Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3098/taCOjaiv574VklTmc00JlucTQZg.roa
File: taCOjaiv574VklTmc00JlucTQZg.roa (raw, json)
Hash identifier: dgHvNNU4fxuq/yJD6L7x3BIwgLzeFHpU0F7e6fPuPcU=
Subject key identifier: B5:A0:8E:8D:A8:AF:E7:BE:15:92:54:E6:73:4D:09:96:E7:13:41:98
Certificate issuer: /CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353
Certificate serial: 1F50
Authority key identifier: D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/taCOjaiv574VklTmc00JlucTQZg.roa
Signing time: Sun 01 Jun 2025 09:08:33 +0000
ROA not before: Sun 01 Jun 2025 09:08:33 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 4812
IP address blocks: 2407:9b40::/32 maxlen: 64
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8016 (0x1f50)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353
Validity
Not Before: Jun 1 09:08:33 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=B5A08E8DA8AFE7BE159254E6734D0996E7134198
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:9d:31:78:87:74:15:86:8e:31:91:12:f1:ca:
f7:cf:a8:3e:21:b5:8d:79:d4:53:70:c2:60:47:62:
95:a6:a5:fa:58:c5:05:ae:f5:af:a2:c5:1c:29:a5:
b5:68:ac:fe:d5:3e:56:62:6c:8d:cb:88:1f:9b:a5:
b1:3e:24:eb:8b:2e:95:ae:8c:e9:6f:26:b8:f3:ee:
65:de:05:61:79:c7:0b:38:ce:92:22:e1:92:ce:e4:
c0:0f:eb:ae:dd:3f:64:1f:16:46:fd:1b:b1:db:ac:
af:eb:09:e4:d4:1f:ec:07:3d:7c:74:39:6f:af:2b:
a1:e6:26:35:27:de:75:c6:80:75:7c:ac:3a:57:4e:
3b:f1:59:53:48:5d:bd:74:fd:4e:56:64:a5:6f:86:
14:7d:d0:ae:36:d3:f6:b5:cd:23:bf:34:20:84:8a:
c3:a8:83:aa:b0:d3:8b:e0:46:a5:98:12:71:79:98:
4c:bd:f5:2f:21:f2:87:3d:bc:74:53:b7:08:86:b0:
0e:06:63:3d:0e:5c:ea:e7:e6:7e:d7:a4:a9:06:42:
d3:f1:12:01:fa:d8:a8:01:49:1d:85:46:04:39:93:
3f:8a:34:0d:4c:f7:f1:0c:7e:41:ab:5b:9f:dd:49:
db:e7:95:62:4c:10:c4:7b:60:fd:e1:20:94:ca:56:
50:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:A0:8E:8D:A8:AF:E7:BE:15:92:54:E6:73:4D:09:96:E7:13:41:98
X509v3 Authority Key Identifier:
keyid:D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/0qtsm24WUzTAMtBR1fx9FUfk41M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/taCOjaiv574VklTmc00JlucTQZg.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2407:9b40::/32
Signature Algorithm: sha256WithRSAEncryption
28:c5:02:e9:d5:c8:2d:b9:9f:d7:ed:38:14:7e:f0:29:97:7c:
6a:2d:1c:c7:ee:6d:45:e2:d5:4a:4d:87:0a:43:0b:05:a6:75:
56:c9:27:13:f7:a2:57:8d:c3:3e:e7:49:a1:04:ea:45:f1:57:
63:47:49:04:fc:9c:35:10:79:53:32:76:2c:3e:72:a5:f5:18:
3a:2c:18:d3:59:17:c6:03:f6:e6:d3:26:fc:f0:71:e6:b6:41:
ae:d4:24:00:97:a4:c0:7f:3f:11:8a:55:4f:e2:fb:fd:24:bc:
a4:db:73:42:76:37:bc:fd:78:aa:9a:64:39:13:75:15:f3:f5:
7b:ff:d6:23:fa:79:06:a9:de:e5:58:59:0b:ca:9e:9b:aa:58:
ec:82:98:2b:18:6b:d1:bb:93:f6:1a:ac:f5:f2:14:66:d5:74:
b6:a7:da:94:06:32:ce:a5:e4:14:2b:4b:a6:8c:62:0c:f8:3a:
1b:32:78:fd:38:89:b7:05:b6:00:b8:90:39:58:34:87:14:c4:
a2:31:5a:91:28:79:32:e0:f4:70:fe:4d:89:4b:f7:54:60:58:
7d:2e:6d:bb:a8:60:5e:9e:40:7f:b5:8b:72:96:7a:b5:99:60:
16:4a:c4:71:56:f1:13:2e:c5:a5:30:c5:1f:dd:c1:85:91:bd:
18:7b:bb:aa
-----BEGIN CERTIFICATE-----
MIIE2DCCA8CgAwIBAgICH1AwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRDJB
QjZDOUI2RTE2NTMzNEMwMzJEMDUxRDVGQzdEMTU0N0U0RTM1MzAeFw0yNTA2MDEw
OTA4MzNaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKEI1QTA4RThEQThBRkU3
QkUxNTkyNTRFNjczNEQwOTk2RTcxMzQxOTgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCynTF4h3QVho4xkRLxyvfPqD4htY151FNwwmBHYpWmpfpYxQWu
9a+ixRwppbVorP7VPlZibI3LiB+bpbE+JOuLLpWujOlvJrjz7mXeBWF5xws4zpIi
4ZLO5MAP667dP2QfFkb9G7HbrK/rCeTUH+wHPXx0OW+vK6HmJjUn3nXGgHV8rDpX
TjvxWVNIXb10/U5WZKVvhhR90K420/a1zSO/NCCEisOog6qw04vgRqWYEnF5mEy9
9S8h8oc9vHRTtwiGsA4GYz0OXOrn5n7XpKkGQtPxEgH62KgBSR2FRgQ5kz+KNA1M
9/EMfkGrW5/dSdvnlWJMEMR7YP3hIJTKVlAdAgMBAAGjggH0MIIB8DAdBgNVHQ4E
FgQUtaCOjaiv574VklTmc00JlucTQZgwHwYDVR0jBBgwFoAU0qtsm24WUzTAMtBR
1fx9FUfk41MwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA5
OC8wcXRzbTI0V1V6VEFNdEJSMWZ4OUZVZms0MU0uY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwLzBxdHNtMjRXVXpUQU10QlIxZng5RlVmazQxTS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwOTgvdGFDT2phaXY1NzRW
a2xUbWMwMEpsdWNUUVpnLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIw
BwMFACQHm0AwDQYJKoZIhvcNAQELBQADggEBACjFAunVyC25n9ftOBR+8CmXfGot
HMfubUXi1UpNhwpDCwWmdVbJJxP3oleNwz7nSaEE6kXxV2NHSQT8nDUQeVMydiw+
cqX1GDosGNNZF8YD9ubTJvzwcea2Qa7UJACXpMB/PxGKVU/i+/0kvKTbc0J2N7z9
eKqaZDkTdRXz9Xv/1iP6eQap3uVYWQvKnpuqWOyCmCsYa9G7k/YarPXyFGbVdLan
2pQGMs6l5BQrS6aMYgz4OhsyeP04ibcFtgC4kDlYNIcUxKIxWpEoeTLg9HD+TYlL
91RgWH0ubbuoYF6eQH+1i3KWerWZYBZKxHFW8RMuxaUwxR/dwYWRvRh7u6o=
-----END CERTIFICATE-----
Generated at Sun Jun 22 09:26:09 2025 by rpki-client