This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3098/rfG8PtxA0k283nrltF7fEsg0Skw.roa File: rfG8PtxA0k283nrltF7fEsg0Skw.roa (raw, json) Hash identifier: t4+hodvSHrbycME5M3REjHG56uktGD+0qGiMH50Q2Ys= Subject key identifier: AD:F1:BC:3E:DC:40:D2:4D:BC:DE:7A:E5:B4:5E:DF:12:C8:34:4A:4C Certificate issuer: /CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353 Certificate serial: 1C4A Authority key identifier: D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/rfG8PtxA0k283nrltF7fEsg0Skw.roa Signing time: Tue 27 May 2025 00:08:13 +0000 ROA not before: Tue 27 May 2025 00:08:13 +0000 ROA not after: Fri 03 Apr 2026 08:00:09 +0000 asID: 4812 IP address blocks: 2407:9b40::/32 maxlen: 64 Validation: Failed, RFC 3779 resource not subset of parent's resources Certificate: Data: Version: 3 (0x2) Serial Number: 7242 (0x1c4a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353 Validity Not Before: May 27 00:08:13 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=ADF1BC3EDC40D24DBCDE7AE5B45EDF12C8344A4C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:eb:57:60:dc:6e:61:c0:57:d7:02:d5:b1:b1: 3d:e6:cc:86:36:df:2f:f8:88:5a:10:88:32:51:3f: 09:08:ba:05:61:13:a2:d0:46:9d:01:93:81:e2:70: e5:ca:0f:69:43:89:2e:6e:29:eb:1e:76:2e:a6:b3: 9f:90:9e:44:51:2a:8c:e2:3e:01:72:a7:a4:8a:b4: 7f:70:d9:13:00:41:12:07:21:8b:b7:e6:8b:e4:aa: c5:2a:e3:c7:6f:4e:8e:59:c1:87:07:d2:b8:b5:ab: b0:1a:fc:06:88:3f:cc:87:b6:63:c0:8d:6a:3d:f1: f1:46:79:73:5d:4e:3d:3c:9e:77:91:23:af:f7:47: 91:8d:92:b4:d1:0e:fc:75:8b:8d:2f:3a:45:94:67: 2f:61:c4:e2:ac:d8:05:24:f0:92:1c:c4:a8:72:53: b4:c6:4e:16:e2:26:13:2c:24:8b:54:23:50:13:e6: 19:19:ad:56:ae:5f:53:31:58:62:e6:a0:ac:10:e7: 21:87:80:09:e9:92:27:e5:05:7f:29:57:44:ef:d7: d2:ab:58:fb:20:52:8f:d0:c4:3f:52:38:fe:75:a2: c0:cd:d8:a9:74:ea:fa:50:96:20:95:b9:fc:70:82: 65:95:dc:45:68:ed:e6:90:3a:ef:41:b6:00:04:97: d2:8b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AD:F1:BC:3E:DC:40:D2:4D:BC:DE:7A:E5:B4:5E:DF:12:C8:34:4A:4C X509v3 Authority Key Identifier: keyid:D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/0qtsm24WUzTAMtBR1fx9FUfk41M.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/rfG8PtxA0k283nrltF7fEsg0Skw.