Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3098/tJWls23Cdx7GiYdgVLPjsuaFTHw.roa
File: tJWls23Cdx7GiYdgVLPjsuaFTHw.roa (raw, json)
Hash identifier: BkDv9KdvFamj16KQaXHNJkqsHl5ti+uU4U/H7hKrjKI=
Subject key identifier: B4:95:A5:B3:6D:C2:77:1E:C6:89:87:60:54:B3:E3:B2:E6:85:4C:7C
Certificate issuer: /CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353
Certificate serial: 1C64
Authority key identifier: D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/tJWls23Cdx7GiYdgVLPjsuaFTHw.roa
Signing time: Tue 27 May 2025 04:38:13 +0000
ROA not before: Tue 27 May 2025 04:38:13 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 146845
IP address blocks: 2407:9b40::/32 maxlen: 64
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7268 (0x1c64)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353
Validity
Not Before: May 27 04:38:13 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=B495A5B36DC2771EC689876054B3E3B2E6854C7C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:67:84:f7:ee:11:97:04:0a:eb:28:89:92:cf:
69:fd:fb:73:6c:6b:b0:d9:62:b1:df:31:2b:03:20:
ab:57:d2:e8:4b:15:8f:b8:55:4e:37:b5:bd:bb:97:
3f:68:9d:8f:71:45:d6:ce:b0:c7:44:5a:8d:76:47:
41:d7:0a:8a:6e:ae:ec:40:60:b9:a2:a2:21:04:3c:
5b:27:dc:df:0e:be:91:3b:2a:bc:c4:61:23:e3:23:
8c:f7:10:61:63:9f:5d:23:9f:62:31:7c:34:d8:91:
ae:50:ec:68:ae:0b:17:01:80:25:9c:4a:93:e5:cf:
33:ee:a8:72:61:92:6a:22:e0:45:95:bf:3a:6d:eb:
57:48:92:85:52:0c:1e:4c:d9:4c:87:62:87:0f:c5:
e0:dd:6a:2f:d7:03:94:1e:62:be:4e:cf:bd:01:a1:
46:8d:ed:a3:c6:e5:2c:01:00:30:a0:a6:d7:cd:f2:
ba:c5:d1:9c:f2:0f:27:1e:6d:2d:96:63:d7:67:15:
bc:97:92:15:fc:91:d4:88:fe:1e:56:3f:cf:99:d0:
8f:c7:4c:ec:49:65:64:22:20:f7:e4:2a:7e:33:2b:
f1:34:a4:55:32:9f:cc:b9:4d:f5:9d:9c:14:dd:85:
f5:66:ba:4d:07:d5:23:b3:49:86:74:a3:d9:6b:88:
23:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:95:A5:B3:6D:C2:77:1E:C6:89:87:60:54:B3:E3:B2:E6:85:4C:7C
X509v3 Authority Key Identifier:
keyid:D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/0qtsm24WUzTAMtBR1fx9FUfk41M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/tJWls23Cdx7GiYdgVLPjsuaFTHw.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2407:9b40::/32
Signature Algorithm: sha256WithRSAEncryption
89:c5:e4:9f:e6:b5:28:db:87:b4:fa:30:da:fb:13:d8:6a:28:
e0:05:d8:a8:02:f1:16:a5:b3:d7:32:2b:c5:12:24:3d:c8:83:
a8:56:78:33:81:d5:49:ca:3f:37:f3:2e:b2:8d:b6:b0:7e:36:
d8:cf:34:74:b7:fe:a3:d9:ad:bd:78:a0:72:24:99:d3:08:d8:
1c:c7:a9:14:25:e8:19:55:b4:bb:ab:5c:5b:c9:c9:f5:a3:4f:
3d:2c:7d:e8:f8:43:f1:1d:aa:4c:a2:98:cb:f6:2b:b0:7c:87:
d8:3a:6a:35:76:b4:36:b9:33:df:55:21:46:70:de:a3:8c:5e:
0c:85:34:98:62:54:85:74:e2:e0:fb:dd:cf:4c:56:67:2b:b1:
55:69:2b:5e:79:93:2e:6e:3f:45:6a:0f:4b:04:d9:a3:ff:1a:
06:37:f4:48:21:53:10:31:52:4e:74:49:41:6d:4c:95:d1:fd:
21:61:4a:2d:1b:6a:fc:32:54:75:c6:07:cf:5e:97:2c:2e:64:
81:a9:37:e9:76:41:90:e8:c7:af:f1:a1:12:ba:2c:df:6a:cc:
68:26:36:b7:f6:04:5e:18:4c:9a:3f:d5:62:77:7e:0a:25:ec:
8a:6d:c6:05:79:f9:14:e0:47:6a:98:0b:f8:75:49:89:09:54:
e9:99:9f:f9
-----BEGIN CERTIFICATE-----
MIIE2DCCA8CgAwIBAgICHGQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRDJB
QjZDOUI2RTE2NTMzNEMwMzJEMDUxRDVGQzdEMTU0N0U0RTM1MzAeFw0yNTA1Mjcw
NDM4MTNaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKEI0OTVBNUIzNkRDMjc3
MUVDNjg5ODc2MDU0QjNFM0IyRTY4NTRDN0MwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDGZ4T37hGXBArrKImSz2n9+3Nsa7DZYrHfMSsDIKtX0uhLFY+4
VU43tb27lz9onY9xRdbOsMdEWo12R0HXCopuruxAYLmioiEEPFsn3N8OvpE7KrzE
YSPjI4z3EGFjn10jn2IxfDTYka5Q7GiuCxcBgCWcSpPlzzPuqHJhkmoi4EWVvzpt
61dIkoVSDB5M2UyHYocPxeDdai/XA5QeYr5Oz70BoUaN7aPG5SwBADCgptfN8rrF
0ZzyDycebS2WY9dnFbyXkhX8kdSI/h5WP8+Z0I/HTOxJZWQiIPfkKn4zK/E0pFUy
n8y5TfWdnBTdhfVmuk0H1SOzSYZ0o9lriCP5AgMBAAGjggH0MIIB8DAdBgNVHQ4E
FgQUtJWls23Cdx7GiYdgVLPjsuaFTHwwHwYDVR0jBBgwFoAU0qtsm24WUzTAMtBR
1fx9FUfk41MwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA5
OC8wcXRzbTI0V1V6VEFNdEJSMWZ4OUZVZms0MU0uY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwLzBxdHNtMjRXVXpUQU10QlIxZng5RlVmazQxTS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwOTgvdEpXbHMyM0NkeDdH
aVlkZ1ZMUGpzdWFGVEh3LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIw
BwMFACQHm0AwDQYJKoZIhvcNAQELBQADggEBAInF5J/mtSjbh7T6MNr7E9hqKOAF
2KgC8Rals9cyK8USJD3Ig6hWeDOB1UnKPzfzLrKNtrB+NtjPNHS3/qPZrb14oHIk
mdMI2BzHqRQl6BlVtLurXFvJyfWjTz0sfej4Q/EdqkyimMv2K7B8h9g6ajV2tDa5
M99VIUZw3qOMXgyFNJhiVIV04uD73c9MVmcrsVVpK155ky5uP0VqD0sE2aP/GgY3
9EghUxAxUk50SUFtTJXR/SFhSi0bavwyVHXGB89elywuZIGpN+l2QZDox6/xoRK6
LN9qzGgmNrf2BF4YTJo/1WJ3fgol7IptxgV5+RTgR2qYC/h1SYkJVOmZn/k=
-----END CERTIFICATE-----
Generated at Sat Jun 21 12:38:46 2025 by rpki-client