Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3098/13EvGzqXjGTOUn6A2je5I5CUQp4.roa
File: 13EvGzqXjGTOUn6A2je5I5CUQp4.roa (raw, json)
Hash identifier: qUFHVEA5kjMnBDVWUz8cfLUCeV5cbQ2rujLIlvufXxg=
Subject key identifier: D7:71:2F:1B:3A:97:8C:64:CE:52:7E:80:DA:37:B9:23:90:94:42:9E
Certificate issuer: /CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353
Certificate serial: 26B4
Authority key identifier: D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/13EvGzqXjGTOUn6A2je5I5CUQp4.roa
Signing time: Sat 14 Jun 2025 12:39:19 +0000
ROA not before: Sat 14 Jun 2025 12:39:19 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 146845
IP address blocks: 2407:9b40::/32 maxlen: 64
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 9908 (0x26b4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353
Validity
Not Before: Jun 14 12:39:19 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=D7712F1B3A978C64CE527E80DA37B9239094429E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:79:f8:e2:a4:03:76:d8:c1:22:a3:34:31:b1:
f1:15:7a:dc:d8:88:9c:e0:2a:5a:f0:1a:9c:49:33:
47:7b:6f:ce:01:0b:e4:b3:45:d4:b4:d8:1f:91:57:
e7:b2:97:6d:b6:9d:a5:6d:ff:6a:c1:ff:09:5c:d0:
af:8b:9c:d3:4e:a7:60:26:a7:a9:81:f5:a8:7e:c0:
28:09:80:2a:44:88:ba:46:dc:2b:3a:f8:ef:85:44:
31:80:93:3c:c1:d6:85:e5:72:b3:23:df:b0:55:b2:
63:4b:e5:a0:a1:c5:7d:a0:fd:47:14:d1:55:d0:65:
15:64:04:bf:50:c1:4b:16:a9:25:5c:cc:e8:75:0f:
18:c7:5d:91:07:d7:7c:84:ea:cb:a3:1e:d4:0e:fa:
b9:26:be:ae:d0:b2:4a:f1:54:7b:a6:da:94:3a:7f:
4e:bd:d3:d5:32:aa:96:91:b3:56:08:c4:e5:04:a5:
f2:d0:c7:a5:72:dc:74:4e:e6:4f:1b:2a:a4:c4:02:
50:fd:13:89:f4:1b:ca:cd:7c:c2:51:c7:5b:4a:0f:
d3:d1:0b:0d:bf:d0:47:c0:b8:85:48:f7:bc:8e:d0:
6d:3a:42:59:cd:c7:be:2c:b1:3c:96:a3:ce:a8:55:
5d:79:5f:cb:cc:88:dd:e6:76:81:f1:fb:d0:aa:ce:
8c:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:71:2F:1B:3A:97:8C:64:CE:52:7E:80:DA:37:B9:23:90:94:42:9E
X509v3 Authority Key Identifier:
keyid:D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/0qtsm24WUzTAMtBR1fx9FUfk41M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/13EvGzqXjGTOUn6A2je5I5CUQp4.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2407:9b40::/32
Signature Algorithm: sha256WithRSAEncryption
72:5c:2b:9a:d3:cf:80:d4:54:fa:71:be:b5:0b:c9:a2:f8:a9:
1d:e7:6a:e2:16:d1:8d:c3:91:b5:95:25:71:7e:80:91:2d:cf:
