Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3098/tu7ZqTs-ZbHlTVVrL-2EEpjeg7I.roa
File: tu7ZqTs-ZbHlTVVrL-2EEpjeg7I.roa (raw, json)
Hash identifier: bn4roSnTWf4A9E2+zHykGXY2+Q2OBiCyqvDnYD9gTLI=
Subject key identifier: B6:EE:D9:A9:3B:3E:65:B1:E5:4D:55:6B:2F:ED:84:12:98:DE:83:B2
Certificate issuer: /CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353
Certificate serial: 2270
Authority key identifier: D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/tu7ZqTs-ZbHlTVVrL-2EEpjeg7I.roa
Signing time: Fri 06 Jun 2025 22:38:51 +0000
ROA not before: Fri 06 Jun 2025 22:38:51 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 146845
IP address blocks: 2407:9b40::/32 maxlen: 64
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8816 (0x2270)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353
Validity
Not Before: Jun 6 22:38:51 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=B6EED9A93B3E65B1E54D556B2FED841298DE83B2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:84:4b:69:52:2d:4d:1e:f8:0e:4c:4c:d5:43:
22:0a:c7:1d:90:79:44:4c:c6:85:16:79:c2:58:89:
85:b2:4a:8d:31:52:79:86:6f:0b:4c:b3:6b:ae:c7:
5c:c6:a7:b9:e6:e4:ed:16:96:ae:49:2d:27:bb:83:
79:f2:4d:c9:78:d3:fd:44:8a:e8:2f:40:b2:ac:7c:
a6:fc:45:dc:07:64:db:24:9d:41:54:17:20:fd:e1:
40:e5:3b:62:f3:bf:33:71:4c:5c:2d:81:f0:64:e3:
36:58:90:a7:95:ed:88:05:b0:91:38:ff:a7:2c:d7:
3b:0b:51:d6:99:9d:4b:66:0e:7c:4b:44:3a:8f:91:
20:7e:1b:05:20:11:3e:9b:e6:ec:81:b1:c3:bd:5c:
3f:d9:bb:95:d6:83:77:e6:c1:ac:c0:ae:39:13:1b:
a0:86:29:5b:97:0f:2b:ad:f3:ca:2a:75:58:0a:fc:
fb:95:3a:68:3c:b4:3e:ea:f7:af:8e:31:0b:3a:7b:
74:a1:8b:b9:52:20:6c:5c:14:f6:4a:c5:1e:92:67:
a0:59:49:bd:b1:76:36:83:06:18:53:dd:ca:3a:b9:
30:c8:32:cd:5c:cb:e1:3f:7a:5d:2c:e6:02:8d:5b:
05:0b:e5:bc:6e:a3:26:58:e6:e9:f9:09:33:3f:c2:
8c:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:EE:D9:A9:3B:3E:65:B1:E5:4D:55:6B:2F:ED:84:12:98:DE:83:B2
X509v3 Authority Key Identifier:
keyid:D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/0qtsm24WUzTAMtBR1fx9FUfk41M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/tu7ZqTs-ZbHlTVVrL-2EEpjeg7I.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2407:9b40::/32
Signature Algorithm: sha256WithRSAEncryption
b2:01:5d:d7:b7:7c:ec:86:f8:f4:9c:56:56:9e:18:41:23:bc:
75:cd:69:13:35:32:28:ec:06:16:17:f3:79:01:0c:5f:cc:b7:
