Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3098/88Fr25NpxCuOrHTm5Umb9NF85vU.roa
File: 88Fr25NpxCuOrHTm5Umb9NF85vU.roa (raw, json)
Hash identifier: 6kEZQhXK7OkS18GhVo3+/epces2erNDFGh2NishgUpg=
Subject key identifier: F3:C1:6B:DB:93:69:C4:2B:8E:AC:74:E6:E5:49:9B:F4:D1:7C:E6:F5
Certificate issuer: /CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353
Certificate serial: 218A
Authority key identifier: D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/88Fr25NpxCuOrHTm5Umb9NF85vU.roa
Signing time: Thu 05 Jun 2025 08:08:44 +0000
ROA not before: Thu 05 Jun 2025 08:08:44 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 4812
IP address blocks: 2407:9b40::/32 maxlen: 64
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8586 (0x218a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353
Validity
Not Before: Jun 5 08:08:44 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=F3C16BDB9369C42B8EAC74E6E5499BF4D17CE6F5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:d3:5a:70:5f:10:a3:52:a3:f2:54:46:91:6c:
f2:5d:af:9e:18:10:45:f7:e0:6d:fa:cf:00:36:2d:
2e:0d:be:9c:d8:d4:c4:94:ec:d4:e3:7b:69:50:45:
ac:ec:a0:bf:97:fd:56:d5:51:a7:27:d7:a5:4c:ce:
9d:7e:08:ca:d7:d9:cc:b3:60:7e:43:76:43:73:72:
12:9b:70:3a:60:15:37:cd:8c:f0:8e:0b:b5:f5:fb:
86:62:66:39:bf:4d:be:c7:11:f7:f9:71:d3:33:a6:
c1:ea:90:c7:0c:ac:2a:e3:9c:84:ca:83:17:05:45:
99:4f:62:20:71:07:9a:5a:0d:26:0a:ba:c9:08:91:
da:60:80:f1:32:fe:e3:0a:2d:e6:b4:95:ee:e6:f2:
c4:33:76:cc:42:27:b3:be:9a:a4:9a:46:6c:0d:c7:
41:d0:bf:c2:af:ec:48:9d:15:4f:ba:c5:0a:f0:91:
6c:8e:88:03:1b:f8:ee:c7:ed:80:ac:37:20:d4:7b:
c3:20:a5:03:09:52:df:48:da:7f:1e:44:d8:f0:3a:
d2:5f:4d:83:83:a2:d4:e5:85:8e:15:da:ae:b9:2d:
34:3c:ee:b4:5f:01:e9:71:bf:f1:62:f6:2e:9c:c4:
19:4a:cf:56:cd:92:81:91:75:ff:5d:f1:a1:be:4d:
0d:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:C1:6B:DB:93:69:C4:2B:8E:AC:74:E6:E5:49:9B:F4:D1:7C:E6:F5
X509v3 Authority Key Identifier:
keyid:D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/0qtsm24WUzTAMtBR1fx9FUfk41M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/88Fr25NpxCuOrHTm5Umb9NF85vU.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2407:9b40::/32
Signature Algorithm: sha256WithRSAEncryption
17:57:0a:a3:5e:1d:ee:e4:9a:0c:6f:b7:0c:7a:15:39:0c:66:
f6:ec:a9:eb:a7:2c:e2:63:f9:60:85:b7:77:82:99:f6:07:90:
