Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3098/6_CwDlvBNtwdlv1igULrPWf1Kxc.roa
File: 6_CwDlvBNtwdlv1igULrPWf1Kxc.roa (raw, json)
Hash identifier: RS+OKvy/mOpp/D9XqKCoOKCfBepeDxkMbwszZuoa/qM=
Subject key identifier: EB:F0:B0:0E:5B:C1:36:DC:1D:96:FD:62:81:42:EB:3D:67:F5:2B:17
Certificate issuer: /CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353
Certificate serial: 1F32
Authority key identifier: D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/6_CwDlvBNtwdlv1igULrPWf1Kxc.roa
Signing time: Sun 01 Jun 2025 04:08:32 +0000
ROA not before: Sun 01 Jun 2025 04:08:32 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 4812
IP address blocks: 2407:9b40::/32 maxlen: 64
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7986 (0x1f32)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353
Validity
Not Before: Jun 1 04:08:32 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=EBF0B00E5BC136DC1D96FD628142EB3D67F52B17
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:47:29:3e:d5:68:37:5a:50:75:b8:b9:52:fa:
8f:37:55:20:41:b6:46:55:68:1b:f9:28:79:51:1b:
24:66:1e:8d:0b:ca:dd:6e:76:a1:8b:6f:d7:a3:76:
c9:a4:71:e9:19:6c:a4:d8:41:bb:ef:5c:70:27:c9:
52:e3:84:6f:f7:b8:88:bf:4e:e4:33:3a:d5:cd:e0:
6b:e0:49:0d:f1:f8:5f:2a:21:e1:bb:7d:bb:a0:30:
3c:36:2c:27:a5:85:b8:55:07:2b:ec:6d:1f:b8:9d:
53:a4:65:39:b4:72:0f:e1:c8:57:0a:e4:54:01:af:
73:21:5f:32:bc:63:71:f1:96:56:98:af:ee:14:35:
5a:99:0d:ba:b5:a0:09:a5:f2:b0:ac:65:d6:dd:fd:
ba:af:41:16:2d:0a:51:b8:8d:c6:57:ec:34:26:f1:
ca:83:5f:16:f9:cf:31:48:f8:2a:49:db:b4:34:1c:
d4:c7:10:4b:f5:55:19:58:1c:89:1c:48:95:26:ed:
94:5b:c1:1e:07:bf:d4:9d:7e:b6:eb:95:d9:21:c8:
73:3e:76:83:91:30:a4:68:b2:59:29:b4:ae:ef:15:
cf:c6:a8:20:92:6e:12:b5:c7:dd:7f:58:c6:20:e6:
a9:08:07:23:54:8a:52:6d:7a:eb:55:74:0b:29:8d:
4c:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:F0:B0:0E:5B:C1:36:DC:1D:96:FD:62:81:42:EB:3D:67:F5:2B:17
X509v3 Authority Key Identifier:
keyid:D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/0qtsm24WUzTAMtBR1fx9FUfk41M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/6_CwDlvBNtwdlv1igULrPWf1Kxc.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2407:9b40::/32
Signature Algorithm: sha256WithRSAEncryption
b5:b9:c7:40:77:67:e1:93:46:1e:1d:8a:2f:26:61:ab:3c:bd:
ed:06:7c:c2:09:d9:86:07:c3:a1:f1:e2:61:2b:d3:7c:23:fb:
