This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3098/TbLlmrzIL1Fds8-X1SMUgNX0sS4.roa File: TbLlmrzIL1Fds8-X1SMUgNX0sS4.roa (raw, json) Hash identifier: kK3RT01bfZATubd06lq8IoEB1CUFzrk1JhcOI5wGTV4= Subject key identifier: 4D:B2:E5:9A:BC:C8:2F:51:5D:B3:CF:97:D5:23:14:80:D5:F4:B1:2E Certificate issuer: /CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353 Certificate serial: 91E4 Authority key identifier: D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/TbLlmrzIL1Fds8-X1SMUgNX0sS4.roa Signing time: Mon 22 Dec 2025 13:40:07 +0000 ROA not before: Mon 22 Dec 2025 13:40:07 +0000 ROA not after: Fri 23 Oct 2026 03:01:03 +0000 asID: 146845 IP address blocks: 2407:9b40::/32 maxlen: 64 Validation: Failed, RFC 3779 resource not subset of parent's resources Certificate: Data: Version: 3 (0x2) Serial Number: 37348 (0x91e4) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353 Validity Not Before: Dec 22 13:40:07 2025 GMT Not After : Oct 23 03:01:03 2026 GMT Subject: CN=4DB2E59ABCC82F515DB3CF97D5231480D5F4B12E Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:90:a0:ee:48:97:41:c9:75:8c:62:c4:d0:c1: 5c:4d:50:19:2b:80:50:ab:99:d4:8a:48:3e:e5:0c: db:0c:04:55:43:03:27:17:f9:15:e4:c3:47:00:7e: da:d4:f4:44:85:69:2f:11:cb:e6:ab:a3:aa:7b:66: 2a:42:0a:71:e1:45:cc:af:6d:c2:fa:4e:5c:fb:49: 52:c3:e2:ba:ee:26:10:5c:08:88:cb:04:30:81:3e: ea:2f:44:7c:b7:36:38:88:c1:ad:b9:c3:ff:c9:42: e1:7a:1a:a0:0c:00:17:83:c5:b4:3a:7f:a9:09:cf: 8c:78:ee:b8:8d:4a:28:b9:66:42:1a:6f:bb:70:75: 2c:d8:5a:d0:06:b2:f4:bd:c4:48:cb:6b:81:db:84: 2d:9a:70:32:8a:35:fa:b9:d4:30:ac:99:46:37:8a: 6a:b1:a3:83:c8:df:79:8b:8d:20:4a:c9:9e:2c:5a: ec:55:bf:a6:1e:f9:50:06:24:fd:bf:84:45:da:52: dd:9e:bc:62:e6:a4:a8:c3:5e:62:01:a0:a9:d4:a5: 57:d3:0c:af:e6:ce:c5:9e:1c:13:c7:48:77:cf:b2: 5c:11:0f:2d:c8:8e:54:b4:46:9e:29:03:67:9e:c6: c5:79:77:ca:fc:26:c5:b2:ad:ec:96:0d:85:2f:09: 3b:b1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4D:B2:E5:9A:BC:C8:2F:51:5D:B3:CF:97:D5:23:14:80:D5:F4:B1:2E X509v3 Authority Key Identifier: keyid:D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/0qtsm24WUzTAMtBR1fx9FUfk41M.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/TbLlmrzIL1Fds8-X1SMUgNX0sS4.