Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3098/z3_glff_C8UeVwR73dBFbqH9-Ng.roa
File: z3_glff_C8UeVwR73dBFbqH9-Ng.roa (raw, json)
Hash identifier: Xo5wtp1Y7gj3fdTxvRYjdyOUUJUC8IDfY1PPs/BVQY0=
Subject key identifier: CF:7F:E0:95:F7:FF:0B:C5:1E:57:04:7B:DD:D0:45:6E:A1:FD:F8:D8
Certificate issuer: /CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353
Certificate serial: 1C80
Authority key identifier: D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/z3_glff_C8UeVwR73dBFbqH9-Ng.roa
Signing time: Tue 27 May 2025 09:08:09 +0000
ROA not before: Tue 27 May 2025 09:08:09 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 4812
IP address blocks: 2407:9b40::/32 maxlen: 64
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7296 (0x1c80)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353
Validity
Not Before: May 27 09:08:09 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=CF7FE095F7FF0BC51E57047BDDD0456EA1FDF8D8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:d5:62:03:63:3f:e3:f5:fc:8c:dc:87:c9:46:
7c:44:52:43:04:8b:a2:4b:e3:a5:1a:99:18:af:f7:
79:7d:b7:69:a3:a6:88:6a:e3:98:df:e9:73:7e:9f:
d0:ab:23:d8:08:db:e0:33:39:5b:fa:d6:e3:ad:dd:
6d:be:67:aa:ba:24:b6:d1:9a:4c:09:de:75:dd:9d:
e7:5b:9a:4f:c1:45:eb:f4:0e:2c:d6:4b:a6:0a:bf:
1e:9f:ee:c8:1e:5b:fa:40:f0:b0:8d:da:32:46:5b:
86:89:eb:6f:bc:7a:b6:40:27:93:c3:8c:ec:7b:4a:
28:12:01:e3:4e:ea:5d:78:f1:f6:9a:e6:44:4b:f7:
83:80:c0:f2:3a:11:cc:12:ef:47:45:31:fc:f5:95:
41:0e:c7:9a:b9:37:86:0d:29:23:4c:c5:94:38:35:
8d:83:39:fe:81:29:04:83:d2:fe:c1:69:52:4a:d5:
3f:6e:2e:71:08:94:fb:25:09:10:ff:63:8a:ca:bc:
a2:bf:8e:bd:e5:82:ec:f8:9a:6c:b0:1e:2b:e7:d9:
2c:fc:b6:1d:7d:52:4d:23:fa:5c:4c:d1:22:45:4a:
6b:96:17:f5:83:28:73:59:5b:c2:a3:c0:3a:63:94:
a9:8e:a6:db:4e:50:0b:a3:41:18:fb:9e:fc:55:44:
ca:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:7F:E0:95:F7:FF:0B:C5:1E:57:04:7B:DD:D0:45:6E:A1:FD:F8:D8
X509v3 Authority Key Identifier:
keyid:D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/0qtsm24WUzTAMtBR1fx9FUfk41M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/z3_glff_C8UeVwR73dBFbqH9-Ng.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2407:9b40::/32
Signature Algorithm: sha256WithRSAEncryption
51:d2:93:89:3f:26:b6:4d:f9:35:cd:b6:04:79:86:24:3f:a5:
93:ab:16:7b:12:bd:3a:ea:9d:ea:e7:03:9a:15:36:e9:67:56:
