Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3098/raaV_VfMieKYVn1Ll6I4NrAh9no.roa
File: raaV_VfMieKYVn1Ll6I4NrAh9no.roa (raw, json)
Hash identifier: 6tzQLF/F+dlRSW7Eux+mUJCuhvOkqZhQbVqoHtJaWKc=
Subject key identifier: AD:A6:95:FD:57:CC:89:E2:98:56:7D:4B:97:A2:38:36:B0:21:F6:7A
Certificate issuer: /CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353
Certificate serial: 21E3
Authority key identifier: D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/raaV_VfMieKYVn1Ll6I4NrAh9no.roa
Signing time: Thu 05 Jun 2025 23:08:46 +0000
ROA not before: Thu 05 Jun 2025 23:08:46 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 146845
IP address blocks: 2407:9b40::/32 maxlen: 64
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8675 (0x21e3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353
Validity
Not Before: Jun 5 23:08:46 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=ADA695FD57CC89E298567D4B97A23836B021F67A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:c3:80:8c:d7:96:24:93:21:68:9d:4f:00:51:
bf:1b:36:ee:08:5e:90:0b:d1:53:b5:c6:9f:bb:f5:
e3:e8:60:ed:e2:22:cc:f1:a5:f3:c8:d9:3f:5b:d0:
b2:02:44:6b:31:2a:cb:2e:65:b3:9f:d1:00:e0:fc:
4a:4a:65:ca:8a:f1:a6:5e:1a:a8:79:41:14:0c:f6:
ff:90:fb:c8:d3:53:ea:ef:74:79:a1:2e:58:18:33:
80:b9:2a:f0:bd:17:23:45:1d:bb:ee:f1:12:a9:cf:
30:0c:95:1f:df:08:17:43:ad:37:9b:4b:ff:27:aa:
97:73:53:ea:ef:0c:42:31:d7:a4:0f:d8:97:34:ec:
b9:4a:2f:10:25:99:49:42:c2:8a:52:02:8b:2a:c0:
92:2c:77:24:25:b1:89:af:a5:32:75:63:e9:4b:38:
37:79:7f:a1:c2:c8:1d:b4:6b:e7:7a:d3:f1:55:f4:
27:0d:ab:54:78:9d:b2:9b:a9:58:04:cb:5f:ba:95:
17:10:34:3c:82:34:66:60:90:87:74:3a:88:bc:24:
b8:e6:4c:b4:c8:72:97:48:3b:72:f7:7e:74:65:8d:
4f:39:db:ad:43:d1:13:b6:0e:2d:56:32:ab:7e:a9:
de:1c:19:30:67:bb:7d:23:8b:ea:01:bf:9f:17:e9:
6c:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:A6:95:FD:57:CC:89:E2:98:56:7D:4B:97:A2:38:36:B0:21:F6:7A
X509v3 Authority Key Identifier:
keyid:D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/0qtsm24WUzTAMtBR1fx9FUfk41M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/raaV_VfMieKYVn1Ll6I4NrAh9no.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2407:9b40::/32
Signature Algorithm: sha256WithRSAEncryption
79:fb:67:67:88:8d:a6:9c:90:10:26:bb:f7:33:1a:35:28:be:
f9:42:db:63:e8:ae:17:e0:a2:54:74:c5:35:6c:23:ca:86:27:
fb:7f:c6:2e:af:ce:84:20:a6:98:38:40:ff:32:34:e4:10:2b:
63:86:29:08:b1:91:47:3a:92:bd:89:02:e6:77:59:5f:dd:25:
7a:47:70:86:14:51:65:83:31:85:6d:15:00:dc:d1:d6:98:0d:
9c:34:64:4c:b5:59:02:75:8f:51:4d:34:21:25:68:41:a8:7c:
54:3a:91:fe:0f:70:f6:a9:97:e2:7c:48:d7:b4:0d:26:11:86:
ab:18:d7:a5:18:5a:07:b2:48:e2:fe:76:8d:c9:1a:05:c9:86:
d3:c4:ec:df:23:6c:f4:02:69:db:6e:2a:8d:c6:d8:11:21:ce:
37:ab:4e:c6:21:67:bf:81:3f:14:03:60:96:2b:7c:cf:3f:cc:
03:83:42:74:e9:69:5a:fc:a5:b9:c9:ed:99:e9:1a:ec:05:a7:
92:70:83:d6:e4:48:33:0c:9d:bd:2e:71:8b:c8:0f:8b:34:cc:
42:3c:12:ca:5e:8b:2f:f8:fe:57:ad:b3:01:9a:e4:48:bb:18:
88:ac:62:06:98:f7:15:37:a1:dc:74:c4:f1:21:4d:93:71:3a:
68:c7:1f:64
-----BEGIN CERTIFICATE-----
MIIE2DCCA8CgAwIBAgICIeMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRDJB
QjZDOUI2RTE2NTMzNEMwMzJEMDUxRDVGQzdEMTU0N0U0RTM1MzAeFw0yNTA2MDUy
MzA4NDZaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKEFEQTY5NUZENTdDQzg5
RTI5ODU2N0Q0Qjk3QTIzODM2QjAyMUY2N0EwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDHw4CM15YkkyFonU8AUb8bNu4IXpAL0VO1xp+79ePoYO3iIszx
pfPI2T9b0LICRGsxKssuZbOf0QDg/EpKZcqK8aZeGqh5QRQM9v+Q+8jTU+rvdHmh
LlgYM4C5KvC9FyNFHbvu8RKpzzAMlR/fCBdDrTebS/8nqpdzU+rvDEIx16QP2Jc0
7LlKLxAlmUlCwopSAosqwJIsdyQlsYmvpTJ1Y+lLODd5f6HCyB20a+d60/FV9CcN
q1R4nbKbqVgEy1+6lRcQNDyCNGZgkId0Ooi8JLjmTLTIcpdIO3L3fnRljU85261D
0RO2Di1WMqt+qd4cGTBnu30ji+oBv58X6WxlAgMBAAGjggH0MIIB8DAdBgNVHQ4E
FgQUraaV/VfMieKYVn1Ll6I4NrAh9nowHwYDVR0jBBgwFoAU0qtsm24WUzTAMtBR
1fx9FUfk41MwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA5
OC8wcXRzbTI0V1V6VEFNdEJSMWZ4OUZVZms0MU0uY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwLzBxdHNtMjRXVXpUQU10QlIxZng5RlVmazQxTS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwOTgvcmFhVl9WZk1pZUtZ
Vm4xTGw2STROckFoOW5vLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIw
BwMFACQHm0AwDQYJKoZIhvcNAQELBQADggEBAHn7Z2eIjaackBAmu/czGjUovvlC
22PorhfgolR0xTVsI8qGJ/t/xi6vzoQgppg4QP8yNOQQK2OGKQixkUc6kr2JAuZ3
WV/dJXpHcIYUUWWDMYVtFQDc0daYDZw0ZEy1WQJ1j1FNNCElaEGofFQ6kf4PcPap
l+J8SNe0DSYRhqsY16UYWgeySOL+do3JGgXJhtPE7N8jbPQCadtuKo3G2BEhzjer
TsYhZ7+BPxQDYJYrfM8/zAODQnTpaVr8pbnJ7ZnpGuwFp5Jwg9bkSDMMnb0ucYvI
D4s0zEI8Espeiy/4/letswGa5Ei7GIisYgaY9xU3odx0xPEhTZNxOmjHH2Q=
-----END CERTIFICATE-----
Generated at Sun Jun 22 05:23:46 2025 by rpki-client