Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3098/EiN57y7AZgwH_mwd72h6ceUnodY.roa
File: EiN57y7AZgwH_mwd72h6ceUnodY.roa (raw, json)
Hash identifier: JVzu5cXkdbuXb82dmkGeBHcbqru9wQzmUI4WIysEw2w=
Subject key identifier: 12:23:79:EF:2E:C0:66:0C:07:FE:6C:1D:EF:68:7A:71:E5:27:A1:D6
Certificate issuer: /CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353
Certificate serial: 2046
Authority key identifier: D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/EiN57y7AZgwH_mwd72h6ceUnodY.roa
Signing time: Tue 03 Jun 2025 02:08:38 +0000
ROA not before: Tue 03 Jun 2025 02:08:38 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 4812
IP address blocks: 2407:9b40::/32 maxlen: 64
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8262 (0x2046)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353
Validity
Not Before: Jun 3 02:08:38 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=122379EF2EC0660C07FE6C1DEF687A71E527A1D6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:da:7f:8e:8a:b6:41:f0:bc:ac:51:01:9a:ef:
60:14:b9:06:e8:5a:dd:b5:db:33:f0:a9:9b:46:38:
b6:74:7f:83:29:4f:40:76:c6:49:2c:3a:aa:15:50:
cf:d8:0e:3c:7f:a0:5c:5c:4a:32:7f:97:0c:38:f9:
2b:08:de:20:ac:4e:07:f5:f3:7a:d4:47:20:79:f8:
24:8e:c7:67:a5:f2:8e:7b:40:6b:8f:09:9e:59:2f:
b6:37:b2:f5:9f:d3:cf:55:3e:eb:29:cd:cf:6f:18:
d0:f3:39:15:82:b0:b1:dc:58:ee:b3:80:2d:00:f3:
31:34:09:73:cc:93:b6:8b:82:65:c1:b0:8d:83:97:
ce:23:0c:75:87:5b:b7:ad:c6:80:05:50:6e:e8:66:
a7:f5:e4:7d:7e:66:10:02:33:91:bd:2a:a5:61:3c:
16:37:75:79:ab:8e:f0:74:31:1f:5e:dc:42:f6:0f:
a1:d6:53:df:11:da:7a:54:03:16:a9:f0:0e:8e:61:
ed:67:64:cf:eb:96:35:7d:fc:f5:44:20:cb:d3:81:
f5:fc:f3:86:38:8a:20:df:a1:a1:ec:57:2d:8e:93:
7d:b8:a3:8d:3c:0b:1a:4c:cd:d9:f2:65:4c:03:2e:
b8:df:f4:95:8d:1e:d6:9a:0f:61:c9:f5:ee:42:06:
c5:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:23:79:EF:2E:C0:66:0C:07:FE:6C:1D:EF:68:7A:71:E5:27:A1:D6
X509v3 Authority Key Identifier:
keyid:D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/0qtsm24WUzTAMtBR1fx9FUfk41M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/EiN57y7AZgwH_mwd72h6ceUnodY.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2407:9b40::/32
Signature Algorithm: sha256WithRSAEncryption
b2:05:30:6a:29:cb:c7:90:d8:37:d9:c3:8f:b0:c9:6f:32:f3:
29:1a:c8:e8:49:8e:1d:ec:9f:e1:4b:e0:35:15:a5:c3:fe:dc:
d5:22:68:00:39:11:53:a4:3b:54:21:3b:d1:40:46:57:be:7d:
bd:10:51:f0:33:54:75:41:f1:04:bc:59:df:b2:e9:f8:5e:a0:
ab:de:4d:02:61:48:06:f6:fc:1b:4e:c7:61:c5:82:af:39:38:
ac:d1:e1:0b:f9:a5:7f:2d:42:c5:a0:9c:11:8e:8e:e4:4f:bb:
ba:1b:2d:fb:ff:df:a3:c5:eb:d1:14:2e:ec:25:68:97:52:5e:
d2:a4:67:c2:15:9d:e8:2b:ca:00:41:ed:c4:92:1b:23:05:c6:
3c:ee:41:2b:f2:fd:89:a5:a0:b1:08:7e:16:5b:2d:ca:e6:36:
94:bf:a7:c9:3e:4c:3c:99:46:63:93:0a:ae:c3:dc:fb:63:10:
8b:92:41:ec:bd:09:e7:85:2f:24:cc:6a:e0:cf:b7:68:af:96:
83:9b:b0:0d:b6:6d:ff:46:e1:1d:db:67:85:24:e1:1e:40:f1:
21:b8:28:0e:87:d0:b6:31:9d:99:22:36:03:5f:f3:f4:e5:2a:
d5:29:e2:aa:98:45:29:c4:d0:5b:b3:42:b8:c4:e1:d1:0a:79:
fe:2f:48:7d
-----BEGIN CERTIFICATE-----
MIIE2DCCA8CgAwIBAgICIEYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRDJB
QjZDOUI2RTE2NTMzNEMwMzJEMDUxRDVGQzdEMTU0N0U0RTM1MzAeFw0yNTA2MDMw
MjA4MzhaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDEyMjM3OUVGMkVDMDY2
MEMwN0ZFNkMxREVGNjg3QTcxRTUyN0ExRDYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDb2n+OirZB8LysUQGa72AUuQboWt212zPwqZtGOLZ0f4MpT0B2
xkksOqoVUM/YDjx/oFxcSjJ/lww4+SsI3iCsTgf183rURyB5+CSOx2el8o57QGuP
CZ5ZL7Y3svWf089VPuspzc9vGNDzORWCsLHcWO6zgC0A8zE0CXPMk7aLgmXBsI2D
l84jDHWHW7etxoAFUG7oZqf15H1+ZhACM5G9KqVhPBY3dXmrjvB0MR9e3EL2D6HW
U98R2npUAxap8A6OYe1nZM/rljV9/PVEIMvTgfX884Y4iiDfoaHsVy2Ok324o408
CxpMzdnyZUwDLrjf9JWNHtaaD2HJ9e5CBsUDAgMBAAGjggH0MIIB8DAdBgNVHQ4E
FgQUEiN57y7AZgwH/mwd72h6ceUnodYwHwYDVR0jBBgwFoAU0qtsm24WUzTAMtBR
1fx9FUfk41MwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA5
OC8wcXRzbTI0V1V6VEFNdEJSMWZ4OUZVZms0MU0uY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwLzBxdHNtMjRXVXpUQU10QlIxZng5RlVmazQxTS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwOTgvRWlONTd5N0FaZ3dI
X213ZDcyaDZjZVVub2RZLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIw
BwMFACQHm0AwDQYJKoZIhvcNAQELBQADggEBALIFMGopy8eQ2DfZw4+wyW8y8yka
yOhJjh3sn+FL4DUVpcP+3NUiaAA5EVOkO1QhO9FARle+fb0QUfAzVHVB8QS8Wd+y
6fheoKveTQJhSAb2/BtOx2HFgq85OKzR4Qv5pX8tQsWgnBGOjuRPu7obLfv/36PF
69EULuwlaJdSXtKkZ8IVnegrygBB7cSSGyMFxjzuQSvy/YmloLEIfhZbLcrmNpS/
p8k+TDyZRmOTCq7D3PtjEIuSQey9CeeFLyTMauDPt2ivloObsA22bf9G4R3bZ4Uk
4R5A8SG4KA6H0LYxnZkiNgNf8/TlKtUp4qqYRSnE0FuzQrjE4dEKef4vSH0=
-----END CERTIFICATE-----
Generated at Sun Jun 22 10:56:51 2025 by rpki-client