Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3098/CpEaoeawJyIeaIghNFe7lGeqLcU.roa
File: CpEaoeawJyIeaIghNFe7lGeqLcU.roa (raw, json)
Hash identifier: VCAYgal/rwb5GHYZasm8gaCIHaFe0gUy5vqoAZfy8AA=
Subject key identifier: 0A:91:1A:A1:E6:B0:27:22:1E:68:88:21:34:57:BB:94:67:AA:2D:C5
Certificate issuer: /CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353
Certificate serial: 2192
Authority key identifier: D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/CpEaoeawJyIeaIghNFe7lGeqLcU.roa
Signing time: Thu 05 Jun 2025 09:38:46 +0000
ROA not before: Thu 05 Jun 2025 09:38:46 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 146845
IP address blocks: 2407:9b40::/32 maxlen: 64
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8594 (0x2192)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353
Validity
Not Before: Jun 5 09:38:46 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=0A911AA1E6B027221E6888213457BB9467AA2DC5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:b5:7c:01:20:73:10:1a:a1:fe:4a:f9:a9:bf:
34:92:6a:75:07:31:4f:34:dd:6a:2c:55:02:94:f2:
47:0a:ac:fb:12:3d:3f:7b:eb:64:2b:97:7a:98:7e:
19:c3:02:b0:8d:a6:7c:34:1a:33:c5:95:95:5a:9f:
2c:69:f2:d2:10:dd:a2:18:63:93:58:ba:93:58:ae:
b8:b8:97:09:0b:dd:87:1b:d8:84:08:07:40:e5:4d:
06:3e:e5:81:6f:e7:84:41:ed:d4:7b:f5:ac:a4:5b:
2c:01:06:78:8e:1a:7d:f4:8d:ed:ff:0a:51:31:21:
bc:2d:05:e6:a4:f0:d6:20:5a:bc:d7:ce:bd:64:67:
f5:a6:82:dd:39:af:d9:fd:20:14:cb:b6:17:ae:fe:
41:51:88:a5:0a:ac:53:40:5c:e4:30:92:f9:9c:7f:
23:1c:71:8d:af:31:bf:5b:9a:88:7d:78:6e:fb:b4:
b2:10:1c:a4:dd:e5:c3:c6:b4:89:f6:73:c7:13:45:
77:da:81:1f:14:f7:08:88:cd:38:6f:b5:5e:17:68:
31:84:d5:6c:23:72:f0:d8:88:b4:d9:3a:fc:4c:31:
15:bd:0b:11:76:7c:5c:f8:33:1a:49:86:f5:ff:38:
be:ce:36:60:3d:36:2d:cd:9a:3a:72:6e:2a:5b:b1:
80:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:91:1A:A1:E6:B0:27:22:1E:68:88:21:34:57:BB:94:67:AA:2D:C5
X509v3 Authority Key Identifier:
keyid:D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/0qtsm24WUzTAMtBR1fx9FUfk41M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/CpEaoeawJyIeaIghNFe7lGeqLcU.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2407:9b40::/32
Signature Algorithm: sha256WithRSAEncryption
b8:8f:48:b1:43:4e:2b:13:ce:29:2e:35:e8:d4:90:e9:d3:81:
f5:8b:f3:a1:da:c3:2f:0d:4b:e2:47:23:f0:45:bd:6d:6e:7b:
fd:90:f3:5b:d6:06:cf:91:d7:ed:6c:99:23:0c:55:fc:32:7c:
1a:66:d6:84:28:f4:3a:2a:f9:cb:2a:a4:73:c5:c1:ec:3f:d1:
9a:fa:03:cf:18:bc:67:24:08:33:a7:5c:7a:6f:9f:88:84:85:
41:9c:30:5d:78:d1:c5:e6:f1:9f:ca:c4:f5:0b:46:fe:33:9e:
af:2b:aa:df:31:ed:50:5f:4d:d6:f9:8f:81:e2:97:1d:a1:46:
1f:f7:8d:91:72:31:b6:c5:59:3e:7d:15:8d:a0:da:96:cc:91:
36:4f:f2:26:53:b1:c3:9c:77:1d:ed:9e:2b:57:6f:6a:d2:f3:
4b:d6:95:17:c1:2b:16:8c:6c:ea:1a:23:eb:f4:f6:be:f6:3c:
e6:80:0c:6e:4f:15:4a:e8:eb:12:f3:a0:2b:c8:fb:8e:06:2d:
a6:96:f6:c4:c1:dc:e8:9f:35:33:a9:39:25:77:e7:62:c0:5e:
ef:d1:80:de:8d:83:00:30:47:cf:3d:8b:42:83:ae:df:a7:eb:
d6:ad:50:17:15:c0:76:45:15:9f:6f:8a:51:5a:7c:ff:5e:1e:
78:fb:28:0d
-----BEGIN CERTIFICATE-----
MIIE2DCCA8CgAwIBAgICIZIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRDJB
QjZDOUI2RTE2NTMzNEMwMzJEMDUxRDVGQzdEMTU0N0U0RTM1MzAeFw0yNTA2MDUw
OTM4NDZaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDBBOTExQUExRTZCMDI3
MjIxRTY4ODgyMTM0NTdCQjk0NjdBQTJEQzUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC8tXwBIHMQGqH+SvmpvzSSanUHMU803WosVQKU8kcKrPsSPT97
62Qrl3qYfhnDArCNpnw0GjPFlZVanyxp8tIQ3aIYY5NYupNYrri4lwkL3Ycb2IQI
B0DlTQY+5YFv54RB7dR79aykWywBBniOGn30je3/ClExIbwtBeak8NYgWrzXzr1k
Z/Wmgt05r9n9IBTLtheu/kFRiKUKrFNAXOQwkvmcfyMccY2vMb9bmoh9eG77tLIQ
HKTd5cPGtIn2c8cTRXfagR8U9wiIzThvtV4XaDGE1WwjcvDYiLTZOvxMMRW9CxF2
fFz4MxpJhvX/OL7ONmA9Ni3NmjpybipbsYCbAgMBAAGjggH0MIIB8DAdBgNVHQ4E
FgQUCpEaoeawJyIeaIghNFe7lGeqLcUwHwYDVR0jBBgwFoAU0qtsm24WUzTAMtBR
1fx9FUfk41MwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA5
OC8wcXRzbTI0V1V6VEFNdEJSMWZ4OUZVZms0MU0uY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwLzBxdHNtMjRXVXpUQU10QlIxZng5RlVmazQxTS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwOTgvQ3BFYW9lYXdKeUll
YUlnaE5GZTdsR2VxTGNVLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIw
BwMFACQHm0AwDQYJKoZIhvcNAQELBQADggEBALiPSLFDTisTzikuNejUkOnTgfWL
86Hawy8NS+JHI/BFvW1ue/2Q81vWBs+R1+1smSMMVfwyfBpm1oQo9Doq+csqpHPF
wew/0Zr6A88YvGckCDOnXHpvn4iEhUGcMF140cXm8Z/KxPULRv4znq8rqt8x7VBf
Tdb5j4Hilx2hRh/3jZFyMbbFWT59FY2g2pbMkTZP8iZTscOcdx3tnitXb2rS80vW
lRfBKxaMbOoaI+v09r72POaADG5PFUro6xLzoCvI+44GLaaW9sTB3OifNTOpOSV3
52LAXu/RgN6NgwAwR889i0KDrt+n69atUBcVwHZFFZ9vilFafP9eHnj7KA0=
-----END CERTIFICATE-----
Generated at Sat Jun 21 16:26:51 2025 by rpki-client