This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3098/LnHYkOqiANFkj-ZwWTtOnUUxU_s.roa File: LnHYkOqiANFkj-ZwWTtOnUUxU_s.roa (raw, json) Hash identifier: gQ2FLQxJDbr2bWavmi7scQqpgWDJppSoZfdd/XwWaBw= Subject key identifier: 2E:71:D8:90:EA:A2:00:D1:64:8F:E6:70:59:3B:4E:9D:45:31:53:FB Certificate issuer: /CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353 Certificate serial: 89A1 Authority key identifier: D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/LnHYkOqiANFkj-ZwWTtOnUUxU_s.roa Signing time: Sun 07 Dec 2025 20:18:04 +0000 ROA not before: Sun 07 Dec 2025 20:18:04 +0000 ROA not after: Fri 23 Oct 2026 03:01:03 +0000 asID: 146845 IP address blocks: 2407:9b40::/32 maxlen: 64 Validation: Failed, RFC 3779 resource not subset of parent's resources Certificate: Data: Version: 3 (0x2) Serial Number: 35233 (0x89a1) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353 Validity Not Before: Dec 7 20:18:04 2025 GMT Not After : Oct 23 03:01:03 2026 GMT Subject: CN=2E71D890EAA200D1648FE670593B4E9D453153FB Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:70:36:5a:f3:51:8a:28:64:52:b5:54:c5:ba: 4e:43:35:ba:1c:ad:36:76:91:d8:2d:5b:ca:14:cf: ea:02:f7:b5:eb:41:ee:b5:6c:47:53:a2:fc:57:88: e8:0e:b0:3c:50:11:eb:6a:91:cd:95:f2:bb:fb:dc: e6:ad:b3:23:65:4e:45:ec:4c:7f:53:32:03:c7:87: 2b:fa:68:2c:9e:d0:16:b8:c2:a0:5d:51:88:41:4a: 91:f2:8f:08:98:75:8a:79:9b:0f:79:98:41:89:49: fe:30:8d:53:f8:c1:48:89:42:09:7c:aa:f5:c7:1a: cb:90:79:40:d6:50:3a:f9:06:15:83:6b:45:0a:eb: 69:08:35:92:a3:28:af:c7:71:3c:6a:ba:43:2e:7e: ea:3c:17:2a:55:2d:a8:27:01:69:f1:70:ba:95:01: a2:24:94:c6:34:75:ec:64:19:42:6f:d3:21:ae:78: c9:9f:ed:5f:77:9d:2f:0e:7d:b6:0d:71:08:f5:76: 14:db:08:37:17:50:c7:8a:84:af:28:c0:f1:68:b1: 6c:c1:2e:93:3c:1a:92:a6:1f:04:9c:24:b9:bc:ec: ba:51:f8:29:eb:60:5a:10:fd:a3:93:10:ca:13:9d: 00:48:9a:c1:90:49:95:09:b5:72:c3:14:b8:62:2d: b0:09 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2E:71:D8:90:EA:A2:00:D1:64:8F:E6:70:59:3B:4E:9D:45:31:53:FB X509v3 Authority Key Identifier: keyid:D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/0qtsm24WUzTAMtBR1fx9FUfk41M.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/LnHYkOqiANFkj-ZwWTtOnUUxU_s.