Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3098/W56W6-dxCxBirNrCE-7JCc8-c7k.roa
File: W56W6-dxCxBirNrCE-7JCc8-c7k.roa (raw, json)
Hash identifier: g7cUhokdvr9mlD9J/x3tt4DzSLNRvwQ3awz6Bwzm2uQ=
Subject key identifier: 5B:9E:96:EB:E7:71:0B:10:62:AC:DA:C2:13:EE:C9:09:CF:3E:73:B9
Certificate issuer: /CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353
Certificate serial: 1F71
Authority key identifier: D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/W56W6-dxCxBirNrCE-7JCc8-c7k.roa
Signing time: Sun 01 Jun 2025 14:38:33 +0000
ROA not before: Sun 01 Jun 2025 14:38:33 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 4812
IP address blocks: 2407:9b40::/32 maxlen: 64
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8049 (0x1f71)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353
Validity
Not Before: Jun 1 14:38:33 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=5B9E96EBE7710B1062ACDAC213EEC909CF3E73B9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:f0:71:a6:18:4a:86:c0:3c:8e:94:fc:80:b1:
8b:94:ac:5f:ed:46:5f:a9:5f:cc:d0:96:b5:53:da:
a0:58:75:24:80:c1:bf:c6:31:a4:a1:c7:9a:58:76:
be:cb:5f:ce:13:17:b7:48:86:70:3c:57:51:ad:d4:
cf:7b:a5:ff:10:aa:bc:3c:df:74:5a:36:3a:aa:16:
33:4a:2c:97:c9:31:ca:e6:bc:45:cc:a2:ba:de:4d:
28:60:53:bf:2c:66:53:61:f3:cf:7e:c1:47:da:6a:
75:80:de:09:6a:cc:7b:12:74:67:3f:a1:3e:2e:70:
3e:63:be:32:ad:31:b8:f0:5a:d5:8a:ba:6a:82:17:
61:8c:85:37:8b:d7:79:b5:b1:09:ec:59:59:a4:6d:
fd:d2:d5:a0:d5:b0:57:e4:7b:fc:b6:56:14:2f:31:
23:c4:58:2a:58:33:6a:2e:82:9f:a8:7f:cd:27:97:
7d:77:4d:3b:09:79:09:ce:bc:75:69:0e:4c:d6:30:
55:64:8e:d9:56:5e:7a:61:df:58:69:da:6e:3d:0b:
5f:19:13:d0:0f:f9:83:f7:8e:4e:d9:0f:01:1e:2d:
92:a6:b9:3f:7f:5c:9f:eb:25:29:ff:08:39:39:a4:
ee:7c:81:1c:7d:a2:51:a0:38:2b:5c:a6:28:b0:43:
f2:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:9E:96:EB:E7:71:0B:10:62:AC:DA:C2:13:EE:C9:09:CF:3E:73:B9
X509v3 Authority Key Identifier:
keyid:D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/0qtsm24WUzTAMtBR1fx9FUfk41M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/W56W6-dxCxBirNrCE-7JCc8-c7k.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2407:9b40::/32
Signature Algorithm: sha256WithRSAEncryption
91:63:c2:2e:7b:9f:9a:4b:f8:05:13:ff:df:59:ab:75:e6:46:
c4:a5:70:e2:bc:4b:e7:14:26:b9:87:a9:5c:73:68:28:4b:65:
