Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3098/A4G-Fq89_f8Uxkr_Qpv1hysoHGE.roa
File: A4G-Fq89_f8Uxkr_Qpv1hysoHGE.roa (raw, json)
Hash identifier: qyRm9FhWrVLcrYLBc3wuELiBomW8xAi2v/254yfPrVQ=
Subject key identifier: 03:81:BE:16:AF:3D:FD:FF:14:C6:4A:FF:42:9B:F5:87:2B:28:1C:61
Certificate issuer: /CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353
Certificate serial: 2177
Authority key identifier: D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/A4G-Fq89_f8Uxkr_Qpv1hysoHGE.roa
Signing time: Thu 05 Jun 2025 05:08:45 +0000
ROA not before: Thu 05 Jun 2025 05:08:45 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 146845
IP address blocks: 2407:9b40::/32 maxlen: 64
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8567 (0x2177)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353
Validity
Not Before: Jun 5 05:08:45 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=0381BE16AF3DFDFF14C64AFF429BF5872B281C61
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:a6:69:5b:a5:cc:5c:cc:04:82:a5:f0:e3:18:
e9:d9:03:1c:38:db:45:3d:13:2d:b2:ab:dd:a6:2a:
87:ac:fc:0f:c9:92:93:48:d8:a0:f5:e0:3e:3c:64:
9a:4d:89:cc:fd:06:b5:23:4f:b6:21:f2:7c:d4:a6:
a7:bd:5a:6e:1c:8e:2f:6a:52:30:fd:7f:f9:d5:a2:
9b:1e:2b:6f:27:5d:34:b7:12:5a:39:96:fb:e1:e9:
5c:60:5d:fc:25:5b:bb:bc:da:34:b6:89:d6:5d:75:
0b:1d:3c:46:9f:a1:4b:90:dc:09:6a:98:2c:67:b0:
76:6f:39:5f:ba:35:20:3a:28:78:f2:22:44:85:52:
83:bb:7e:3e:15:14:b9:fb:78:de:c8:19:f5:8e:12:
a1:b8:a6:b2:bc:5b:a8:55:cc:5d:67:e4:8f:5b:ff:
08:69:4d:e7:96:19:c5:4d:81:bf:c4:bb:08:40:60:
9e:d5:e7:81:e8:48:39:2c:33:bd:df:43:e5:91:ad:
21:6e:b9:06:21:ab:74:ee:fd:ab:79:82:5a:6f:d3:
41:8b:9a:d5:86:a6:65:77:9b:23:60:4b:b9:f3:30:
f1:0a:2a:ac:4f:b2:c5:e7:9f:7c:58:af:a8:81:41:
7a:cf:be:de:05:ce:2c:62:12:97:4d:27:86:42:09:
f6:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:81:BE:16:AF:3D:FD:FF:14:C6:4A:FF:42:9B:F5:87:2B:28:1C:61
X509v3 Authority Key Identifier:
keyid:D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/0qtsm24WUzTAMtBR1fx9FUfk41M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/A4G-Fq89_f8Uxkr_Qpv1hysoHGE.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2407:9b40::/32
Signature Algorithm: sha256WithRSAEncryption
63:a5:1d:30:51:ae:e3:b0:ee:8a:c6:e6:9b:a3:aa:23:e7:78:
88:07:3b:6d:4d:36:1f:74:58:10:1d:bb:2a:57:71:5b:f3:52:
f5:47:65:7d:75:fa:4d:59:8a:34:94:8a:4c:59:09:a2:65:fd:
b0:55:98:44:a2:b1:17:d3:f0:bc:1e:a5:f8:a0:51:c6:bd:57:
4a:91:97:f2:f8:05:7f:67:4e:54:82:75:1a:5c:6b:aa:02:1b:
0e:30:9f:6c:1e:39:5f:60:a3:ed:e7:f7:a3:0f:d4:13:85:37:
e5:44:8e:bd:c9:95:53:f9:7a:65:59:5a:44:3c:da:b4:04:3f:
b0:7c:ea:70:ef:6a:f0:db:88:9f:8f:c2:e9:b0:75:b8:41:22:
d8:d0:df:e6:b9:fc:a2:7b:e9:1e:4c:7a:2f:b9:a9:7a:7b:5d:
a4:7d:a6:96:df:36:97:bd:48:80:b4:05:e8:06:f5:d8:73:69:
53:f2:68:4b:c4:f2:4b:84:48:3a:1b:29:4b:42:7f:8a:32:6c:
55:56:19:31:e2:16:7d:68:b2:38:bb:02:2d:7e:4e:95:87:ab:
58:84:c4:28:20:ec:8a:17:43:af:95:5b:63:8c:96:4b:a4:c9:
7f:62:dd:b0:2a:37:aa:71:b0:38:75:95:ae:4a:ac:52:cf:0e:
60:3f:9f:6c
-----BEGIN CERTIFICATE-----
MIIE2DCCA8CgAwIBAgICIXcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRDJB
QjZDOUI2RTE2NTMzNEMwMzJEMDUxRDVGQzdEMTU0N0U0RTM1MzAeFw0yNTA2MDUw
NTA4NDVaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDAzODFCRTE2QUYzREZE
RkYxNEM2NEFGRjQyOUJGNTg3MkIyODFDNjEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDjpmlbpcxczASCpfDjGOnZAxw420U9Ey2yq92mKoes/A/JkpNI
2KD14D48ZJpNicz9BrUjT7Yh8nzUpqe9Wm4cji9qUjD9f/nVopseK28nXTS3Elo5
lvvh6VxgXfwlW7u82jS2idZddQsdPEafoUuQ3AlqmCxnsHZvOV+6NSA6KHjyIkSF
UoO7fj4VFLn7eN7IGfWOEqG4prK8W6hVzF1n5I9b/whpTeeWGcVNgb/EuwhAYJ7V
54HoSDksM73fQ+WRrSFuuQYhq3Tu/at5glpv00GLmtWGpmV3myNgS7nzMPEKKqxP
ssXnn3xYr6iBQXrPvt4FzixiEpdNJ4ZCCfbfAgMBAAGjggH0MIIB8DAdBgNVHQ4E
FgQUA4G+Fq89/f8Uxkr/Qpv1hysoHGEwHwYDVR0jBBgwFoAU0qtsm24WUzTAMtBR
1fx9FUfk41MwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA5
OC8wcXRzbTI0V1V6VEFNdEJSMWZ4OUZVZms0MU0uY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwLzBxdHNtMjRXVXpUQU10QlIxZng5RlVmazQxTS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwOTgvQTRHLUZxODlfZjhV
eGtyX1FwdjFoeXNvSEdFLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIw
BwMFACQHm0AwDQYJKoZIhvcNAQELBQADggEBAGOlHTBRruOw7orG5pujqiPneIgH
O21NNh90WBAduypXcVvzUvVHZX11+k1ZijSUikxZCaJl/bBVmESisRfT8Lwepfig
Uca9V0qRl/L4BX9nTlSCdRpca6oCGw4wn2weOV9go+3n96MP1BOFN+VEjr3JlVP5
emVZWkQ82rQEP7B86nDvavDbiJ+PwumwdbhBItjQ3+a5/KJ76R5Mei+5qXp7XaR9
ppbfNpe9SIC0BegG9dhzaVPyaEvE8kuESDobKUtCf4oybFVWGTHiFn1osji7Ai1+
TpWHq1iExCgg7IoXQ6+VW2OMlkukyX9i3bAqN6pxsDh1la5KrFLPDmA/n2w=
-----END CERTIFICATE-----
Generated at Sun Jun 22 13:29:59 2025 by rpki-client