Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3098/g8dUN_ecgzz3LTqW_67q6tFA0E8.roa
File: g8dUN_ecgzz3LTqW_67q6tFA0E8.roa (raw, json)
Hash identifier: t1C0NzPcBwUWnuZQRXH0aW29oTP6lW5k6hQeilx1qFA=
Subject key identifier: 83:C7:54:37:F7:9C:83:3C:F7:2D:3A:96:FF:AE:EA:EA:D1:40:D0:4F
Certificate issuer: /CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353
Certificate serial: 2180
Authority key identifier: D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/g8dUN_ecgzz3LTqW_67q6tFA0E8.roa
Signing time: Thu 05 Jun 2025 06:38:46 +0000
ROA not before: Thu 05 Jun 2025 06:38:46 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 146845
IP address blocks: 2407:9b40::/32 maxlen: 64
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8576 (0x2180)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353
Validity
Not Before: Jun 5 06:38:46 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=83C75437F79C833CF72D3A96FFAEEAEAD140D04F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:29:1a:6d:46:e5:6b:dc:39:c3:ad:d5:d3:e1:
b4:d0:73:52:1a:88:f4:9b:6f:36:53:fb:84:e0:a1:
d7:c5:57:23:d5:7c:5b:2a:1b:66:11:94:33:0b:18:
fd:8b:77:e3:98:66:fc:a7:65:47:ad:f1:e3:ac:9d:
73:78:ea:5a:0c:fa:13:64:25:4c:77:40:6f:10:e0:
0f:c9:4c:9c:9a:ba:b7:b3:bc:48:51:49:05:e5:38:
bb:ec:8b:be:d9:83:03:b8:91:ba:50:ee:96:06:54:
eb:69:3b:40:e5:f2:92:08:84:1a:6f:e5:6f:6d:eb:
e8:35:1c:65:fe:e4:e7:8a:bb:a6:35:cd:38:0b:ee:
bf:43:ed:ed:e2:4d:42:28:6c:49:31:9c:d5:f6:b9:
f9:44:77:3d:87:76:5d:02:f4:12:ef:e7:ac:21:ca:
8d:a5:9b:f4:f0:f6:d8:8f:4b:64:08:57:cd:7e:8a:
ab:48:f5:5b:f4:e5:3d:af:25:cb:13:35:78:85:9e:
9c:6b:1a:58:75:96:49:d6:e9:d1:0d:e2:64:06:4c:
78:e9:48:51:11:18:69:ef:a2:61:71:40:a1:af:75:
48:99:96:d6:fc:e8:16:98:d1:27:74:1d:2a:b5:ce:
ba:5a:b3:11:7c:42:9f:31:3c:08:c4:ed:e8:52:92:
cc:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:C7:54:37:F7:9C:83:3C:F7:2D:3A:96:FF:AE:EA:EA:D1:40:D0:4F
X509v3 Authority Key Identifier:
keyid:D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/0qtsm24WUzTAMtBR1fx9FUfk41M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/g8dUN_ecgzz3LTqW_67q6tFA0E8.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2407:9b40::/32
Signature Algorithm: sha256WithRSAEncryption
8f:e6:ba:8c:07:23:22:0f:57:ad:0b:25:cd:02:08:a3:15:ba:
d8:7c:a2:7c:82:cb:41:36:7b:9d:79:6b:34:ba:78:47:8c:77:
55:8b:e5:81:11:ad:19:2f:8e:2d:64:51:b9:8c:60:44:10:3b:
45:72:b3:b6:b6:6e:b1:b4:62:a6:b4:f0:8b:bf:dd:4e:d5:e8:
9c:32:75:c9:4e:56:16:bd:1f:76:a9:a3:57:84:9f:0e:13:37:
17:b3:a1:2e:3d:31:75:0a:e1:a5:f3:28:a0:c3:91:e1:e9:7c:
b4:23:02:1d:94:eb:7c:fa:38:de:4d:58:ea:ce:c4:2d:37:e6:
4a:b8:bb:08:80:13:2a:61:47:7c:ff:4e:fc:c6:6c:dd:b5:91:
b3:6c:6b:14:4a:3e:24:bc:1a:df:db:fe:8f:00:76:ba:91:3f:
66:bc:ed:dd:43:73:18:db:59:5e:e2:11:33:8b:24:76:9d:f8:
4b:5e:7a:4e:a0:3e:54:00:04:3a:8b:62:d1:a7:e7:15:ad:cd:
01:e9:13:0d:b6:9d:32:49:90:2c:8c:3b:7f:13:09:6d:83:ea:
c2:f7:95:ac:cc:54:54:dc:73:5f:e5:26:16:97:ac:26:26:bb:
2c:cf:b1:21:94:66:19:5c:2e:d8:e4:92:7f:78:1f:79:8e:5a:
6a:3a:4f:f5
-----BEGIN CERTIFICATE-----
MIIE2DCCA8CgAwIBAgICIYAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRDJB
QjZDOUI2RTE2NTMzNEMwMzJEMDUxRDVGQzdEMTU0N0U0RTM1MzAeFw0yNTA2MDUw
NjM4NDZaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDgzQzc1NDM3Rjc5Qzgz
M0NGNzJEM0E5NkZGQUVFQUVBRDE0MEQwNEYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC5KRptRuVr3DnDrdXT4bTQc1IaiPSbbzZT+4TgodfFVyPVfFsq
G2YRlDMLGP2Ld+OYZvynZUet8eOsnXN46loM+hNkJUx3QG8Q4A/JTJyaurezvEhR
SQXlOLvsi77ZgwO4kbpQ7pYGVOtpO0Dl8pIIhBpv5W9t6+g1HGX+5OeKu6Y1zTgL
7r9D7e3iTUIobEkxnNX2uflEdz2Hdl0C9BLv56whyo2lm/Tw9tiPS2QIV81+iqtI
9Vv05T2vJcsTNXiFnpxrGlh1lknW6dEN4mQGTHjpSFERGGnvomFxQKGvdUiZltb8
6BaY0Sd0HSq1zrpasxF8Qp8xPAjE7ehSkszPAgMBAAGjggH0MIIB8DAdBgNVHQ4E
FgQUg8dUN/ecgzz3LTqW/67q6tFA0E8wHwYDVR0jBBgwFoAU0qtsm24WUzTAMtBR
1fx9FUfk41MwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA5
OC8wcXRzbTI0V1V6VEFNdEJSMWZ4OUZVZms0MU0uY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwLzBxdHNtMjRXVXpUQU10QlIxZng5RlVmazQxTS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwOTgvZzhkVU5fZWNnenoz
TFRxV182N3E2dEZBMEU4LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIw
BwMFACQHm0AwDQYJKoZIhvcNAQELBQADggEBAI/muowHIyIPV60LJc0CCKMVuth8
onyCy0E2e515azS6eEeMd1WL5YERrRkvji1kUbmMYEQQO0Vys7a2brG0Yqa08Iu/
3U7V6JwydclOVha9H3apo1eEnw4TNxezoS49MXUK4aXzKKDDkeHpfLQjAh2U63z6
ON5NWOrOxC035kq4uwiAEyphR3z/TvzGbN21kbNsaxRKPiS8Gt/b/o8AdrqRP2a8
7d1DcxjbWV7iETOLJHad+Eteek6gPlQABDqLYtGn5xWtzQHpEw22nTJJkCyMO38T
CW2D6sL3lazMVFTcc1/lJhaXrCYmuyzPsSGUZhlcLtjkkn94H3mOWmo6T/U=
-----END CERTIFICATE-----
Generated at Sun Jun 22 00:58:02 2025 by rpki-client