Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3098/jSdZI4ZdzJo9JK4rVW-_eBuxj1A.roa
File: jSdZI4ZdzJo9JK4rVW-_eBuxj1A.roa (raw, json)
Hash identifier: QgWppu2pBPkMa5fBae6JV1m2kCg9ignZX8C7KsAX/bk=
Subject key identifier: 8D:27:59:23:86:5D:CC:9A:3D:24:AE:2B:55:6F:BF:78:1B:B1:8F:50
Certificate issuer: /CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353
Certificate serial: 1C65
Authority key identifier: D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/jSdZI4ZdzJo9JK4rVW-_eBuxj1A.roa
Signing time: Tue 27 May 2025 04:38:13 +0000
ROA not before: Tue 27 May 2025 04:38:13 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 4812
IP address blocks: 2407:9b40::/32 maxlen: 64
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7269 (0x1c65)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353
Validity
Not Before: May 27 04:38:13 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=8D275923865DCC9A3D24AE2B556FBF781BB18F50
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:02:4b:24:a2:3d:f0:9e:0e:64:17:d4:92:a5:
d7:95:a6:87:60:10:25:3e:b3:43:d8:8d:bb:96:d5:
eb:fb:61:8d:7e:f7:55:16:86:75:fc:46:fa:a7:ec:
64:5f:0d:5e:7d:77:d1:0d:da:64:83:20:86:db:d5:
61:c7:e9:72:83:de:2a:37:38:f5:c4:e7:c6:3f:c6:
78:4c:2f:3f:1f:03:90:15:4f:03:3d:82:0e:45:94:
a8:10:b9:f0:d4:ae:2c:81:39:a1:3b:f6:3b:49:83:
37:48:8a:d2:0f:06:2e:4e:ef:f8:6e:5b:d7:c5:45:
76:e7:44:c0:fc:ed:13:22:09:49:bf:0c:8a:d9:94:
4f:41:41:f8:94:2c:8f:6d:c5:b7:38:45:dc:33:d6:
61:21:89:a1:76:46:59:bd:f7:63:78:a4:76:c0:6f:
3a:e9:96:e3:06:76:19:02:93:8d:ba:71:c0:79:71:
08:63:ec:77:e0:2a:f4:f0:d3:74:28:5b:6a:45:ef:
88:10:39:60:8f:f1:50:32:8b:28:33:11:1b:00:3d:
3d:10:2c:ac:89:a8:f0:1a:a0:99:99:fc:be:ee:08:
d5:61:df:fb:b1:9e:36:6a:1b:04:58:0e:a3:c4:e4:
b0:89:35:07:c4:7b:96:3d:0a:b6:15:34:c9:2f:b9:
cb:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:27:59:23:86:5D:CC:9A:3D:24:AE:2B:55:6F:BF:78:1B:B1:8F:50
X509v3 Authority Key Identifier:
keyid:D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/0qtsm24WUzTAMtBR1fx9FUfk41M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/jSdZI4ZdzJo9JK4rVW-_eBuxj1A.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2407:9b40::/32
Signature Algorithm: sha256WithRSAEncryption
7d:c8:84:0e:b1:62:52:92:cb:24:d7:5e:36:73:ca:14:f3:d4:
d2:c9:4a:74:e0:6e:a4:b5:28:1c:97:89:e1:b2:d0:ed:ad:6e:
b6:f3:d2:93:6e:fd:23:56:27:fd:01:71:d0:7a:29:29:20:7b:
c1:c4:f2:0e:4c:dd:2e:5a:25:d4:94:03:34:db:30:d2:d4:74:
43:ae:50:15:3c:e4:d7:e0:6a:8c:df:b6:0e:bd:e5:7e:2f:c4:
77:b1:e3:87:e3:17:76:d5:63:1d:90:36:50:ba:37:b5:42:20:
a4:b9:0c:f1:72:1c:fc:b8:53:a7:4e:44:6b:62:d3:d0:26:5c:
fe:68:5b:ca:77:8f:a6:a9:58:c3:d2:e9:aa:f8:03:f4:c7:0f:
96:15:e5:8f:67:31:fb:8a:19:2a:7d:71:7c:34:a1:79:b0:b6:
35:fe:1d:cd:08:ff:23:90:f6:2e:c2:f9:a0:27:71:16:3c:c2:
1e:c0:0c:33:92:ed:92:63:6e:aa:fe:28:af:16:3b:c3:ef:df:
b9:4a:86:75:49:0c:6c:65:de:07:78:1a:20:f6:b5:02:99:dd:
6e:32:58:ca:78:b5:ec:ba:ac:f6:5b:42:a3:97:9b:d0:f0:ec:
a2:d4:e8:88:44:20:df:ba:29:25:b1:a4:1d:98:26:dc:f9:b5:
04:2e:e4:98
-----BEGIN CERTIFICATE-----
MIIE2DCCA8CgAwIBAgICHGUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRDJB
QjZDOUI2RTE2NTMzNEMwMzJEMDUxRDVGQzdEMTU0N0U0RTM1MzAeFw0yNTA1Mjcw
NDM4MTNaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDhEMjc1OTIzODY1REND
OUEzRDI0QUUyQjU1NkZCRjc4MUJCMThGNTAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDTAkskoj3wng5kF9SSpdeVpodgECU+s0PYjbuW1ev7YY1+91UW
hnX8Rvqn7GRfDV59d9EN2mSDIIbb1WHH6XKD3io3OPXE58Y/xnhMLz8fA5AVTwM9
gg5FlKgQufDUriyBOaE79jtJgzdIitIPBi5O7/huW9fFRXbnRMD87RMiCUm/DIrZ
lE9BQfiULI9txbc4Rdwz1mEhiaF2Rlm992N4pHbAbzrpluMGdhkCk426ccB5cQhj
7HfgKvTw03QoW2pF74gQOWCP8VAyiygzERsAPT0QLKyJqPAaoJmZ/L7uCNVh3/ux
njZqGwRYDqPE5LCJNQfEe5Y9CrYVNMkvucv7AgMBAAGjggH0MIIB8DAdBgNVHQ4E
FgQUjSdZI4ZdzJo9JK4rVW+/eBuxj1AwHwYDVR0jBBgwFoAU0qtsm24WUzTAMtBR
1fx9FUfk41MwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA5
OC8wcXRzbTI0V1V6VEFNdEJSMWZ4OUZVZms0MU0uY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwLzBxdHNtMjRXVXpUQU10QlIxZng5RlVmazQxTS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwOTgvalNkWkk0WmR6Sm85
Sks0clZXLV9lQnV4ajFBLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIw
BwMFACQHm0AwDQYJKoZIhvcNAQELBQADggEBAH3IhA6xYlKSyyTXXjZzyhTz1NLJ
SnTgbqS1KByXieGy0O2tbrbz0pNu/SNWJ/0BcdB6KSkge8HE8g5M3S5aJdSUAzTb
MNLUdEOuUBU85Nfgaozftg695X4vxHex44fjF3bVYx2QNlC6N7VCIKS5DPFyHPy4
U6dORGti09AmXP5oW8p3j6apWMPS6ar4A/THD5YV5Y9nMfuKGSp9cXw0oXmwtjX+
Hc0I/yOQ9i7C+aAncRY8wh7ADDOS7ZJjbqr+KK8WO8Pv37lKhnVJDGxl3gd4GiD2
tQKZ3W4yWMp4tey6rPZbQqOXm9Dw7KLU6IhEIN+6KSWxpB2YJtz5tQQu5Jg=
-----END CERTIFICATE-----
Generated at Sun Jun 22 01:07:11 2025 by rpki-client