Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3098/0mRswjWymatKna8nfk1zHl6_WP8.roa
File: 0mRswjWymatKna8nfk1zHl6_WP8.roa (raw, json)
Hash identifier: HXspM1sT+8/U1wx0SpsUptWTIQpc+IH1CLRBoDv+Ctw=
Subject key identifier: D2:64:6C:C2:35:B2:99:AB:4A:9D:AF:27:7E:4D:73:1E:5E:BF:58:FF
Certificate issuer: /CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353
Certificate serial: 2363
Authority key identifier: D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/0mRswjWymatKna8nfk1zHl6_WP8.roa
Signing time: Sun 08 Jun 2025 15:08:55 +0000
ROA not before: Sun 08 Jun 2025 15:08:55 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 146845
IP address blocks: 2407:9b40::/32 maxlen: 64
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 9059 (0x2363)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353
Validity
Not Before: Jun 8 15:08:55 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=D2646CC235B299AB4A9DAF277E4D731E5EBF58FF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:f0:25:04:a5:d6:c4:90:d4:88:51:5c:4e:4f:
3c:63:f6:94:7b:39:f4:61:c0:b4:5a:3d:48:7e:2b:
4f:0e:f9:c6:61:bb:40:e3:45:f2:e6:3e:55:0a:f5:
aa:76:b6:43:0b:4c:2d:6d:6d:54:a8:26:a1:db:c4:
67:24:b8:48:c3:c1:3b:19:80:96:0b:76:30:b8:57:
dd:6a:32:b4:ab:44:7f:44:ae:65:28:17:54:ae:51:
63:dc:b6:11:45:10:73:d8:46:bb:30:4d:05:d9:a3:
59:d0:0d:67:c9:f0:8d:36:bc:ec:7f:5f:07:77:ff:
27:66:26:13:98:b2:04:e3:6c:71:6a:bb:9d:a1:d2:
92:5d:b2:0c:1a:96:5e:24:fc:4a:18:a6:29:ea:e9:
00:43:2a:c4:9b:27:2f:8b:c5:8f:e8:3a:6d:f2:f2:
6b:98:b6:4d:a2:35:ee:95:c9:74:4e:de:44:3f:48:
da:7f:a6:b1:50:78:dd:a5:71:9e:62:e2:34:39:35:
1d:53:aa:36:f4:f8:b7:bd:7b:ce:82:7d:2f:a5:c9:
69:e2:f5:9a:44:80:a8:ef:8f:e0:d8:89:dd:f0:b6:
e8:cd:d5:f4:c3:fe:f8:92:f0:4e:75:37:c7:74:21:
04:02:2e:84:44:fc:98:8a:39:ee:82:9a:cc:8d:bd:
de:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:64:6C:C2:35:B2:99:AB:4A:9D:AF:27:7E:4D:73:1E:5E:BF:58:FF
X509v3 Authority Key Identifier:
keyid:D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/0qtsm24WUzTAMtBR1fx9FUfk41M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/0mRswjWymatKna8nfk1zHl6_WP8.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2407:9b40::/32
Signature Algorithm: sha256WithRSAEncryption
3e:2c:31:b7:12:92:b6:10:da:dc:b1:a9:e5:a2:1a:fd:6e:56:
66:0a:f9:54:82:df:a5:d3:6d:08:7b:d5:d3:64:7a:ee:78:55:
2f:1b:f3:02:c3:ad:88:8a:e1:b6:00:f3:17:d8:17:2f:7f:cc:
65:bd:64:53:d9:a7:0e:5c:ec:59:f0:cc:f2:6b:e6:c4:71:28:
32:1b:bf:b1:ce:c1:be:ba:27:af:1e:1b:ef:69:05:21:7d:22:
5e:a0:88:5c:16:99:32:26:40:12:c3:07:57:20:ef:40:cd:40:
70:ef:94:a0:e1:06:f8:03:db:ac:6d:1a:00:19:6b:80:0a:84:
21:d4:a2:2c:67:6d:28:60:46:00:22:aa:61:76:08:3d:26:9e:
a6:24:a1:d6:90:d4:53:9c:5e:ae:21:42:8b:9d:8b:2e:92:92:
e4:46:a5:35:98:53:31:10:47:8d:bc:d1:89:b0:9f:4c:b5:fb:
c4:8c:c4:2d:e5:89:bc:59:48:28:55:be:a8:47:fa:b7:f9:0c:
4b:11:5e:6a:ae:ea:4d:48:0e:03:33:c7:51:30:ca:28:9c:9e:
7d:55:8b:f9:81:8e:0a:a1:c1:6a:bd:29:b0:e9:7e:07:2e:36:
d5:40:5b:b5:ec:f5:3f:ee:99:54:d6:f6:e8:e8:83:1f:6d:ac:
16:e5:12:fb
-----BEGIN CERTIFICATE-----
MIIE2DCCA8CgAwIBAgICI2MwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRDJB
QjZDOUI2RTE2NTMzNEMwMzJEMDUxRDVGQzdEMTU0N0U0RTM1MzAeFw0yNTA2MDgx
NTA4NTVaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKEQyNjQ2Q0MyMzVCMjk5
QUI0QTlEQUYyNzdFNEQ3MzFFNUVCRjU4RkYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDD8CUEpdbEkNSIUVxOTzxj9pR7OfRhwLRaPUh+K08O+cZhu0Dj
RfLmPlUK9ap2tkMLTC1tbVSoJqHbxGckuEjDwTsZgJYLdjC4V91qMrSrRH9ErmUo
F1SuUWPcthFFEHPYRrswTQXZo1nQDWfJ8I02vOx/Xwd3/ydmJhOYsgTjbHFqu52h
0pJdsgwall4k/EoYpinq6QBDKsSbJy+LxY/oOm3y8muYtk2iNe6VyXRO3kQ/SNp/
prFQeN2lcZ5i4jQ5NR1Tqjb0+Le9e86CfS+lyWni9ZpEgKjvj+DYid3wtujN1fTD
/viS8E51N8d0IQQCLoRE/JiKOe6CmsyNvd7pAgMBAAGjggH0MIIB8DAdBgNVHQ4E
FgQU0mRswjWymatKna8nfk1zHl6/WP8wHwYDVR0jBBgwFoAU0qtsm24WUzTAMtBR
1fx9FUfk41MwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA5
OC8wcXRzbTI0V1V6VEFNdEJSMWZ4OUZVZms0MU0uY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwLzBxdHNtMjRXVXpUQU10QlIxZng5RlVmazQxTS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwOTgvMG1Sc3dqV3ltYXRL
bmE4bmZrMXpIbDZfV1A4LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIw
BwMFACQHm0AwDQYJKoZIhvcNAQELBQADggEBAD4sMbcSkrYQ2tyxqeWiGv1uVmYK
+VSC36XTbQh71dNkeu54VS8b8wLDrYiK4bYA8xfYFy9/zGW9ZFPZpw5c7FnwzPJr
5sRxKDIbv7HOwb66J68eG+9pBSF9Il6giFwWmTImQBLDB1cg70DNQHDvlKDhBvgD
26xtGgAZa4AKhCHUoixnbShgRgAiqmF2CD0mnqYkodaQ1FOcXq4hQoudiy6SkuRG
pTWYUzEQR4280Ymwn0y1+8SMxC3libxZSChVvqhH+rf5DEsRXmqu6k1IDgMzx1Ew
yiicnn1Vi/mBjgqhwWq9KbDpfgcuNtVAW7Xs9T/umVTW9ujogx9trBblEvs=
-----END CERTIFICATE-----
Generated at Sun Jun 22 16:43:52 2025 by rpki-client