Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3098/VtqM1K3OJsAIvmzL-v433lcg3H4.roa
File: VtqM1K3OJsAIvmzL-v433lcg3H4.roa (raw, json)
Hash identifier: j2n+JHByZm9QYUrVjq2T135OhN+ybT1QkNYYfyyVoUo=
Subject key identifier: 56:DA:8C:D4:AD:CE:26:C0:08:BE:6C:CB:FA:FE:37:DE:57:20:DC:7E
Certificate issuer: /CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353
Certificate serial: 2060
Authority key identifier: D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/VtqM1K3OJsAIvmzL-v433lcg3H4.roa
Signing time: Tue 03 Jun 2025 06:38:40 +0000
ROA not before: Tue 03 Jun 2025 06:38:40 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 146845
IP address blocks: 2407:9b40::/32 maxlen: 64
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8288 (0x2060)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353
Validity
Not Before: Jun 3 06:38:40 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=56DA8CD4ADCE26C008BE6CCBFAFE37DE5720DC7E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:51:48:a0:27:47:e8:c0:92:cf:b2:0b:30:84:
79:d5:d4:2c:81:a2:5f:ef:07:08:cc:7b:43:52:4a:
90:9b:22:9f:30:5e:af:62:6e:e1:64:3c:0f:94:d0:
44:5e:d2:aa:0a:40:20:17:28:8d:2f:d5:0d:1a:ed:
97:9a:6e:a4:af:d4:4c:31:79:54:6a:77:cf:0d:c8:
5a:d4:6c:2f:54:5f:e2:d2:86:66:c4:a3:a2:3d:e5:
c1:3a:4e:a0:f1:5f:40:a2:b1:e8:38:6b:d5:94:6e:
07:ce:d2:0d:a1:84:76:2f:58:4c:cd:02:b1:c7:56:
1c:16:ee:4d:dd:3e:9a:e6:a4:e0:ed:f7:95:05:2b:
11:75:46:38:ba:7f:01:8f:17:05:5a:ca:9a:12:67:
24:a8:c0:b6:ea:51:89:60:92:37:71:8b:6e:5f:04:
fb:49:b3:e2:12:af:0d:67:53:ba:fb:69:b9:e5:4b:
a2:83:3d:6f:6f:33:94:23:a2:44:7d:4c:5d:56:c1:
a4:f2:38:d0:e9:83:81:40:6e:68:62:38:93:4b:5a:
ee:45:f9:64:5f:60:f7:52:fa:f9:f5:09:52:3c:41:
ff:1e:85:0e:fd:e0:fe:7d:17:fd:00:71:bb:5a:c2:
2a:d3:b5:f1:e7:96:c2:aa:c1:25:c8:48:63:9f:3c:
f6:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:DA:8C:D4:AD:CE:26:C0:08:BE:6C:CB:FA:FE:37:DE:57:20:DC:7E
X509v3 Authority Key Identifier:
keyid:D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/0qtsm24WUzTAMtBR1fx9FUfk41M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/VtqM1K3OJsAIvmzL-v433lcg3H4.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2407:9b40::/32
Signature Algorithm: sha256WithRSAEncryption
85:9e:7f:95:6f:c0:37:59:a4:b2:01:d0:05:07:58:db:dd:6d:
98:e2:eb:25:a0:cd:1b:c4:3d:13:10:b8:58:ab:39:6c:a1:ce:
19:65:74:81:47:0b:b1:2f:18:cb:93:82:4f:77:cd:6b:77:74:
f9:94:96:8f:de:ee:eb:16:6b:c9:82:a1:70:8f:ee:c3:93:49:
9f:52:7b:b3:35:a8:dc:3b:7e:28:14:4b:da:8c:29:9b:d0:b3:
78:47:6b:cf:ec:95:d3:f7:da:c8:78:ba:61:35:69:2f:19:74:
ef:f4:64:f1:b3:4f:e4:eb:29:03:31:3b:c4:c1:cf:80:ee:95:
4a:df:62:82:a7:c7:54:54:e0:9c:f0:0b:77:83:54:ee:29:40:
b4:86:ec:cd:06:b6:c4:c4:fd:b3:aa:ba:de:dd:57:ba:2c:ee:
c2:12:cd:4a:be:54:a1:a2:60:ad:5c:08:be:9b:62:f7:1a:a5:
89:df:7e:53:7d:01:e1:2e:b4:1b:6a:a1:5a:ce:7f:b6:4c:a5:
18:2d:89:b7:aa:f0:a8:c7:dc:74:42:4e:81:8c:05:b9:1d:08:
3f:00:5e:48:ab:18:ee:08:0d:13:00:5a:a5:ea:7d:31:ee:f1:
5e:12:43:16:dc:7c:96:0e:df:7f:a1:f5:1b:9f:35:d4:87:0f:
71:80:b5:4c
-----BEGIN CERTIFICATE-----
MIIE2DCCA8CgAwIBAgICIGAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRDJB
QjZDOUI2RTE2NTMzNEMwMzJEMDUxRDVGQzdEMTU0N0U0RTM1MzAeFw0yNTA2MDMw
NjM4NDBaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDU2REE4Q0Q0QURDRTI2
QzAwOEJFNkNDQkZBRkUzN0RFNTcyMERDN0UwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCpUUigJ0fowJLPsgswhHnV1CyBol/vBwjMe0NSSpCbIp8wXq9i
buFkPA+U0ERe0qoKQCAXKI0v1Q0a7ZeabqSv1EwxeVRqd88NyFrUbC9UX+LShmbE
o6I95cE6TqDxX0Ciseg4a9WUbgfO0g2hhHYvWEzNArHHVhwW7k3dPprmpODt95UF
KxF1Rji6fwGPFwVaypoSZySowLbqUYlgkjdxi25fBPtJs+ISrw1nU7r7abnlS6KD
PW9vM5QjokR9TF1WwaTyONDpg4FAbmhiOJNLWu5F+WRfYPdS+vn1CVI8Qf8ehQ79
4P59F/0AcbtawirTtfHnlsKqwSXISGOfPPaHAgMBAAGjggH0MIIB8DAdBgNVHQ4E
FgQUVtqM1K3OJsAIvmzL+v433lcg3H4wHwYDVR0jBBgwFoAU0qtsm24WUzTAMtBR
1fx9FUfk41MwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA5
OC8wcXRzbTI0V1V6VEFNdEJSMWZ4OUZVZms0MU0uY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwLzBxdHNtMjRXVXpUQU10QlIxZng5RlVmazQxTS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwOTgvVnRxTTFLM09Kc0FJ
dm16TC12NDMzbGNnM0g0LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIw
BwMFACQHm0AwDQYJKoZIhvcNAQELBQADggEBAIWef5VvwDdZpLIB0AUHWNvdbZji
6yWgzRvEPRMQuFirOWyhzhlldIFHC7EvGMuTgk93zWt3dPmUlo/e7usWa8mCoXCP
7sOTSZ9Se7M1qNw7figUS9qMKZvQs3hHa8/sldP32sh4umE1aS8ZdO/0ZPGzT+Tr
KQMxO8TBz4DulUrfYoKnx1RU4JzwC3eDVO4pQLSG7M0GtsTE/bOqut7dV7os7sIS
zUq+VKGiYK1cCL6bYvcapYnfflN9AeEutBtqoVrOf7ZMpRgtibeq8KjH3HRCToGM
BbkdCD8AXkirGO4IDRMAWqXqfTHu8V4SQxbcfJYO33+h9RufNdSHD3GAtUw=
-----END CERTIFICATE-----
Generated at Fri Jun 20 07:17:53 2025 by rpki-client