b0:e4:fb:f2:ca:99:ac:73:c8:6f:4b:a8:0a:df:a9:3f:6d:47:
7a:13:85:d1:2f:ca:25:c2:f4:9f:ed:5d:83:ed:83:20:51:c4:
5c:1c:83:be:21:c7:82:77:76:5f:ae:31:9c:b6:59:b0:21:52:
48:e1:f8:99:13:49:4e:7f:ae:e5:a8:f8:c8:f2:9c:93:be:30:
2c:2a:e8:fe:99:1a:6e:45:71:64:ee:f0:de:df:7e:b3:d8:af:
7d:07:61:c7:30:8d:db:35:a8:db:ba:c5:5d:74:f1:eb:32:6b:
48:2d:3a:8a:dc:dc:a6:9c:cf:a6:03:f5:9e:91:cc:a6:cd:89:
7d:7a:10:23:f3:f0:90:ad:d5:1c:b6:e0:08:fb:79:5d:5e:2b:
5a:6e:30:9d:9a:f7:84:ca:f1:d9:de:02:ef:2b:33:b4:cd:42:
60:72:e7:63:f4:bc:60:da:d0:28:0f:f6:3b:8b:9e:89:a4:dc:
53:17:27:ad:64:a0:97:73:5c:ee:48:ab:c0:7a:88:a4:a8:f8:
97:e1:cc:ab:b6:2c:64:e4:f9:e9:ea:d7:f7:c4:b4:12:4b:f8:
c1:38:07:04
-----BEGIN CERTIFICATE-----
MIIE2DCCA8CgAwIBAgICHIAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRDJB
QjZDOUI2RTE2NTMzNEMwMzJEMDUxRDVGQzdEMTU0N0U0RTM1MzAeFw0yNTA1Mjcw
OTA4MDlaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKENGN0ZFMDk1RjdGRjBC
QzUxRTU3MDQ3QkRERDA0NTZFQTFGREY4RDgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDO1WIDYz/j9fyM3IfJRnxEUkMEi6JL46UamRiv93l9t2mjpohq
45jf6XN+n9CrI9gI2+AzOVv61uOt3W2+Z6q6JLbRmkwJ3nXdnedbmk/BRev0DizW
S6YKvx6f7sgeW/pA8LCN2jJGW4aJ62+8erZAJ5PDjOx7SigSAeNO6l148faa5kRL
94OAwPI6EcwS70dFMfz1lUEOx5q5N4YNKSNMxZQ4NY2DOf6BKQSD0v7BaVJK1T9u
LnEIlPslCRD/Y4rKvKK/jr3lguz4mmywHivn2Sz8th19Uk0j+lxM0SJFSmuWF/WD
KHNZW8KjwDpjlKmOpttOUAujQRj7nvxVRMojAgMBAAGjggH0MIIB8DAdBgNVHQ4E
FgQUz3/glff/C8UeVwR73dBFbqH9+NgwHwYDVR0jBBgwFoAU0qtsm24WUzTAMtBR
1fx9FUfk41MwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA5
OC8wcXRzbTI0V1V6VEFNdEJSMWZ4OUZVZms0MU0uY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwLzBxdHNtMjRXVXpUQU10QlIxZng5RlVmazQxTS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwOTgvejNfZ2xmZl9DOFVl
VndSNzNkQkZicUg5LU5nLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIw
BwMFACQHm0AwDQYJKoZIhvcNAQELBQADggEBAFHSk4k/JrZN+TXNtgR5hiQ/pZOr
FnsSvTrqnernA5oVNulnVrDk+/LKmaxzyG9LqArfqT9tR3oThdEvyiXC9J/tXYPt
gyBRxFwcg74hx4J3dl+uMZy2WbAhUkjh+JkTSU5/ruWo+MjynJO+MCwq6P6ZGm5F
cWTu8N7ffrPYr30HYccwjds1qNu6xV108esya0gtOorc3Kacz6YD9Z6RzKbNiX16
ECPz8JCt1Ry24Aj7eV1eK1puMJ2a94TK8dneAu8rM7TNQmBy52P0vGDa0CgP9juL
nomk3FMXJ61koJdzXO5Iq8B6iKSo+JfhzKu2LGTk+enq1/fEtBJL+ME4BwQ=
-----END CERTIFICATE-----
Generated at Sat Jun 21 00:06:03 2025 by rpki-client