Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3098/sORTS8Tm--yhS5TfLRA7Uy00D2g.roa
File: sORTS8Tm--yhS5TfLRA7Uy00D2g.roa (raw, json)
Hash identifier: g2g9lEqupHP/rdXcf/w9XXro2x4z67/Pvg+iK2TMJBc=
Subject key identifier: B0:E4:53:4B:C4:E6:FB:EC:A1:4B:94:DF:2D:10:3B:53:2D:34:0F:68
Certificate issuer: /CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353
Certificate serial: 24AE
Authority key identifier: D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/sORTS8Tm--yhS5TfLRA7Uy00D2g.roa
Signing time: Tue 10 Jun 2025 22:09:08 +0000
ROA not before: Tue 10 Jun 2025 22:09:08 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 4812
IP address blocks: 2407:9b40::/32 maxlen: 64
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 9390 (0x24ae)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353
Validity
Not Before: Jun 10 22:09:08 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=B0E4534BC4E6FBECA14B94DF2D103B532D340F68
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:89:21:98:fe:5a:d7:eb:1a:28:62:92:12:99:
c9:e7:8a:73:66:24:6e:57:17:bf:17:49:03:ba:3f:
eb:6e:7f:51:10:4f:73:4a:ef:e5:07:5b:3a:53:07:
4b:37:ea:1a:b5:a2:19:94:a5:92:52:f2:90:18:b8:
27:ae:97:8e:ec:95:a2:8b:58:ed:8f:f5:86:d9:2f:
06:76:37:99:27:b0:51:a2:ad:5e:f6:77:e2:f6:ef:
eb:c2:df:b9:41:37:4e:9b:09:55:1b:96:80:7d:54:
42:38:fc:72:37:89:61:d6:96:6e:87:a7:b3:63:f4:
99:32:4a:91:9f:1b:c6:a1:9c:36:fd:0d:4c:78:fa:
db:26:ca:d9:a0:f1:d6:aa:58:da:f8:f4:90:45:65:
f0:5e:0b:03:9e:d3:aa:54:9f:37:4b:21:88:68:01:
23:5b:23:ab:60:46:ed:af:de:25:70:bd:d7:2e:27:
27:c8:ed:5a:e8:f8:b2:88:f4:88:f5:d9:98:eb:8c:
34:1f:7d:43:27:5c:f9:cd:54:83:be:48:5d:85:b9:
dc:e1:6d:f5:6d:ec:1f:fe:79:90:56:07:3d:a0:9e:
14:e0:16:bc:51:72:bc:74:6e:80:43:03:27:0e:ab:
30:c1:b0:71:ed:94:54:71:03:4e:b0:d3:34:27:fe:
3e:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:E4:53:4B:C4:E6:FB:EC:A1:4B:94:DF:2D:10:3B:53:2D:34:0F:68
X509v3 Authority Key Identifier:
keyid:D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/0qtsm24WUzTAMtBR1fx9FUfk41M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/sORTS8Tm--yhS5TfLRA7Uy00D2g.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2407:9b40::/32
Signature Algorithm: sha256WithRSAEncryption
35:e7:62:71:ac:f0:c2:98:52:ae:91:e4:5d:73:66:54:d8:37:
e7:f4:34:98:6f:f0:06:54:0a:67:da:07:36:91:44:7f:23:b4:
ef:ec:b0:cb:6a:d6:ac:80:f3:44:c2:dd:59:03:e7:98:03:60:
42:93:50:d4:ff:0b:46:ca:fa:c4:f7:08:8c:80:d2:1c:fd:93:
41:1a:63:94:b6:f5:84:e4:ba:d3:2c:2c:5f:66:8c:12:3d:ae:
ef:a6:75:88:7e:86:f2:d6:bb:07:19:f5:07:b9:71:c1:d8:aa:
72:42:19:2e:d9:ac:35:73:ca:f2:a0:6e:14:69:75:42:36:5a:
a3:e4:70:42:84:52:72:7d:d9:5d:24:9b:a5:1a:e1:5a:3e:9e:
f8:7b:38:41:f4:85:2b:e2:f9:6b:95:76:82:ee:bc:24:e4:93:
c6:0e:d4:b5:63:02:db:16:34:15:72:f8:4f:b3:cd:05:f1:13:
35:6a:73:9a:6b:11:0b:f7:d3:82:cc:d7:98:00:ad:b6:43:37:
df:ca:71:d8:dd:f5:df:84:1c:f1:8f:f8:71:9e:15:49:67:e9:
5a:c3:bd:98:fe:8a:2a:c3:23:68:2c:fe:b8:13:3d:1f:3a:ab:
8a:77:3c:e0:b7:4d:26:3b:3b:3c:58:80:c5:54:36:21:8c:80:
79:e5:0f:de
-----BEGIN CERTIFICATE-----
MIIE2DCCA8CgAwIBAgICJK4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRDJB
QjZDOUI2RTE2NTMzNEMwMzJEMDUxRDVGQzdEMTU0N0U0RTM1MzAeFw0yNTA2MTAy
MjA5MDhaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKEIwRTQ1MzRCQzRFNkZC
RUNBMTRCOTRERjJEMTAzQjUzMkQzNDBGNjgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDViSGY/lrX6xooYpISmcnninNmJG5XF78XSQO6P+tuf1EQT3NK
7+UHWzpTB0s36hq1ohmUpZJS8pAYuCeul47slaKLWO2P9YbZLwZ2N5knsFGirV72
d+L27+vC37lBN06bCVUbloB9VEI4/HI3iWHWlm6Hp7Nj9JkySpGfG8ahnDb9DUx4
+tsmytmg8daqWNr49JBFZfBeCwOe06pUnzdLIYhoASNbI6tgRu2v3iVwvdcuJyfI
7Vro+LKI9Ij12ZjrjDQffUMnXPnNVIO+SF2FudzhbfVt7B/+eZBWBz2gnhTgFrxR
crx0boBDAycOqzDBsHHtlFRxA06w0zQn/j5fAgMBAAGjggH0MIIB8DAdBgNVHQ4E
FgQUsORTS8Tm++yhS5TfLRA7Uy00D2gwHwYDVR0jBBgwFoAU0qtsm24WUzTAMtBR
1fx9FUfk41MwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA5
OC8wcXRzbTI0V1V6VEFNdEJSMWZ4OUZVZms0MU0uY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwLzBxdHNtMjRXVXpUQU10QlIxZng5RlVmazQxTS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwOTgvc09SVFM4VG0tLXlo
UzVUZkxSQTdVeTAwRDJnLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIw
BwMFACQHm0AwDQYJKoZIhvcNAQELBQADggEBADXnYnGs8MKYUq6R5F1zZlTYN+f0
NJhv8AZUCmfaBzaRRH8jtO/ssMtq1qyA80TC3VkD55gDYEKTUNT/C0bK+sT3CIyA
0hz9k0EaY5S29YTkutMsLF9mjBI9ru+mdYh+hvLWuwcZ9Qe5ccHYqnJCGS7ZrDVz
yvKgbhRpdUI2WqPkcEKEUnJ92V0km6Ua4Vo+nvh7OEH0hSvi+WuVdoLuvCTkk8YO
1LVjAtsWNBVy+E+zzQXxEzVqc5prEQv304LM15gArbZDN9/Kcdjd9d+EHPGP+HGe
FUln6VrDvZj+iirDI2gs/rgTPR86q4p3POC3TSY7OzxYgMVUNiGMgHnlD94=
-----END CERTIFICATE-----
Generated at Fri Jun 20 23:03:40 2025 by rpki-client