:2b:d6:5e:dd:05:76:58:74:d8:26:04:6e:90: c4:1d:e6:98:eb:17:8b:e3:93:ca:0a:e8:61:13:68: 83:19 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A7:C1:31:13:7C:51:B1:9B:BC:CD:D3:41:62:40:C3:9C:3D:6A:9B:07 X509v3 Authority Key Identifier: keyid:D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/0qtsm24WUzTAMtBR1fx9FUfk41M.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/p8ExE3xRsZu8zdNBYkDDnD1qmwc.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2407:9b40::/32 Signature Algorithm: sha256WithRSAEncryption 69:7d:a8:12:3a:81:25:ca:a5:8f:5f:84:50:22:9a:6d:ec:6b: 93:21:54:b8:25:06:57:93:05:7e:66:0e:22:31:72:cc:aa:80: c4:bb:a6:d0:55:c1:2d:b2:d0:d2:7a:e2:de:95:1a:26:7d:62: 29:3d:81:75:2b:3e:ff:e5:b5:c1:33:35:79:fb:c0:a2:0d:6f: 9f:00:ab:92:25:36:22:4f:36:7c:32:5e:69:68:3f:b4:df:e7: 06:67:e5:a1:63:ce:11:ce:0b:b4:c3:27:61:6b:cd:2d:1f:1c: 45:19:9c:61:88:2a:da:7e:7a:fc:b9:44:d9:fe:78:5f:5f:cb: 1e:7a:79:db:52:4b:f5:8a:96:cf:b4:2b:1b:56:88:1f:f6:ac: fe:ae:97:00:51:1f:e4:9d:47:90:2b:6c:a9:e9:64:02:58:21: 59:80:91:76:35:2a:f6:56:be:f5:1c:34:57:54:c0:5a:47:e5: 03:b7:db:e5:77:10:6c:26:39:57:8f:d2:b3:18:08:8d:b8:ba: 34:02:64:8a:a4:a8:bc:1e:df:a8:db:cb:64:3b:13:d1:0b:38: 6e:7c:3a:0f:61:25:ff:5b:c6:aa:55:bb:d3:3d:2b:42:cb:39: d0:70:cc:72:72:ac:f9:7b:f2:e3:59:34:b3:5a:6c:8f:70:f4: a9:0c:7b:0d -----BEGIN CERTIFICATE----- MIIE2DCCA8CgAwIBAgICIPMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRDJB QjZDOUI2RTE2NTMzNEMwMzJEMDUxRDVGQzdEMTU0N0U0RTM1MzAeFw0yNTA2MDQw NzA4NDFaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKEE3QzEzMTEzN0M1MUIx OUJCQ0NERDM0MTYyNDBDMzlDM0Q2QTlCMDcwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDhLcPZcodhc+shVsVQq0UfmlsE9W7p9BaJOX1nOZQ/DGGW+Bk/ vh4mNRzXuRBxVovLnp0c0BwiHTsBD/qEzEg5RWa3ivSSe3pGKcNLkTSRHqlgoa7S /XCbIxv3WoZk6MCuUFpZWpFUxdggrrqhwNaAtXD49xAITfyM1I4JPXa+sZg4632C U230SrrIunplljMA7KKGQ3j79LmwSCKQ7ef+0PH9KBl4LNHHxI54Bl9L28BTDh/r NgdZO+W02hwgscJ/0PQRhQdDEiFAb/PATF5zO5DHdnfGSdUgH4fhTo2RfA6cK9Ze 3QV2WHTYJgRukMQd5pjrF4vjk8oK6GETaIMZAgMBAAGjggH0MIIB8DAdBgNVHQ4E FgQUp8ExE3xRsZu8zdNBYkDDnD1qmwcwHwYDVR0jBBgwFoAU0qtsm24WUzTAMtBR 1fx9FUfk41MwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA5 OC8wcXRzbTI0V1V6VEFNdEJSMWZ4OUZVZms0MU0uY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwLzBxdHNtMjRXVXpUQU10QlIxZng5RlVmazQxTS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwOTgvcDhFeEUzeFJzWnU4 emROQllrRERuRDFxbXdjLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIw BwMFACQHm0AwDQYJKoZIhvcNAQELBQADggEBAGl9qBI6gSXKpY9fhFAimm3sa5Mh VLglBleTBX5mDiIxcsyqgMS7ptBVwS2y0NJ64t6VGiZ9Yik9gXUrPv/ltcEzNXn7 wKINb58Aq5IlNiJPNnwyXmloP7Tf5wZn5aFjzhHOC7TDJ2FrzS0fHEUZnGGIKtp+ evy5RNn+eF9fyx56edtSS/WKls+0KxtWiB/2rP6ulwBRH+SdR5ArbKnpZAJYIVmA kXY1KvZWvvUcNFdUwFpH5QO32+V3EGwmOVeP0rMYCI24ujQCZIqkqLwe36jby2Q7 E9ELOG58Og9hJf9bxqpVu9M9K0LLOdBwzHJyrPl78uNZNLNabI9w9KkMew0= -----END CERTIFICATE-----Generated at Mon Jan 12 06:15:34 2026 by rpki-client