60:c2:f3:2a:f9:62:40:eb:12:15:48:21:0c:54:a1:7a:fa:1f:
76:09:28:e2:3c:5e:c2:2b:5d:26:60:34:3d:ef:38:5e:67:75:
e4:e9:37:9d:cc:cb:c3:92:ef:44:80:1f:0c:ff:e6:c8:c8:85:
30:e5:29:e7:49:36:5c:2e:e0:d5:b1:bd:92:38:fb:85:e5:2b:
90:c0:77:e5:83:4b:07:1f:ac:df:02:0d:d0:f4:04:a1:55:3e:
14:1e:b0:6a:15:f4:fa:a7:7b:3a:3a:77:4b:76:da:ed:d5:2f:
4e:dc:d1:fe:c9:11:d5:a5:23:c2:e3:7f:7c:ff:4e:b5:06:1c:
16:b3:29:a2:47:e1:c9:b8:61:e1:c2:2c:df:65:44:97:45:3a:
d3:22:88:2a:c1:c7:8a:8b:66:af:7f:cb:84:c7:03:53:0c:4e:
00:ba:35:f8:09:af:fc:64:1d:60:38:8a:13:71:8b:45:fe:86:
72:61:6f:b1:dd:6f:1a:e7:38:68:3a:8f:f6:f9:53:33:3b:f2:
9a:3f:81:46:6a:33:71:5d:5f:f5:a3:4c:59:04:36:02:5e:cc:
26:7f:43:55
-----BEGIN CERTIFICATE-----
MIIE2DCCA8CgAwIBAgICInAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRDJB
QjZDOUI2RTE2NTMzNEMwMzJEMDUxRDVGQzdEMTU0N0U0RTM1MzAeFw0yNTA2MDYy
MjM4NTFaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKEI2RUVEOUE5M0IzRTY1
QjFFNTRENTU2QjJGRUQ4NDEyOThERTgzQjIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCfhEtpUi1NHvgOTEzVQyIKxx2QeURMxoUWecJYiYWySo0xUnmG
bwtMs2uux1zGp7nm5O0Wlq5JLSe7g3nyTcl40/1EiugvQLKsfKb8RdwHZNsknUFU
FyD94UDlO2LzvzNxTFwtgfBk4zZYkKeV7YgFsJE4/6cs1zsLUdaZnUtmDnxLRDqP
kSB+GwUgET6b5uyBscO9XD/Zu5XWg3fmwazArjkTG6CGKVuXDyut88oqdVgK/PuV
Omg8tD7q96+OMQs6e3Shi7lSIGxcFPZKxR6SZ6BZSb2xdjaDBhhT3co6uTDIMs1c
y+E/el0s5gKNWwUL5bxuoyZY5un5CTM/wow/AgMBAAGjggH0MIIB8DAdBgNVHQ4E
FgQUtu7ZqTs+ZbHlTVVrL+2EEpjeg7IwHwYDVR0jBBgwFoAU0qtsm24WUzTAMtBR
1fx9FUfk41MwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA5
OC8wcXRzbTI0V1V6VEFNdEJSMWZ4OUZVZms0MU0uY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwLzBxdHNtMjRXVXpUQU10QlIxZng5RlVmazQxTS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwOTgvdHU3WnFUcy1aYkhs
VFZWckwtMkVFcGplZzdJLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIw
BwMFACQHm0AwDQYJKoZIhvcNAQELBQADggEBALIBXde3fOyG+PScVlaeGEEjvHXN
aRM1MijsBhYX83kBDF/Mt2DC8yr5YkDrEhVIIQxUoXr6H3YJKOI8XsIrXSZgND3v
OF5ndeTpN53My8OS70SAHwz/5sjIhTDlKedJNlwu4NWxvZI4+4XlK5DAd+WDSwcf
rN8CDdD0BKFVPhQesGoV9Pqnezo6d0t22u3VL07c0f7JEdWlI8Ljf3z/TrUGHBaz
KaJH4cm4YeHCLN9lRJdFOtMiiCrBx4qLZq9/y4THA1MMTgC6NfgJr/xkHWA4ihNx
i0X+hnJhb7HdbxrnOGg6j/b5UzM78po/gUZqM3FdX/WjTFkENgJezCZ/Q1U=
-----END CERTIFICATE-----
Generated at Sat Jun 21 05:48:08 2025 by rpki-client