bd:cb:2a:a4:86:97:02:eb:39:e2:53:f6:62:70:68:ae:f7:74:
c8:6c:62:24:9c:42:8d:60:62:62:b9:86:89:fe:d8:de:61:fe:
2b:50:d6:89:31:d1:ea:ff:49:24:d6:98:74:34:03:e6:43:20:
77:1b:ae:0d:0f:47:4c:f0:cc:f1:78:e1:83:cd:87:e1:e3:fc:
88:ec:cb:5c:fe:d2:6e:2a:8f:f8:e0:7f:2c:c2:c7:02:88:4a:
b2:c7:43:98:14:a9:7b:33:4b:cb:28:c3:b4:d2:07:d8:d4:f4:
31:10:ab:ce:4c:f7:95:44:71:df:df:cc:1b:4b:0c:cd:35:7c:
6a:57:1b:f0:ef:2b:f9:e7:e1:a0:31:44:eb:b8:ed:41:a7:cb:
4c:13:44:36:cf:5f:20:44:b1:3f:d6:aa:9e:ec:b5:32:0c:61:
9a:8a:bf:fb:9c:2b:dd:e8:37:f3:ea:59:96:07:5e:86:e9:f1:
63:ef:3d:e2:a8:59:76:35:78:10:6a:9e:47:12:88:e6:84:e2:
7b:a0:fe:6b:e6:39:b7:f8:6e:4f:fb:b9:fe:c1:ef:49:58:8a:
17:92:c0:8e
-----BEGIN CERTIFICATE-----
MIIE2DCCA8CgAwIBAgICIYowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRDJB
QjZDOUI2RTE2NTMzNEMwMzJEMDUxRDVGQzdEMTU0N0U0RTM1MzAeFw0yNTA2MDUw
ODA4NDRaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKEYzQzE2QkRCOTM2OUM0
MkI4RUFDNzRFNkU1NDk5QkY0RDE3Q0U2RjUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDg01pwXxCjUqPyVEaRbPJdr54YEEX34G36zwA2LS4NvpzY1MSU
7NTje2lQRazsoL+X/VbVUacn16VMzp1+CMrX2cyzYH5DdkNzchKbcDpgFTfNjPCO
C7X1+4ZiZjm/Tb7HEff5cdMzpsHqkMcMrCrjnITKgxcFRZlPYiBxB5paDSYKuskI
kdpggPEy/uMKLea0le7m8sQzdsxCJ7O+mqSaRmwNx0HQv8Kv7EidFU+6xQrwkWyO
iAMb+O7H7YCsNyDUe8MgpQMJUt9I2n8eRNjwOtJfTYODotTlhY4V2q65LTQ87rRf
Aelxv/Fi9i6cxBlKz1bNkoGRdf9d8aG+TQ1LAgMBAAGjggH0MIIB8DAdBgNVHQ4E
FgQU88Fr25NpxCuOrHTm5Umb9NF85vUwHwYDVR0jBBgwFoAU0qtsm24WUzTAMtBR
1fx9FUfk41MwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA5
OC8wcXRzbTI0V1V6VEFNdEJSMWZ4OUZVZms0MU0uY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwLzBxdHNtMjRXVXpUQU10QlIxZng5RlVmazQxTS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwOTgvODhGcjI1TnB4Q3VP
ckhUbTVVbWI5TkY4NXZVLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIw
BwMFACQHm0AwDQYJKoZIhvcNAQELBQADggEBABdXCqNeHe7kmgxvtwx6FTkMZvbs
qeunLOJj+WCFt3eCmfYHkL3LKqSGlwLrOeJT9mJwaK73dMhsYiScQo1gYmK5hon+
2N5h/itQ1okx0er/SSTWmHQ0A+ZDIHcbrg0PR0zwzPF44YPNh+Hj/Ijsy1z+0m4q
j/jgfyzCxwKISrLHQ5gUqXszS8sow7TSB9jU9DEQq85M95VEcd/fzBtLDM01fGpX
G/DvK/nn4aAxROu47UGny0wTRDbPXyBEsT/Wqp7stTIMYZqKv/ucK93oN/PqWZYH
Xobp8WPvPeKoWXY1eBBqnkcSiOaE4nug/mvmObf4bk/7uf7B70lYiheSwI4=
-----END CERTIFICATE-----
Generated at Sat Jun 21 03:25:19 2025 by rpki-client