Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3098/pE_LFdmqV1EEtUkvXYCsdt8761A.roa
File: pE_LFdmqV1EEtUkvXYCsdt8761A.roa (raw, json)
Hash identifier: fur3e0HPiP+cb+p5/e3ZhNa2ssR+Tt5+gKincMLTzzw=
Subject key identifier: A4:4F:CB:15:D9:AA:57:51:04:B5:49:2F:5D:80:AC:76:DF:3B:EB:50
Certificate issuer: /CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353
Certificate serial: 240F
Authority key identifier: D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/pE_LFdmqV1EEtUkvXYCsdt8761A.roa
Signing time: Mon 09 Jun 2025 19:39:03 +0000
ROA not before: Mon 09 Jun 2025 19:39:03 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 4812
IP address blocks: 2407:9b40::/32 maxlen: 64
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 9231 (0x240f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353
Validity
Not Before: Jun 9 19:39:03 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=A44FCB15D9AA575104B5492F5D80AC76DF3BEB50
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:8d:4d:8f:d3:4e:87:1e:24:df:5f:68:b5:20:
82:7a:44:13:bd:ad:25:fe:28:40:0e:ea:c5:e2:4f:
7d:76:13:e1:b4:ef:9a:e9:e6:7d:98:e4:70:b7:9f:
e0:d9:94:d6:9d:5d:58:b1:f4:5b:80:07:24:3a:49:
ed:1d:5b:1b:ff:94:d2:83:0f:f3:04:46:ba:cc:1f:
d5:23:0c:53:8c:c8:aa:86:6c:40:c4:6b:29:77:7a:
b4:0b:c3:bf:66:af:4e:02:49:7b:08:30:a5:71:b9:
a7:4a:d6:0d:e1:17:7c:67:bf:a3:28:3a:1f:78:65:
74:2c:82:2f:77:7b:85:4c:72:58:79:ca:bf:e9:1c:
aa:72:c9:6f:7d:55:31:a6:69:5d:ea:90:51:6f:ad:
23:38:64:ac:1f:5b:e5:c8:e8:5f:4f:17:9e:e0:7f:
c1:83:f4:fa:3e:de:cd:cd:61:9e:ec:9c:27:2b:ff:
8f:81:55:e0:0f:a8:86:ba:45:32:3d:98:65:bf:79:
ec:dc:b0:88:20:7f:3e:5b:b8:43:e4:15:d2:3e:27:
ee:75:ac:26:01:ee:82:1d:5e:2f:c7:59:91:f2:e8:
77:d7:32:26:ff:b3:19:14:96:49:9c:6f:9b:db:23:
d6:8c:3c:66:e1:cd:5e:10:35:c1:1b:86:ac:c4:7c:
53:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:4F:CB:15:D9:AA:57:51:04:B5:49:2F:5D:80:AC:76:DF:3B:EB:50
X509v3 Authority Key Identifier:
keyid:D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/0qtsm24WUzTAMtBR1fx9FUfk41M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/pE_LFdmqV1EEtUkvXYCsdt8761A.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2407:9b40::/32
Signature Algorithm: sha256WithRSAEncryption
95:01:e2:1a:a5:7e:08:9e:e8:8f:1a:db:f1:0b:26:06:dc:09:
7e:48:98:02:70:f6:8b:55:20:1e:99:9e:96:33:0f:43:a2:1a:
3c:ed:0c:3c:b1:de:22:ca:85:51:a5:b2:01:fc:4e:2f:87:37:
8c:92:18:60:14:ec:a9:f3:75:ea:f9:d5:a9:55:1e:de:a6:16:
9b:11:75:53:d0:a1:78:cc:31:fa:77:4d:db:e6:0a:3e:b0:6d:
d6:43:74:c2:5f:f9:8c:72:55:e1:78:5f:fd:6c:0a:91:4c:53:
ef:50:e3:da:c5:4d:26:b8:54:ce:47:8d:b2:df:33:9e:aa:f5:
95:fb:68:83:4a:e5:84:ad:0f:f7:a1:d7:dc:c5:c2:cc:78:95:
55:60:8f:43:df:33:72:06:38:60:0d:d6:15:5f:53:4a:f5:1e:
78:5a:cb:48:0c:e2:52:cb:ea:45:1d:e6:4d:aa:30:98:9b:53:
13:aa:83:ec:32:f3:98:6b:19:93:91:73:15:70:08:c8:7f:01:
36:04:89:85:01:fb:e3:02:df:ce:b1:54:33:a6:9c:ed:d4:21:
cf:e9:2f:4b:b5:a9:7f:45:f5:13:92:cb:f1:e8:33:dd:e0:89:
01:1a:f0:18:12:2a:83:62:aa:d3:b5:20:3a:88:25:7b:87:1e:
d1:20:8e:30
-----BEGIN CERTIFICATE-----
MIIE2DCCA8CgAwIBAgICJA8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRDJB
QjZDOUI2RTE2NTMzNEMwMzJEMDUxRDVGQzdEMTU0N0U0RTM1MzAeFw0yNTA2MDkx
OTM5MDNaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKEE0NEZDQjE1RDlBQTU3
NTEwNEI1NDkyRjVEODBBQzc2REYzQkVCNTAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC4jU2P006HHiTfX2i1IIJ6RBO9rSX+KEAO6sXiT312E+G075rp
5n2Y5HC3n+DZlNadXVix9FuAByQ6Se0dWxv/lNKDD/MERrrMH9UjDFOMyKqGbEDE
ayl3erQLw79mr04CSXsIMKVxuadK1g3hF3xnv6MoOh94ZXQsgi93e4VMclh5yr/p
HKpyyW99VTGmaV3qkFFvrSM4ZKwfW+XI6F9PF57gf8GD9Po+3s3NYZ7snCcr/4+B
VeAPqIa6RTI9mGW/eezcsIggfz5buEPkFdI+J+51rCYB7oIdXi/HWZHy6HfXMib/
sxkUlkmcb5vbI9aMPGbhzV4QNcEbhqzEfFMhAgMBAAGjggH0MIIB8DAdBgNVHQ4E
FgQUpE/LFdmqV1EEtUkvXYCsdt8761AwHwYDVR0jBBgwFoAU0qtsm24WUzTAMtBR
1fx9FUfk41MwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA5
OC8wcXRzbTI0V1V6VEFNdEJSMWZ4OUZVZms0MU0uY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwLzBxdHNtMjRXVXpUQU10QlIxZng5RlVmazQxTS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwOTgvcEVfTEZkbXFWMUVF
dFVrdlhZQ3NkdDg3NjFBLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIw
BwMFACQHm0AwDQYJKoZIhvcNAQELBQADggEBAJUB4hqlfgie6I8a2/ELJgbcCX5I
mAJw9otVIB6ZnpYzD0OiGjztDDyx3iLKhVGlsgH8Ti+HN4ySGGAU7Knzder51alV
Ht6mFpsRdVPQoXjMMfp3TdvmCj6wbdZDdMJf+YxyVeF4X/1sCpFMU+9Q49rFTSa4
VM5HjbLfM56q9ZX7aINK5YStD/eh19zFwsx4lVVgj0PfM3IGOGAN1hVfU0r1Hnha
y0gM4lLL6kUd5k2qMJibUxOqg+wy85hrGZORcxVwCMh/ATYEiYUB++MC386xVDOm
nO3UIc/pL0u1qX9F9ROSy/HoM93giQEa8BgSKoNiqtO1IDqIJXuHHtEgjjA=
-----END CERTIFICATE-----
Generated at Sun Jun 22 05:31:20 2025 by rpki-client