Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3098/6iyvjA-kGLY4MILm8I0Zzwwk8qI.roa
File: 6iyvjA-kGLY4MILm8I0Zzwwk8qI.roa (raw, json)
Hash identifier: ZURw/NxF07EvYa2F0EOpda3YfImCFnzWC8xP7z8IMTk=
Subject key identifier: EA:2C:AF:8C:0F:A4:18:B6:38:30:82:E6:F0:8D:19:CF:0C:24:F2:A2
Certificate issuer: /CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353
Certificate serial: 1C04
Authority key identifier: D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/6iyvjA-kGLY4MILm8I0Zzwwk8qI.roa
Signing time: Mon 26 May 2025 12:38:06 +0000
ROA not before: Mon 26 May 2025 12:38:06 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 146845
IP address blocks: 2407:9b40::/32 maxlen: 64
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7172 (0x1c04)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353
Validity
Not Before: May 26 12:38:06 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=EA2CAF8C0FA418B6383082E6F08D19CF0C24F2A2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:81:fa:e9:fd:24:18:5a:14:6f:00:12:d6:83:
3c:fb:2d:a6:82:d0:d6:35:fb:4c:29:0b:b9:c3:4e:
38:fe:ec:3c:c9:22:62:a5:d0:82:dd:69:d1:dc:e9:
13:f5:e1:b0:34:cb:ed:df:1a:6c:ab:27:fb:d1:fc:
00:cc:3a:60:1d:dc:54:47:8c:db:4e:fd:ca:87:a8:
c8:72:e3:3f:da:61:f2:bd:ed:c5:0c:02:73:ab:8a:
86:0f:8c:04:16:3d:2b:1d:f9:df:94:7f:fc:94:a0:
e8:99:8b:90:f7:e8:9c:40:f4:15:d9:04:86:b6:c4:
2b:5c:6a:d0:5e:0d:84:e1:8c:ce:e5:d1:1d:1e:d2:
6a:8f:04:f6:5c:5b:00:25:c4:14:65:a3:94:bc:ae:
16:11:fe:c2:44:3e:9e:23:ec:83:93:f3:35:11:b9:
a7:c2:c7:a8:4b:ce:00:cb:9f:89:0a:22:b3:3b:6a:
3d:b9:ac:70:cb:e3:e4:71:1e:24:27:a5:a2:a0:03:
85:e4:e2:ae:27:d2:ff:fb:f7:a3:bf:c2:53:3b:cf:
10:cb:1e:0b:10:ea:52:a1:79:33:40:c3:9b:a8:42:
21:24:6f:5c:22:ca:71:cf:67:47:51:dd:4c:05:1f:
ef:9d:86:d5:a2:10:3b:13:31:6e:86:e1:36:ef:c4:
c9:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:2C:AF:8C:0F:A4:18:B6:38:30:82:E6:F0:8D:19:CF:0C:24:F2:A2
X509v3 Authority Key Identifier:
keyid:D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/0qtsm24WUzTAMtBR1fx9FUfk41M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/6iyvjA-kGLY4MILm8I0Zzwwk8qI.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2407:9b40::/32
Signature Algorithm: sha256WithRSAEncryption
81:b7:67:c9:37:e3:31:be:14:00:9d:c2:1f:9a:fc:08:e1:3c:
fc:de:36:35:c2:8a:77:4d:43:05:83:34:8e:60:db:94:e9:56:
