Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3098/reyM4Ax6KoYPNKvo-SbO-osF8S0.roa
File: reyM4Ax6KoYPNKvo-SbO-osF8S0.roa (raw, json)
Hash identifier: sKHIEiJQI21qjH8dpYwpkKRRhoWSS5WaWU6Sii3dHL0=
Subject key identifier: AD:EC:8C:E0:0C:7A:2A:86:0F:34:AB:E8:F9:26:CE:FA:8B:05:F1:2D
Certificate issuer: /CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353
Certificate serial: 2375
Authority key identifier: D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/reyM4Ax6KoYPNKvo-SbO-osF8S0.roa
Signing time: Sun 08 Jun 2025 18:08:57 +0000
ROA not before: Sun 08 Jun 2025 18:08:57 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 146845
IP address blocks: 2407:9b40::/32 maxlen: 64
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 9077 (0x2375)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353
Validity
Not Before: Jun 8 18:08:57 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=ADEC8CE00C7A2A860F34ABE8F926CEFA8B05F12D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f5:9d:cc:16:98:a8:64:b5:42:b6:41:80:6d:bf:
5a:b3:1e:3a:7d:c0:62:59:cb:e0:35:2f:29:31:8e:
51:93:15:a2:46:b3:46:b2:eb:09:f0:63:b9:07:8a:
17:e7:b5:71:79:f3:d2:37:e8:e3:ea:2e:25:87:97:
95:1e:1c:ac:18:10:4f:39:b6:e3:9d:5a:ba:8e:da:
9b:ee:01:b9:0e:de:9b:2d:67:22:9e:27:2d:5a:44:
be:2e:4e:da:03:16:4d:e0:b7:86:67:a4:34:4f:b8:
7d:8e:f3:be:01:c8:f3:da:87:9f:e8:07:64:a0:35:
d4:81:bc:9d:25:b2:f9:75:26:3a:a1:37:00:10:f7:
93:fc:bc:f0:d0:c8:ea:f5:b1:19:39:37:08:73:4e:
4d:64:40:5f:8b:85:34:71:1b:ca:69:88:cf:8f:e0:
6b:84:3c:68:3f:34:e2:38:2e:3d:41:d9:69:2d:f4:
08:86:58:44:8d:9e:ad:66:82:1f:61:b3:af:94:27:
ec:85:b6:ca:e8:06:88:b8:fe:d1:87:76:31:40:63:
74:f0:96:b7:9c:84:1f:93:4c:02:65:99:1e:83:b8:
65:6c:20:f8:8b:32:2b:5a:74:14:f0:39:33:d2:96:
aa:c8:0d:c7:32:a3:60:6c:ff:a0:f5:6a:93:1e:5f:
e9:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:EC:8C:E0:0C:7A:2A:86:0F:34:AB:E8:F9:26:CE:FA:8B:05:F1:2D
X509v3 Authority Key Identifier:
keyid:D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/0qtsm24WUzTAMtBR1fx9FUfk41M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/reyM4Ax6KoYPNKvo-SbO-osF8S0.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2407:9b40::/32
Signature Algorithm: sha256WithRSAEncryption
b2:45:12:08:b3:c7:51:24:35:46:92:32:fe:34:60:84:39:d2:
65:db:69:eb:3a:ea:eb:7a:7d:db:f3:be:14:89:d8:f6:a1:8f:
df:16:c2:ae:30:72:4a:7a:e8:e7:b6:51:0d:df:a2:d8:0f:12:
18:02:d0:96:fc:9d:d5:c2:ca:25:e7:d2:fd:d8:e6:e8:0c:f6:
f4:15:00:1b:2f:6c:26:2b:9f:eb:f9:b4:7a:13:8d:fb:4a:1e:
a0:f0:9d:0e:b2:dd:7c:9c:8e:55:26:18:19:b3:a3:5d:70:a8:
07:4a:97:e9:c3:69:2c:44:bd:78:a3:bd:26:cf:3b:38:bf:53:
48:c1:72:61:d8:28:39:4d:33:95:dc:fc:a4:5f:ba:bf:f9:75:
5a:12:42:3f:62:84:82:91:82:9c:91:b9:41:de:71:5c:ec:8d:
d7:92:61:d2:5c:64:d5:dd:c8:3f:9f:b3:37:bf:38:10:57:2e:
bb:35:41:64:66:1d:ec:db:63:6c:ea:d5:ec:53:af:65:b1:52:
58:94:d4:52:32:c5:2b:c1:f3:80:80:e1:76:c5:db:b1:af:c0:
26:5c:1e:f8:d9:86:b7:6f:80:06:1a:88:1a:6f:7a:57:f7:f5:
ce:c9:1c:f0:3b:33:bc:7c:65:62:7f:56:44:16:82:c4:8d:9a:
4a:71:a9:88
-----BEGIN CERTIFICATE-----
MIIE2DCCA8CgAwIBAgICI3UwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRDJB
QjZDOUI2RTE2NTMzNEMwMzJEMDUxRDVGQzdEMTU0N0U0RTM1MzAeFw0yNTA2MDgx
ODA4NTdaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKEFERUM4Q0UwMEM3QTJB
ODYwRjM0QUJFOEY5MjZDRUZBOEIwNUYxMkQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQD1ncwWmKhktUK2QYBtv1qzHjp9wGJZy+A1LykxjlGTFaJGs0ay
6wnwY7kHihfntXF589I36OPqLiWHl5UeHKwYEE85tuOdWrqO2pvuAbkO3pstZyKe
Jy1aRL4uTtoDFk3gt4ZnpDRPuH2O874ByPPah5/oB2SgNdSBvJ0lsvl1JjqhNwAQ
95P8vPDQyOr1sRk5NwhzTk1kQF+LhTRxG8ppiM+P4GuEPGg/NOI4Lj1B2Wkt9AiG
WESNnq1mgh9hs6+UJ+yFtsroBoi4/tGHdjFAY3TwlrechB+TTAJlmR6DuGVsIPiL
MitadBTwOTPSlqrIDccyo2Bs/6D1apMeX+nDAgMBAAGjggH0MIIB8DAdBgNVHQ4E
FgQUreyM4Ax6KoYPNKvo+SbO+osF8S0wHwYDVR0jBBgwFoAU0qtsm24WUzTAMtBR
1fx9FUfk41MwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA5
OC8wcXRzbTI0V1V6VEFNdEJSMWZ4OUZVZms0MU0uY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwLzBxdHNtMjRXVXpUQU10QlIxZng5RlVmazQxTS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwOTgvcmV5TTRBeDZLb1lQ
Tkt2by1TYk8tb3NGOFMwLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIw
BwMFACQHm0AwDQYJKoZIhvcNAQELBQADggEBALJFEgizx1EkNUaSMv40YIQ50mXb
aes66ut6fdvzvhSJ2Pahj98Wwq4wckp66Oe2UQ3fotgPEhgC0Jb8ndXCyiXn0v3Y
5ugM9vQVABsvbCYrn+v5tHoTjftKHqDwnQ6y3XycjlUmGBmzo11wqAdKl+nDaSxE
vXijvSbPOzi/U0jBcmHYKDlNM5Xc/KRfur/5dVoSQj9ihIKRgpyRuUHecVzsjdeS
YdJcZNXdyD+fsze/OBBXLrs1QWRmHezbY2zq1exTr2WxUliU1FIyxSvB84CA4XbF
27GvwCZcHvjZhrdvgAYaiBpvelf39c7JHPA7M7x8ZWJ/VkQWgsSNmkpxqYg=
-----END CERTIFICATE-----
Generated at Fri Jun 20 21:30:33 2025 by rpki-client