5b:0a:df:1a:2c:50:8b:c8:3d:48:4e:8c:3a:d0:08:2c:4c:e3:
f4:ad:24:5a:9c:bb:e5:ca:62:09:c8:e6:f7:22:28:ee:f1:c2:
6a:a8:7f:ff:b3:4b:a4:fc:24:ce:0a:6b:3d:8a:81:38:49:fa:
b4:4f:9d:8d:fa:c9:05:4b:79:32:9f:e1:8d:25:1c:5e:25:c6:
f7:09:b1:f4:43:c4:e8:c0:19:0e:83:94:ae:c9:aa:39:a1:fa:
5c:44:9c:24:4d:71:e7:e0:70:bc:0d:33:00:70:65:eb:30:db:
cb:70:88:f1:07:35:85:4a:3c:f7:a0:0b:aa:bd:58:a0:f9:89:
70:6c:f9:0c:00:b4:dd:07:70:d9:47:5e:5b:39:5e:a7:37:9d:
9a:2a:5a:49:74:b3:11:9b:42:4e:86:c4:6f:6d:fc:ed:8a:a6:
ad:94:bf:2a:d2:fc:e6:20:78:d6:1e:7f:42:23:64:0a:50:74:
1b:11:b9:0d:f0:59:a3:aa:9d:16:7d:ab:0b:a2:b5:77:cc:30:
35:fc:45:ed:22:36:d1:d8:39:69:18:30:87:26:8d:59:8e:64:
a1:df:3a:72
-----BEGIN CERTIFICATE-----
MIIE2DCCA8CgAwIBAgICH3EwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRDJB
QjZDOUI2RTE2NTMzNEMwMzJEMDUxRDVGQzdEMTU0N0U0RTM1MzAeFw0yNTA2MDEx
NDM4MzNaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDVCOUU5NkVCRTc3MTBC
MTA2MkFDREFDMjEzRUVDOTA5Q0YzRTczQjkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC88HGmGEqGwDyOlPyAsYuUrF/tRl+pX8zQlrVT2qBYdSSAwb/G
MaShx5pYdr7LX84TF7dIhnA8V1Gt1M97pf8Qqrw833RaNjqqFjNKLJfJMcrmvEXM
orreTShgU78sZlNh889+wUfaanWA3glqzHsSdGc/oT4ucD5jvjKtMbjwWtWKumqC
F2GMhTeL13m1sQnsWVmkbf3S1aDVsFfke/y2VhQvMSPEWCpYM2ougp+of80nl313
TTsJeQnOvHVpDkzWMFVkjtlWXnph31hp2m49C18ZE9AP+YP3jk7ZDwEeLZKmuT9/
XJ/rJSn/CDk5pO58gRx9olGgOCtcpiiwQ/J1AgMBAAGjggH0MIIB8DAdBgNVHQ4E
FgQUW56W6+dxCxBirNrCE+7JCc8+c7kwHwYDVR0jBBgwFoAU0qtsm24WUzTAMtBR
1fx9FUfk41MwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA5
OC8wcXRzbTI0V1V6VEFNdEJSMWZ4OUZVZms0MU0uY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwLzBxdHNtMjRXVXpUQU10QlIxZng5RlVmazQxTS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwOTgvVzU2VzYtZHhDeEJp
ck5yQ0UtN0pDYzgtYzdrLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIw
BwMFACQHm0AwDQYJKoZIhvcNAQELBQADggEBAJFjwi57n5pL+AUT/99Zq3XmRsSl
cOK8S+cUJrmHqVxzaChLZVsK3xosUIvIPUhOjDrQCCxM4/StJFqcu+XKYgnI5vci
KO7xwmqof/+zS6T8JM4Kaz2KgThJ+rRPnY36yQVLeTKf4Y0lHF4lxvcJsfRDxOjA
GQ6DlK7Jqjmh+lxEnCRNcefgcLwNMwBwZesw28twiPEHNYVKPPegC6q9WKD5iXBs
+QwAtN0HcNlHXls5Xqc3nZoqWkl0sxGbQk6GxG9t/O2Kpq2UvyrS/OYgeNYef0Ij
ZApQdBsRuQ3wWaOqnRZ9qwuitXfMMDX8Re0iNtHYOWkYMIcmjVmOZKHfOnI=
-----END CERTIFICATE-----
Generated at Sat Jun 21 08:34:38 2025 by rpki-client