Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3098/Yo8wUdsoJI276zi78_XcD_4ZM0E.roa
File: Yo8wUdsoJI276zi78_XcD_4ZM0E.roa (raw, json)
Hash identifier: M47hKg9zK5SveZBtnfshgISb8Xyx72pbzdn794tSWW4=
Subject key identifier: 62:8F:30:51:DB:28:24:8D:BB:EB:38:BB:F3:F5:DC:0F:FE:19:33:41
Certificate issuer: /CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353
Certificate serial: 1ED2
Authority key identifier: D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/Yo8wUdsoJI276zi78_XcD_4ZM0E.roa
Signing time: Sat 31 May 2025 12:08:30 +0000
ROA not before: Sat 31 May 2025 12:08:30 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 4812
IP address blocks: 2407:9b40::/32 maxlen: 64
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7890 (0x1ed2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353
Validity
Not Before: May 31 12:08:30 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=628F3051DB28248DBBEB38BBF3F5DC0FFE193341
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:8b:cf:7b:af:ab:db:af:40:a1:83:3b:38:ed:
2d:b0:35:76:2f:06:76:5d:0a:3b:a5:ad:62:b5:a3:
e2:f5:55:db:e5:ec:de:c8:11:12:74:a8:b2:40:24:
6a:bf:38:d0:24:8c:fa:7a:ad:83:d9:99:e4:06:73:
1f:69:87:08:7b:f3:7b:9e:e2:c1:01:21:e8:66:1c:
b7:9e:3d:88:e1:cd:79:89:a2:ce:b0:e9:e9:1e:39:
9f:c6:4b:c5:00:9e:c3:01:b5:59:7e:9f:ae:b4:4d:
2a:1a:d1:20:10:7c:c7:c1:3a:76:28:b6:5e:8d:23:
0d:e2:75:d5:70:d7:60:cc:fc:de:4b:ff:81:5c:53:
04:8f:33:dd:2d:2f:dc:e1:3f:36:ac:5d:43:5f:71:
96:ea:97:da:04:c5:e8:1c:f4:65:b4:d3:98:97:4b:
a7:bc:13:d1:4d:b0:5a:67:f1:0c:39:86:dc:6f:5a:
93:d7:ad:e9:a4:ad:96:01:4b:95:0f:65:3e:29:e2:
0f:86:24:96:36:a7:73:a9:21:3b:b9:bb:81:93:39:
c9:3f:cf:ec:43:bd:46:ee:31:29:a6:8d:e5:a9:d6:
a2:89:fb:da:34:78:ae:6a:03:90:cc:67:6f:16:18:
7f:24:d0:2a:78:44:bf:f8:2f:22:23:3e:8c:f8:1a:
19:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:8F:30:51:DB:28:24:8D:BB:EB:38:BB:F3:F5:DC:0F:FE:19:33:41
X509v3 Authority Key Identifier:
keyid:D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/0qtsm24WUzTAMtBR1fx9FUfk41M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/Yo8wUdsoJI276zi78_XcD_4ZM0E.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2407:9b40::/32
Signature Algorithm: sha256WithRSAEncryption
ba:82:31:bf:b7:94:2e:75:23:c2:76:49:76:7c:36:f6:ec:77:
49:9b:f3:79:f8:8a:8b:47:35:28:6b:f2:79:5d:20:3c:82:05:
ab:b8:38:92:f9:c6:d2:d4:88:01:ec:e1:ef:3c:33:3d:b0:06:
a9:44:0d:f3:67:d0:46:7d:ce:c2:46:d2:78:96:4b:d1:c1:76:
af:9e:3a:3b:e3:60:1c:73:47:77:c1:b6:3a:18:81:2a:61:9a:
39:11:65:58:97:4e:9b:bc:46:d8:dd:e9:fa:8c:01:ea:f4:44:
b2:2e:f1:53:7a:0c:cc:5a:3f:d0:56:24:78:71:c7:a8:17:9e:
c6:0b:6d:0c:4a:1a:88:e1:21:02:79:81:8c:5e:b4:58:b5:25:
b5:da:b5:5e:eb:bb:16:f8:08:2b:ce:b8:65:3b:b1:f2:da:40:
45:ca:d9:da:03:64:17:be:21:0d:bb:16:cd:49:de:16:02:18:
78:1f:76:09:a6:9a:64:b9:cc:7a:3f:ab:74:ea:66:08:3a:49:
81:c9:3d:cb:6d:a3:0b:5d:d6:85:bf:f1:cf:40:4d:f7:77:87:
3f:3e:27:7c:d9:cf:6b:dd:b2:b1:43:21:cb:e4:75:01:d2:47:
6e:a8:44:6e:74:c1:65:c0:a6:56:23:57:8e:07:72:b4:7e:5f:
59:0b:3f:6e
-----BEGIN CERTIFICATE-----
MIIE2DCCA8CgAwIBAgICHtIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRDJB
QjZDOUI2RTE2NTMzNEMwMzJEMDUxRDVGQzdEMTU0N0U0RTM1MzAeFw0yNTA1MzEx
MjA4MzBaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDYyOEYzMDUxREIyODI0
OERCQkVCMzhCQkYzRjVEQzBGRkUxOTMzNDEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCli897r6vbr0Chgzs47S2wNXYvBnZdCjulrWK1o+L1Vdvl7N7I
ERJ0qLJAJGq/ONAkjPp6rYPZmeQGcx9phwh783ue4sEBIehmHLeePYjhzXmJos6w
6ekeOZ/GS8UAnsMBtVl+n660TSoa0SAQfMfBOnYotl6NIw3iddVw12DM/N5L/4Fc
UwSPM90tL9zhPzasXUNfcZbql9oExegc9GW005iXS6e8E9FNsFpn8Qw5htxvWpPX
remkrZYBS5UPZT4p4g+GJJY2p3OpITu5u4GTOck/z+xDvUbuMSmmjeWp1qKJ+9o0
eK5qA5DMZ28WGH8k0Cp4RL/4LyIjPoz4Ghm3AgMBAAGjggH0MIIB8DAdBgNVHQ4E
FgQUYo8wUdsoJI276zi78/XcD/4ZM0EwHwYDVR0jBBgwFoAU0qtsm24WUzTAMtBR
1fx9FUfk41MwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA5
OC8wcXRzbTI0V1V6VEFNdEJSMWZ4OUZVZms0MU0uY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwLzBxdHNtMjRXVXpUQU10QlIxZng5RlVmazQxTS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwOTgvWW84d1Vkc29KSTI3
NnppNzhfWGNEXzRaTTBFLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIw
BwMFACQHm0AwDQYJKoZIhvcNAQELBQADggEBALqCMb+3lC51I8J2SXZ8Nvbsd0mb
83n4iotHNShr8nldIDyCBau4OJL5xtLUiAHs4e88Mz2wBqlEDfNn0EZ9zsJG0niW
S9HBdq+eOjvjYBxzR3fBtjoYgSphmjkRZViXTpu8Rtjd6fqMAer0RLIu8VN6DMxa
P9BWJHhxx6gXnsYLbQxKGojhIQJ5gYxetFi1JbXatV7ruxb4CCvOuGU7sfLaQEXK
2doDZBe+IQ27Fs1J3hYCGHgfdgmmmmS5zHo/q3TqZgg6SYHJPcttowtd1oW/8c9A
Tfd3hz8+J3zZz2vdsrFDIcvkdQHSR26oRG50wWXAplYjV44HcrR+X1kLP24=
-----END CERTIFICATE-----
Generated at Sun Jun 22 05:35:13 2025 by rpki-client