Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3098/bLyPNakw_Y3H-S-p1vXGW6q88AU.roa
File: bLyPNakw_Y3H-S-p1vXGW6q88AU.roa (raw, json)
Hash identifier: D0dK0h8vToSjxhmuVxiMkSafN6gRjDI2rsI5fT/DFOk=
Subject key identifier: 6C:BC:8F:35:A9:30:FD:8D:C7:F9:2F:A9:D6:F5:C6:5B:AA:BC:F0:05
Certificate issuer: /CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353
Certificate serial: 253B
Authority key identifier: D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/bLyPNakw_Y3H-S-p1vXGW6q88AU.roa
Signing time: Wed 11 Jun 2025 21:39:16 +0000
ROA not before: Wed 11 Jun 2025 21:39:16 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 4812
IP address blocks: 2407:9b40::/32 maxlen: 64
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 9531 (0x253b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353
Validity
Not Before: Jun 11 21:39:16 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=6CBC8F35A930FD8DC7F92FA9D6F5C65BAABCF005
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:d5:ad:bb:f9:1f:77:6f:47:90:2a:c7:f2:e0:
1c:c1:e4:82:a3:61:b9:a5:e2:ad:28:17:56:d4:ba:
bf:52:4e:8c:26:3a:4f:89:9c:33:44:cd:d2:62:c4:
f6:20:aa:63:0a:3b:05:df:1d:39:ee:4f:ba:58:7d:
fe:61:48:4a:a7:49:6d:44:b0:d7:eb:3d:c3:fd:8e:
8f:5e:22:5a:56:14:5a:06:61:ec:ac:a9:aa:9f:85:
84:30:ea:96:a5:aa:07:a8:51:b0:ea:8f:d7:cc:72:
04:80:c0:8b:ae:5f:e4:8e:46:b9:ad:22:6c:a2:19:
97:d6:6b:fe:75:93:0d:c6:bb:15:13:61:03:d3:79:
7c:dc:4e:33:03:e4:85:c2:2f:ce:85:5b:49:b1:2a:
07:a8:48:93:b3:e1:d4:bd:05:b0:81:19:c3:44:ad:
f0:0a:20:61:3e:19:2a:b4:26:bb:42:d1:a8:c7:b8:
dc:61:2f:78:5c:86:b8:37:52:d0:9a:e2:a6:a7:1f:
b3:e2:1e:62:0b:3d:ce:dc:47:8e:b9:ad:6e:e5:42:
9f:2f:0d:ca:c1:2c:87:c9:29:af:b6:c1:d9:14:3d:
81:c8:6a:e9:dc:c9:07:ee:1b:a9:c6:d1:c5:d1:21:
f2:6e:b4:bc:d0:31:f2:66:03:12:8e:5f:0e:c1:3f:
1a:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:BC:8F:35:A9:30:FD:8D:C7:F9:2F:A9:D6:F5:C6:5B:AA:BC:F0:05
X509v3 Authority Key Identifier:
keyid:D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/0qtsm24WUzTAMtBR1fx9FUfk41M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/bLyPNakw_Y3H-S-p1vXGW6q88AU.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2407:9b40::/32
Signature Algorithm: sha256WithRSAEncryption
12:79:90:2c:b5:f0:cc:6d:4b:55:8d:b8:c5:e0:d9:63:60:9f:
44:dd:6d:74:89:35:23:c1:74:b0:2c:2b:e9:0b:7c:65:01:7b:
