Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3098/L0pjLIUnRl-fCgKCRp6hTjkcBgw.roa
File: L0pjLIUnRl-fCgKCRp6hTjkcBgw.roa (raw, json)
Hash identifier: dQ4pcv2Geppr3ETrT0xdy4oyKFLz6alloQR2TS3qV5w=
Subject key identifier: 2F:4A:63:2C:85:27:46:5F:9F:0A:02:82:46:9E:A1:4E:39:1C:06:0C
Certificate issuer: /CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353
Certificate serial: 2009
Authority key identifier: D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/L0pjLIUnRl-fCgKCRp6hTjkcBgw.roa
Signing time: Mon 02 Jun 2025 16:08:37 +0000
ROA not before: Mon 02 Jun 2025 16:08:37 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 146845
IP address blocks: 2407:9b40::/32 maxlen: 64
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8201 (0x2009)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353
Validity
Not Before: Jun 2 16:08:37 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=2F4A632C8527465F9F0A0282469EA14E391C060C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:09:60:dd:f5:08:4d:5f:34:8e:84:98:35:e7:
84:a3:ce:ed:15:05:ef:ef:77:90:e8:5c:73:bb:8e:
be:f5:5a:6f:c5:6b:8c:8a:68:58:8a:d5:d5:c4:23:
47:79:70:e0:10:6a:ca:b3:a1:2b:60:2c:8f:1d:e5:
4e:81:12:30:d9:06:ea:1f:a6:a8:16:99:df:f2:b0:
c8:01:19:48:ce:17:c7:e6:85:70:b6:07:a8:77:01:
c3:0c:9e:70:cf:3e:0e:8a:40:b8:93:6d:9d:fa:f1:
ca:e0:78:7e:b4:d3:ad:3b:f2:9d:15:c1:96:70:34:
3b:8b:d7:9a:1a:6c:a4:91:90:fd:17:ee:2c:90:ad:
65:29:1b:8a:85:88:22:f9:50:91:ca:42:1a:81:62:
f9:1f:e1:af:c5:c3:00:4e:a0:f6:46:2f:00:c1:55:
b6:c2:1d:1e:0c:be:b6:a9:b0:38:46:d0:ce:0b:ad:
6b:c6:4a:63:59:0a:e1:30:cd:e7:4c:af:36:6f:bf:
64:66:35:67:76:0e:cd:d9:67:17:bc:1e:cd:25:a6:
f6:01:96:f4:9d:94:c5:c8:ba:35:3c:9a:de:92:77:
2b:7c:62:e3:5b:ac:17:1a:1c:99:80:8b:09:79:73:
a2:6a:b7:a6:ec:74:c3:a0:48:56:ed:c8:a4:3b:13:
6b:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:4A:63:2C:85:27:46:5F:9F:0A:02:82:46:9E:A1:4E:39:1C:06:0C
X509v3 Authority Key Identifier:
keyid:D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/0qtsm24WUzTAMtBR1fx9FUfk41M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/L0pjLIUnRl-fCgKCRp6hTjkcBgw.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2407:9b40::/32
Signature Algorithm: sha256WithRSAEncryption
42:29:5c:39:0c:12:85:15:89:07:06:fa:5e:fa:1e:d5:cb:dd:
24:38:38:56:4d:6f:ba:82:34:86:12:be:ec:10:c0:bb:a0:ca:
