Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3098/-beIGHneEBoyhXkzvs_bsJmj8UY.roa
File: -beIGHneEBoyhXkzvs_bsJmj8UY.roa (raw, json)
Hash identifier: kuNIrbsr24Vi0UCd93So+z2Uq4ipxBkzc4rAD/+TF/k=
Subject key identifier: F9:B7:88:18:79:DE:10:1A:32:85:79:33:BE:CF:DB:B0:99:A3:F1:46
Certificate issuer: /CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353
Certificate serial: 26B5
Authority key identifier: D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/-beIGHneEBoyhXkzvs_bsJmj8UY.roa
Signing time: Sat 14 Jun 2025 12:39:19 +0000
ROA not before: Sat 14 Jun 2025 12:39:19 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 4812
IP address blocks: 2407:9b40::/32 maxlen: 64
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 9909 (0x26b5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353
Validity
Not Before: Jun 14 12:39:19 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=F9B7881879DE101A32857933BECFDBB099A3F146
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:ad:0e:fe:1c:3d:c9:ef:69:99:ed:f7:b2:f3:
e1:e8:09:60:a4:d8:60:f6:66:0f:47:c7:a0:d2:60:
02:fd:3b:12:96:c2:db:cf:61:d2:a1:c4:f3:95:8a:
60:27:39:ca:aa:75:df:f5:e9:e5:c6:f0:5b:97:79:
7c:e4:b6:63:1a:7f:c6:d8:f7:e9:e7:f6:4d:a4:eb:
19:a2:d8:f7:fe:bf:23:b9:48:1b:4a:30:b3:10:a7:
cc:e6:e9:70:dd:b3:08:7f:66:8d:8f:0a:7b:26:f3:
b6:2d:83:7a:7b:cf:9d:ea:69:85:cf:33:6d:3c:52:
09:60:2d:77:b3:c9:87:e1:9b:97:2b:50:e7:e1:3a:
44:dd:0e:61:99:b6:c5:a7:8b:59:6c:74:23:bc:76:
80:fa:66:2c:6f:46:d2:0e:8b:94:25:71:2b:a8:8f:
2e:f0:5f:86:92:d3:09:25:02:1b:af:16:13:a8:24:
58:ed:e8:43:f3:e4:cf:62:4b:8a:e6:d3:14:42:e9:
14:5a:1a:22:9d:86:84:c6:b1:f3:44:30:83:0e:32:
3a:5b:7b:fc:d1:d4:50:5b:e4:03:3e:6f:7b:5f:3a:
db:33:2c:00:c3:14:6b:73:8b:e4:fd:72:30:eb:36:
fc:57:f0:c3:c0:e4:91:92:62:8c:75:db:3c:5a:fb:
7b:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:B7:88:18:79:DE:10:1A:32:85:79:33:BE:CF:DB:B0:99:A3:F1:46
X509v3 Authority Key Identifier:
keyid:D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/0qtsm24WUzTAMtBR1fx9FUfk41M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/-beIGHneEBoyhXkzvs_bsJmj8UY.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2407:9b40::/32
Signature Algorithm: sha256WithRSAEncryption
2a:32:2b:4c:c5:5c:06:b5:ef:81:66:9e:69:15:ec:27:fa:f2:
8d:9d:2a:76:3c:97:cb:2b:dd:4f:17:b6:1a:cf:97:42:21:a8:
0f:73:00:9d:71:29:78:0d:82:72:bc:b5:a0:5d:ec:27:d4:b6:
66:a7:86:4a:0d:68:c0:a6:bf:04:5f:70:3a:79:c6:69:27:9e:
bd:32:62:6c:4c:6c:88:58:4b:e2:54:81:80:95:01:ce:77:21:
86:16:23:10:a3:44:87:35:b0:ba:32:e6:4a:c0:5b:f8:93:63:
76:cc:bc:3a:8e:05:1d:8f:99:67:6a:0c:b6:6b:79:30:68:45:
fe:3f:92:c5:4f:88:07:2a:bc:b3:43:1d:a5:92:ea:9a:11:ed:
4d:7d:01:11:69:24:93:4a:fd:78:08:c3:70:bb:8c:d5:a5:61:
1b:df:7c:90:91:35:3b:f1:6e:49:73:93:c4:87:db:64:d5:d0:
67:5c:3a:d1:26:a7:44:1c:b3:13:cf:e6:62:b1:ef:01:93:dd:
93:d6:57:d1:b6:91:1a:6e:25:fe:62:27:ef:ec:c9:b9:b5:44:
67:b1:d8:87:22:ee:86:d7:c7:4c:4c:2a:0b:a8:0f:d0:ae:90:
c6:75:fb:c6:f4:f2:45:af:92:3e:1b:85:23:bf:3b:90:8d:c6:
45:84:d5:17
-----BEGIN CERTIFICATE-----
MIIE2DCCA8CgAwIBAgICJrUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRDJB
QjZDOUI2RTE2NTMzNEMwMzJEMDUxRDVGQzdEMTU0N0U0RTM1MzAeFw0yNTA2MTQx
MjM5MTlaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKEY5Qjc4ODE4NzlERTEw
MUEzMjg1NzkzM0JFQ0ZEQkIwOTlBM0YxNDYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC+rQ7+HD3J72mZ7fey8+HoCWCk2GD2Zg9Hx6DSYAL9OxKWwtvP
YdKhxPOVimAnOcqqdd/16eXG8FuXeXzktmMaf8bY9+nn9k2k6xmi2Pf+vyO5SBtK
MLMQp8zm6XDdswh/Zo2PCnsm87Ytg3p7z53qaYXPM208UglgLXezyYfhm5crUOfh
OkTdDmGZtsWni1lsdCO8doD6ZixvRtIOi5QlcSuojy7wX4aS0wklAhuvFhOoJFjt
6EPz5M9iS4rm0xRC6RRaGiKdhoTGsfNEMIMOMjpbe/zR1FBb5AM+b3tfOtszLADD
FGtzi+T9cjDrNvxX8MPA5JGSYox12zxa+3ujAgMBAAGjggH0MIIB8DAdBgNVHQ4E
FgQU+beIGHneEBoyhXkzvs/bsJmj8UYwHwYDVR0jBBgwFoAU0qtsm24WUzTAMtBR
1fx9FUfk41MwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA5
OC8wcXRzbTI0V1V6VEFNdEJSMWZ4OUZVZms0MU0uY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwLzBxdHNtMjRXVXpUQU10QlIxZng5RlVmazQxTS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwOTgvLWJlSUdIbmVFQm95
aFhrenZzX2JzSm1qOFVZLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIw
BwMFACQHm0AwDQYJKoZIhvcNAQELBQADggEBACoyK0zFXAa174FmnmkV7Cf68o2d
KnY8l8sr3U8XthrPl0IhqA9zAJ1xKXgNgnK8taBd7CfUtmanhkoNaMCmvwRfcDp5
xmknnr0yYmxMbIhYS+JUgYCVAc53IYYWIxCjRIc1sLoy5krAW/iTY3bMvDqOBR2P
mWdqDLZreTBoRf4/ksVPiAcqvLNDHaWS6poR7U19ARFpJJNK/XgIw3C7jNWlYRvf
fJCRNTvxbklzk8SH22TV0GdcOtEmp0QcsxPP5mKx7wGT3ZPWV9G2kRpuJf5iJ+/s
ybm1RGex2Ici7obXx0xMKguoD9CukMZ1+8b08kWvkj4bhSO/O5CNxkWE1Rc=
-----END CERTIFICATE-----
Generated at Sun Jun 22 01:00:28 2025 by rpki-client