0c:c0:64:06:f2:a5:8a:73:ec:ae:b8:a3:57:b8:7f:38:7d:43:
66:ef:96:c6:5f:48:50:68:82:3e:69:2b:19:11:41:48:72:5d:
52:45:50:53:91:1e:9e:2c:4c:26:d5:aa:52:2c:50:bc:65:e1:
2e:c4:95:45:cd:3d:db:c1:ff:4e:94:84:4d:07:44:43:0e:ac:
c4:ac:13:12:81:11:68:7d:c0:16:1c:22:5a:9b:0e:19:7a:58:
c1:8a:8c:7d:bf:55:93:f9:90:df:73:fe:b9:fc:f7:48:ce:0d:
f7:8b:15:61:d2:4a:a7:a9:fe:9f:c2:96:39:99:f1:7d:08:dd:
8f:d8:6f:d7:41:c0:89:b3:f8:5c:33:bd:d5:d2:e2:50:da:12:
5b:e7:cc:fb:6a:a8:aa:45:dc:a5:57:e6:12:2c:e6:db:6f:74:
ab:53:ff:a7:26:a3:d1:b0:ee:76:88:83:d6:4b:31:cb:a6:e2:
1b:46:68:b4:55:51:41:0f:de:9d:e1:4c:21:00:a7:c5:39:cd:
83:08:6a:35:31:91:06:3d:82:e5:2d:03:d5:34:c2:31:d0:2e:
11:93:82:7d
-----BEGIN CERTIFICATE-----
MIIE2DCCA8CgAwIBAgICJTswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRDJB
QjZDOUI2RTE2NTMzNEMwMzJEMDUxRDVGQzdEMTU0N0U0RTM1MzAeFw0yNTA2MTEy
MTM5MTZaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDZDQkM4RjM1QTkzMEZE
OERDN0Y5MkZBOUQ2RjVDNjVCQUFCQ0YwMDUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC/1a27+R93b0eQKsfy4BzB5IKjYbml4q0oF1bUur9STowmOk+J
nDNEzdJixPYgqmMKOwXfHTnuT7pYff5hSEqnSW1EsNfrPcP9jo9eIlpWFFoGYeys
qaqfhYQw6palqgeoUbDqj9fMcgSAwIuuX+SORrmtImyiGZfWa/51kw3GuxUTYQPT
eXzcTjMD5IXCL86FW0mxKgeoSJOz4dS9BbCBGcNErfAKIGE+GSq0JrtC0ajHuNxh
L3hchrg3UtCa4qanH7PiHmILPc7cR465rW7lQp8vDcrBLIfJKa+2wdkUPYHIaunc
yQfuG6nG0cXRIfJutLzQMfJmAxKOXw7BPxrDAgMBAAGjggH0MIIB8DAdBgNVHQ4E
FgQUbLyPNakw/Y3H+S+p1vXGW6q88AUwHwYDVR0jBBgwFoAU0qtsm24WUzTAMtBR
1fx9FUfk41MwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA5
OC8wcXRzbTI0V1V6VEFNdEJSMWZ4OUZVZms0MU0uY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwLzBxdHNtMjRXVXpUQU10QlIxZng5RlVmazQxTS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwOTgvYkx5UE5ha3dfWTNI
LVMtcDF2WEdXNnE4OEFVLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIw
BwMFACQHm0AwDQYJKoZIhvcNAQELBQADggEBABJ5kCy18MxtS1WNuMXg2WNgn0Td
bXSJNSPBdLAsK+kLfGUBewzAZAbypYpz7K64o1e4fzh9Q2bvlsZfSFBogj5pKxkR
QUhyXVJFUFORHp4sTCbVqlIsULxl4S7ElUXNPdvB/06UhE0HREMOrMSsExKBEWh9
wBYcIlqbDhl6WMGKjH2/VZP5kN9z/rn890jODfeLFWHSSqep/p/CljmZ8X0I3Y/Y
b9dBwImz+FwzvdXS4lDaElvnzPtqqKpF3KVX5hIs5ttvdKtT/6cmo9Gw7naIg9ZL
Mcum4htGaLRVUUEP3p3hTCEAp8U5zYMIajUxkQY9guUtA9U0wjHQLhGTgn0=
-----END CERTIFICATE-----
Generated at Sun Jun 22 00:31:42 2025 by rpki-client