4a:f4:82:0e:ce:44:cd:66:74:87:c8:d1:c6:cc:d1:8a:f2:f6:
26:80:0b:c5:02:73:83:35:ec:8b:6f:08:a7:ca:3f:54:2e:99:
ee:1f:41:01:13:c6:33:6c:e2:dc:4a:dd:d1:61:ee:86:0d:4d:
d2:2d:e7:eb:58:95:73:34:d6:a9:c8:88:31:94:ae:85:59:05:
af:44:bc:fa:7f:6f:b7:21:cd:62:14:3e:1b:ab:a2:1e:68:e9:
86:9f:30:07:22:dd:06:c9:5e:6c:cc:6e:2b:5c:bc:28:8c:9f:
b1:c1:4a:4d:3a:b9:19:d9:b6:95:eb:5e:f4:c4:02:cf:d5:98:
ed:ca:d1:40:e1:95:15:56:8f:42:01:8d:d2:d5:86:30:74:13:
5f:59:e0:b8:dd:3f:cf:1b:34:ba:20:fe:48:d1:b2:d5:ec:15:
c6:3b:af:a5:ac:9d:1e:9e:7b:29:0f:b7:4f:eb:0a:43:35:21:
b4:ec:e3:e2:62:6c:c3:ff:2d:39:b3:3d:5a:cd:71:47:1c:64:
d3:ee:40:d7:5f:47:e3:b3:94:a0:dc:13:b4:07:27:a8:52:b3:
68:06:bb:ce
-----BEGIN CERTIFICATE-----
MIIE2DCCA8CgAwIBAgICHAQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRDJB
QjZDOUI2RTE2NTMzNEMwMzJEMDUxRDVGQzdEMTU0N0U0RTM1MzAeFw0yNTA1MjYx
MjM4MDZaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKEVBMkNBRjhDMEZBNDE4
QjYzODMwODJFNkYwOEQxOUNGMEMyNEYyQTIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCsgfrp/SQYWhRvABLWgzz7LaaC0NY1+0wpC7nDTjj+7DzJImKl
0ILdadHc6RP14bA0y+3fGmyrJ/vR/ADMOmAd3FRHjNtO/cqHqMhy4z/aYfK97cUM
AnOrioYPjAQWPSsd+d+Uf/yUoOiZi5D36JxA9BXZBIa2xCtcatBeDYThjM7l0R0e
0mqPBPZcWwAlxBRlo5S8rhYR/sJEPp4j7IOT8zURuafCx6hLzgDLn4kKIrM7aj25
rHDL4+RxHiQnpaKgA4Xk4q4n0v/796O/wlM7zxDLHgsQ6lKheTNAw5uoQiEkb1wi
ynHPZ0dR3UwFH++dhtWiEDsTMW6G4TbvxMmfAgMBAAGjggH0MIIB8DAdBgNVHQ4E
FgQU6iyvjA+kGLY4MILm8I0Zzwwk8qIwHwYDVR0jBBgwFoAU0qtsm24WUzTAMtBR
1fx9FUfk41MwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA5
OC8wcXRzbTI0V1V6VEFNdEJSMWZ4OUZVZms0MU0uY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwLzBxdHNtMjRXVXpUQU10QlIxZng5RlVmazQxTS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwOTgvNml5dmpBLWtHTFk0
TUlMbThJMFp6d3drOHFJLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIw
BwMFACQHm0AwDQYJKoZIhvcNAQELBQADggEBAIG3Z8k34zG+FACdwh+a/AjhPPze
NjXCindNQwWDNI5g25TpVkr0gg7ORM1mdIfI0cbM0Yry9iaAC8UCc4M17ItvCKfK
P1Qume4fQQETxjNs4txK3dFh7oYNTdIt5+tYlXM01qnIiDGUroVZBa9EvPp/b7ch
zWIUPhuroh5o6YafMAci3QbJXmzMbitcvCiMn7HBSk06uRnZtpXrXvTEAs/VmO3K
0UDhlRVWj0IBjdLVhjB0E19Z4LjdP88bNLog/kjRstXsFcY7r6WsnR6eeykPt0/r
CkM1IbTs4+JibMP/LTmzPVrNcUccZNPuQNdfR+OzlKDcE7QHJ6hSs2gGu84=
-----END CERTIFICATE-----
Generated at Sat Jun 21 22:05:11 2025 by rpki-client