This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3098/nyJdaT-SiW9rnHv7i1yBfnL--u8.roa File: nyJdaT-SiW9rnHv7i1yBfnL--u8.roa (raw, json) Hash identifier: JKkxZVLQtu3i9uoupAtKMQl7+t5+L5P5dCwEnou+ou8= Subject key identifier: 9F:22:5D:69:3F:92:89:6F:6B:9C:7B:FB:8B:5C:81:7E:72:FE:FA:EF Certificate issuer: /CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353 Certificate serial: 8AF1 Authority key identifier: D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/nyJdaT-SiW9rnHv7i1yBfnL--u8.roa Signing time: Wed 10 Dec 2025 04:17:51 +0000 ROA not before: Wed 10 Dec 2025 04:17:51 +0000 ROA not after: Fri 23 Oct 2026 03:01:03 +0000 asID: 146845 IP address blocks: 2407:9b40::/32 maxlen: 64 Validation: Failed, RFC 3779 resource not subset of parent's resources Certificate: Data: Version: 3 (0x2) Serial Number: 35569 (0x8af1) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353 Validity Not Before: Dec 10 04:17:51 2025 GMT Not After : Oct 23 03:01:03 2026 GMT Subject: CN=9F225D693F92896F6B9C7BFB8B5C817E72FEFAEF Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:aa:ff:75:7c:1b:2f:cc:14:3b:7c:f5:04:ad: ae:63:92:6a:7c:8d:65:da:fe:62:a3:14:54:66:a0: 26:fe:c9:6f:a7:b3:ca:ef:42:90:35:0a:eb:f2:a1: 79:22:ec:7a:e5:3b:4d:fb:86:fe:6f:fb:d9:bd:01: 4b:20:cc:45:34:5d:b1:fc:44:2a:3f:de:e9:17:21: f2:b8:6a:15:1c:35:36:79:78:06:d0:c4:57:90:9e: b0:95:e0:9e:d2:6c:f0:d0:79:0a:55:aa:eb:5e:a1: 78:da:31:71:ae:10:ad:a1:1e:59:72:97:22:c2:ff: db:c7:55:66:a9:af:3f:83:05:c2:64:9d:9d:3a:5c: 79:a8:d4:d3:ef:28:e4:8c:4e:24:1b:51:e1:08:cd: 3a:ba:1e:c4:a1:96:60:a1:89:bc:96:e9:e4:f2:28: 91:13:c8:0f:24:17:4d:84:c3:f3:a3:d1:16:34:e0: 72:4e:74:15:62:2c:85:68:c5:5d:f3:8b:3b:83:4c: fd:05:a6:03:c2:14:04:ee:6b:e7:6d:e4:d1:b1:e1: 53:90:c0:12:66:fa:4e:54:bd:f2:de:95:2b:89:df: 1f:d5:f2:71:8c:15:dd:36:a6:00:47:5d:98:83:30: 39:34:92:0f:30:13:fd:f5:f8:4b:59:4a:e6:1b:2e: 6d:e3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9F:22:5D:69:3F:92:89:6F:6B:9C:7B:FB:8B:5C:81:7E:72:FE:FA:EF X509v3 Authority Key Identifier: keyid:D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/0qtsm24WUzTAMtBR1fx9FUfk41M.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/nyJdaT-SiW9rnHv7i1yBfnL--u8.