This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3098/rwyt9rzYhjY4J4toX-kbWH1fsNE.roa File: rwyt9rzYhjY4J4toX-kbWH1fsNE.roa (raw, json) Hash identifier: yI4fYgdnUh8Nfwclyj469H/p/q3ZxJQ4KeSVpKAtq1w= Subject key identifier: AF:0C:AD:F6:BC:D8:86:36:38:27:8B:68:5F:E9:1B:58:7D:5F:B0:D1 Certificate issuer: /CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353 Certificate serial: 2088 Authority key identifier: D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/rwyt9rzYhjY4J4toX-kbWH1fsNE.roa Signing time: Tue 03 Jun 2025 13:08:39 +0000 ROA not before: Tue 03 Jun 2025 13:08:39 +0000 ROA not after: Fri 03 Apr 2026 08:00:09 +0000 asID: 4812 IP address blocks: 2407:9b40::/32 maxlen: 64 Validation: Failed, RFC 3779 resource not subset of parent's resources Certificate: Data: Version: 3 (0x2) Serial Number: 8328 (0x2088) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353 Validity Not Before: Jun 3 13:08:39 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=AF0CADF6BCD8863638278B685FE91B587D5FB0D1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:c4:38:56:89:8e:19:c3:71:55:c8:85:e8:51: 08:13:88:48:64:8b:d5:0b:f9:bd:bb:e8:b2:9e:2f: 76:31:26:50:86:96:5f:78:e3:80:08:22:5a:27:d4: eb:24:47:ef:78:18:83:6a:75:56:c8:67:a3:dc:26: f6:24:70:9d:db:be:a8:8a:14:6f:dc:70:2f:0f:34: da:a3:dd:44:c2:e8:56:70:f5:d1:14:86:38:97:ee: 74:45:48:f9:29:7d:5a:5d:a0:ef:dc:4f:35:a0:6f: af:43:13:c7:4d:13:a9:d6:db:1e:9f:d4:e4:6a:b0: 62:26:f6:13:85:a9:15:07:81:87:7d:98:9f:f0:f1: 8a:c1:43:d5:e2:90:ca:b7:a0:fb:d3:0d:4d:6c:d5: 32:28:39:2c:f8:91:78:f3:38:40:14:32:49:9a:5c: 45:e7:3f:19:9a:7c:a4:7c:01:15:d7:07:73:61:bc: 11:4d:cd:27:a5:b9:0b:34:b6:99:b0:da:6c:fd:c0: 34:40:85:ff:f0:89:69:ac:cd:a6:f0:a9:d0:c2:cb: 7b:ce:01:c1:02:58:9a:0a:84:39:ec:bc:b2:16:db: f5:bc:35:9a:65:84:21:52:70:0b:bf:0b:a8:65:13: c5:fb:27:a8:b8:b1:e9:51:3b:b2:c0:25:75:16:23: 4b:0b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AF:0C:AD:F6:BC:D8:86:36:38:27:8B:68:5F:E9:1B:58:7D:5F:B0:D1 X509v3 Authority Key Identifier: keyid:D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/0qtsm24WUzTAMtBR1fx9FUfk41M.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/rwyt9rzYhjY4J4toX-kbWH1fsNE.