Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3098/JjQAsAAl6jE3T_y6V-NCSQ63gWk.roa
File: JjQAsAAl6jE3T_y6V-NCSQ63gWk.roa (raw, json)
Hash identifier: U67wmX1VRhd77hHAiskC1eKfGxbMSUnz6jzyFHe0f0A=
Subject key identifier: 26:34:00:B0:00:25:EA:31:37:4F:FC:BA:57:E3:42:49:0E:B7:81:69
Certificate issuer: /CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353
Certificate serial: 221A
Authority key identifier: D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/JjQAsAAl6jE3T_y6V-NCSQ63gWk.roa
Signing time: Fri 06 Jun 2025 08:08:48 +0000
ROA not before: Fri 06 Jun 2025 08:08:48 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 4812
IP address blocks: 2407:9b40::/32 maxlen: 64
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8730 (0x221a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353
Validity
Not Before: Jun 6 08:08:48 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=263400B00025EA31374FFCBA57E342490EB78169
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fe:e8:92:70:ac:13:c0:96:e2:3b:fc:37:2d:92:
f8:dd:f3:66:67:f0:29:a0:3e:34:96:3b:a2:b9:3d:
57:f3:70:d6:c2:db:a7:6c:ff:40:03:b1:77:b9:5f:
15:ba:af:0d:a9:ef:34:e0:7e:46:d2:16:af:20:1b:
6c:b3:f6:2b:93:d6:43:df:9e:bf:23:59:06:33:8f:
bb:c8:7f:4c:bc:29:fe:03:6b:d6:c4:8e:56:66:72:
80:0d:e9:34:b5:9b:32:1a:e6:fe:67:0b:a6:26:e9:
67:b8:b8:92:97:4e:b4:df:aa:09:54:62:07:6d:b9:
49:32:b9:a4:3b:14:1a:23:16:aa:fd:1f:53:01:06:
82:6c:c5:a6:73:f4:72:de:d0:00:c6:12:d3:46:3e:
50:79:5d:3d:b1:b6:af:8f:bf:2a:82:ed:52:b0:64:
38:0b:19:65:30:9d:d2:76:74:81:d1:03:d7:bd:b3:
86:ea:64:3a:1d:36:ea:d7:2d:e6:b0:55:e4:7d:7b:
ed:b1:aa:af:08:0c:b7:d1:40:11:46:92:69:6f:c3:
70:c3:b6:4e:ec:8b:9e:38:42:98:b9:e1:40:23:20:
57:94:f1:b4:6c:65:f4:32:66:e9:9a:45:e1:23:33:
95:d9:0c:b7:2d:44:0b:8b:4a:84:df:52:e8:62:b4:
02:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:34:00:B0:00:25:EA:31:37:4F:FC:BA:57:E3:42:49:0E:B7:81:69
X509v3 Authority Key Identifier:
keyid:D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/0qtsm24WUzTAMtBR1fx9FUfk41M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/JjQAsAAl6jE3T_y6V-NCSQ63gWk.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2407:9b40::/32
Signature Algorithm: sha256WithRSAEncryption
ab:71:26:1e:3d:92:70:23:74:fb:52:c8:0b:ab:fe:98:9c:2a:
52:7e:73:ad:57:39:1a:f1:e3:98:4d:e9:c2:17:46:11:af:c9:
7a:21:c1:40:b8:e0:83:26:e8:63:36:aa:c0:e3:d5:c7:54:42:
6f:42:3e:1c:d6:e8:08:6d:32:29:99:5f:ab:b5:a5:ca:d5:b3:
90:6d:6a:c0:d0:3b:9c:9d:0c:f8:12:6b:56:57:6a:9a:3f:fc:
41:3d:d0:6f:be:e2:78:2b:41:62:c9:45:8a:4f:db:99:ee:02:
eb:b7:97:ec:8b:d7:4e:c3:34:1f:54:42:a2:ec:49:c3:c7:9f:
64:ff:06:41:d9:0e:f5:d0:4b:d7:12:48:44:67:85:51:61:ce:
c4:e0:56:f9:d7:65:8e:eb:e3:37:3f:e4:cb:e2:ad:a2:0c:f0:
8e:fb:a3:ad:86:e0:df:2c:e9:d6:28:ba:8f:cd:ed:4f:05:8e:
81:85:10:1b:8a:65:8d:19:aa:8e:76:f5:70:55:ee:62:5b:40:
88:14:96:55:7e:df:83:ba:32:96:03:36:ad:25:62:98:97:ca:
48:17:8b:9c:8d:7a:d7:4b:48:77:bb:5c:81:33:f5:0e:05:55:
27:98:5f:52:14:c2:8e:ec:e5:d7:c9:9d:2c:81:1d:af:cd:93:
80:62:0e:a4
-----BEGIN CERTIFICATE-----
MIIE2DCCA8CgAwIBAgICIhowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRDJB
QjZDOUI2RTE2NTMzNEMwMzJEMDUxRDVGQzdEMTU0N0U0RTM1MzAeFw0yNTA2MDYw
ODA4NDhaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDI2MzQwMEIwMDAyNUVB
MzEzNzRGRkNCQTU3RTM0MjQ5MEVCNzgxNjkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQD+6JJwrBPAluI7/Dctkvjd82Zn8CmgPjSWO6K5PVfzcNbC26ds
/0ADsXe5XxW6rw2p7zTgfkbSFq8gG2yz9iuT1kPfnr8jWQYzj7vIf0y8Kf4Da9bE
jlZmcoAN6TS1mzIa5v5nC6Ym6We4uJKXTrTfqglUYgdtuUkyuaQ7FBojFqr9H1MB
BoJsxaZz9HLe0ADGEtNGPlB5XT2xtq+PvyqC7VKwZDgLGWUwndJ2dIHRA9e9s4bq
ZDodNurXLeawVeR9e+2xqq8IDLfRQBFGkmlvw3DDtk7si544Qpi54UAjIFeU8bRs
ZfQyZumaReEjM5XZDLctRAuLSoTfUuhitAKRAgMBAAGjggH0MIIB8DAdBgNVHQ4E
FgQUJjQAsAAl6jE3T/y6V+NCSQ63gWkwHwYDVR0jBBgwFoAU0qtsm24WUzTAMtBR
1fx9FUfk41MwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA5
OC8wcXRzbTI0V1V6VEFNdEJSMWZ4OUZVZms0MU0uY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwLzBxdHNtMjRXVXpUQU10QlIxZng5RlVmazQxTS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwOTgvSmpRQXNBQWw2akUz
VF95NlYtTkNTUTYzZ1drLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIw
BwMFACQHm0AwDQYJKoZIhvcNAQELBQADggEBAKtxJh49knAjdPtSyAur/picKlJ+
c61XORrx45hN6cIXRhGvyXohwUC44IMm6GM2qsDj1cdUQm9CPhzW6AhtMimZX6u1
pcrVs5BtasDQO5ydDPgSa1ZXapo//EE90G++4ngrQWLJRYpP25nuAuu3l+yL107D
NB9UQqLsScPHn2T/BkHZDvXQS9cSSERnhVFhzsTgVvnXZY7r4zc/5MviraIM8I77
o62G4N8s6dYouo/N7U8FjoGFEBuKZY0Zqo529XBV7mJbQIgUllV+34O6MpYDNq0l
YpiXykgXi5yNetdLSHe7XIEz9Q4FVSeYX1IUwo7s5dfJnSyBHa/Nk4BiDqQ=
-----END CERTIFICATE-----
Generated at Sun Jun 22 03:55:24 2025 by rpki-client