Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3098/1v6W_gU97vm7E3QQBJNoS24BZYI.roa
File: 1v6W_gU97vm7E3QQBJNoS24BZYI.roa (raw, json)
Hash identifier: S/m7eSPw4rXTPr14eiKhu/8eUJsTKJShIjCmcRAMupU=
Subject key identifier: D6:FE:96:FE:05:3D:EE:F9:BB:13:74:10:04:93:68:4B:6E:01:65:82
Certificate issuer: /CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353
Certificate serial: 22F8
Authority key identifier: D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/1v6W_gU97vm7E3QQBJNoS24BZYI.roa
Signing time: Sat 07 Jun 2025 21:08:54 +0000
ROA not before: Sat 07 Jun 2025 21:08:54 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 4812
IP address blocks: 2407:9b40::/32 maxlen: 64
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8952 (0x22f8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353
Validity
Not Before: Jun 7 21:08:54 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=D6FE96FE053DEEF9BB1374100493684B6E016582
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:23:e2:7a:91:5b:61:13:5c:1c:7c:3b:4d:a4:
ba:b3:1d:0b:b9:3d:95:06:d7:19:ca:79:9b:f1:11:
53:51:ad:fb:4d:1f:e8:c0:27:46:ea:2b:e2:1d:28:
bb:cc:05:ab:58:51:b8:ae:ee:67:26:b6:fd:d2:e9:
d7:56:fe:1e:cf:81:b3:80:bb:06:c7:2e:1f:67:de:
40:92:cd:f7:6a:95:f1:b5:3c:63:79:94:15:cc:4d:
ad:70:67:02:4f:e8:e7:45:4e:b2:bf:dd:42:ab:c9:
2c:37:53:3c:27:b8:d7:2d:7a:56:92:83:07:09:30:
79:6b:32:07:8f:4e:cd:08:4a:24:65:a3:35:e1:71:
37:e7:b3:1e:63:b1:e7:db:4c:4b:47:26:54:c7:2c:
41:1e:41:5d:08:0d:9b:e2:1c:18:02:71:86:2a:de:
dd:7a:86:c6:b1:d6:ad:7f:e2:bf:59:84:81:51:f7:
e7:1e:d0:c9:ac:2d:a0:b0:9c:31:e5:e0:32:3e:e9:
8f:1d:3b:cf:c3:34:0f:ea:1b:36:c5:7e:c7:2c:d6:
28:fe:55:07:3a:06:0e:ef:13:52:72:67:0f:58:54:
69:55:6c:3d:68:87:ae:b3:26:9c:9d:02:8b:5d:5c:
4e:b2:7e:b4:5b:d0:fe:a2:b3:de:56:33:50:55:d7:
f7:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:FE:96:FE:05:3D:EE:F9:BB:13:74:10:04:93:68:4B:6E:01:65:82
X509v3 Authority Key Identifier:
keyid:D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/0qtsm24WUzTAMtBR1fx9FUfk41M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/1v6W_gU97vm7E3QQBJNoS24BZYI.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2407:9b40::/32
Signature Algorithm: sha256WithRSAEncryption
86:3b:4b:96:11:ce:5f:f9:db:b4:7d:9d:83:14:e3:33:4b:9e:
4d:4f:37:0c:b1:f7:2f:a3:44:5c:fd:67:4f:10:de:07:25:d3:
b9:67:29:5a:f7:ea:fa:05:d6:13:c7:df:67:f4:83:bb:23:6d:
b8:fe:fa:04:d9:fe:7b:dd:71:ad:70:9e:50:0d:22:67:34:f0:
6a:a2:31:af:ec:37:4e:63:33:6c:62:16:27:7d:c0:4b:c6:30:
c4:74:f5:19:6b:1a:98:4a:c4:91:d4:1a:04:5c:a4:60:57:d0:
ec:bb:5f:f5:f0:49:9b:52:95:6a:72:91:45:c2:b1:2d:ce:91:
5e:9e:eb:05:c3:6e:30:fd:52:7b:27:69:d0:33:ce:17:1a:f1:
f3:f3:bc:37:90:ff:01:cc:98:92:ec:ce:23:fd:a5:0e:ff:2d:
28:5f:e6:cb:3b:b3:24:82:a8:f6:a4:85:63:23:23:15:37:8e:
b9:a5:1e:5a:cf:31:36:5d:7f:c1:6e:be:36:08:c8:6e:ae:6d:
66:39:1f:f0:ab:37:3d:76:03:ed:cd:cf:21:47:ed:e5:35:22:
c3:32:a5:1d:73:b6:87:fd:2f:a2:5e:3d:77:01:79:f3:e1:fa:
23:85:c6:c5:1d:e6:ea:ce:67:c9:37:30:db:ea:20:d0:b6:d6:
5a:af:5d:e0
-----BEGIN CERTIFICATE-----
MIIE2DCCA8CgAwIBAgICIvgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRDJB
QjZDOUI2RTE2NTMzNEMwMzJEMDUxRDVGQzdEMTU0N0U0RTM1MzAeFw0yNTA2MDcy
MTA4NTRaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKEQ2RkU5NkZFMDUzREVF
RjlCQjEzNzQxMDA0OTM2ODRCNkUwMTY1ODIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCkI+J6kVthE1wcfDtNpLqzHQu5PZUG1xnKeZvxEVNRrftNH+jA
J0bqK+IdKLvMBatYUbiu7mcmtv3S6ddW/h7PgbOAuwbHLh9n3kCSzfdqlfG1PGN5
lBXMTa1wZwJP6OdFTrK/3UKrySw3UzwnuNctelaSgwcJMHlrMgePTs0ISiRlozXh
cTfnsx5jsefbTEtHJlTHLEEeQV0IDZviHBgCcYYq3t16hsax1q1/4r9ZhIFR9+ce
0MmsLaCwnDHl4DI+6Y8dO8/DNA/qGzbFfscs1ij+VQc6Bg7vE1JyZw9YVGlVbD1o
h66zJpydAotdXE6yfrRb0P6is95WM1BV1/cvAgMBAAGjggH0MIIB8DAdBgNVHQ4E
FgQU1v6W/gU97vm7E3QQBJNoS24BZYIwHwYDVR0jBBgwFoAU0qtsm24WUzTAMtBR
1fx9FUfk41MwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA5
OC8wcXRzbTI0V1V6VEFNdEJSMWZ4OUZVZms0MU0uY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwLzBxdHNtMjRXVXpUQU10QlIxZng5RlVmazQxTS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwOTgvMXY2V19nVTk3dm03
RTNRUUJKTm9TMjRCWllJLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIw
BwMFACQHm0AwDQYJKoZIhvcNAQELBQADggEBAIY7S5YRzl/527R9nYMU4zNLnk1P
Nwyx9y+jRFz9Z08Q3gcl07lnKVr36voF1hPH32f0g7sjbbj++gTZ/nvdca1wnlAN
Imc08GqiMa/sN05jM2xiFid9wEvGMMR09RlrGphKxJHUGgRcpGBX0Oy7X/XwSZtS
lWpykUXCsS3OkV6e6wXDbjD9UnsnadAzzhca8fPzvDeQ/wHMmJLsziP9pQ7/LShf
5ss7sySCqPakhWMjIxU3jrmlHlrPMTZdf8FuvjYIyG6ubWY5H/CrNz12A+3NzyFH
7eU1IsMypR1ztof9L6JePXcBefPh+iOFxsUd5urOZ8k3MNvqINC21lqvXeA=
-----END CERTIFICATE-----
Generated at Wed Jun 18 08:07:29 2025 by rpki-client