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2407:9b40::/32 Signature Algorithm: sha256WithRSAEncryption 6b:c6:5c:ed:b8:0b:49:ea:1c:62:df:72:0c:f2:d6:f3:5c:ab: d4:60:ee:f3:8e:a2:cd:cb:86:7f:4c:ca:85:1a:2c:cd:53:e2: d3:f6:80:5e:a8:26:82:ea:df:b6:3a:5d:e4:51:8a:05:6a:20: 7c:98:8f:91:cf:13:47:1a:6d:a4:d8:5f:7a:0d:64:b3:d0:f6: ae:02:61:b0:e6:45:ae:bc:a6:36:11:fc:3d:4e:31:eb:55:5e: 27:76:a4:77:4c:14:7c:3c:5c:f5:9d:60:81:2f:82:e7:84:98: 28:5e:1c:6c:33:8c:26:79:2c:09:48:ea:cf:cd:31:66:40:b8: 36:fb:41:52:cd:47:6f:f9:8b:26:27:07:77:0a:e2:8b:f8:93: b5:19:7d:15:91:e6:80:01:dd:27:c0:65:46:3a:74:85:30:4a: 3c:91:be:96:5f:01:2a:a0:bc:c1:be:de:d7:5e:4b:fc:56:ee: 21:ce:0e:1d:81:63:5a:26:cc:37:98:04:f7:4d:01:37:38:f1: 96:ea:f5:47:23:1c:1c:15:b6:f1:dc:55:d3:b3:59:ee:75:d0: 5c:a6:79:ea:34:b9:e6:a1:ea:11:75:e0:cc:8e:82:9c:89:d4: 88:d4:66:e1:6d:1b:91:59:38:0e:da:3e:ee:b2:cf:87:e8:7e: 28:39:86:f2 -----BEGIN CERTIFICATE----- MIIE2DCCA8CgAwIBAgICIIgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRDJB QjZDOUI2RTE2NTMzNEMwMzJEMDUxRDVGQzdEMTU0N0U0RTM1MzAeFw0yNTA2MDMx MzA4MzlaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKEFGMENBREY2QkNEODg2 MzYzODI3OEI2ODVGRTkxQjU4N0Q1RkIwRDEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCwxDhWiY4Zw3FVyIXoUQgTiEhki9UL+b276LKeL3YxJlCGll94 44AIIlon1OskR+94GINqdVbIZ6PcJvYkcJ3bvqiKFG/ccC8PNNqj3UTC6FZw9dEU hjiX7nRFSPkpfVpdoO/cTzWgb69DE8dNE6nW2x6f1ORqsGIm9hOFqRUHgYd9mJ/w 8YrBQ9XikMq3oPvTDU1s1TIoOSz4kXjzOEAUMkmaXEXnPxmafKR8ARXXB3NhvBFN zSeluQs0tpmw2mz9wDRAhf/wiWmszabwqdDCy3vOAcECWJoKhDnsvLIW2/W8NZpl hCFScAu/C6hlE8X7J6i4selRO7LAJXUWI0sLAgMBAAGjggH0MIIB8DAdBgNVHQ4E FgQUrwyt9rzYhjY4J4toX+kbWH1fsNEwHwYDVR0jBBgwFoAU0qtsm24WUzTAMtBR 1fx9FUfk41MwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA5 OC8wcXRzbTI0V1V6VEFNdEJSMWZ4OUZVZms0MU0uY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwLzBxdHNtMjRXVXpUQU10QlIxZng5RlVmazQxTS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwOTgvcnd5dDlyelloalk0 SjR0b1gta2JXSDFmc05FLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIw BwMFACQHm0AwDQYJKoZIhvcNAQELBQADggEBAGvGXO24C0nqHGLfcgzy1vNcq9Rg 7vOOos3Lhn9MyoUaLM1T4tP2gF6oJoLq37Y6XeRRigVqIHyYj5HPE0cabaTYX3oN ZLPQ9q4CYbDmRa68pjYR/D1OMetVXid2pHdMFHw8XPWdYIEvgueEmCheHGwzjCZ5 LAlI6s/NMWZAuDb7QVLNR2/5iyYnB3cK4ov4k7UZfRWR5oAB3SfAZUY6dIUwSjyR vpZfASqgvMG+3tdeS/xW7iHODh2BY1omzDeYBPdNATc48Zbq9UcjHBwVtvHcVdOz We510Fymeeo0ueah6hF14MyOgpyJ1IjUZuFtG5FZOA7aPu6yz4fofig5hvI= -----END CERTIFICATE-----Generated at Mon Jan 12 09:07:38 2026 by rpki-client