Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3098/sHlBQdR2aRQ1vIICdwYjLh8LXjQ.roa
File: sHlBQdR2aRQ1vIICdwYjLh8LXjQ.roa (raw, json)
Hash identifier: 3Az7+7nXEF8epkJx/2wdJR1xia6y92lwWdA6sdNDcKU=
Subject key identifier: B0:79:41:41:D4:76:69:14:35:BC:82:02:77:06:23:2E:1F:0B:5E:34
Certificate issuer: /CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353
Certificate serial: 2754
Authority key identifier: D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/sHlBQdR2aRQ1vIICdwYjLh8LXjQ.roa
Signing time: Sun 15 Jun 2025 15:09:21 +0000
ROA not before: Sun 15 Jun 2025 15:09:21 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 4812
IP address blocks: 2407:9b40::/32 maxlen: 64
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 10068 (0x2754)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353
Validity
Not Before: Jun 15 15:09:21 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=B0794141D476691435BC82027706232E1F0B5E34
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:b8:18:67:00:bb:cd:65:66:84:df:30:04:ac:
df:ae:60:4f:05:83:7c:d6:f1:0a:7d:0b:b5:60:a6:
57:31:73:90:a8:a7:8c:68:66:f7:c9:c4:96:66:a7:
f8:d3:68:e0:dd:f0:2c:9b:fb:04:00:25:d1:7f:66:
0e:65:96:24:00:c6:59:b2:a8:42:7d:b9:f9:3d:f1:
ad:5b:fb:a8:d9:b3:1d:fb:71:7e:67:52:31:0f:b5:
e4:d8:cf:97:75:c9:ec:9e:82:78:e7:a4:59:5f:28:
13:cd:b2:7b:94:e0:89:17:31:5e:56:81:1a:54:9f:
e0:b5:f8:d8:16:9f:21:37:e8:60:a2:ea:86:5a:6d:
33:51:35:c4:cb:34:0d:d5:9f:9b:d7:7f:2d:31:c7:
70:15:a2:32:6f:60:d6:3a:57:a4:00:16:ea:7c:a4:
9e:b8:db:dc:ba:95:9e:ce:0f:58:63:b0:9b:da:62:
64:8d:10:9f:dc:e8:53:89:1e:da:20:d8:d8:69:c3:
0b:9e:c4:ab:79:d7:f3:a6:d3:3a:60:cf:7c:95:7d:
69:9a:f2:eb:70:95:26:68:63:07:86:ae:00:26:9c:
4f:c3:20:28:50:30:90:b7:eb:93:c8:15:ed:14:07:
13:27:b7:66:d9:f8:ad:4b:40:b1:e0:2e:47:1b:a4:
e2:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:79:41:41:D4:76:69:14:35:BC:82:02:77:06:23:2E:1F:0B:5E:34
X509v3 Authority Key Identifier:
keyid:D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/0qtsm24WUzTAMtBR1fx9FUfk41M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/sHlBQdR2aRQ1vIICdwYjLh8LXjQ.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2407:9b40::/32
Signature Algorithm: sha256WithRSAEncryption
37:de:32:bb:04:b5:ad:43:30:57:53:9c:02:93:41:dc:4a:b8:
c4:d8:be:dd:74:78:a4:04:bc:d3:85:7d:25:c5:71:38:11:0a:
66:1e:e8:a2:99:e2:2d:3e:24:cd:2f:a4:d1:05:52:79:72:5a:
7d:92:e6:ca:8c:71:1b:8b:87:20:5d:3b:5f:59:01:04:e6:07:
69:71:35:d8:dd:c1:4f:12:74:e7:7f:5f:11:df:f3:f0:de:47:
88:06:fb:70:3a:45:af:59:89:ee:eb:18:65:13:84:30:13:46:
c8:4e:3c:ff:16:d4:f6:f2:84:4f:7a:42:a4:77:8d:ae:bb:72:
82:4a:40:5b:04:88:9b:ea:01:38:bb:56:d2:c9:35:04:e8:4b:
92:c8:38:5c:72:25:35:00:1e:18:7a:c2:19:71:00:2a:26:15:
81:f1:af:1e:03:6d:2f:0f:08:f1:13:29:52:89:75:76:6b:d4:
cd:47:a0:4e:42:88:b4:39:f1:56:b7:b3:4a:50:5f:db:65:79:
33:13:d7:88:fb:00:31:c0:60:44:c1:27:b1:d4:79:f5:74:b2:
b2:b4:d9:e4:9c:8e:e4:a8:5c:72:0b:4b:ac:b3:3e:bd:7f:de:
1c:b0:d9:b2:d0:7e:0d:b8:71:b6:22:18:4f:c4:ac:55:6e:ed:
dc:e9:95:be
-----BEGIN CERTIFICATE-----
MIIE2DCCA8CgAwIBAgICJ1QwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRDJB
QjZDOUI2RTE2NTMzNEMwMzJEMDUxRDVGQzdEMTU0N0U0RTM1MzAeFw0yNTA2MTUx
NTA5MjFaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKEIwNzk0MTQxRDQ3NjY5
MTQzNUJDODIwMjc3MDYyMzJFMUYwQjVFMzQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC1uBhnALvNZWaE3zAErN+uYE8Fg3zW8Qp9C7Vgplcxc5Cop4xo
ZvfJxJZmp/jTaODd8Cyb+wQAJdF/Zg5lliQAxlmyqEJ9ufk98a1b+6jZsx37cX5n
UjEPteTYz5d1yeyegnjnpFlfKBPNsnuU4IkXMV5WgRpUn+C1+NgWnyE36GCi6oZa
bTNRNcTLNA3Vn5vXfy0xx3AVojJvYNY6V6QAFup8pJ6429y6lZ7OD1hjsJvaYmSN
EJ/c6FOJHtog2NhpwwuexKt51/Om0zpgz3yVfWma8utwlSZoYweGrgAmnE/DIChQ
MJC365PIFe0UBxMnt2bZ+K1LQLHgLkcbpOJ1AgMBAAGjggH0MIIB8DAdBgNVHQ4E
FgQUsHlBQdR2aRQ1vIICdwYjLh8LXjQwHwYDVR0jBBgwFoAU0qtsm24WUzTAMtBR
1fx9FUfk41MwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA5
OC8wcXRzbTI0V1V6VEFNdEJSMWZ4OUZVZms0MU0uY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwLzBxdHNtMjRXVXpUQU10QlIxZng5RlVmazQxTS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwOTgvc0hsQlFkUjJhUlEx
dklJQ2R3WWpMaDhMWGpRLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIw
BwMFACQHm0AwDQYJKoZIhvcNAQELBQADggEBADfeMrsEta1DMFdTnAKTQdxKuMTY
vt10eKQEvNOFfSXFcTgRCmYe6KKZ4i0+JM0vpNEFUnlyWn2S5sqMcRuLhyBdO19Z
AQTmB2lxNdjdwU8SdOd/XxHf8/DeR4gG+3A6Ra9Zie7rGGUThDATRshOPP8W1Pby
hE96QqR3ja67coJKQFsEiJvqATi7VtLJNQToS5LIOFxyJTUAHhh6whlxAComFYHx
rx4DbS8PCPETKVKJdXZr1M1HoE5CiLQ58Va3s0pQX9tleTMT14j7ADHAYETBJ7HU
efV0srK02eScjuSoXHILS6yzPr1/3hyw2bLQfg24cbYiGE/ErFVu7dzplb4=
-----END CERTIFICATE-----
Generated at Sat Jun 21 16:16:36 2025 by rpki-client