Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3098/81ZAroSJK0XqpnuH7eRQRUl_8TE.roa
File: 81ZAroSJK0XqpnuH7eRQRUl_8TE.roa (raw, json)
Hash identifier: HKc4o2eTegAw1MXdcBOQi/LicZ2jN4WtqhZ7/JepkOE=
Subject key identifier: F3:56:40:AE:84:89:2B:45:EA:A6:7B:87:ED:E4:50:45:49:7F:F1:31
Certificate issuer: /CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353
Certificate serial: 2045
Authority key identifier: D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/81ZAroSJK0XqpnuH7eRQRUl_8TE.roa
Signing time: Tue 03 Jun 2025 02:08:38 +0000
ROA not before: Tue 03 Jun 2025 02:08:38 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 146845
IP address blocks: 2407:9b40::/32 maxlen: 64
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8261 (0x2045)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353
Validity
Not Before: Jun 3 02:08:38 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=F35640AE84892B45EAA67B87EDE45045497FF131
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:f6:e3:b3:5d:36:8d:5f:cd:f1:c9:a5:4f:84:
16:16:99:1c:80:4e:43:a8:52:d5:5e:4a:74:71:f9:
60:42:40:7c:58:00:77:2b:e7:ed:e1:5c:06:b4:8f:
78:8a:0c:71:8b:2e:c2:72:8a:76:f5:51:df:d4:51:
89:5a:b5:bd:31:4d:16:03:59:31:a3:32:2f:73:df:
08:ae:b1:08:02:d7:01:0c:1a:00:41:dc:50:ab:f7:
14:e8:41:a9:e6:91:19:d3:b0:c0:e5:26:cc:d1:51:
ba:20:08:43:4f:a4:2f:cf:ef:03:06:8f:00:cd:77:
13:2b:48:46:0a:6d:41:9e:45:f4:fc:ce:65:f0:c3:
e1:c9:2f:87:23:54:21:e5:87:f2:08:d1:32:00:6d:
db:a9:bd:f7:dd:40:b4:15:54:96:1d:c3:d1:09:8b:
98:62:18:0e:9d:7a:58:e9:26:16:9c:81:8f:2a:c6:
51:e6:2d:eb:14:4f:df:16:d3:8d:fd:5c:ef:57:95:
f8:4d:06:58:37:e9:6d:f7:71:4d:d3:1e:5f:01:24:
72:1f:f7:1d:02:dc:72:f5:51:de:04:df:31:c4:08:
a9:d6:88:0f:d4:e6:5c:9c:82:3d:0b:18:27:b5:e4:
d2:1f:05:97:6c:b6:cc:5f:55:be:e9:f3:d5:27:43:
97:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:56:40:AE:84:89:2B:45:EA:A6:7B:87:ED:E4:50:45:49:7F:F1:31
X509v3 Authority Key Identifier:
keyid:D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/0qtsm24WUzTAMtBR1fx9FUfk41M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/81ZAroSJK0XqpnuH7eRQRUl_8TE.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2407:9b40::/32
Signature Algorithm: sha256WithRSAEncryption
4d:28:3a:97:0f:35:af:57:ff:d4:99:cd:e9:7e:fe:ae:07:f1:
cd:15:e4:65:a3:9a:5f:81:3f:74:cb:a4:36:68:2d:84:2f:5c:
8e:90:da:ad:b6:4f:93:12:33:ef:fe:36:62:19:8f:7d:d0:a9:
ef:88:e1:e1:03:a1:33:44:22:fe:b4:aa:6c:75:e8:24:fd:f2:
ec:c9:f5:b7:d9:b3:c3:eb:67:e2:b7:8c:9b:1b:21:69:e3:75:
1b:a4:c6:eb:1e:da:57:6c:00:8c:37:28:fa:ec:ec:34:d1:b5:
5d:36:c4:31:e0:9b:d5:cf:dc:e9:88:64:57:62:35:6e:14:79:
4b:77:4b:53:14:8a:48:d8:13:74:0b:a2:54:54:ca:6a:d1:e9:
16:63:64:ab:2c:82:2a:ca:b9:7f:c8:67:92:32:a2:2f:f7:b9:
e9:17:2b:9a:7b:2f:47:b5:56:ce:ae:00:f5:33:27:fe:10:89:
14:7c:34:4e:70:46:45:46:92:8a:0d:91:b0:fa:5d:61:61:bf:
b6:d9:7b:82:9b:e7:54:51:4b:9f:79:e7:91:93:f3:42:d8:b6:
3c:2a:f1:23:a6:af:3b:68:a6:69:d5:e3:2f:0d:78:c5:e1:a5:
ee:e9:09:c0:4e:b5:6b:e6:55:35:ed:0d:9c:b0:f0:51:2d:d3:
46:15:57:24
-----BEGIN CERTIFICATE-----
MIIE2DCCA8CgAwIBAgICIEUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRDJB
QjZDOUI2RTE2NTMzNEMwMzJEMDUxRDVGQzdEMTU0N0U0RTM1MzAeFw0yNTA2MDMw
MjA4MzhaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKEYzNTY0MEFFODQ4OTJC
NDVFQUE2N0I4N0VERTQ1MDQ1NDk3RkYxMzEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDH9uOzXTaNX83xyaVPhBYWmRyATkOoUtVeSnRx+WBCQHxYAHcr
5+3hXAa0j3iKDHGLLsJyinb1Ud/UUYlatb0xTRYDWTGjMi9z3wiusQgC1wEMGgBB
3FCr9xToQanmkRnTsMDlJszRUbogCENPpC/P7wMGjwDNdxMrSEYKbUGeRfT8zmXw
w+HJL4cjVCHlh/II0TIAbdupvffdQLQVVJYdw9EJi5hiGA6deljpJhacgY8qxlHm
LesUT98W0439XO9XlfhNBlg36W33cU3THl8BJHIf9x0C3HL1Ud4E3zHECKnWiA/U
5lycgj0LGCe15NIfBZdstsxfVb7p89UnQ5d1AgMBAAGjggH0MIIB8DAdBgNVHQ4E
FgQU81ZAroSJK0XqpnuH7eRQRUl/8TEwHwYDVR0jBBgwFoAU0qtsm24WUzTAMtBR
1fx9FUfk41MwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA5
OC8wcXRzbTI0V1V6VEFNdEJSMWZ4OUZVZms0MU0uY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwLzBxdHNtMjRXVXpUQU10QlIxZng5RlVmazQxTS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwOTgvODFaQXJvU0pLMFhx
cG51SDdlUlFSVWxfOFRFLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIw
BwMFACQHm0AwDQYJKoZIhvcNAQELBQADggEBAE0oOpcPNa9X/9SZzel+/q4H8c0V
5GWjml+BP3TLpDZoLYQvXI6Q2q22T5MSM+/+NmIZj33Qqe+I4eEDoTNEIv60qmx1
6CT98uzJ9bfZs8PrZ+K3jJsbIWnjdRukxuse2ldsAIw3KPrs7DTRtV02xDHgm9XP
3OmIZFdiNW4UeUt3S1MUikjYE3QLolRUymrR6RZjZKssgirKuX/IZ5Iyoi/3uekX
K5p7L0e1Vs6uAPUzJ/4QiRR8NE5wRkVGkooNkbD6XWFhv7bZe4Kb51RRS59555GT
80LYtjwq8SOmrztopmnV4y8NeMXhpe7pCcBOtWvmVTXtDZyw8FEt00YVVyQ=
-----END CERTIFICATE-----
Generated at Sun Jun 22 03:55:44 2025 by rpki-client