Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3098/HANZSQFXD-wdvNmoifeIXYDlGcw.roa
File: HANZSQFXD-wdvNmoifeIXYDlGcw.roa (raw, json)
Hash identifier: AtoO8C25eABLXwpcsZDGIigApVRL5LwLNQ6r+mOOuJ4=
Subject key identifier: 1C:03:59:49:01:57:0F:EC:1D:BC:D9:A8:89:F7:88:5D:80:E5:19:CC
Certificate issuer: /CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353
Certificate serial: 2279
Authority key identifier: D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/HANZSQFXD-wdvNmoifeIXYDlGcw.roa
Signing time: Sat 07 Jun 2025 00:08:50 +0000
ROA not before: Sat 07 Jun 2025 00:08:50 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 146845
IP address blocks: 2407:9b40::/32 maxlen: 64
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8825 (0x2279)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353
Validity
Not Before: Jun 7 00:08:50 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=1C03594901570FEC1DBCD9A889F7885D80E519CC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:61:83:8b:91:f3:06:05:0d:3e:27:ec:dd:74:
34:1c:06:e8:40:c5:b1:f1:db:79:50:04:1d:12:a6:
b1:fa:b8:25:7f:b0:a3:77:8b:e8:99:5a:ae:cd:68:
75:74:03:3a:64:53:36:bf:6e:f6:ea:27:07:8e:3f:
1e:2b:3b:e2:ef:52:34:3a:8a:d1:32:64:98:0b:93:
11:7a:94:60:09:53:29:3e:03:72:73:69:78:27:ab:
d6:94:e0:7e:d1:0b:9d:27:2b:b0:40:0f:49:51:aa:
86:16:f3:99:bb:ec:5c:8a:cd:a9:7c:be:58:d6:eb:
34:9c:7a:17:2a:51:46:03:bb:99:3f:9c:45:4b:94:
4e:88:e6:a8:aa:16:34:eb:d7:f0:79:50:23:7f:9c:
3b:cd:f1:0b:dc:76:9a:69:4b:a5:55:b2:35:e4:d8:
35:76:1e:c9:47:6f:86:6d:b1:a6:d7:13:cc:c1:15:
17:16:ea:92:ff:06:2e:b4:db:9a:1e:dc:8a:21:5f:
6a:f0:b7:6c:19:f0:9b:17:38:57:89:47:40:87:10:
a1:75:50:77:a7:32:9d:e7:1b:0d:8e:c2:0a:26:6c:
f2:6e:13:e5:5c:e8:97:ac:47:d9:03:7b:c5:14:8b:
6e:bc:a9:c4:4d:3f:42:4b:65:5f:99:68:57:77:6d:
23:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:03:59:49:01:57:0F:EC:1D:BC:D9:A8:89:F7:88:5D:80:E5:19:CC
X509v3 Authority Key Identifier:
keyid:D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/0qtsm24WUzTAMtBR1fx9FUfk41M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/HANZSQFXD-wdvNmoifeIXYDlGcw.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2407:9b40::/32
Signature Algorithm: sha256WithRSAEncryption
ba:da:7f:31:2a:fa:80:92:b8:c7:eb:ec:2f:5e:5a:06:69:32:
6d:8e:6f:85:46:71:6a:33:87:20:5f:0c:78:de:92:3c:52:b4:
a3:5d:8c:f4:2b:05:6c:2f:94:00:fd:b5:1b:24:0e:88:b2:a6:
be:7e:eb:14:41:81:d6:37:aa:9a:39:4b:93:05:d4:73:db:ab:
98:ce:21:ae:83:23:04:c6:00:40:9e:52:87:09:fd:f6:00:39:
7e:bb:c2:1a:e1:a4:75:3b:d4:56:de:94:0c:f1:5a:7d:d6:ec:
4e:48:a3:98:5a:b8:3c:e8:a5:b1:e5:49:af:d8:b7:b7:6d:86:
09:c1:37:ab:d2:bb:92:06:d8:82:a4:39:d4:a3:bf:04:a9:ca:
13:25:36:c3:6e:53:c4:0e:eb:d8:8f:a8:dc:f0:00:70:07:6a:
ff:90:56:a6:55:05:4a:80:60:af:4d:a3:ef:0b:b7:78:88:4e:
b4:5d:aa:b3:f5:6d:90:6a:ee:2f:d0:7d:ae:4d:a3:16:9d:6f:
2c:67:50:da:9c:67:48:f4:61:f2:bd:74:c8:cb:f0:f5:fe:e7:
23:99:50:86:38:e3:fa:67:9e:e9:12:f6:59:58:60:bc:4f:f1:
db:f3:a8:7f:17:18:1c:49:94:63:98:3b:15:46:d1:b1:39:f6:
60:38:d4:d6
-----BEGIN CERTIFICATE-----
MIIE2DCCA8CgAwIBAgICInkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRDJB
QjZDOUI2RTE2NTMzNEMwMzJEMDUxRDVGQzdEMTU0N0U0RTM1MzAeFw0yNTA2MDcw
MDA4NTBaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDFDMDM1OTQ5MDE1NzBG
RUMxREJDRDlBODg5Rjc4ODVEODBFNTE5Q0MwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDIYYOLkfMGBQ0+J+zddDQcBuhAxbHx23lQBB0SprH6uCV/sKN3
i+iZWq7NaHV0AzpkUza/bvbqJweOPx4rO+LvUjQ6itEyZJgLkxF6lGAJUyk+A3Jz
aXgnq9aU4H7RC50nK7BAD0lRqoYW85m77FyKzal8vljW6zScehcqUUYDu5k/nEVL
lE6I5qiqFjTr1/B5UCN/nDvN8QvcdpppS6VVsjXk2DV2HslHb4ZtsabXE8zBFRcW
6pL/Bi6025oe3IohX2rwt2wZ8JsXOFeJR0CHEKF1UHenMp3nGw2OwgombPJuE+Vc
6JesR9kDe8UUi268qcRNP0JLZV+ZaFd3bSN5AgMBAAGjggH0MIIB8DAdBgNVHQ4E
FgQUHANZSQFXD+wdvNmoifeIXYDlGcwwHwYDVR0jBBgwFoAU0qtsm24WUzTAMtBR
1fx9FUfk41MwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA5
OC8wcXRzbTI0V1V6VEFNdEJSMWZ4OUZVZms0MU0uY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwLzBxdHNtMjRXVXpUQU10QlIxZng5RlVmazQxTS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwOTgvSEFOWlNRRlhELXdk
dk5tb2lmZUlYWURsR2N3LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIw
BwMFACQHm0AwDQYJKoZIhvcNAQELBQADggEBALrafzEq+oCSuMfr7C9eWgZpMm2O
b4VGcWozhyBfDHjekjxStKNdjPQrBWwvlAD9tRskDoiypr5+6xRBgdY3qpo5S5MF
1HPbq5jOIa6DIwTGAECeUocJ/fYAOX67whrhpHU71FbelAzxWn3W7E5Io5hauDzo
pbHlSa/Yt7dthgnBN6vSu5IG2IKkOdSjvwSpyhMlNsNuU8QO69iPqNzwAHAHav+Q
VqZVBUqAYK9No+8Lt3iITrRdqrP1bZBq7i/Qfa5NoxadbyxnUNqcZ0j0YfK9dMjL
8PX+5yOZUIY44/pnnukS9llYYLxP8dvzqH8XGBxJlGOYOxVG0bE59mA41NY=
-----END CERTIFICATE-----
Generated at Sun Jun 22 03:12:56 2025 by rpki-client