Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3098/18qqm7s_zYL6uEh3hJBhmlBWyTA.roa
File: 18qqm7s_zYL6uEh3hJBhmlBWyTA.roa (raw, json)
Hash identifier: xyRJIbF9CVT++Sw/MB7a69ZDk1qzdHltcCxAG5DaNPg=
Subject key identifier: D7:CA:AA:9B:BB:3F:CD:82:FA:B8:48:77:84:90:61:9A:50:56:C9:30
Certificate issuer: /CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353
Certificate serial: 242A
Authority key identifier: D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/18qqm7s_zYL6uEh3hJBhmlBWyTA.roa
Signing time: Tue 10 Jun 2025 00:09:02 +0000
ROA not before: Tue 10 Jun 2025 00:09:02 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 4812
IP address blocks: 2407:9b40::/32 maxlen: 64
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 9258 (0x242a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353
Validity
Not Before: Jun 10 00:09:02 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=D7CAAA9BBB3FCD82FAB848778490619A5056C930
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:7d:9a:b7:ba:0f:7a:ef:0e:40:9e:98:b7:38:
86:e6:bf:c5:21:01:a6:08:63:40:b5:ff:ef:6f:eb:
d9:6b:63:be:40:cd:7b:54:12:b2:ee:08:87:c9:44:
ca:29:5e:b7:72:4e:bb:f9:ac:09:5e:60:60:a7:0b:
cf:48:36:20:c0:b8:f7:50:c0:f5:41:35:6a:50:4e:
16:6c:23:b1:e7:0f:d7:a0:c3:c0:79:0d:44:48:d3:
21:3d:a3:5f:e1:68:2a:7a:4a:fe:5c:b9:a5:b3:97:
12:20:9d:31:d3:c0:6f:1f:b2:ea:b1:a0:e9:56:b2:
e3:31:17:ed:48:3d:1f:bf:50:f3:17:57:71:9b:a1:
28:a9:1d:6e:1a:a0:3f:99:9c:88:33:9b:82:b6:17:
61:cb:aa:86:17:cf:51:e3:e0:e4:0d:73:f9:26:e4:
f9:a1:59:ef:1b:be:b7:33:8a:6a:94:26:d2:67:c0:
e9:b7:20:73:a8:29:bb:ce:56:17:ff:9c:71:0f:2d:
4e:f9:2a:03:1a:be:8d:f8:c7:c8:c4:cd:70:f0:91:
ed:7b:96:5b:80:f4:45:06:11:5d:1c:31:99:3d:82:
74:7f:81:88:f3:dd:a1:dd:f7:7f:07:86:9d:d3:93:
fb:02:2f:6b:62:6e:cd:b6:2d:f0:93:1c:f3:a7:42:
99:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:CA:AA:9B:BB:3F:CD:82:FA:B8:48:77:84:90:61:9A:50:56:C9:30
X509v3 Authority Key Identifier:
keyid:D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/0qtsm24WUzTAMtBR1fx9FUfk41M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/18qqm7s_zYL6uEh3hJBhmlBWyTA.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2407:9b40::/32
Signature Algorithm: sha256WithRSAEncryption
30:25:3f:12:7a:cb:85:74:af:d3:c6:77:b3:e4:f8:54:f3:2c:
bd:f5:4b:86:07:2d:2a:41:ad:a3:a8:25:7d:fe:f0:44:fa:89:
9b:16:2a:ca:e8:82:31:3b:24:a9:d6:da:d2:be:52:c4:a7:d0:
f3:3f:d1:6a:52:63:a9:49:02:5e:36:91:db:c6:e4:44:e1:76:
88:95:38:55:d9:b8:d3:0a:93:b7:7e:c1:7c:ca:36:73:00:d0:
bc:a7:3e:d4:65:4e:84:aa:60:5d:e8:5d:90:86:b0:d6:21:3d:
91:32:76:38:51:66:aa:cf:d7:c5:6f:6e:86:27:37:6f:1f:3a:
e2:74:33:a4:f9:26:24:6d:3f:92:54:78:43:e6:d8:f0:9b:c8:
6d:b3:de:82:ec:2f:11:f3:cc:a6:43:d7:72:9e:e8:51:5b:b8:
f0:31:79:44:e7:96:02:51:a3:1f:bf:92:f5:dc:b9:b2:ba:8e:
6c:b5:b4:a1:0f:90:76:4b:02:e1:34:c2:98:b7:ab:aa:ec:69:
82:7f:da:c6:79:49:d5:f7:e2:6a:a2:1b:9b:29:b2:7e:30:79:
8e:42:c5:69:bb:61:8f:ea:b4:8d:18:9f:78:b3:1e:3b:89:42:
e3:de:18:5d:2a:6d:66:08:e5:0e:8a:24:c2:f4:10:d9:0e:a4:
77:f7:28:52
-----BEGIN CERTIFICATE-----
MIIE2DCCA8CgAwIBAgICJCowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRDJB
QjZDOUI2RTE2NTMzNEMwMzJEMDUxRDVGQzdEMTU0N0U0RTM1MzAeFw0yNTA2MTAw
MDA5MDJaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKEQ3Q0FBQTlCQkIzRkNE
ODJGQUI4NDg3Nzg0OTA2MTlBNTA1NkM5MzAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCqfZq3ug967w5Anpi3OIbmv8UhAaYIY0C1/+9v69lrY75AzXtU
ErLuCIfJRMopXrdyTrv5rAleYGCnC89INiDAuPdQwPVBNWpQThZsI7HnD9egw8B5
DURI0yE9o1/haCp6Sv5cuaWzlxIgnTHTwG8fsuqxoOlWsuMxF+1IPR+/UPMXV3Gb
oSipHW4aoD+ZnIgzm4K2F2HLqoYXz1Hj4OQNc/km5PmhWe8bvrczimqUJtJnwOm3
IHOoKbvOVhf/nHEPLU75KgMavo34x8jEzXDwke17lluA9EUGEV0cMZk9gnR/gYjz
3aHd938Hhp3Tk/sCL2tibs22LfCTHPOnQpnFAgMBAAGjggH0MIIB8DAdBgNVHQ4E
FgQU18qqm7s/zYL6uEh3hJBhmlBWyTAwHwYDVR0jBBgwFoAU0qtsm24WUzTAMtBR
1fx9FUfk41MwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA5
OC8wcXRzbTI0V1V6VEFNdEJSMWZ4OUZVZms0MU0uY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwLzBxdHNtMjRXVXpUQU10QlIxZng5RlVmazQxTS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwOTgvMThxcW03c196WUw2
dUVoM2hKQmhtbEJXeVRBLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIw
BwMFACQHm0AwDQYJKoZIhvcNAQELBQADggEBADAlPxJ6y4V0r9PGd7Pk+FTzLL31
S4YHLSpBraOoJX3+8ET6iZsWKsrogjE7JKnW2tK+UsSn0PM/0WpSY6lJAl42kdvG
5EThdoiVOFXZuNMKk7d+wXzKNnMA0LynPtRlToSqYF3oXZCGsNYhPZEydjhRZqrP
18VvboYnN28fOuJ0M6T5JiRtP5JUeEPm2PCbyG2z3oLsLxHzzKZD13Ke6FFbuPAx
eUTnlgJRox+/kvXcubK6jmy1tKEPkHZLAuE0wpi3q6rsaYJ/2sZ5SdX34mqiG5sp
sn4weY5CxWm7YY/qtI0Yn3izHjuJQuPeGF0qbWYI5Q6KJML0ENkOpHf3KFI=
-----END CERTIFICATE-----
Generated at Sun Jun 22 03:58:37 2025 by rpki-client