Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3098/I6JaYFB_TsoqxdhOHmp06sizL4Y.roa
File: I6JaYFB_TsoqxdhOHmp06sizL4Y.roa (raw, json)
Hash identifier: 8ppnUk86WcxYHLdFuZVxL6WZVKqTPK7iNZ51QV3mv+M=
Subject key identifier: 23:A2:5A:60:50:7F:4E:CA:2A:C5:D8:4E:1E:6A:74:EA:C8:B3:2F:86
Certificate issuer: /CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353
Certificate serial: 1C34
Authority key identifier: D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/I6JaYFB_TsoqxdhOHmp06sizL4Y.roa
Signing time: Mon 26 May 2025 20:38:07 +0000
ROA not before: Mon 26 May 2025 20:38:07 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 146845
IP address blocks: 2407:9b40::/32 maxlen: 64
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7220 (0x1c34)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353
Validity
Not Before: May 26 20:38:07 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=23A25A60507F4ECA2AC5D84E1E6A74EAC8B32F86
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:ce:95:8a:1f:0e:da:8e:d2:75:db:bf:76:5d:
c1:b3:6f:d5:98:cc:9d:dc:b1:e9:f0:fa:fe:54:43:
a2:da:19:e0:c1:19:b0:57:ee:5f:42:c0:a4:8b:30:
a9:03:76:cc:01:07:2e:97:f8:8b:77:61:a7:f5:0c:
31:9d:36:c9:d1:ca:4f:b8:3e:00:ea:0a:f4:0d:37:
07:72:46:9d:7d:76:40:b0:7b:7a:60:50:11:39:9d:
78:9a:86:bf:ba:d5:5a:22:e2:70:25:ed:9c:8f:64:
0b:ff:86:ab:36:c0:fc:a6:e8:3a:bc:00:8d:1d:ff:
44:b1:e9:42:d5:f4:8a:fc:fe:84:de:00:a3:50:7c:
4a:04:c3:ed:37:63:62:78:4c:30:1a:f2:be:9f:9d:
87:01:82:ad:19:38:9a:5a:42:e9:30:79:94:2f:b6:
76:29:7a:11:03:f7:20:ba:b5:57:0a:73:96:ba:f7:
4d:02:bd:e3:49:bc:c8:9e:2d:43:bc:e9:25:cd:92:
79:56:04:19:07:2f:5f:e9:66:8d:96:1d:5a:aa:a3:
64:6b:a1:7d:de:e6:0e:01:75:13:1c:2f:e7:ab:27:
4d:bc:db:ef:f3:5c:2b:21:74:8d:69:8a:44:dd:73:
2e:6a:1b:30:5f:74:74:dc:35:7b:0c:46:fe:a9:b3:
f8:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:A2:5A:60:50:7F:4E:CA:2A:C5:D8:4E:1E:6A:74:EA:C8:B3:2F:86
X509v3 Authority Key Identifier:
keyid:D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/0qtsm24WUzTAMtBR1fx9FUfk41M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/I6JaYFB_TsoqxdhOHmp06sizL4Y.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2407:9b40::/32
Signature Algorithm: sha256WithRSAEncryption
4f:ca:a3:f1:de:6a:4f:21:fd:7f:8a:75:cb:e9:3f:77:86:c2:
cd:fd:07:ba:65:17:1b:7a:90:31:7c:eb:5e:ea:2e:a5:fb:d4:
e8:3f:9d:8f:15:eb:46:23:91:fd:b8:c9:51:fa:c2:4a:3f:01:
21:59:7b:28:e5:12:44:0a:d2:f7:71:01:41:cb:70:dd:79:01:
99:4b:57:84:19:42:bc:f6:0e:57:de:4a:bf:21:f9:01:61:b2:
d3:31:6d:b4:cd:87:f6:12:80:3f:92:29:5a:a5:be:c4:96:b8:
a9:fb:e5:77:c7:ce:40:4b:64:be:80:1e:5b:7b:28:0e:6e:e2:
41:ad:8a:78:74:f6:fe:42:db:b4:ad:0e:dd:c4:30:94:e2:83:
68:35:02:c6:bb:f0:7e:5e:d1:af:1d:91:65:a4:1b:b7:17:35:
fe:74:fe:9d:b7:6a:2a:0d:62:a2:20:1d:02:86:85:51:b9:31:
c9:a1:c8:d9:03:99:51:b8:fb:a1:82:19:ae:49:3a:5f:67:e8:
b4:64:9e:3c:41:7e:f4:46:b8:e0:e4:75:d9:0b:a8:6c:ab:5e:
56:f1:21:d7:9b:e5:e2:10:90:b6:c2:b5:4c:2c:94:9d:e9:d3:
05:57:b0:2a:9c:dd:1b:66:9f:b8:b0:0f:36:5e:2f:a0:11:ec:
16:97:29:b3
-----BEGIN CERTIFICATE-----
MIIE2DCCA8CgAwIBAgICHDQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRDJB
QjZDOUI2RTE2NTMzNEMwMzJEMDUxRDVGQzdEMTU0N0U0RTM1MzAeFw0yNTA1MjYy
MDM4MDdaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDIzQTI1QTYwNTA3RjRF
Q0EyQUM1RDg0RTFFNkE3NEVBQzhCMzJGODYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDCzpWKHw7ajtJ12792XcGzb9WYzJ3csenw+v5UQ6LaGeDBGbBX
7l9CwKSLMKkDdswBBy6X+It3Yaf1DDGdNsnRyk+4PgDqCvQNNwdyRp19dkCwe3pg
UBE5nXiahr+61Voi4nAl7ZyPZAv/hqs2wPym6Dq8AI0d/0Sx6ULV9Ir8/oTeAKNQ
fEoEw+03Y2J4TDAa8r6fnYcBgq0ZOJpaQukweZQvtnYpehED9yC6tVcKc5a6900C
veNJvMieLUO86SXNknlWBBkHL1/pZo2WHVqqo2RroX3e5g4BdRMcL+erJ0282+/z
XCshdI1pikTdcy5qGzBfdHTcNXsMRv6ps/iXAgMBAAGjggH0MIIB8DAdBgNVHQ4E
FgQUI6JaYFB/TsoqxdhOHmp06sizL4YwHwYDVR0jBBgwFoAU0qtsm24WUzTAMtBR
1fx9FUfk41MwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA5
OC8wcXRzbTI0V1V6VEFNdEJSMWZ4OUZVZms0MU0uY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwLzBxdHNtMjRXVXpUQU10QlIxZng5RlVmazQxTS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwOTgvSTZKYVlGQl9Uc29x
eGRoT0htcDA2c2l6TDRZLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIw
BwMFACQHm0AwDQYJKoZIhvcNAQELBQADggEBAE/Ko/Heak8h/X+KdcvpP3eGws39
B7plFxt6kDF8617qLqX71Og/nY8V60Yjkf24yVH6wko/ASFZeyjlEkQK0vdxAUHL
cN15AZlLV4QZQrz2DlfeSr8h+QFhstMxbbTNh/YSgD+SKVqlvsSWuKn75XfHzkBL
ZL6AHlt7KA5u4kGtinh09v5C27StDt3EMJTig2g1Asa78H5e0a8dkWWkG7cXNf50
/p23aioNYqIgHQKGhVG5McmhyNkDmVG4+6GCGa5JOl9n6LRknjxBfvRGuODkddkL
qGyrXlbxIdeb5eIQkLbCtUwslJ3p0wVXsCqc3Rtmn7iwDzZeL6AR7BaXKbM=
-----END CERTIFICATE-----
Generated at Sun Jun 22 01:06:16 2025 by rpki-client