Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3098/pVi5jfNBXNj1OZ36LGtXkTmRg2U.roa
File: pVi5jfNBXNj1OZ36LGtXkTmRg2U.roa (raw, json)
Hash identifier: eDlQa1dS+iJ9MvSYtOkqL0H4IYakZCPomE1moE9wu1I=
Subject key identifier: A5:58:B9:8D:F3:41:5C:D8:F5:39:9D:FA:2C:6B:57:91:39:91:83:65
Certificate issuer: /CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353
Certificate serial: 2301
Authority key identifier: D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/pVi5jfNBXNj1OZ36LGtXkTmRg2U.roa
Signing time: Sat 07 Jun 2025 22:38:54 +0000
ROA not before: Sat 07 Jun 2025 22:38:54 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 4812
IP address blocks: 2407:9b40::/32 maxlen: 64
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8961 (0x2301)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353
Validity
Not Before: Jun 7 22:38:54 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=A558B98DF3415CD8F5399DFA2C6B579139918365
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:8d:b5:d3:bd:bc:28:4d:e0:24:cd:d3:9a:8e:
f0:ad:81:38:85:1b:3f:2d:7d:fa:5b:2f:4b:b5:b2:
e2:ae:f1:07:df:7c:d6:05:2b:4d:4d:74:68:34:24:
df:4f:75:78:b0:9b:aa:9d:1a:56:66:ec:84:34:00:
fb:38:57:62:f0:80:fd:b5:cb:17:e5:8f:8c:ca:21:
89:8c:f3:88:7a:1a:3d:40:42:83:14:46:5a:75:b3:
3c:3c:ba:41:cc:f7:77:c6:50:5b:05:61:4e:43:5c:
9d:5e:d7:79:6c:87:c6:81:79:a1:60:56:6d:57:d9:
ba:63:f8:73:d5:7c:be:73:9d:80:a4:76:16:49:22:
6e:1e:64:71:c7:e0:4c:ff:9e:41:32:0d:6f:55:7a:
3d:78:0f:9b:42:dd:9a:31:9a:6a:d0:55:e0:76:c8:
31:e5:3c:9b:c9:fe:b7:14:15:d1:4e:91:38:31:9f:
0e:d5:e8:01:6f:31:3b:85:35:bc:53:16:b1:80:dc:
0f:07:31:a2:b3:7a:a8:58:da:ae:ff:b6:9b:db:e9:
8b:51:42:51:6b:b5:5e:f2:38:90:26:d8:21:af:a9:
f3:88:34:1b:07:e8:4e:f8:5c:47:5f:21:df:21:3a:
19:22:0e:13:8b:08:52:86:3f:c5:d8:3f:fd:ce:ea:
00:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:58:B9:8D:F3:41:5C:D8:F5:39:9D:FA:2C:6B:57:91:39:91:83:65
X509v3 Authority Key Identifier:
keyid:D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/0qtsm24WUzTAMtBR1fx9FUfk41M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/pVi5jfNBXNj1OZ36LGtXkTmRg2U.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2407:9b40::/32
Signature Algorithm: sha256WithRSAEncryption
91:60:e4:e4:38:ef:57:75:c9:f1:ca:3c:af:14:8e:ec:be:90:
73:22:50:45:b7:90:e3:b9:ec:53:27:5e:d5:68:aa:a7:64:8a:
a3:97:bb:9b:1c:2b:a7:bd:83:a6:95:bc:83:d6:5f:aa:3d:05:
0c:d0:aa:4a:27:ee:9c:07:dc:42:59:47:e6:3f:8d:2c:a9:51:
74:ac:ef:33:44:3d:a0:76:54:b5:b3:a9:1f:67:4b:b5:e4:d9:
18:64:78:77:ca:72:a1:be:14:34:b0:4e:2a:05:86:d0:55:93:
32:93:70:81:8d:1f:41:6d:54:18:0b:d6:87:bd:88:38:5f:e4:
55:5b:12:c4:cd:10:0e:06:2b:0e:11:ca:cd:d3:65:b5:bd:7d:
c3:8b:80:5a:6e:46:3b:7c:5b:6a:e9:2d:72:86:26:5e:9d:ad:
eb:25:79:a2:1e:85:35:11:ea:df:ce:cc:da:1b:5f:71:b9:cc:
eb:cb:4f:cd:72:8b:c4:e2:7f:8e:8f:83:8d:0e:a5:fe:69:9a:
22:a0:a9:78:50:72:85:c7:a6:82:d6:46:d1:1a:b2:e4:e8:93:
1d:a4:ad:03:df:80:d2:5d:31:37:7f:f0:a8:81:26:04:79:22:
20:17:5b:13:0f:71:fa:a5:93:bc:1b:02:b2:b7:bf:c4:dd:52:
a7:9c:39:a8
-----BEGIN CERTIFICATE-----
MIIE2DCCA8CgAwIBAgICIwEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRDJB
QjZDOUI2RTE2NTMzNEMwMzJEMDUxRDVGQzdEMTU0N0U0RTM1MzAeFw0yNTA2MDcy
MjM4NTRaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKEE1NThCOThERjM0MTVD
RDhGNTM5OURGQTJDNkI1NzkxMzk5MTgzNjUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC+jbXTvbwoTeAkzdOajvCtgTiFGz8tffpbL0u1suKu8QfffNYF
K01NdGg0JN9PdXiwm6qdGlZm7IQ0APs4V2LwgP21yxflj4zKIYmM84h6Gj1AQoMU
Rlp1szw8ukHM93fGUFsFYU5DXJ1e13lsh8aBeaFgVm1X2bpj+HPVfL5znYCkdhZJ
Im4eZHHH4Ez/nkEyDW9Vej14D5tC3ZoxmmrQVeB2yDHlPJvJ/rcUFdFOkTgxnw7V
6AFvMTuFNbxTFrGA3A8HMaKzeqhY2q7/tpvb6YtRQlFrtV7yOJAm2CGvqfOINBsH
6E74XEdfId8hOhkiDhOLCFKGP8XYP/3O6gBRAgMBAAGjggH0MIIB8DAdBgNVHQ4E
FgQUpVi5jfNBXNj1OZ36LGtXkTmRg2UwHwYDVR0jBBgwFoAU0qtsm24WUzTAMtBR
1fx9FUfk41MwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA5
OC8wcXRzbTI0V1V6VEFNdEJSMWZ4OUZVZms0MU0uY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwLzBxdHNtMjRXVXpUQU10QlIxZng5RlVmazQxTS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwOTgvcFZpNWpmTkJYTmox
T1ozNkxHdFhrVG1SZzJVLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIw
BwMFACQHm0AwDQYJKoZIhvcNAQELBQADggEBAJFg5OQ471d1yfHKPK8Ujuy+kHMi
UEW3kOO57FMnXtVoqqdkiqOXu5scK6e9g6aVvIPWX6o9BQzQqkon7pwH3EJZR+Y/
jSypUXSs7zNEPaB2VLWzqR9nS7Xk2RhkeHfKcqG+FDSwTioFhtBVkzKTcIGNH0Ft
VBgL1oe9iDhf5FVbEsTNEA4GKw4Rys3TZbW9fcOLgFpuRjt8W2rpLXKGJl6dresl
eaIehTUR6t/OzNobX3G5zOvLT81yi8Tif46Pg40Opf5pmiKgqXhQcoXHpoLWRtEa
suTokx2krQPfgNJdMTd/8KiBJgR5IiAXWxMPcfqlk7wbArK3v8TdUqecOag=
-----END CERTIFICATE-----
Generated at Sat Jun 21 16:20:54 2025 by rpki-client