Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3098/iSwUHDE4vZIIjepYp3wX1cbRy_0.roa
File: iSwUHDE4vZIIjepYp3wX1cbRy_0.roa (raw, json)
Hash identifier: OxK6PrCCMTqrUMaAWvzaeACznMy4JVQEgo97ZoQf3ZM=
Subject key identifier: 89:2C:14:1C:31:38:BD:92:08:8D:EA:58:A7:7C:17:D5:C6:D1:CB:FD
Certificate issuer: /CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353
Certificate serial: 2295
Authority key identifier: D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/iSwUHDE4vZIIjepYp3wX1cbRy_0.roa
Signing time: Sat 07 Jun 2025 04:38:51 +0000
ROA not before: Sat 07 Jun 2025 04:38:51 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 4812
IP address blocks: 2407:9b40::/32 maxlen: 64
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8853 (0x2295)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353
Validity
Not Before: Jun 7 04:38:51 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=892C141C3138BD92088DEA58A77C17D5C6D1CBFD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:56:91:4a:46:85:a8:d8:78:d8:16:38:a8:bd:
c2:0e:a1:10:1d:e0:81:c7:16:0e:20:bf:13:91:79:
6a:86:aa:47:2c:a7:7b:73:03:74:66:32:83:b4:38:
8c:9d:77:9b:65:d5:2a:65:da:06:71:d4:56:f5:63:
3e:d7:78:9f:4b:cf:aa:11:32:a8:b3:71:f4:6c:61:
f0:1d:ea:15:ff:c2:44:87:30:b3:95:d7:32:d1:e9:
da:ec:47:e6:15:c6:3c:d2:f2:6f:4d:9d:7b:c6:4f:
c1:55:96:ec:f1:5b:d8:31:9a:43:67:4e:37:4e:f2:
ca:60:9c:76:53:ae:de:1f:be:49:21:1a:cc:47:b4:
77:54:8f:c9:04:05:29:a2:c7:2e:73:23:29:f6:b9:
17:61:a1:28:63:ef:55:3f:09:23:73:f5:49:78:ed:
0f:62:a0:9b:0f:5e:c0:d1:0a:49:7d:31:12:40:86:
ba:d1:ec:4b:f2:f3:71:e6:88:ce:65:8d:42:3d:2c:
5e:d0:e3:e8:e4:78:fd:5f:7a:2f:4f:eb:13:6f:6d:
f3:cb:1d:3a:84:69:fc:7b:e6:bb:f1:b2:f5:e4:1d:
fb:c3:e0:b7:a9:89:9f:52:d9:b9:e2:ce:8e:4a:0f:
ee:bb:65:3f:f6:2c:60:55:9e:b1:e5:d7:e4:a1:47:
3a:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:2C:14:1C:31:38:BD:92:08:8D:EA:58:A7:7C:17:D5:C6:D1:CB:FD
X509v3 Authority Key Identifier:
keyid:D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/0qtsm24WUzTAMtBR1fx9FUfk41M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/iSwUHDE4vZIIjepYp3wX1cbRy_0.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2407:9b40::/32
Signature Algorithm: sha256WithRSAEncryption
af:96:3f:de:6c:ab:9f:6b:84:f7:08:39:e7:77:c7:1b:f8:8f:
29:a0:0d:c8:bb:8f:b6:4d:21:87:7c:f3:f8:d1:da:a1:e3:5c:
00:f0:b3:08:f1:9f:cd:35:18:ad:c5:51:af:5d:71:3d:7d:26:
38:24:e4:45:86:c2:40:cb:34:06:3d:9f:e9:9a:c1:17:e0:67:
59:4c:08:0f:11:ba:da:b6:8f:76:c3:7e:ee:3f:cf:8d:16:76:
e3:f6:7f:a4:ad:82:3d:d3:29:fe:62:2f:ab:ff:8b:61:2c:3b:
d3:d5:ae:05:35:ff:8b:39:19:99:d4:71:7d:88:2d:86:2d:78:
50:cd:81:e9:00:53:14:a4:0d:9f:ea:1e:bd:62:68:f7:23:40:
68:8a:32:7c:4b:11:0f:27:b1:35:0d:38:26:ab:32:72:a8:a4:
a7:d1:59:06:52:5c:b1:1a:ce:4f:0b:18:ed:47:d8:85:d7:f6:
af:d9:18:cb:28:66:3b:c9:5d:c5:0c:79:d5:71:e1:f6:48:53:
90:18:41:78:1f:60:5e:05:55:cf:10:89:37:c3:2b:76:38:a9:
79:3c:da:71:f1:14:72:99:da:70:87:9d:0a:03:13:c3:34:be:
73:97:a6:2b:0d:39:e7:93:9b:7b:83:6a:d9:89:b2:dd:4f:bf:
7e:0d:95:55
-----BEGIN CERTIFICATE-----
MIIE2DCCA8CgAwIBAgICIpUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRDJB
QjZDOUI2RTE2NTMzNEMwMzJEMDUxRDVGQzdEMTU0N0U0RTM1MzAeFw0yNTA2MDcw
NDM4NTFaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDg5MkMxNDFDMzEzOEJE
OTIwODhERUE1OEE3N0MxN0Q1QzZEMUNCRkQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDeVpFKRoWo2HjYFjiovcIOoRAd4IHHFg4gvxOReWqGqkcsp3tz
A3RmMoO0OIydd5tl1Spl2gZx1Fb1Yz7XeJ9Lz6oRMqizcfRsYfAd6hX/wkSHMLOV
1zLR6drsR+YVxjzS8m9NnXvGT8FVluzxW9gxmkNnTjdO8spgnHZTrt4fvkkhGsxH
tHdUj8kEBSmixy5zIyn2uRdhoShj71U/CSNz9Ul47Q9ioJsPXsDRCkl9MRJAhrrR
7Evy83HmiM5ljUI9LF7Q4+jkeP1fei9P6xNvbfPLHTqEafx75rvxsvXkHfvD4Lep
iZ9S2bnizo5KD+67ZT/2LGBVnrHl1+ShRzq1AgMBAAGjggH0MIIB8DAdBgNVHQ4E
FgQUiSwUHDE4vZIIjepYp3wX1cbRy/0wHwYDVR0jBBgwFoAU0qtsm24WUzTAMtBR
1fx9FUfk41MwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA5
OC8wcXRzbTI0V1V6VEFNdEJSMWZ4OUZVZms0MU0uY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwLzBxdHNtMjRXVXpUQU10QlIxZng5RlVmazQxTS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwOTgvaVN3VUhERTR2WklJ
amVwWXAzd1gxY2JSeV8wLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIw
BwMFACQHm0AwDQYJKoZIhvcNAQELBQADggEBAK+WP95sq59rhPcIOed3xxv4jymg
Dci7j7ZNIYd88/jR2qHjXADwswjxn801GK3FUa9dcT19Jjgk5EWGwkDLNAY9n+ma
wRfgZ1lMCA8Rutq2j3bDfu4/z40WduP2f6Stgj3TKf5iL6v/i2EsO9PVrgU1/4s5
GZnUcX2ILYYteFDNgekAUxSkDZ/qHr1iaPcjQGiKMnxLEQ8nsTUNOCarMnKopKfR
WQZSXLEazk8LGO1H2IXX9q/ZGMsoZjvJXcUMedVx4fZIU5AYQXgfYF4FVc8QiTfD
K3Y4qXk82nHxFHKZ2nCHnQoDE8M0vnOXpisNOeeTm3uDatmJst1Pv34NlVU=
-----END CERTIFICATE-----
Generated at Sat Jun 21 17:41:41 2025 by rpki-client