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2407:9b40::/32 Signature Algorithm: sha256WithRSAEncryption 47:6b:a0:74:62:b4:ee:b9:62:bd:f2:1d:2d:89:c5:11:41:97: 20:4f:4b:1f:94:58:1f:d9:f9:04:ac:77:16:b4:84:73:26:c0: 15:80:62:06:fe:0c:51:b6:95:20:ed:b0:5d:e0:a9:0e:6a:c7: 92:19:32:43:a4:03:81:0b:c2:47:2d:e4:b1:25:fc:0a:29:6a: d5:92:25:35:38:d8:d6:5e:44:34:21:8f:32:f5:c6:14:57:ba: 20:7f:48:bf:9d:35:f7:20:ec:48:d5:f5:0d:4f:a1:74:53:a2: a5:5a:d1:cc:04:00:dc:2c:02:ba:be:f0:61:d2:39:d7:01:a8: b0:f0:4e:49:91:e7:57:96:f6:90:1c:9a:b4:61:43:0d:86:7f: 9c:4e:07:9a:05:d4:cd:2c:c6:34:c5:49:db:1c:be:e4:8c:39: 42:9d:dd:b8:2e:8c:8b:5a:83:be:5c:2a:c6:24:d7:2e:4f:6d: 8d:6e:4b:a1:8b:78:5d:4d:c4:1d:c3:04:e2:4e:79:6a:68:37: d4:a4:a5:92:60:9f:a9:3a:87:d9:3a:04:17:05:a3:66:32:08: 20:d8:0a:ae:21:23:75:c4:a5:cc:82:3d:9c:61:15:b9:19:c9: 9c:e0:4f:23:94:8a:0a:e6:92:dd:20:ad:a5:e4:03:74:9d:79: a6:e6:2f:86 -----BEGIN CERTIFICATE----- MIIE2TCCA8GgAwIBAgIDAJHkMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKEQy QUI2QzlCNkUxNjUzMzRDMDMyRDA1MUQ1RkM3RDE1NDdFNEUzNTMwHhcNMjUxMjIy MTM0MDA3WhcNMjYxMDIzMDMwMTAzWjAzMTEwLwYDVQQDEyg0REIyRTU5QUJDQzgy RjUxNURCM0NGOTdENTIzMTQ4MEQ1RjRCMTJFMIIBIjANBgkqhkiG9w0BAQEFAAOC AQ8AMIIBCgKCAQEAuZCg7kiXQcl1jGLE0MFcTVAZK4BQq5nUikg+5QzbDARVQwMn F/kV5MNHAH7a1PREhWkvEcvmq6Oqe2YqQgpx4UXMr23C+k5c+0lSw+K67iYQXAiI ywQwgT7qL0R8tzY4iMGtucP/yULhehqgDAAXg8W0On+pCc+MeO64jUoouWZCGm+7 cHUs2FrQBrL0vcRIy2uB24QtmnAyijX6udQwrJlGN4pqsaODyN95i40gSsmeLFrs Vb+mHvlQBiT9v4RF2lLdnrxi5qSow15iAaCp1KVX0wyv5s7FnhwTx0h3z7JcEQ8t yI5UtEaeKQNnnsbFeXfK/CbFsq3slg2FLwk7sQIDAQABo4IB9DCCAfAwHQYDVR0O BBYEFE2y5Zq8yC9RXbPPl9UjFIDV9LEuMB8GA1UdIwQYMBaAFNKrbJtuFlM0wDLQ UdX8fRVH5ONTMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwXQYDVR0fBFYwVDBS oFCgToZMcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMw OTgvMHF0c20yNFdVelRBTXRCUjFmeDlGVWZrNDFNLmNybDBjBggrBgEFBQcBAQRX MFUwUwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYy RTNEMDAwMC8wcXRzbTI0V1V6VEFNdEJSMWZ4OUZVZms0MU0uY2VyMA4GA1UdDwEB /wQEAwIHgDCBnQYIKwYBBQUHAQsEgZAwgY0wWAYIKwYBBQUHMAuGTHJzeW5jOi8v cnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC8zMDk4L1RiTGxtcnpJTDFG ZHM4LVgxU01VZ05YMHNTNC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5j bm5pYy5jbi9ycmRwL25vdGlmeS54bWwwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgAC MAcDBQAkB5tAMA0GCSqGSIb3DQEBCwUAA4IBAQBHa6B0YrTuuWK98h0ticURQZcg T0sflFgf2fkErHcWtIRzJsAVgGIG/gxRtpUg7bBd4KkOaseSGTJDpAOBC8JHLeSx JfwKKWrVkiU1ONjWXkQ0IY8y9cYUV7ogf0i/nTX3IOxI1fUNT6F0U6KlWtHMBADc LAK6vvBh0jnXAaiw8E5JkedXlvaQHJq0YUMNhn+cTgeaBdTNLMY0xUnbHL7kjDlC nd24LoyLWoO+XCrGJNcuT22Nbkuhi3hdTcQdwwTiTnlqaDfUpKWSYJ+pOofZOgQX BaNmMggg2AquISN1xKXMgj2cYRW5Gcmc4E8jlIoK5pLdIK2l5AN0nXmm5i+G -----END CERTIFICATE-----Generated at Mon Dec 22 16:31:11 2025 by rpki-client