19:94:89:7a:1e:33:26:32:de:ad:0f:b9:da:17:23:54:8b:fd:
b5:66:1f:ea:dd:de:53:f2:9d:ce:06:26:b0:1d:24:23:ed:e4:
c7:b4:ac:fc:ec:3f:7a:34:d6:82:fc:33:22:11:e6:e8:bb:e1:
76:61:4b:2c:5c:9a:ed:33:a0:49:e1:c6:0b:0c:6c:2e:02:d4:
62:1f:e8:a8:e1:db:37:13:64:c7:54:20:a4:d9:03:0e:91:db:
99:8d:f0:f4:31:fa:ab:b4:34:28:72:b8:17:f8:ee:b9:22:c4:
c3:4f:43:ba:4c:95:9c:4f:a3:02:4d:58:ef:5d:53:b2:24:3f:
0e:20:42:14:bb:b7:fc:47:7e:4e:23:d1:9f:d5:d5:ce:95:be:
c8:00:93:67:81:1b:40:4a:6c:77:76:5f:47:1b:df:4b:3b:7f:
11:d9:d3:fb:c8:48:96:7e:ec:80:7e:b4:0c:5e:e8:f4:4f:33:
cc:00:cd:25:38:b7:4b:0c:95:c7:32:7d:03:c4:28:b6:08:65:
6b:63:e6:d8:cc:5a:df:ad:79:60:ad:7b:0e:58:f6:39:ee:31:
94:6b:c3:eb
-----BEGIN CERTIFICATE-----
MIIE2DCCA8CgAwIBAgICIAkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRDJB
QjZDOUI2RTE2NTMzNEMwMzJEMDUxRDVGQzdEMTU0N0U0RTM1MzAeFw0yNTA2MDIx
NjA4MzdaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDJGNEE2MzJDODUyNzQ2
NUY5RjBBMDI4MjQ2OUVBMTRFMzkxQzA2MEMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC9CWDd9QhNXzSOhJg154Sjzu0VBe/vd5DoXHO7jr71Wm/Fa4yK
aFiK1dXEI0d5cOAQasqzoStgLI8d5U6BEjDZBuofpqgWmd/ysMgBGUjOF8fmhXC2
B6h3AcMMnnDPPg6KQLiTbZ368crgeH6006078p0VwZZwNDuL15oabKSRkP0X7iyQ
rWUpG4qFiCL5UJHKQhqBYvkf4a/FwwBOoPZGLwDBVbbCHR4MvrapsDhG0M4LrWvG
SmNZCuEwzedMrzZvv2RmNWd2Ds3ZZxe8Hs0lpvYBlvSdlMXIujU8mt6Sdyt8YuNb
rBcaHJmAiwl5c6Jqt6bsdMOgSFbtyKQ7E2tJAgMBAAGjggH0MIIB8DAdBgNVHQ4E
FgQUL0pjLIUnRl+fCgKCRp6hTjkcBgwwHwYDVR0jBBgwFoAU0qtsm24WUzTAMtBR
1fx9FUfk41MwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA5
OC8wcXRzbTI0V1V6VEFNdEJSMWZ4OUZVZms0MU0uY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwLzBxdHNtMjRXVXpUQU10QlIxZng5RlVmazQxTS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwOTgvTDBwakxJVW5SbC1m
Q2dLQ1JwNmhUamtjQmd3LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIw
BwMFACQHm0AwDQYJKoZIhvcNAQELBQADggEBAEIpXDkMEoUViQcG+l76HtXL3SQ4
OFZNb7qCNIYSvuwQwLugyhmUiXoeMyYy3q0PudoXI1SL/bVmH+rd3lPync4GJrAd
JCPt5Me0rPzsP3o01oL8MyIR5ui74XZhSyxcmu0zoEnhxgsMbC4C1GIf6Kjh2zcT
ZMdUIKTZAw6R25mN8PQx+qu0NChyuBf47rkixMNPQ7pMlZxPowJNWO9dU7IkPw4g
QhS7t/xHfk4j0Z/V1c6VvsgAk2eBG0BKbHd2X0cb30s7fxHZ0/vISJZ+7IB+tAxe
6PRPM8wAzSU4t0sMlccyfQPEKLYIZWtj5tjMWt+teWCtew5Y9jnuMZRrw+s=
-----END CERTIFICATE-----
Generated at Sat Jun 21 23:27:00 2025 by rpki-client