Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3098/DYAQLlIDYSKJld1R1H3hrbk0_wk.roa
File: DYAQLlIDYSKJld1R1H3hrbk0_wk.roa (raw, json)
Hash identifier: gdPV2GTEkP0QF7A63RNU8fEyuBY3f2aCvFTZLnsDdM4=
Subject key identifier: 0D:80:10:2E:52:03:61:22:89:95:DD:51:D4:7D:E1:AD:B9:34:FF:09
Certificate issuer: /CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353
Certificate serial: 245A
Authority key identifier: D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/DYAQLlIDYSKJld1R1H3hrbk0_wk.roa
Signing time: Tue 10 Jun 2025 08:09:06 +0000
ROA not before: Tue 10 Jun 2025 08:09:06 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 4812
IP address blocks: 2407:9b40::/32 maxlen: 64
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 9306 (0x245a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353
Validity
Not Before: Jun 10 08:09:06 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=0D80102E520361228995DD51D47DE1ADB934FF09
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:49:d8:c1:86:20:23:f4:be:9b:e8:cd:ed:fd:
4e:d8:a7:f5:b7:c5:03:e5:2c:f3:a4:51:4e:0e:ef:
63:62:6c:fa:89:59:fe:a2:89:0b:39:d6:30:54:9c:
c3:0f:ac:4d:a2:87:6f:0e:ee:39:11:c9:5a:6f:bf:
c3:64:3e:d6:bd:ea:db:53:fd:6f:ca:b7:fe:60:7d:
15:5f:d5:1e:ec:ac:d7:26:e9:3c:8d:47:4c:39:ca:
88:75:06:30:d4:d2:5b:21:4d:65:77:66:10:e0:28:
41:00:14:93:0e:c5:04:47:8a:9a:30:af:9f:26:4c:
1e:42:53:8d:1f:63:5d:23:44:65:26:cb:ac:8a:51:
21:f9:df:20:a8:34:aa:99:a2:c2:94:eb:2f:ee:9b:
17:28:de:09:f6:f6:a2:fb:43:c1:4e:bd:66:4d:18:
76:3a:8f:ae:98:f0:65:53:d3:2c:61:d0:fd:da:3e:
d1:8b:61:9d:9f:de:3d:80:24:70:3c:3c:94:9c:7e:
68:f3:43:e2:5b:db:47:85:75:0e:9d:90:c3:07:99:
c9:a2:20:aa:0b:d8:3b:a5:d2:e6:7d:e7:5b:5e:7b:
e1:fa:66:43:90:7f:42:7c:8a:e9:69:b7:7a:de:a9:
3a:37:37:68:d2:8a:ce:59:ca:ff:42:de:74:52:06:
e1:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:80:10:2E:52:03:61:22:89:95:DD:51:D4:7D:E1:AD:B9:34:FF:09
X509v3 Authority Key Identifier:
keyid:D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/0qtsm24WUzTAMtBR1fx9FUfk41M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/DYAQLlIDYSKJld1R1H3hrbk0_wk.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2407:9b40::/32
Signature Algorithm: sha256WithRSAEncryption
4f:1d:32:d2:8e:6c:57:a8:e7:90:6c:5a:fa:cc:4f:f4:94:45:
ac:26:f9:9f:02:28:ee:ad:28:41:8c:2f:05:54:0f:5b:49:45:
71:f0:08:77:f2:88:19:24:de:84:c8:de:d7:2e:7c:c8:26:b8:
b6:f6:d8:27:c1:67:a4:d9:f0:bd:d0:06:7c:2b:f6:36:a7:64:
98:ce:92:2c:a6:16:59:21:ee:0f:82:65:20:35:df:f4:54:20:
38:c4:c8:d4:0d:1e:c1:6c:1a:a1:c2:5a:2d:43:6f:ad:c9:c6:
92:32:5d:cb:e4:2c:2c:47:37:b8:3e:a8:c1:89:b9:bf:f9:53:
57:32:a0:76:39:68:23:a7:bf:02:c3:7e:7b:3f:c1:1d:56:b5:
8c:e4:5b:aa:67:d1:43:86:3d:43:bc:fd:6b:2c:ba:32:5b:79:
ae:1f:3f:b7:46:61:91:24:6b:63:3c:df:6a:34:fd:24:03:b6:
b4:d0:2d:80:b7:c7:4d:24:03:35:21:e9:1b:75:27:47:db:cf:
3f:00:df:ba:bf:cc:57:80:1b:a5:01:0b:ed:5b:af:12:b4:18:
84:0f:dd:97:b3:3f:a5:cb:3e:44:67:43:e7:16:34:cc:f9:3b:
98:19:3b:85:e1:b7:20:00:b5:6d:3c:f4:4c:18:35:91:c3:ad:
fe:d8:49:4c
-----BEGIN CERTIFICATE-----
MIIE2DCCA8CgAwIBAgICJFowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRDJB
QjZDOUI2RTE2NTMzNEMwMzJEMDUxRDVGQzdEMTU0N0U0RTM1MzAeFw0yNTA2MTAw
ODA5MDZaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDBEODAxMDJFNTIwMzYx
MjI4OTk1REQ1MUQ0N0RFMUFEQjkzNEZGMDkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC4SdjBhiAj9L6b6M3t/U7Yp/W3xQPlLPOkUU4O72NibPqJWf6i
iQs51jBUnMMPrE2ih28O7jkRyVpvv8NkPta96ttT/W/Kt/5gfRVf1R7srNcm6TyN
R0w5yoh1BjDU0lshTWV3ZhDgKEEAFJMOxQRHipowr58mTB5CU40fY10jRGUmy6yK
USH53yCoNKqZosKU6y/umxco3gn29qL7Q8FOvWZNGHY6j66Y8GVT0yxh0P3aPtGL
YZ2f3j2AJHA8PJScfmjzQ+Jb20eFdQ6dkMMHmcmiIKoL2Dul0uZ951tee+H6ZkOQ
f0J8iulpt3reqTo3N2jSis5Zyv9C3nRSBuHrAgMBAAGjggH0MIIB8DAdBgNVHQ4E
FgQUDYAQLlIDYSKJld1R1H3hrbk0/wkwHwYDVR0jBBgwFoAU0qtsm24WUzTAMtBR
1fx9FUfk41MwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA5
OC8wcXRzbTI0V1V6VEFNdEJSMWZ4OUZVZms0MU0uY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwLzBxdHNtMjRXVXpUQU10QlIxZng5RlVmazQxTS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwOTgvRFlBUUxsSURZU0tK
bGQxUjFIM2hyYmswX3drLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIw
BwMFACQHm0AwDQYJKoZIhvcNAQELBQADggEBAE8dMtKObFeo55BsWvrMT/SURawm
+Z8CKO6tKEGMLwVUD1tJRXHwCHfyiBkk3oTI3tcufMgmuLb22CfBZ6TZ8L3QBnwr
9janZJjOkiymFlkh7g+CZSA13/RUIDjEyNQNHsFsGqHCWi1Db63JxpIyXcvkLCxH
N7g+qMGJub/5U1cyoHY5aCOnvwLDfns/wR1WtYzkW6pn0UOGPUO8/WssujJbea4f
P7dGYZEka2M832o0/SQDtrTQLYC3x00kAzUh6Rt1J0fbzz8A37q/zFeAG6UBC+1b
rxK0GIQP3ZezP6XLPkRnQ+cWNMz5O5gZO4XhtyAAtW089EwYNZHDrf7YSUw=
-----END CERTIFICATE-----
Generated at Fri Jun 20 18:57:27 2025 by rpki-client