Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3098/UaVQHcrUDLYhfd08HX__Xtlp71U.roa
File: UaVQHcrUDLYhfd08HX__Xtlp71U.roa (raw, json)
Hash identifier: cvvhKpWffLF+18WU5etrEp/4fgmqBTAebi1XZpa+4xE=
Subject key identifier: 51:A5:50:1D:CA:D4:0C:B6:21:7D:DD:3C:1D:7F:FF:5E:D9:69:EF:55
Certificate issuer: /CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353
Certificate serial: 1EC2
Authority key identifier: D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/UaVQHcrUDLYhfd08HX__Xtlp71U.roa
Signing time: Sat 31 May 2025 09:38:28 +0000
ROA not before: Sat 31 May 2025 09:38:28 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 146845
IP address blocks: 2407:9b40::/32 maxlen: 64
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7874 (0x1ec2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353
Validity
Not Before: May 31 09:38:28 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=51A5501DCAD40CB6217DDD3C1D7FFF5ED969EF55
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:61:65:d1:8d:cc:c0:59:c3:ea:e0:ca:04:26:
6c:8a:ac:c1:1a:89:2b:81:d5:aa:2f:d4:aa:1f:b8:
2a:95:a8:6a:cc:f8:4f:28:da:03:80:79:de:e4:df:
54:f9:71:c8:32:d6:00:53:d8:cf:bf:8a:df:b1:0d:
d3:a1:eb:71:6b:6d:d3:ca:96:7d:e6:a8:6e:7f:08:
63:4f:3d:ac:9c:23:d0:76:96:c7:5a:19:b4:a8:a3:
5b:ae:97:19:5c:87:21:81:30:93:2f:f7:76:eb:4f:
db:6e:be:03:2c:c5:7f:ac:fb:a8:07:5c:81:8e:ac:
85:0c:44:86:a0:bb:8c:3b:d7:5f:1a:4f:86:f8:82:
a8:76:56:97:65:2c:41:b6:c4:09:51:a1:da:a6:26:
8e:43:54:75:14:81:cd:a4:dd:99:69:ac:e7:c5:97:
8e:9d:f7:0d:0f:62:79:d1:57:6c:68:f0:0e:4e:51:
13:52:9e:05:0e:74:06:95:49:ec:b8:6d:c9:84:3c:
86:7f:10:26:bd:88:08:d7:3a:d9:5a:a7:98:63:9f:
1f:96:a5:2d:31:26:5a:de:c2:75:4f:53:ac:3b:65:
7a:c7:e4:9a:2f:2b:c6:93:00:3a:3a:69:86:2d:0c:
98:e8:f1:24:15:d9:ce:c4:ea:96:47:69:cd:a0:ba:
7d:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:A5:50:1D:CA:D4:0C:B6:21:7D:DD:3C:1D:7F:FF:5E:D9:69:EF:55
X509v3 Authority Key Identifier:
keyid:D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/0qtsm24WUzTAMtBR1fx9FUfk41M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/UaVQHcrUDLYhfd08HX__Xtlp71U.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2407:9b40::/32
Signature Algorithm: sha256WithRSAEncryption
38:de:89:b0:34:35:aa:ac:a0:d3:c2:fe:ad:a9:f6:cb:07:57:
44:4d:b5:6d:dc:0d:50:82:86:1b:5a:66:f7:f7:15:95:2f:81:
07:ba:fb:11:2d:20:4f:be:97:b0:42:7b:bc:29:64:e5:f6:30:
90:44:e7:ff:69:ce:67:b0:ef:de:77:86:94:bf:15:58:38:69:
4a:fa:0c:4a:e4:df:0f:88:e6:0b:be:02:80:e2:1b:d1:3b:43:
02:a6:61:e7:39:0b:37:9c:a4:fb:28:50:32:7e:bc:74:64:81:
d9:06:f0:b7:0d:0f:d8:e8:ee:b6:e8:06:45:c0:9c:d6:6a:de:
49:85:e6:9a:5e:99:2f:9e:bd:2a:c9:b7:59:a8:50:b3:48:36:
3f:cd:7c:8c:95:ac:96:12:4e:2b:b6:86:57:40:08:dc:b3:4f:
ea:8f:d6:c4:13:e1:42:f6:be:bc:0d:1e:a0:ce:c1:39:38:27:
31:ac:35:8c:d2:6f:bd:65:f9:e7:a1:94:17:95:b7:9a:ec:54:
1b:9a:6c:d6:8d:00:82:53:af:af:97:71:2e:21:86:dd:bf:8d:
90:9c:a8:20:6c:8c:2c:f2:aa:51:86:d0:f0:82:fd:6e:a0:48:
b4:74:57:2c:27:63:96:fb:a7:cf:29:fe:54:c2:d6:4c:a4:33:
a7:e6:81:46
-----BEGIN CERTIFICATE-----
MIIE2DCCA8CgAwIBAgICHsIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRDJB
QjZDOUI2RTE2NTMzNEMwMzJEMDUxRDVGQzdEMTU0N0U0RTM1MzAeFw0yNTA1MzEw
OTM4MjhaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDUxQTU1MDFEQ0FENDBD
QjYyMTdEREQzQzFEN0ZGRjVFRDk2OUVGNTUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDFYWXRjczAWcPq4MoEJmyKrMEaiSuB1aov1KofuCqVqGrM+E8o
2gOAed7k31T5ccgy1gBT2M+/it+xDdOh63FrbdPKln3mqG5/CGNPPaycI9B2lsda
GbSoo1uulxlchyGBMJMv93brT9tuvgMsxX+s+6gHXIGOrIUMRIagu4w7118aT4b4
gqh2VpdlLEG2xAlRodqmJo5DVHUUgc2k3ZlprOfFl46d9w0PYnnRV2xo8A5OURNS
ngUOdAaVSey4bcmEPIZ/ECa9iAjXOtlap5hjnx+WpS0xJlrewnVPU6w7ZXrH5Jov
K8aTADo6aYYtDJjo8SQV2c7E6pZHac2gun13AgMBAAGjggH0MIIB8DAdBgNVHQ4E
FgQUUaVQHcrUDLYhfd08HX//Xtlp71UwHwYDVR0jBBgwFoAU0qtsm24WUzTAMtBR
1fx9FUfk41MwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA5
OC8wcXRzbTI0V1V6VEFNdEJSMWZ4OUZVZms0MU0uY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwLzBxdHNtMjRXVXpUQU10QlIxZng5RlVmazQxTS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwOTgvVWFWUUhjclVETFlo
ZmQwOEhYX19YdGxwNzFVLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIw
BwMFACQHm0AwDQYJKoZIhvcNAQELBQADggEBADjeibA0NaqsoNPC/q2p9ssHV0RN
tW3cDVCChhtaZvf3FZUvgQe6+xEtIE++l7BCe7wpZOX2MJBE5/9pzmew7953hpS/
FVg4aUr6DErk3w+I5gu+AoDiG9E7QwKmYec5CzecpPsoUDJ+vHRkgdkG8LcND9jo
7rboBkXAnNZq3kmF5ppemS+evSrJt1moULNINj/NfIyVrJYSTiu2hldACNyzT+qP
1sQT4UL2vrwNHqDOwTk4JzGsNYzSb71l+eehlBeVt5rsVBuabNaNAIJTr6+XcS4h
ht2/jZCcqCBsjCzyqlGG0PCC/W6gSLR0VywnY5b7p88p/lTC1kykM6fmgUY=
-----END CERTIFICATE-----
Generated at Sun Jun 22 03:35:57 2025 by rpki-client