Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3098/7bdof_IUiWqREfEPyo2p4dVjHdc.roa
File: 7bdof_IUiWqREfEPyo2p4dVjHdc.roa (raw, json)
Hash identifier: DSNNSFvOzmkDJZvGcJstSdZUI6wY4vx1HV+rai8WJhs=
Subject key identifier: ED:B7:68:7F:F2:14:89:6A:91:11:F1:0F:CA:8D:A9:E1:D5:63:1D:D7
Certificate issuer: /CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353
Certificate serial: 1F2B
Authority key identifier: D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/7bdof_IUiWqREfEPyo2p4dVjHdc.roa
Signing time: Sun 01 Jun 2025 03:08:33 +0000
ROA not before: Sun 01 Jun 2025 03:08:33 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 146845
IP address blocks: 2407:9b40::/32 maxlen: 64
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7979 (0x1f2b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353
Validity
Not Before: Jun 1 03:08:33 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=EDB7687FF214896A9111F10FCA8DA9E1D5631DD7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:88:92:27:79:18:cc:b6:f5:88:63:dc:93:66:
11:01:b3:4f:f3:d5:6d:5a:e2:6e:e6:01:90:b8:53:
d2:7c:e9:58:42:08:b6:ec:42:bc:46:e6:ce:ee:5d:
72:5c:cb:3a:6b:15:7e:fe:73:c4:53:c4:60:78:fa:
ab:21:90:28:81:94:83:27:e8:8b:55:ad:ef:c2:1e:
63:9f:e0:fc:7d:20:df:37:64:7d:8b:54:b8:07:5e:
ba:7a:65:fe:c6:e2:79:f3:cd:86:46:0b:b9:aa:41:
5b:d6:1e:11:a5:26:0a:9e:c6:a8:29:8c:ee:83:8f:
d5:dd:7c:5d:39:5e:6b:aa:7d:ac:af:d1:2c:69:df:
50:fb:a5:fd:4e:1b:c0:b4:d5:0d:a4:91:bc:28:37:
d6:03:e5:df:1b:ef:af:dc:da:4d:8b:65:e0:03:ca:
7b:01:2f:4f:1a:48:16:7a:e9:0c:bb:fa:3b:b2:aa:
b0:eb:5f:32:8a:be:56:df:f9:86:49:dd:18:64:9d:
40:16:9b:98:43:d5:a1:33:19:65:72:ec:06:4b:fe:
53:1c:0b:8a:22:a6:fd:8c:a0:72:8f:9e:de:9e:ed:
08:e9:c7:cc:55:22:ba:74:7e:be:93:26:88:a8:72:
59:b1:25:2c:05:0b:69:be:a6:39:79:80:84:09:77:
28:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:B7:68:7F:F2:14:89:6A:91:11:F1:0F:CA:8D:A9:E1:D5:63:1D:D7
X509v3 Authority Key Identifier:
keyid:D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/0qtsm24WUzTAMtBR1fx9FUfk41M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/7bdof_IUiWqREfEPyo2p4dVjHdc.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2407:9b40::/32
Signature Algorithm: sha256WithRSAEncryption
6b:d8:83:f1:b6:67:7a:41:36:28:cb:ec:55:d0:c6:8e:83:d1:
e7:d6:3c:1e:11:8f:11:8c:00:37:a0:98:27:2e:5d:e9:b8:18:
af:c7:ae:ce:59:81:4d:37:50:8a:79:88:46:83:7a:df:5d:d1:
22:b9:a4:1e:c1:08:aa:58:a2:97:01:08:f4:4b:5f:93:00:84:
c6:4f:65:03:46:e9:90:d3:22:bc:c7:84:16:96:3c:3c:f5:9f:
33:f9:6d:ca:15:17:dc:8f:e1:30:35:48:17:1c:e1:94:da:b6:
8c:69:4b:55:fc:c8:a2:6e:ca:c4:9c:57:8d:6b:94:bc:23:bb:
36:16:d3:16:66:5f:40:09:b3:9b:48:16:fa:c8:98:96:d6:b8:
44:37:72:72:60:87:3a:cd:73:a5:76:fc:dc:ed:e9:1a:d3:be:
f9:6a:1e:b9:36:4a:2b:f4:45:bd:60:7f:68:7c:e1:0a:50:06:
e4:7e:36:7e:92:82:3d:cc:37:14:07:42:fc:27:15:41:d4:38:
20:a4:87:9c:77:b3:c7:b8:82:95:86:c9:4c:02:58:b8:c7:9f:
ae:91:e4:a8:b1:1e:fb:26:36:e0:7f:40:06:88:25:10:82:2a:
a5:1f:c6:20:d1:7e:dc:6d:ae:a9:5b:7e:1f:c8:56:51:4a:be:
61:31:ad:d3
-----BEGIN CERTIFICATE-----
MIIE2DCCA8CgAwIBAgICHyswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRDJB
QjZDOUI2RTE2NTMzNEMwMzJEMDUxRDVGQzdEMTU0N0U0RTM1MzAeFw0yNTA2MDEw
MzA4MzNaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKEVEQjc2ODdGRjIxNDg5
NkE5MTExRjEwRkNBOERBOUUxRDU2MzFERDcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC6iJIneRjMtvWIY9yTZhEBs0/z1W1a4m7mAZC4U9J86VhCCLbs
QrxG5s7uXXJcyzprFX7+c8RTxGB4+qshkCiBlIMn6ItVre/CHmOf4Px9IN83ZH2L
VLgHXrp6Zf7G4nnzzYZGC7mqQVvWHhGlJgqexqgpjO6Dj9XdfF05Xmuqfayv0Sxp
31D7pf1OG8C01Q2kkbwoN9YD5d8b76/c2k2LZeADynsBL08aSBZ66Qy7+juyqrDr
XzKKvlbf+YZJ3RhknUAWm5hD1aEzGWVy7AZL/lMcC4oipv2MoHKPnt6e7Qjpx8xV
Irp0fr6TJoioclmxJSwFC2m+pjl5gIQJdyh7AgMBAAGjggH0MIIB8DAdBgNVHQ4E
FgQU7bdof/IUiWqREfEPyo2p4dVjHdcwHwYDVR0jBBgwFoAU0qtsm24WUzTAMtBR
1fx9FUfk41MwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA5
OC8wcXRzbTI0V1V6VEFNdEJSMWZ4OUZVZms0MU0uY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwLzBxdHNtMjRXVXpUQU10QlIxZng5RlVmazQxTS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwOTgvN2Jkb2ZfSVVpV3FS
RWZFUHlvMnA0ZFZqSGRjLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIw
BwMFACQHm0AwDQYJKoZIhvcNAQELBQADggEBAGvYg/G2Z3pBNijL7FXQxo6D0efW
PB4RjxGMADegmCcuXem4GK/Hrs5ZgU03UIp5iEaDet9d0SK5pB7BCKpYopcBCPRL
X5MAhMZPZQNG6ZDTIrzHhBaWPDz1nzP5bcoVF9yP4TA1SBcc4ZTatoxpS1X8yKJu
ysScV41rlLwjuzYW0xZmX0AJs5tIFvrImJbWuEQ3cnJghzrNc6V2/Nzt6RrTvvlq
Hrk2Siv0Rb1gf2h84QpQBuR+Nn6Sgj3MNxQHQvwnFUHUOCCkh5x3s8e4gpWGyUwC
WLjHn66R5KixHvsmNuB/QAaIJRCCKqUfxiDRftxtrqlbfh/IVlFKvmExrdM=
-----END CERTIFICATE-----
Generated at Sat Jun 21 01:50:15 2025 by rpki-client