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2407:9b40::/32 Signature Algorithm: sha256WithRSAEncryption 56:da:b6:96:74:4f:09:d2:cc:56:96:88:e4:eb:b7:00:d6:a8: e9:51:0d:5c:53:64:5a:f0:0c:89:01:f6:80:d8:26:22:f3:ee: e8:2e:0b:9d:b3:4c:90:80:94:a4:06:81:7a:f3:6c:22:bf:62: fc:95:09:95:ec:dd:c1:32:56:29:8d:bb:04:17:2f:25:6e:69: 7c:15:bb:2e:84:6f:e7:08:36:fc:dd:7f:26:b7:45:35:d7:1b: 79:90:b8:a2:59:df:fe:87:3a:e0:23:de:9d:09:bc:dc:d9:83: f8:fb:a7:a8:c2:22:12:d3:70:14:d0:2f:e9:30:6a:cc:8d:36: 8f:84:af:59:5c:b6:99:cf:04:2e:7b:a6:0c:9f:b2:ef:16:e0: e8:5d:9d:08:44:8a:2f:f4:35:30:58:15:87:e2:b1:d5:18:4d: a2:97:5c:9a:e4:48:ab:32:0c:e4:f6:d9:5c:26:da:78:96:e6: 0f:e3:cd:8a:f5:25:a1:d1:ef:83:5f:67:ae:79:bc:8d:c6:13: af:c1:c6:ac:47:0c:37:f1:41:c0:64:22:09:9b:73:8b:ca:16: 25:6d:b5:0b:57:20:7b:b7:a0:3b:12:be:ff:c8:e8:07:22:7e: 32:f0:1d:82:3b:a2:cd:7d:21:d1:1c:55:13:b7:d2:89:9e:50: 08:1b:52:31 -----BEGIN CERTIFICATE----- MIIE2TCCA8GgAwIBAgIDAIrxMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKEQy QUI2QzlCNkUxNjUzMzRDMDMyRDA1MUQ1RkM3RDE1NDdFNEUzNTMwHhcNMjUxMjEw MDQxNzUxWhcNMjYxMDIzMDMwMTAzWjAzMTEwLwYDVQQDEyg5RjIyNUQ2OTNGOTI4 OTZGNkI5QzdCRkI4QjVDODE3RTcyRkVGQUVGMIIBIjANBgkqhkiG9w0BAQEFAAOC AQ8AMIIBCgKCAQEAxqr/dXwbL8wUO3z1BK2uY5JqfI1l2v5ioxRUZqAm/slvp7PK 70KQNQrr8qF5Iux65TtN+4b+b/vZvQFLIMxFNF2x/EQqP97pFyHyuGoVHDU2eXgG 0MRXkJ6wleCe0mzw0HkKVarrXqF42jFxrhCtoR5Zcpciwv/bx1Vmqa8/gwXCZJ2d Olx5qNTT7yjkjE4kG1HhCM06uh7EoZZgoYm8lunk8iiRE8gPJBdNhMPzo9EWNOBy TnQVYiyFaMVd84s7g0z9BaYDwhQE7mvnbeTRseFTkMASZvpOVL3y3pUrid8f1fJx jBXdNqYAR12YgzA5NJIPMBP99fhLWUrmGy5t4wIDAQABo4IB9DCCAfAwHQYDVR0O BBYEFJ8iXWk/kolva5x7+4tcgX5y/vrvMB8GA1UdIwQYMBaAFNKrbJtuFlM0wDLQ UdX8fRVH5ONTMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwXQYDVR0fBFYwVDBS oFCgToZMcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMw OTgvMHF0c20yNFdVelRBTXRCUjFmeDlGVWZrNDFNLmNybDBjBggrBgEFBQcBAQRX MFUwUwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYy RTNEMDAwMC8wcXRzbTI0V1V6VEFNdEJSMWZ4OUZVZms0MU0uY2VyMA4GA1UdDwEB /wQEAwIHgDCBnQYIKwYBBQUHAQsEgZAwgY0wWAYIKwYBBQUHMAuGTHJzeW5jOi8v cnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC8zMDk4L255SmRhVC1TaVc5 cm5IdjdpMXlCZm5MLS11OC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5j bm5pYy5jbi9ycmRwL25vdGlmeS54bWwwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgAC MAcDBQAkB5tAMA0GCSqGSIb3DQEBCwUAA4IBAQBW2raWdE8J0sxWlojk67cA1qjp UQ1cU2Ra8AyJAfaA2CYi8+7oLguds0yQgJSkBoF682wiv2L8lQmV7N3BMlYpjbsE Fy8lbml8FbsuhG/nCDb83X8mt0U11xt5kLiiWd/+hzrgI96dCbzc2YP4+6eowiIS 03AU0C/pMGrMjTaPhK9ZXLaZzwQue6YMn7LvFuDoXZ0IRIov9DUwWBWH4rHVGE2i l1ya5EirMgzk9tlcJtp4luYP482K9SWh0e+DX2euebyNxhOvwcasRww38UHAZCIJ m3OLyhYlbbULVyB7t6A7Er7/yOgHIn4y8B2CO6LNfSHRHFUTt9KJnlAIG1Ix -----END CERTIFICATE-----Generated at Wed Dec 10 06:40:17 2025 by rpki-client