Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3098/vlYC7y8ry0aw3JPdSnOadBZosT4.roa
File: vlYC7y8ry0aw3JPdSnOadBZosT4.roa (raw, json)
Hash identifier: EpyCSYg3CpCG8MpJBM2bT4d1bbX3nKW0PsL2PSRu0Xo=
Subject key identifier: BE:56:02:EF:2F:2B:CB:46:B0:DC:93:DD:4A:73:9A:74:16:68:B1:3E
Certificate issuer: /CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353
Certificate serial: 244E
Authority key identifier: D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/vlYC7y8ry0aw3JPdSnOadBZosT4.roa
Signing time: Tue 10 Jun 2025 06:09:04 +0000
ROA not before: Tue 10 Jun 2025 06:09:04 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 4812
IP address blocks: 2407:9b40::/32 maxlen: 64
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 9294 (0x244e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353
Validity
Not Before: Jun 10 06:09:04 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=BE5602EF2F2BCB46B0DC93DD4A739A741668B13E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:20:7a:ee:df:fc:92:38:50:23:b1:0d:19:01:
e3:df:44:d7:e6:fd:d6:63:0a:fd:0c:a7:19:8a:67:
aa:21:6b:e4:b2:d7:7e:2c:f7:81:bc:62:25:31:97:
0d:83:61:04:33:19:ce:4a:0f:4d:74:bb:7f:04:79:
20:88:7b:b1:fd:4f:a8:4a:b1:7b:72:04:90:46:36:
1f:ce:94:f8:d7:d9:c9:5c:7c:90:fb:18:22:4a:c4:
20:fd:03:40:3c:03:a4:75:4c:78:69:a1:71:2e:c0:
63:d7:7b:9a:e9:14:7e:5b:98:97:9e:53:dd:48:5c:
4d:ef:21:ed:b1:07:38:12:2d:35:47:38:59:43:66:
6b:19:1e:e9:04:e8:f6:5c:9c:9c:a2:76:c4:60:f0:
fb:75:33:1d:c4:95:8e:3d:6b:30:8b:25:36:a7:45:
ed:38:59:c2:0c:45:92:2b:b4:25:85:8a:6d:52:c0:
69:46:25:5c:78:74:b6:69:3f:3d:cb:e6:f2:bd:12:
97:56:3d:6d:7f:7f:3d:a9:ee:28:89:19:e6:91:76:
41:e7:c0:4b:a2:02:38:e0:db:44:13:ab:10:44:b8:
94:1b:41:b6:03:78:db:08:20:85:07:b8:b2:3c:9e:
91:00:37:3b:08:82:29:8c:d7:05:4b:77:6a:9d:e3:
03:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:56:02:EF:2F:2B:CB:46:B0:DC:93:DD:4A:73:9A:74:16:68:B1:3E
X509v3 Authority Key Identifier:
keyid:D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/0qtsm24WUzTAMtBR1fx9FUfk41M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/vlYC7y8ry0aw3JPdSnOadBZosT4.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2407:9b40::/32
Signature Algorithm: sha256WithRSAEncryption
7f:c5:6a:08:6d:36:ed:05:59:3f:e2:da:8a:04:98:ff:26:71:
8b:a6:6e:f0:b6:56:ee:b4:f2:b4:0c:02:ff:0c:7c:57:c8:f7:
ec:7a:b3:13:16:4d:64:7f:9c:fc:c2:84:e7:30:15:d0:e2:72:
e6:37:cd:42:8a:61:7b:fe:9f:27:2c:fc:e0:22:ab:f2:1a:98:
55:7f:00:7b:83:03:78:3b:cf:22:41:fb:d3:37:a6:cd:ed:d1:
17:6a:a3:08:70:67:dc:18:92:5f:b7:4c:3f:b8:83:45:63:69:
fa:ad:99:46:9a:5a:ad:4e:a4:3a:dd:d6:c0:3c:ef:96:77:a9:
72:f2:e1:f0:33:4a:ca:13:3e:a4:62:e0:0d:12:5b:84:91:8a:
64:8c:ba:a3:a0:67:a6:67:37:60:0d:2c:c2:c4:84:6d:84:30:
7d:13:db:6b:97:fe:b9:50:4e:91:da:1c:4e:97:de:e1:f0:ea:
05:15:94:73:5b:ac:f7:1f:7b:7c:28:5c:5e:06:77:ec:b9:34:
05:b5:16:34:4d:00:26:3c:1f:6d:55:c2:2c:63:87:ed:0f:13:
6c:62:b1:0d:f3:1c:cd:f0:29:46:87:0a:a3:ab:7a:4c:88:97:
ea:5c:2f:6b:c8:1d:c0:49:07:e2:06:ae:4a:28:9e:e5:02:b3:
0f:ce:c7:d3
-----BEGIN CERTIFICATE-----
MIIE2DCCA8CgAwIBAgICJE4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRDJB
QjZDOUI2RTE2NTMzNEMwMzJEMDUxRDVGQzdEMTU0N0U0RTM1MzAeFw0yNTA2MTAw
NjA5MDRaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKEJFNTYwMkVGMkYyQkNC
NDZCMERDOTNERDRBNzM5QTc0MTY2OEIxM0UwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDqIHru3/ySOFAjsQ0ZAePfRNfm/dZjCv0MpxmKZ6oha+Sy134s
94G8YiUxlw2DYQQzGc5KD010u38EeSCIe7H9T6hKsXtyBJBGNh/OlPjX2clcfJD7
GCJKxCD9A0A8A6R1THhpoXEuwGPXe5rpFH5bmJeeU91IXE3vIe2xBzgSLTVHOFlD
ZmsZHukE6PZcnJyidsRg8Pt1Mx3ElY49azCLJTanRe04WcIMRZIrtCWFim1SwGlG
JVx4dLZpPz3L5vK9EpdWPW1/fz2p7iiJGeaRdkHnwEuiAjjg20QTqxBEuJQbQbYD
eNsIIIUHuLI8npEANzsIgimM1wVLd2qd4wM1AgMBAAGjggH0MIIB8DAdBgNVHQ4E
FgQUvlYC7y8ry0aw3JPdSnOadBZosT4wHwYDVR0jBBgwFoAU0qtsm24WUzTAMtBR
1fx9FUfk41MwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA5
OC8wcXRzbTI0V1V6VEFNdEJSMWZ4OUZVZms0MU0uY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwLzBxdHNtMjRXVXpUQU10QlIxZng5RlVmazQxTS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwOTgvdmxZQzd5OHJ5MGF3
M0pQZFNuT2FkQlpvc1Q0LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIw
BwMFACQHm0AwDQYJKoZIhvcNAQELBQADggEBAH/FaghtNu0FWT/i2ooEmP8mcYum
bvC2Vu608rQMAv8MfFfI9+x6sxMWTWR/nPzChOcwFdDicuY3zUKKYXv+nycs/OAi
q/IamFV/AHuDA3g7zyJB+9M3ps3t0RdqowhwZ9wYkl+3TD+4g0VjafqtmUaaWq1O
pDrd1sA875Z3qXLy4fAzSsoTPqRi4A0SW4SRimSMuqOgZ6ZnN2ANLMLEhG2EMH0T
22uX/rlQTpHaHE6X3uHw6gUVlHNbrPcfe3woXF4Gd+y5NAW1FjRNACY8H21Vwixj
h+0PE2xisQ3zHM3wKUaHCqOrekyIl+pcL2vIHcBJB+IGrkoonuUCsw/Ox9M=
-----END CERTIFICATE-----
Generated at Sat Jun 21 16:55:59 2025 by rpki-client