Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3098/V_zLsAc6Dd5Zy48pdKA4b4QhaI8.roa
File: V_zLsAc6Dd5Zy48pdKA4b4QhaI8.roa (raw, json)
Hash identifier: 2L6Zdk5TX3QaJHbLdNwFuqBM9Wud0aei1+i1Yd/6dZI=
Subject key identifier: 57:FC:CB:B0:07:3A:0D:DE:59:CB:8F:29:74:A0:38:6F:84:21:68:8F
Certificate issuer: /CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353
Certificate serial: 2589
Authority key identifier: D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/V_zLsAc6Dd5Zy48pdKA4b4QhaI8.roa
Signing time: Thu 12 Jun 2025 10:39:16 +0000
ROA not before: Thu 12 Jun 2025 10:39:16 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 4812
IP address blocks: 2407:9b40::/32 maxlen: 64
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 9609 (0x2589)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353
Validity
Not Before: Jun 12 10:39:16 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=57FCCBB0073A0DDE59CB8F2974A0386F8421688F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:f9:40:1d:4c:83:91:5a:7e:11:86:95:7c:5b:
2e:8b:3c:58:e1:88:78:71:f3:83:da:16:8d:85:8a:
6d:62:b0:a9:94:c7:a2:57:3d:c1:b3:46:b6:7c:f1:
52:fb:3a:9c:c6:a3:44:d6:8b:4a:d5:2b:45:1d:ac:
d7:25:38:85:6f:70:40:11:0a:9d:88:95:8f:48:b8:
10:60:52:b6:86:ec:04:c4:72:90:39:f9:e4:d3:5a:
b0:fd:e8:72:04:65:c2:90:32:67:7b:87:d1:0b:57:
52:34:d2:17:02:27:7f:31:90:a8:45:ce:f7:ef:50:
e6:05:25:c8:f9:a3:88:dc:1c:f3:86:30:45:a0:9e:
64:20:8c:6f:27:bf:32:2c:43:9c:16:37:ee:20:bf:
62:07:7b:de:f6:39:5e:8b:5d:22:ca:bb:a1:6c:81:
31:cd:78:f7:7e:23:d3:98:cc:10:00:6b:c6:ee:7f:
06:7f:9d:b7:94:d4:f2:12:c6:2e:c8:d7:c9:56:25:
8c:61:3b:92:f0:60:05:98:8b:88:fd:c4:02:95:54:
52:ba:49:b7:a3:70:7b:b8:38:05:45:e5:ab:fd:6f:
17:87:65:e4:92:5c:82:6b:21:e1:78:8f:b5:27:ce:
a5:10:9f:f2:7a:6f:9b:6e:c0:e0:48:ea:ee:65:9c:
32:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:FC:CB:B0:07:3A:0D:DE:59:CB:8F:29:74:A0:38:6F:84:21:68:8F
X509v3 Authority Key Identifier:
keyid:D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/0qtsm24WUzTAMtBR1fx9FUfk41M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/V_zLsAc6Dd5Zy48pdKA4b4QhaI8.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2407:9b40::/32
Signature Algorithm: sha256WithRSAEncryption
57:9b:14:ce:8d:01:dd:0e:74:2c:a4:78:b5:d3:93:0f:4c:d0:
60:e1:16:a4:91:eb:3f:ec:55:28:96:fe:f6:e9:81:4b:55:c1:
7a:c8:ce:a5:4d:a4:1e:4a:16:e8:38:24:9f:61:9d:74:6b:4a:
cb:d5:e2:5b:e4:be:b6:e0:9d:97:66:0f:2c:f4:24:29:6f:5a:
bb:cd:75:c3:ce:61:11:31:64:46:ae:a9:97:7e:70:46:09:ba:
2a:37:a0:80:be:24:d8:85:5c:3c:10:06:9d:4f:37:00:d0:3c:
b7:83:49:34:46:45:68:a1:6c:f5:92:19:0a:2e:9e:91:41:c9:
27:d4:89:b6:da:c0:83:b7:64:e8:8b:20:ef:42:c4:c7:47:b7:
f3:83:27:eb:ed:47:42:27:d5:06:87:98:36:5e:33:30:46:43:
2e:df:14:c3:f4:67:79:dd:9c:2c:f1:c7:0c:45:f5:cd:51:4f:
8d:09:f4:e5:77:88:36:78:94:ae:bc:43:6f:f5:94:ff:4e:c1:
d2:4b:10:59:c1:fe:8f:23:a7:84:80:28:5e:0f:13:5b:02:ce:
58:9b:13:a9:27:01:fa:13:73:e3:50:60:ae:d7:f6:87:aa:e6:
95:e1:71:12:a0:2f:24:6f:43:60:08:a3:cd:e1:27:89:21:82:
e9:27:7f:6f
-----BEGIN CERTIFICATE-----
MIIE2DCCA8CgAwIBAgICJYkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRDJB
QjZDOUI2RTE2NTMzNEMwMzJEMDUxRDVGQzdEMTU0N0U0RTM1MzAeFw0yNTA2MTIx
MDM5MTZaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDU3RkNDQkIwMDczQTBE
REU1OUNCOEYyOTc0QTAzODZGODQyMTY4OEYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCr+UAdTIORWn4RhpV8Wy6LPFjhiHhx84PaFo2Fim1isKmUx6JX
PcGzRrZ88VL7OpzGo0TWi0rVK0UdrNclOIVvcEARCp2IlY9IuBBgUraG7ATEcpA5
+eTTWrD96HIEZcKQMmd7h9ELV1I00hcCJ38xkKhFzvfvUOYFJcj5o4jcHPOGMEWg
nmQgjG8nvzIsQ5wWN+4gv2IHe972OV6LXSLKu6FsgTHNePd+I9OYzBAAa8bufwZ/
nbeU1PISxi7I18lWJYxhO5LwYAWYi4j9xAKVVFK6SbejcHu4OAVF5av9bxeHZeSS
XIJrIeF4j7UnzqUQn/J6b5tuwOBI6u5lnDL1AgMBAAGjggH0MIIB8DAdBgNVHQ4E
FgQUV/zLsAc6Dd5Zy48pdKA4b4QhaI8wHwYDVR0jBBgwFoAU0qtsm24WUzTAMtBR
1fx9FUfk41MwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA5
OC8wcXRzbTI0V1V6VEFNdEJSMWZ4OUZVZms0MU0uY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwLzBxdHNtMjRXVXpUQU10QlIxZng5RlVmazQxTS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwOTgvVl96THNBYzZEZDVa
eTQ4cGRLQTRiNFFoYUk4LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIw
BwMFACQHm0AwDQYJKoZIhvcNAQELBQADggEBAFebFM6NAd0OdCykeLXTkw9M0GDh
FqSR6z/sVSiW/vbpgUtVwXrIzqVNpB5KFug4JJ9hnXRrSsvV4lvkvrbgnZdmDyz0
JClvWrvNdcPOYRExZEauqZd+cEYJuio3oIC+JNiFXDwQBp1PNwDQPLeDSTRGRWih
bPWSGQounpFBySfUibbawIO3ZOiLIO9CxMdHt/ODJ+vtR0In1QaHmDZeMzBGQy7f
FMP0Z3ndnCzxxwxF9c1RT40J9OV3iDZ4lK68Q2/1lP9OwdJLEFnB/o8jp4SAKF4P
E1sCzlibE6knAfoTc+NQYK7X9oeq5pXhcRKgLyRvQ2AIo83hJ4khguknf28=
-----END CERTIFICATE-----
Generated at Fri Jun 20 11:33:43 2025 by rpki-client