a7:3e:27:6b:a9:a2:f3:27:88:88:84:94:4c:52:58:32:ae:83:
7c:5b:a7:90:8f:f8:87:75:fa:e2:46:c0:92:c3:f4:0c:e4:db:
62:ae:f3:c9:bb:6f:9b:8e:14:19:90:f8:f7:43:5e:38:05:d3:
86:da:25:8c:47:3b:19:0a:e0:cd:28:a0:e5:9a:7b:61:2c:24:
7c:ac:a1:a0:4f:ac:f5:67:09:0c:34:46:a8:90:a8:a4:6b:81:
5d:8e:b2:e7:8d:f3:a5:e5:c1:e9:e1:fd:d5:4b:dd:8e:b6:c5:
d8:93:f8:5b:50:43:e3:d1:c7:e1:1f:5f:c0:78:97:c8:b7:91:
b2:01:18:61:b5:4f:d6:13:91:82:6c:2d:14:ac:55:57:6a:fe:
82:c8:13:94:a5:46:09:1d:11:3a:b6:10:cc:12:ab:5c:19:24:
e9:ad:6c:9c:e4:e6:67:8b:5f:2a:7c:02:c2:77:10:f9:b0:e2:
fd:62:13:36:f7:ff:df:5a:62:73:a0:6f:4a:56:1a:68:27:ef:
ca:2a:68:1d:44:33:4d:c2:10:c5:f4:64:13:6a:5c:c7:9c:95:
67:0f:61:7c
-----BEGIN CERTIFICATE-----
MIIE2DCCA8CgAwIBAgICHzIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRDJB
QjZDOUI2RTE2NTMzNEMwMzJEMDUxRDVGQzdEMTU0N0U0RTM1MzAeFw0yNTA2MDEw
NDA4MzJaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKEVCRjBCMDBFNUJDMTM2
REMxRDk2RkQ2MjgxNDJFQjNENjdGNTJCMTcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC6Ryk+1Wg3WlB1uLlS+o83VSBBtkZVaBv5KHlRGyRmHo0Lyt1u
dqGLb9ejdsmkcekZbKTYQbvvXHAnyVLjhG/3uIi/TuQzOtXN4GvgSQ3x+F8qIeG7
fbugMDw2LCelhbhVByvsbR+4nVOkZTm0cg/hyFcK5FQBr3MhXzK8Y3HxllaYr+4U
NVqZDbq1oAml8rCsZdbd/bqvQRYtClG4jcZX7DQm8cqDXxb5zzFI+CpJ27Q0HNTH
EEv1VRlYHIkcSJUm7ZRbwR4Hv9SdfrbrldkhyHM+doORMKRoslkptK7vFc/GqCCS
bhK1x91/WMYg5qkIByNUilJteutVdAspjUzTAgMBAAGjggH0MIIB8DAdBgNVHQ4E
FgQU6/CwDlvBNtwdlv1igULrPWf1KxcwHwYDVR0jBBgwFoAU0qtsm24WUzTAMtBR
1fx9FUfk41MwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA5
OC8wcXRzbTI0V1V6VEFNdEJSMWZ4OUZVZms0MU0uY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwLzBxdHNtMjRXVXpUQU10QlIxZng5RlVmazQxTS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwOTgvNl9Dd0RsdkJOdHdk
bHYxaWdVTHJQV2YxS3hjLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIw
BwMFACQHm0AwDQYJKoZIhvcNAQELBQADggEBALW5x0B3Z+GTRh4dii8mYas8ve0G
fMIJ2YYHw6Hx4mEr03wj+6c+J2upovMniIiElExSWDKug3xbp5CP+Id1+uJGwJLD
9Azk22Ku88m7b5uOFBmQ+PdDXjgF04baJYxHOxkK4M0ooOWae2EsJHysoaBPrPVn
CQw0RqiQqKRrgV2OsueN86Xlwenh/dVL3Y62xdiT+FtQQ+PRx+EfX8B4l8i3kbIB
GGG1T9YTkYJsLRSsVVdq/oLIE5SlRgkdETq2EMwSq1wZJOmtbJzk5meLXyp8AsJ3
EPmw4v1iEzb3/99aYnOgb0pWGmgn78oqaB1EM03CEMX0ZBNqXMeclWcPYXw=
-----END CERTIFICATE-----
Generated at Sun Jun 22 03:55:57 2025 by rpki-client