45:e4:a8:a4:88:44:68:c7:99:bb:1e:76:12:ad:c6:38:a6:cb:
a5:05:f1:54:9b:15:c4:e1:8e:fe:03:9f:69:a7:87:53:db:72:
54:44:5f:75:18:c1:47:ba:59:b2:b5:96:b4:ef:c5:a5:d6:56:
c2:64:f7:38:02:c9:b6:0f:e0:bd:47:37:b0:dc:9b:e4:13:fa:
01:5f:e0:e1:66:2d:1f:e1:8b:fa:ad:2f:67:f4:92:99:26:0e:
cd:6f:ee:f1:60:fb:42:76:f0:10:f3:9d:cb:81:1b:67:ab:34:
42:e2:0a:44:f3:c1:85:17:55:4e:4f:54:32:c4:f1:4a:d9:5c:
17:49:02:a5:6c:f3:31:12:bb:1a:90:7d:e9:58:4a:b3:4d:fa:
ec:3d:65:9b:e7:7f:ec:3f:1e:11:1e:8f:17:59:ce:13:5b:80:
cb:7c:b1:73:78:bf:1c:2e:73:43:7a:79:3c:03:a6:70:b4:6b:
fb:a9:35:7f:04:b3:dc:6f:0b:47:21:7b:e2:0a:9e:6c:b2:fc:
d1:6f:ba:d2:6f:e2:7a:75:54:8e:1d:68:43:3d:d6:9c:8b:0b:
62:f6:75:4c
-----BEGIN CERTIFICATE-----
MIIE2DCCA8CgAwIBAgICJrQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRDJB
QjZDOUI2RTE2NTMzNEMwMzJEMDUxRDVGQzdEMTU0N0U0RTM1MzAeFw0yNTA2MTQx
MjM5MTlaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKEQ3NzEyRjFCM0E5NzhD
NjRDRTUyN0U4MERBMzdCOTIzOTA5NDQyOUUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDYefjipAN22MEiozQxsfEVetzYiJzgKlrwGpxJM0d7b84BC+Sz
RdS02B+RV+eyl222naVt/2rB/wlc0K+LnNNOp2Amp6mB9ah+wCgJgCpEiLpG3Cs6
+O+FRDGAkzzB1oXlcrMj37BVsmNL5aChxX2g/UcU0VXQZRVkBL9QwUsWqSVczOh1
DxjHXZEH13yE6sujHtQO+rkmvq7QskrxVHum2pQ6f06909UyqpaRs1YIxOUEpfLQ
x6Vy3HRO5k8bKqTEAlD9E4n0G8rNfMJRx1tKD9PRCw2/0EfAuIVI97yO0G06QlnN
x74ssTyWo86oVV15X8vMiN3mdoHx+9CqzowtAgMBAAGjggH0MIIB8DAdBgNVHQ4E
FgQU13EvGzqXjGTOUn6A2je5I5CUQp4wHwYDVR0jBBgwFoAU0qtsm24WUzTAMtBR
1fx9FUfk41MwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA5
OC8wcXRzbTI0V1V6VEFNdEJSMWZ4OUZVZms0MU0uY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwLzBxdHNtMjRXVXpUQU10QlIxZng5RlVmazQxTS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwOTgvMTNFdkd6cVhqR1RP
VW42QTJqZTVJNUNVUXA0LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIw
BwMFACQHm0AwDQYJKoZIhvcNAQELBQADggEBAHJcK5rTz4DUVPpxvrULyaL4qR3n
auIW0Y3DkbWVJXF+gJEtz0XkqKSIRGjHmbsedhKtxjimy6UF8VSbFcThjv4Dn2mn
h1PbclREX3UYwUe6WbK1lrTvxaXWVsJk9zgCybYP4L1HN7Dcm+QT+gFf4OFmLR/h
i/qtL2f0kpkmDs1v7vFg+0J28BDzncuBG2erNELiCkTzwYUXVU5PVDLE8UrZXBdJ
AqVs8zESuxqQfelYSrNN+uw9ZZvnf+w/HhEejxdZzhNbgMt8sXN4vxwuc0N6eTwD
pnC0a/upNX8Es9xvC0che+IKnmyy/NFvutJv4np1VI4daEM91pyLC2L2dUw=
-----END CERTIFICATE-----
Generated at Sat Jun 21 18:49:43 2025 by rpki-client