Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3098/U9HamQIYwIMdTFIhY_kGTNcYSoc.roa
File: U9HamQIYwIMdTFIhY_kGTNcYSoc.roa (raw, json)
Hash identifier: KYwwwfpMNYPo7dB3qZXBAqcDuaraQOrSPPfEXo7r2MY=
Subject key identifier: 53:D1:DA:99:02:18:C0:83:1D:4C:52:21:63:F9:06:4C:D7:18:4A:87
Certificate issuer: /CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353
Certificate serial: 2429
Authority key identifier: D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/U9HamQIYwIMdTFIhY_kGTNcYSoc.roa
Signing time: Tue 10 Jun 2025 00:09:02 +0000
ROA not before: Tue 10 Jun 2025 00:09:02 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 146845
IP address blocks: 2407:9b40::/32 maxlen: 64
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 9257 (0x2429)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353
Validity
Not Before: Jun 10 00:09:02 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=53D1DA990218C0831D4C522163F9064CD7184A87
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:97:d5:35:aa:b8:fe:65:07:5e:50:61:9f:5f:
0a:2b:7d:7c:0f:f6:9f:86:4d:d2:4f:78:61:51:89:
81:50:76:a8:81:f8:dd:3f:4b:2a:42:9a:1b:ab:02:
21:e2:d2:82:1f:39:24:0a:e2:a8:30:a2:f7:20:51:
a7:8f:62:40:c4:f1:4c:e3:6d:47:86:dd:c9:99:9d:
df:f9:c1:0b:81:97:a9:15:c4:bb:8b:16:76:c6:75:
0d:cc:c6:85:07:3e:45:1a:28:62:d6:2a:f3:dd:aa:
35:cb:0a:d8:67:a3:17:c8:73:b0:96:20:84:18:40:
f5:0c:29:90:9b:7d:59:1f:8c:c0:79:d5:8d:16:78:
ad:f5:f3:ba:3d:08:f1:db:c1:69:54:00:8b:c9:3c:
7d:e6:53:37:23:a6:a5:f4:7e:ef:03:f8:4a:13:6a:
78:d2:df:68:f9:e0:ff:ee:0d:b1:20:64:ca:dd:15:
46:fb:96:20:60:13:b0:8d:e5:40:5e:c8:0f:ff:c3:
f9:46:77:98:14:3f:82:b4:d9:ff:3d:50:83:2f:1b:
e3:ae:26:6a:d1:4a:4f:36:66:d1:16:c3:27:39:e3:
ae:ff:cf:af:94:f9:81:4b:76:54:f2:c4:83:13:66:
10:fd:c1:d1:ce:d0:75:e7:cf:35:ce:92:56:a2:cd:
bc:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:D1:DA:99:02:18:C0:83:1D:4C:52:21:63:F9:06:4C:D7:18:4A:87
X509v3 Authority Key Identifier:
keyid:D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/0qtsm24WUzTAMtBR1fx9FUfk41M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/U9HamQIYwIMdTFIhY_kGTNcYSoc.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2407:9b40::/32
Signature Algorithm: sha256WithRSAEncryption
89:26:f7:51:26:a0:4c:69:0c:b9:45:41:4b:8a:13:31:3c:74:
df:5c:f9:aa:fa:82:17:54:b6:7c:cc:73:ee:9b:73:a4:56:9f:
12:a2:1b:cd:9d:bf:bc:4d:d4:e6:c9:0d:6a:a9:33:47:5c:4e:
3e:95:7d:cd:31:55:3c:fd:a1:cd:6a:21:7e:d0:93:36:92:24:
18:3a:ff:7e:2c:22:81:d5:27:b5:e1:79:34:1b:e6:71:12:50:
76:a7:9a:12:e3:e3:3d:31:6b:de:5c:7a:76:29:4c:11:41:c0:
63:b9:3f:27:cf:82:b8:bd:1f:ae:f8:8c:3b:5c:d9:a1:3a:ea:
f4:54:ef:71:e3:5d:8a:a5:98:2b:a4:ac:0b:b8:5d:4d:30:5d:
1c:cb:55:3e:ae:e0:40:dc:2b:cc:69:2f:ae:02:dc:85:ec:2e:
91:de:bf:38:d8:18:ab:0d:5b:c5:96:6f:cc:d6:0c:04:65:31:
98:fa:f1:25:42:2d:10:b2:34:84:73:8e:5d:97:0d:06:26:9e:
ed:9a:47:ed:d6:df:b0:78:a2:78:e2:5e:6a:38:8d:fd:35:5d:
9f:23:03:f4:b2:5e:fc:27:c5:a7:f3:f8:64:b1:2a:64:ee:b0:
f7:8d:ac:e2:d4:3c:50:92:e7:03:52:dc:a2:92:64:c2:18:e6:
fa:8c:e7:3a
-----BEGIN CERTIFICATE-----
MIIE2DCCA8CgAwIBAgICJCkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRDJB
QjZDOUI2RTE2NTMzNEMwMzJEMDUxRDVGQzdEMTU0N0U0RTM1MzAeFw0yNTA2MTAw
MDA5MDJaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDUzRDFEQTk5MDIxOEMw
ODMxRDRDNTIyMTYzRjkwNjRDRDcxODRBODcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCsl9U1qrj+ZQdeUGGfXworfXwP9p+GTdJPeGFRiYFQdqiB+N0/
SypCmhurAiHi0oIfOSQK4qgwovcgUaePYkDE8UzjbUeG3cmZnd/5wQuBl6kVxLuL
FnbGdQ3MxoUHPkUaKGLWKvPdqjXLCthnoxfIc7CWIIQYQPUMKZCbfVkfjMB51Y0W
eK3187o9CPHbwWlUAIvJPH3mUzcjpqX0fu8D+EoTanjS32j54P/uDbEgZMrdFUb7
liBgE7CN5UBeyA//w/lGd5gUP4K02f89UIMvG+OuJmrRSk82ZtEWwyc5467/z6+U
+YFLdlTyxIMTZhD9wdHO0HXnzzXOklaizbx7AgMBAAGjggH0MIIB8DAdBgNVHQ4E
FgQUU9HamQIYwIMdTFIhY/kGTNcYSocwHwYDVR0jBBgwFoAU0qtsm24WUzTAMtBR
1fx9FUfk41MwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA5
OC8wcXRzbTI0V1V6VEFNdEJSMWZ4OUZVZms0MU0uY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwLzBxdHNtMjRXVXpUQU10QlIxZng5RlVmazQxTS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwOTgvVTlIYW1RSVl3SU1k
VEZJaFlfa0dUTmNZU29jLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIw
BwMFACQHm0AwDQYJKoZIhvcNAQELBQADggEBAIkm91EmoExpDLlFQUuKEzE8dN9c
+ar6ghdUtnzMc+6bc6RWnxKiG82dv7xN1ObJDWqpM0dcTj6Vfc0xVTz9oc1qIX7Q
kzaSJBg6/34sIoHVJ7XheTQb5nESUHanmhLj4z0xa95cenYpTBFBwGO5PyfPgri9
H674jDtc2aE66vRU73HjXYqlmCukrAu4XU0wXRzLVT6u4EDcK8xpL64C3IXsLpHe
vzjYGKsNW8WWb8zWDARlMZj68SVCLRCyNIRzjl2XDQYmnu2aR+3W37B4onjiXmo4
jf01XZ8jA/SyXvwnxafz+GSxKmTusPeNrOLUPFCS5wNS3KKSZMIY5vqM5zo=
-----END CERTIFICATE-----
Generated at Sat Jun 21 02:08:05 2025 by rpki-client