This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3098/z09nJZ2n0GPyz5UrKQNiFvETcIE.roa File: z09nJZ2n0GPyz5UrKQNiFvETcIE.roa (raw, json) Hash identifier: iE51gQ9/D2P66xWaKSrsVTI1Qa20Eu0uR6LdAS0HyGs= Subject key identifier: CF:4F:67:25:9D:A7:D0:63:F2:CF:95:2B:29:03:62:16:F1:13:70:81 Certificate issuer: /CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353 Certificate serial: 1C6B Authority key identifier: D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/z09nJZ2n0GPyz5UrKQNiFvETcIE.roa Signing time: Tue 27 May 2025 05:38:09 +0000 ROA not before: Tue 27 May 2025 05:38:09 +0000 ROA not after: Fri 03 Apr 2026 08:00:09 +0000 asID: 4812 IP address blocks: 2407:9b40::/32 maxlen: 64 Validation: Failed, RFC 3779 resource not subset of parent's resources Certificate: Data: Version: 3 (0x2) Serial Number: 7275 (0x1c6b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353 Validity Not Before: May 27 05:38:09 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=CF4F67259DA7D063F2CF952B29036216F1137081 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:f7:7a:98:e8:1b:66:a0:82:6e:3d:b3:c1:8f: b4:9f:dd:70:86:ea:96:3a:d9:04:c3:da:cb:52:f2: c6:60:53:02:8d:e6:e3:0b:51:92:67:f2:04:e6:20: dd:60:3b:93:af:49:f4:2d:58:28:de:1e:c9:e2:ea: 1c:96:91:1b:8a:33:1e:b4:39:00:4a:a2:08:56:9e: 76:95:6e:31:96:d3:93:fd:35:dc:23:29:8f:41:08: 85:85:fd:8e:51:f5:38:c9:55:8a:48:95:21:b2:6d: 09:b1:d5:ec:79:67:2e:cb:a5:4e:00:c2:5a:ae:d0: 19:45:8e:06:ce:fa:70:3b:55:94:92:24:53:00:f5: 59:68:9b:e3:f4:79:be:36:76:78:05:10:99:9d:15: eb:bc:9c:a5:24:62:99:82:02:b9:97:8c:0a:04:09: 2f:9b:9b:8e:61:64:7f:79:8e:61:2b:2d:92:aa:56: 14:10:00:10:c9:d6:00:60:60:af:0e:18:ec:c5:de: cd:32:c8:e5:99:40:72:1d:bf:2d:57:ba:15:e0:25: 72:7e:97:ed:6c:4b:a4:b5:c9:f8:82:37:d4:8a:ce: 21:5b:f7:e7:11:0b:55:45:5e:4e:10:12:e4:55:06: ac:a1:ee:2d:8a:84:cf:95:34:53:8c:c7:c6:74:01: 78:97 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CF:4F:67:25:9D:A7:D0:63:F2:CF:95:2B:29:03:62:16:F1:13:70:81 X509v3 Authority Key Identifier: keyid:D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/0qtsm24WUzTAMtBR1fx9FUfk41M.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/z09nJZ2n0GPyz5UrKQNiFvETcIE.