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2407:9b40::/32 Signature Algorithm: sha256WithRSAEncryption 17:51:74:39:25:f4:39:50:37:84:25:5c:39:f4:e7:73:a9:d0: 43:4e:78:20:31:68:b6:ce:8a:9a:4a:68:1a:73:17:da:79:31: 2a:86:37:9d:15:24:a3:d1:5d:79:19:26:a8:8f:be:37:a0:d4: 7e:c9:c9:80:b8:61:b7:87:85:aa:d2:77:79:4e:e5:75:f5:5a: 95:40:ff:27:4b:f0:80:e3:a5:39:f0:fd:38:5f:6e:0f:c3:1f: f5:25:4b:55:e7:f1:04:fc:77:51:cb:57:15:4e:dc:e5:66:99: 07:cd:94:d6:e1:f5:42:b5:82:78:e4:98:14:d7:5c:5d:f9:ae: 4c:cf:ae:37:db:b2:51:85:29:55:66:9f:f1:46:45:3e:f1:7c: 34:c8:c5:f9:b5:55:38:c6:e2:dd:0d:ac:d3:1e:34:54:bf:98: 4d:63:47:ce:30:28:1f:3b:f9:be:a3:ba:7c:cb:30:53:1e:87: dd:74:35:39:40:78:e5:46:f9:a1:e6:b0:b3:54:58:55:8a:11: 88:0e:8f:87:47:ac:01:a4:4d:e1:4e:0c:8a:e1:26:8d:29:09: d9:c7:31:b8:a8:df:18:62:a4:71:7c:94:1e:2c:e1:a3:01:22: 27:06:9a:b1:9b:a7:d6:83:e1:27:94:b6:d5:24:98:c6:e7:73: 3b:07:e5:43 -----BEGIN CERTIFICATE----- MIIE2DCCA8CgAwIBAgICHEowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRDJB QjZDOUI2RTE2NTMzNEMwMzJEMDUxRDVGQzdEMTU0N0U0RTM1MzAeFw0yNTA1Mjcw MDA4MTNaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKEFERjFCQzNFREM0MEQy NERCQ0RFN0FFNUI0NUVERjEyQzgzNDRBNEMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCt61dg3G5hwFfXAtWxsT3mzIY23y/4iFoQiDJRPwkIugVhE6LQ Rp0Bk4HicOXKD2lDiS5uKesedi6ms5+QnkRRKoziPgFyp6SKtH9w2RMAQRIHIYu3 5ovkqsUq48dvTo5ZwYcH0ri1q7Aa/AaIP8yHtmPAjWo98fFGeXNdTj08nneRI6/3 R5GNkrTRDvx1i40vOkWUZy9hxOKs2AUk8JIcxKhyU7TGThbiJhMsJItUI1AT5hkZ rVauX1MxWGLmoKwQ5yGHgAnpkiflBX8pV0Tv19KrWPsgUo/QxD9SOP51osDN2Kl0 6vpQliCVufxwgmWV3EVo7eaQOu9BtgAEl9KLAgMBAAGjggH0MIIB8DAdBgNVHQ4E FgQUrfG8PtxA0k283nrltF7fEsg0SkwwHwYDVR0jBBgwFoAU0qtsm24WUzTAMtBR 1fx9FUfk41MwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA5 OC8wcXRzbTI0V1V6VEFNdEJSMWZ4OUZVZms0MU0uY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwLzBxdHNtMjRXVXpUQU10QlIxZng5RlVmazQxTS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwOTgvcmZHOFB0eEEwazI4 M25ybHRGN2ZFc2cwU2t3LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIw BwMFACQHm0AwDQYJKoZIhvcNAQELBQADggEBABdRdDkl9DlQN4QlXDn053Op0ENO eCAxaLbOippKaBpzF9p5MSqGN50VJKPRXXkZJqiPvjeg1H7JyYC4YbeHharSd3lO 5XX1WpVA/ydL8IDjpTnw/Thfbg/DH/UlS1Xn8QT8d1HLVxVO3OVmmQfNlNbh9UK1 gnjkmBTXXF35rkzPrjfbslGFKVVmn/FGRT7xfDTIxfm1VTjG4t0NrNMeNFS/mE1j R84wKB87+b6junzLMFMeh910NTlAeOVG+aHmsLNUWFWKEYgOj4dHrAGkTeFODIrh Jo0pCdnHMbio3xhipHF8lB4s4aMBIicGmrGbp9aD4SeUttUkmMbnczsH5UM= -----END CERTIFICATE-----Generated at Sun Jan 11 20:04:58 2026 by rpki-client