Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3098/kGorBq_GKL1E3nIN1xdhbDHyhBI.roa
File: kGorBq_GKL1E3nIN1xdhbDHyhBI.roa (raw, json)
Hash identifier: 4d6ufeb9YTj1KV2D+RygiNw8xANpEMVZVvPaUBKTMVM=
Subject key identifier: 90:6A:2B:06:AF:C6:28:BD:44:DE:72:0D:D7:17:61:6C:31:F2:84:12
Certificate issuer: /CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353
Certificate serial: 213C
Authority key identifier: D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/kGorBq_GKL1E3nIN1xdhbDHyhBI.roa
Signing time: Wed 04 Jun 2025 19:08:44 +0000
ROA not before: Wed 04 Jun 2025 19:08:44 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 4812
IP address blocks: 2407:9b40::/32 maxlen: 64
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8508 (0x213c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353
Validity
Not Before: Jun 4 19:08:44 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=906A2B06AFC628BD44DE720DD717616C31F28412
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:68:12:9f:51:08:d1:c1:85:25:dd:57:d5:4f:
95:b8:a3:9f:06:e4:7b:a8:6d:aa:62:61:b7:80:7e:
84:11:b1:e2:4f:a9:c8:41:7e:dd:fe:3e:c6:b8:93:
45:c7:88:3c:b3:c5:62:fe:5a:9c:9a:a7:12:e5:8c:
f4:f5:7a:e1:66:65:07:fa:6e:84:2e:2e:ff:89:2d:
58:52:5c:04:9f:cd:9e:e2:33:89:50:67:11:0d:88:
98:af:51:9f:f2:e4:f0:f4:6a:b1:c8:34:4f:3b:78:
da:cf:7d:94:c7:5f:19:c0:f9:40:03:0c:08:9b:65:
06:71:1f:f1:cc:3d:64:05:1c:03:1d:31:a6:b8:d1:
96:f2:57:ff:53:02:4e:42:1d:55:84:78:63:ca:e5:
90:a6:ff:4c:5b:ee:0e:68:44:58:a2:16:07:fa:4d:
aa:9c:ec:44:8d:b4:98:0f:53:48:d6:8f:aa:60:54:
0f:18:ae:a0:4f:a3:3b:09:3c:fe:5e:50:49:1d:01:
ef:bf:e7:1b:5a:1d:77:0d:06:60:e9:22:98:e3:fc:
91:f2:84:70:40:19:70:71:9c:55:a0:36:8e:e6:1c:
bf:a6:e9:3b:02:bb:4a:08:a1:25:41:c1:f6:59:6e:
6d:f1:2f:cb:b4:21:27:10:64:0b:8e:39:70:1e:3e:
a9:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:6A:2B:06:AF:C6:28:BD:44:DE:72:0D:D7:17:61:6C:31:F2:84:12
X509v3 Authority Key Identifier:
keyid:D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/0qtsm24WUzTAMtBR1fx9FUfk41M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/kGorBq_GKL1E3nIN1xdhbDHyhBI.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2407:9b40::/32
Signature Algorithm: sha256WithRSAEncryption
6d:a9:c0:0b:24:ff:af:53:32:c2:31:da:78:82:85:f5:5f:c5:
10:7e:15:55:5b:f5:b4:92:df:ac:65:46:08:50:1d:3c:ce:78:
4d:5f:1e:58:42:8a:f4:02:66:0b:02:27:05:7c:71:1c:92:5b:
45:56:bb:db:50:97:e2:8b:aa:71:0c:ef:1f:53:2b:fa:26:5e:
1c:88:d5:25:48:e9:7e:0c:d3:ef:2a:89:44:8d:c0:d6:ea:6f:
b9:32:70:60:c3:ab:6f:1a:f0:8d:34:3c:61:ed:68:e1:9e:69:
2c:f2:b2:04:32:b2:ed:57:ab:0d:47:50:47:c7:94:8b:a4:71:
15:cc:91:0e:b3:09:36:f3:35:af:0c:6e:a0:12:47:be:51:dd:
c8:a2:10:b8:fe:8e:5f:2c:d2:7a:49:50:1e:ae:4d:c3:df:b6:
a4:80:f7:0c:5c:d3:0c:aa:6c:3f:00:75:a8:42:84:1e:d1:1a:
4b:a7:43:da:90:bd:d1:a3:cd:1b:2e:63:18:1b:4b:10:78:e8:
74:f1:a1:b1:ad:67:81:da:77:62:ba:21:f5:ae:26:3f:d4:b8:
1f:6a:1c:15:d4:45:10:71:ea:f5:e0:eb:16:28:26:ad:b1:27:
92:10:41:8e:aa:4c:82:a3:91:3c:08:6d:d0:cd:94:59:3a:72:
46:ee:e3:13
-----BEGIN CERTIFICATE-----
MIIE2DCCA8CgAwIBAgICITwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRDJB
QjZDOUI2RTE2NTMzNEMwMzJEMDUxRDVGQzdEMTU0N0U0RTM1MzAeFw0yNTA2MDQx
OTA4NDRaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDkwNkEyQjA2QUZDNjI4
QkQ0NERFNzIwREQ3MTc2MTZDMzFGMjg0MTIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDIaBKfUQjRwYUl3VfVT5W4o58G5HuobapiYbeAfoQRseJPqchB
ft3+Psa4k0XHiDyzxWL+WpyapxLljPT1euFmZQf6boQuLv+JLVhSXASfzZ7iM4lQ
ZxENiJivUZ/y5PD0arHINE87eNrPfZTHXxnA+UADDAibZQZxH/HMPWQFHAMdMaa4
0ZbyV/9TAk5CHVWEeGPK5ZCm/0xb7g5oRFiiFgf6Taqc7ESNtJgPU0jWj6pgVA8Y
rqBPozsJPP5eUEkdAe+/5xtaHXcNBmDpIpjj/JHyhHBAGXBxnFWgNo7mHL+m6TsC
u0oIoSVBwfZZbm3xL8u0IScQZAuOOXAePqmTAgMBAAGjggH0MIIB8DAdBgNVHQ4E
FgQUkGorBq/GKL1E3nIN1xdhbDHyhBIwHwYDVR0jBBgwFoAU0qtsm24WUzTAMtBR
1fx9FUfk41MwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA5
OC8wcXRzbTI0V1V6VEFNdEJSMWZ4OUZVZms0MU0uY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwLzBxdHNtMjRXVXpUQU10QlIxZng5RlVmazQxTS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwOTgva0dvckJxX0dLTDFF
M25JTjF4ZGhiREh5aEJJLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIw
BwMFACQHm0AwDQYJKoZIhvcNAQELBQADggEBAG2pwAsk/69TMsIx2niChfVfxRB+
FVVb9bSS36xlRghQHTzOeE1fHlhCivQCZgsCJwV8cRySW0VWu9tQl+KLqnEM7x9T
K/omXhyI1SVI6X4M0+8qiUSNwNbqb7kycGDDq28a8I00PGHtaOGeaSzysgQysu1X
qw1HUEfHlIukcRXMkQ6zCTbzNa8MbqASR75R3ciiELj+jl8s0npJUB6uTcPftqSA
9wxc0wyqbD8AdahChB7RGkunQ9qQvdGjzRsuYxgbSxB46HTxobGtZ4Had2K6IfWu
Jj/UuB9qHBXURRBx6vXg6xYoJq2xJ5IQQY6qTIKjkTwIbdDNlFk6ckbu4xM=
-----END CERTIFICATE-----
Generated at Sat Jun 21 18:38:39 2025 by rpki-client