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2407:9b40::/32 Signature Algorithm: sha256WithRSAEncryption 71:3a:e2:e6:b0:20:bf:69:28:63:b5:5d:cd:49:3d:9a:18:6b: a0:8e:50:8a:90:b2:01:32:29:16:10:02:8b:8c:0c:a9:30:62: 92:d1:9d:2a:a7:bf:9f:21:96:aa:42:d3:5f:d1:f3:a8:e5:4a: 7e:e6:cd:f3:82:f1:c2:79:45:a9:2f:d1:32:3f:ff:cb:63:eb: 66:4b:6b:90:64:8a:82:8c:20:67:45:8f:f4:f9:20:7a:1a:93: d6:9d:33:db:84:7c:14:a8:ad:a5:8b:d0:bc:91:09:53:63:1d: b3:15:54:03:0a:63:00:8e:5c:e4:3c:05:37:a8:db:f9:ef:fa: a8:47:81:52:59:70:3a:d5:5b:c7:66:6e:28:d6:84:ea:d7:88: 4a:81:21:c1:b8:cc:70:e5:91:0a:fb:ca:f9:8c:e5:4b:1f:02: 31:14:2e:f7:3c:65:41:e7:3f:bd:e3:d0:08:55:9c:f2:6d:55: c1:c4:ce:06:3a:e5:3d:99:41:c6:94:b3:c7:62:ba:7e:2c:fe: 58:01:e1:74:b0:18:e7:61:e1:9d:9b:57:fd:93:7e:0e:da:3b: 12:e2:01:6f:60:61:46:ed:3c:3e:f7:9c:42:29:55:bf:0f:0a: 60:12:4f:c3:73:70:57:7d:ca:35:9a:a3:dd:b0:af:97:85:8c: 2a:b0:8e:a1 -----BEGIN CERTIFICATE----- MIIE2DCCA8CgAwIBAgICHGswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRDJB QjZDOUI2RTE2NTMzNEMwMzJEMDUxRDVGQzdEMTU0N0U0RTM1MzAeFw0yNTA1Mjcw NTM4MDlaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKENGNEY2NzI1OURBN0Qw NjNGMkNGOTUyQjI5MDM2MjE2RjExMzcwODEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCp93qY6BtmoIJuPbPBj7Sf3XCG6pY62QTD2stS8sZgUwKN5uML UZJn8gTmIN1gO5OvSfQtWCjeHsni6hyWkRuKMx60OQBKoghWnnaVbjGW05P9Ndwj KY9BCIWF/Y5R9TjJVYpIlSGybQmx1ex5Zy7LpU4Awlqu0BlFjgbO+nA7VZSSJFMA 9Vlom+P0eb42dngFEJmdFeu8nKUkYpmCArmXjAoECS+bm45hZH95jmErLZKqVhQQ ABDJ1gBgYK8OGOzF3s0yyOWZQHIdvy1XuhXgJXJ+l+1sS6S1yfiCN9SKziFb9+cR C1VFXk4QEuRVBqyh7i2KhM+VNFOMx8Z0AXiXAgMBAAGjggH0MIIB8DAdBgNVHQ4E FgQUz09nJZ2n0GPyz5UrKQNiFvETcIEwHwYDVR0jBBgwFoAU0qtsm24WUzTAMtBR 1fx9FUfk41MwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA5 OC8wcXRzbTI0V1V6VEFNdEJSMWZ4OUZVZms0MU0uY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwLzBxdHNtMjRXVXpUQU10QlIxZng5RlVmazQxTS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwOTgvejA5bkpaMm4wR1B5 ejVVcktRTmlGdkVUY0lFLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIw BwMFACQHm0AwDQYJKoZIhvcNAQELBQADggEBAHE64uawIL9pKGO1Xc1JPZoYa6CO UIqQsgEyKRYQAouMDKkwYpLRnSqnv58hlqpC01/R86jlSn7mzfOC8cJ5Rakv0TI/ /8tj62ZLa5BkioKMIGdFj/T5IHoak9adM9uEfBSoraWL0LyRCVNjHbMVVAMKYwCO XOQ8BTeo2/nv+qhHgVJZcDrVW8dmbijWhOrXiEqBIcG4zHDlkQr7yvmM5UsfAjEU Lvc8ZUHnP73j0AhVnPJtVcHEzgY65T2ZQcaUs8diun4s/lgB4XSwGOdh4Z2bV/2T fg7aOxLiAW9gYUbtPD73nEIpVb8PCmAST8NzcFd9yjWao92wr5eFjCqwjqE= -----END CERTIFICATE-----Generated at Sun Jan 11 23:55:12 2026 by rpki-client