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2407:9b40::/32 Signature Algorithm: sha256WithRSAEncryption 44:30:3e:fe:03:d6:5f:5c:67:7c:f8:dc:97:3f:2a:16:24:e2: e3:dc:13:8b:c4:88:23:02:0d:5b:80:b7:f2:ab:f4:ce:e7:51: 05:27:f5:35:51:65:f5:94:bd:b7:05:29:3e:36:ca:1f:b0:9c: 3b:63:65:fb:a9:6b:95:f4:05:be:6e:e5:a3:d6:63:d5:dc:dd: 70:ee:6c:90:72:a5:78:10:f8:d4:7c:34:2b:99:08:9b:2d:dc: 2f:24:1c:2f:b4:b6:b8:90:62:4e:16:99:7b:74:d4:92:97:fb: e4:97:7c:1d:e5:9f:43:ca:9c:78:f8:22:bc:e5:ed:28:a5:05: 38:b4:8b:a0:b1:7d:a5:31:63:1b:4c:f7:95:25:9c:2d:6b:01: 13:50:9f:9f:22:f6:ba:98:eb:d5:51:76:02:2b:43:31:b2:bc: af:bd:d2:be:17:2d:7a:93:b9:37:02:53:4f:e4:a6:6b:35:4a: c2:84:d4:e5:58:6d:24:01:fd:1a:c2:9c:50:5a:3e:08:3d:2c: 03:aa:cb:06:77:c2:26:79:01:8d:cf:31:c2:6f:f7:a4:2c:2d: 20:3f:6e:ff:13:25:78:97:d3:4f:26:2d:65:82:dd:93:78:80: 74:a5:41:cd:d6:ce:65:20:13:c1:0a:36:28:51:8e:33:33:1e: 3e:76:8a:4e -----BEGIN CERTIFICATE----- MIIE2TCCA8GgAwIBAgIDAImhMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKEQy QUI2QzlCNkUxNjUzMzRDMDMyRDA1MUQ1RkM3RDE1NDdFNEUzNTMwHhcNMjUxMjA3 MjAxODA0WhcNMjYxMDIzMDMwMTAzWjAzMTEwLwYDVQQDEygyRTcxRDg5MEVBQTIw MEQxNjQ4RkU2NzA1OTNCNEU5RDQ1MzE1M0ZCMIIBIjANBgkqhkiG9w0BAQEFAAOC AQ8AMIIBCgKCAQEAt3A2WvNRiihkUrVUxbpOQzW6HK02dpHYLVvKFM/qAve160Hu tWxHU6L8V4joDrA8UBHrapHNlfK7+9zmrbMjZU5F7Ex/UzIDx4cr+mgsntAWuMKg XVGIQUqR8o8ImHWKeZsPeZhBiUn+MI1T+MFIiUIJfKr1xxrLkHlA1lA6+QYVg2tF CutpCDWSoyivx3E8arpDLn7qPBcqVS2oJwFp8XC6lQGiJJTGNHXsZBlCb9MhrnjJ n+1fd50vDn22DXEI9XYU2wg3F1DHioSvKMDxaLFswS6TPBqSph8EnCS5vOy6Ufgp 62BaEP2jkxDKE50ASJrBkEmVCbVywxS4Yi2wCQIDAQABo4IB9DCCAfAwHQYDVR0O BBYEFC5x2JDqogDRZI/mcFk7Tp1FMVP7MB8GA1UdIwQYMBaAFNKrbJtuFlM0wDLQ UdX8fRVH5ONTMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwXQYDVR0fBFYwVDBS oFCgToZMcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMw OTgvMHF0c20yNFdVelRBTXRCUjFmeDlGVWZrNDFNLmNybDBjBggrBgEFBQcBAQRX MFUwUwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYy RTNEMDAwMC8wcXRzbTI0V1V6VEFNdEJSMWZ4OUZVZms0MU0uY2VyMA4GA1UdDwEB /wQEAwIHgDCBnQYIKwYBBQUHAQsEgZAwgY0wWAYIKwYBBQUHMAuGTHJzeW5jOi8v cnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC8zMDk4L0xuSFlrT3FpQU5G a2otWndXVHRPblVVeFVfcy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5j bm5pYy5jbi9ycmRwL25vdGlmeS54bWwwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgAC MAcDBQAkB5tAMA0GCSqGSIb3DQEBCwUAA4IBAQBEMD7+A9ZfXGd8+NyXPyoWJOLj 3BOLxIgjAg1bgLfyq/TO51EFJ/U1UWX1lL23BSk+NsofsJw7Y2X7qWuV9AW+buWj 1mPV3N1w7myQcqV4EPjUfDQrmQibLdwvJBwvtLa4kGJOFpl7dNSSl/vkl3wd5Z9D ypx4+CK85e0opQU4tIugsX2lMWMbTPeVJZwtawETUJ+fIva6mOvVUXYCK0Mxsryv vdK+Fy16k7k3AlNP5KZrNUrChNTlWG0kAf0awpxQWj4IPSwDqssGd8ImeQGNzzHC b/ekLC0gP27/EyV4l9NPJi1lgt2TeIB0pUHN1s5lIBPBCjYoUY4zMx4+dopO -----END CERTIFICATE-----Generated at Mon Dec 8 08:23:08 2025 by rpki-client