Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3098/SE4R4NodG02Vt1MCL2EIZaAqMOc.roa
File: SE4R4NodG02Vt1MCL2EIZaAqMOc.roa (raw, json)
Hash identifier: atDfgPIbA5uLeKM8qZI0b4e2ZMbJYKuuXYjQ3yjYC5g=
Subject key identifier: 48:4E:11:E0:DA:1D:1B:4D:95:B7:53:02:2F:61:08:65:A0:2A:30:E7
Certificate issuer: /CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353
Certificate serial: 2181
Authority key identifier: D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/SE4R4NodG02Vt1MCL2EIZaAqMOc.roa
Signing time: Thu 05 Jun 2025 06:38:46 +0000
ROA not before: Thu 05 Jun 2025 06:38:46 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 4812
IP address blocks: 2407:9b40::/32 maxlen: 64
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8577 (0x2181)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353
Validity
Not Before: Jun 5 06:38:46 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=484E11E0DA1D1B4D95B753022F610865A02A30E7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:fd:57:42:83:98:ff:94:c8:5a:72:6c:c9:f8:
a1:66:2a:97:f4:08:88:cf:68:0c:f8:88:40:18:b7:
32:38:66:a2:ec:87:1f:b5:24:92:56:46:c6:0b:f8:
ee:7c:79:72:41:82:8b:7b:7a:48:bb:9d:cf:1a:6f:
1f:bc:ea:d2:9b:e3:50:28:73:ae:51:d4:96:9a:b6:
ed:50:98:63:e0:95:69:bd:37:0e:84:7c:e3:b3:e8:
91:9b:a6:7f:1c:7c:f2:e7:f2:34:2a:b4:86:60:7d:
71:ed:b6:32:cb:fe:03:0c:07:1c:43:5b:09:49:99:
e9:48:f6:f4:0e:65:19:96:09:9e:99:5a:5c:a7:64:
3b:68:eb:b0:1c:a1:0b:7e:a9:67:f0:ca:3e:7e:ed:
e6:2e:1c:9c:28:d7:6b:b8:b7:e2:e6:24:44:5f:59:
b2:3b:97:bb:a1:5f:f9:22:da:6d:38:5e:ed:68:a7:
b4:7e:5d:b8:1a:53:68:32:3c:f0:3a:5a:95:a5:c4:
80:3e:5c:bb:3f:80:7f:ca:e2:7f:d4:b4:f2:e8:30:
d8:b8:4c:2a:38:80:5d:1c:15:16:5e:61:70:aa:e5:
68:3f:25:a3:ab:04:5e:e4:e8:80:56:88:66:4f:28:
d0:ac:ee:a3:00:49:4a:f6:b4:7e:41:bd:64:9a:6a:
e1:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:4E:11:E0:DA:1D:1B:4D:95:B7:53:02:2F:61:08:65:A0:2A:30:E7
X509v3 Authority Key Identifier:
keyid:D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/0qtsm24WUzTAMtBR1fx9FUfk41M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/SE4R4NodG02Vt1MCL2EIZaAqMOc.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2407:9b40::/32
Signature Algorithm: sha256WithRSAEncryption
30:5d:da:f1:1a:01:2e:d2:49:94:1a:fd:00:7e:c4:a4:df:c2:
ca:11:56:c4:68:2b:41:04:09:1d:64:33:1b:1f:c3:89:7a:e7:
8e:17:14:20:da:54:ee:bd:78:e7:0c:80:e8:35:ec:0f:2f:78:
d5:a6:75:7b:b7:02:68:a2:e0:e8:53:bc:11:11:f4:9e:f0:51:
52:05:62:87:e9:68:d4:b1:8a:7f:70:fe:87:0b:5e:f7:06:7b:
9e:11:33:85:0d:5c:24:6a:0c:85:da:ea:31:ae:ca:0b:ec:b1:
d8:24:3e:ac:66:5f:c5:1e:95:cd:48:38:c8:bd:40:d4:ff:c8:
17:f0:67:a3:f2:ac:11:e6:d9:3f:1e:cd:5c:c9:5e:7e:b7:63:
3a:eb:c5:ac:0b:fe:a4:79:52:e9:31:1b:3a:32:6e:2b:47:be:
bb:d5:6c:a0:c6:7c:ab:fa:00:b3:bd:b9:56:88:75:af:65:08:
48:22:75:24:bf:79:de:df:83:31:bd:f8:31:09:73:2d:cc:65:
65:e6:f3:ea:8c:6e:ae:02:ac:78:25:f8:71:66:54:0c:e3:9b:
43:e7:49:7a:43:6d:91:d7:33:e2:4c:43:64:54:ac:c6:10:bf:
f1:2f:94:f4:ab:82:83:ca:21:45:36:77:b1:4f:6b:6d:94:57:
9b:fa:b9:6f
-----BEGIN CERTIFICATE-----
MIIE2DCCA8CgAwIBAgICIYEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRDJB
QjZDOUI2RTE2NTMzNEMwMzJEMDUxRDVGQzdEMTU0N0U0RTM1MzAeFw0yNTA2MDUw
NjM4NDZaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDQ4NEUxMUUwREExRDFC
NEQ5NUI3NTMwMjJGNjEwODY1QTAyQTMwRTcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDB/VdCg5j/lMhacmzJ+KFmKpf0CIjPaAz4iEAYtzI4ZqLshx+1
JJJWRsYL+O58eXJBgot7eki7nc8abx+86tKb41Aoc65R1Jaatu1QmGPglWm9Nw6E
fOOz6JGbpn8cfPLn8jQqtIZgfXHttjLL/gMMBxxDWwlJmelI9vQOZRmWCZ6ZWlyn
ZDto67AcoQt+qWfwyj5+7eYuHJwo12u4t+LmJERfWbI7l7uhX/ki2m04Xu1op7R+
XbgaU2gyPPA6WpWlxIA+XLs/gH/K4n/UtPLoMNi4TCo4gF0cFRZeYXCq5Wg/JaOr
BF7k6IBWiGZPKNCs7qMASUr2tH5BvWSaauHRAgMBAAGjggH0MIIB8DAdBgNVHQ4E
FgQUSE4R4NodG02Vt1MCL2EIZaAqMOcwHwYDVR0jBBgwFoAU0qtsm24WUzTAMtBR
1fx9FUfk41MwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA5
OC8wcXRzbTI0V1V6VEFNdEJSMWZ4OUZVZms0MU0uY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwLzBxdHNtMjRXVXpUQU10QlIxZng5RlVmazQxTS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwOTgvU0U0UjROb2RHMDJW
dDFNQ0wyRUlaYUFxTU9jLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIw
BwMFACQHm0AwDQYJKoZIhvcNAQELBQADggEBADBd2vEaAS7SSZQa/QB+xKTfwsoR
VsRoK0EECR1kMxsfw4l6544XFCDaVO69eOcMgOg17A8veNWmdXu3Amii4OhTvBER
9J7wUVIFYofpaNSxin9w/ocLXvcGe54RM4UNXCRqDIXa6jGuygvssdgkPqxmX8Ue
lc1IOMi9QNT/yBfwZ6PyrBHm2T8ezVzJXn63YzrrxawL/qR5UukxGzoybitHvrvV
bKDGfKv6ALO9uVaIda9lCEgidSS/ed7fgzG9+DEJcy3MZWXm8+qMbq4CrHgl+HFm
VAzjm0PnSXpDbZHXM+JMQ2RUrMYQv/EvlPSrgoPKIUU2d7FPa22UV5v6uW8=
-----END CERTIFICATE-----
Generated at Sat Jun 21 04:58:38 2025 by rpki-client