Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/767/2ULSEoLp8a96LQmAA7rmnL8hYtA.roa
File: 2ULSEoLp8a96LQmAA7rmnL8hYtA.roa (raw, json)
Hash identifier: 15ASpOMClfjZIzHR5T/oeV+I4b5dDp0wOAdcDdu+JKM=
Subject key identifier: D9:42:D2:12:82:E9:F1:AF:7A:2D:09:80:03:BA:E6:9C:BF:21:62:D0
Certificate issuer: /CN=CC8CF726F2323299108744D6930BEF18D677445D
Certificate serial: 128E
Authority key identifier: CC:8C:F7:26:F2:32:32:99:10:87:44:D6:93:0B:EF:18:D6:77:44:5D
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/zIz3JvIyMpkQh0TWkwvvGNZ3RF0.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/767/2ULSEoLp8a96LQmAA7rmnL8hYtA.roa
Signing time: Tue 23 Jul 2024 05:18:49 +0000
ROA not before: Tue 23 Jul 2024 05:18:49 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 18464
IP address blocks: 2403:3d80::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4750 (0x128e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=CC8CF726F2323299108744D6930BEF18D677445D
Validity
Not Before: Jul 23 05:18:49 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=D942D21282E9F1AF7A2D098003BAE69CBF2162D0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:f6:54:4e:b5:d3:8a:91:8d:eb:be:24:04:1d:
4d:68:06:0d:f3:3a:b6:5e:9c:c0:64:9e:c4:1d:8a:
10:36:a5:81:fd:e3:2b:62:28:2a:ad:5c:1b:03:46:
64:28:19:2d:a9:72:7f:24:d0:40:c9:96:eb:ae:66:
1e:02:ee:31:f2:99:23:82:50:dd:06:40:1c:ab:45:
cd:28:a0:ea:50:72:1b:2d:5b:08:57:9a:f7:3e:48:
b6:0d:81:55:c7:dd:13:d1:3f:5c:58:6d:11:96:b1:
f2:a8:1b:d1:83:0e:21:c2:be:86:bd:38:0f:c1:51:
55:3c:25:c8:bd:af:ce:ea:e0:a8:ef:8d:82:21:e8:
26:66:f9:9f:7c:76:29:b7:cb:27:86:0f:8b:86:51:
d5:fc:98:b5:f7:9e:2c:a9:c8:7d:eb:81:a3:b4:f2:
13:39:a3:3c:26:59:1d:50:46:96:49:5e:14:f1:b6:
24:40:64:54:57:1d:9a:05:57:0d:77:80:c5:f8:df:
8b:e2:5f:67:94:e8:3c:d5:e6:9e:f0:2e:44:fe:8e:
55:3f:be:52:f9:4e:58:e5:38:60:72:82:e0:0a:0e:
23:f6:ea:97:08:3b:4a:61:db:d3:d3:5e:07:dc:7b:
49:f3:b4:26:9a:f7:7a:97:cc:ac:8d:96:ec:36:15:
48:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:42:D2:12:82:E9:F1:AF:7A:2D:09:80:03:BA:E6:9C:BF:21:62:D0
X509v3 Authority Key Identifier:
keyid:CC:8C:F7:26:F2:32:32:99:10:87:44:D6:93:0B:EF:18:D6:77:44:5D
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/767/zIz3JvIyMpkQh0TWkwvvGNZ3RF0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/zIz3JvIyMpkQh0TWkwvvGNZ3RF0.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/767/2ULSEoLp8a96LQmAA7rmnL8hYtA.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2403:3d80::/32
Signature Algorithm: sha256WithRSAEncryption
6d:38:72:95:ab:49:db:57:cf:e6:2a:31:d1:4d:4a:c6:40:99:
2c:5f:11:a8:e1:8e:0b:ca:76:81:96:6f:24:3e:f8:d4:30:1c:
ca:7e:da:d2:31:f7:b1:c7:02:18:4d:2b:e0:ff:82:7d:47:7b:
05:d1:dd:64:c3:aa:eb:2c:44:80:ef:55:eb:49:1b:ec:24:8b:
3f:53:90:4f:b8:50:73:11:a6:93:5c:03:d2:97:fc:fd:9d:f7:
df:e1:c7:02:b7:39:2d:c2:26:b7:08:5a:1d:5a:88:3e:18:df:
4b:84:60:6e:2d:75:02:ce:0a:2c:d2:d4:25:f0:38:7b:63:b3:
52:09:45:05:ea:0f:b4:a7:ec:49:2b:68:07:49:08:5a:5e:c7:
35:41:5f:73:61:86:f1:86:4d:ba:a3:04:d6:4f:ea:cf:21:d4:
aa:0a:5b:50:bd:ad:2f:25:35:dc:51:06:f3:8b:ed:9d:b3:ab:
a4:69:af:6c:f7:7c:c8:10:5e:44:b9:7d:68:3e:94:59:39:cf:
e4:48:df:96:27:8c:a5:71:7b:b6:f7:5d:82:62:cf:34:a4:54:
af:f2:4d:7c:ee:c3:ee:7c:4e:83:01:66:7d:70:12:65:71:c5:
74:9f:7a:54:9f:9a:8a:e3:34:c1:84:c9:10:9d:f1:16:bc:8a:
08:45:34:9c
-----BEGIN CERTIFICATE-----
MIIE1jCCA76gAwIBAgICEo4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQ0M4
Q0Y3MjZGMjMyMzI5OTEwODc0NEQ2OTMwQkVGMThENjc3NDQ1RDAeFw0yNDA3MjMw
NTE4NDlaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEQ5NDJEMjEyODJFOUYx
QUY3QTJEMDk4MDAzQkFFNjlDQkYyMTYyRDAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCo9lROtdOKkY3rviQEHU1oBg3zOrZenMBknsQdihA2pYH94yti
KCqtXBsDRmQoGS2pcn8k0EDJluuuZh4C7jHymSOCUN0GQByrRc0ooOpQchstWwhX
mvc+SLYNgVXH3RPRP1xYbRGWsfKoG9GDDiHCvoa9OA/BUVU8Jci9r87q4KjvjYIh
6CZm+Z98dim3yyeGD4uGUdX8mLX3niypyH3rgaO08hM5ozwmWR1QRpZJXhTxtiRA
ZFRXHZoFVw13gMX434viX2eU6DzV5p7wLkT+jlU/vlL5TljlOGByguAKDiP26pcI
O0ph29PTXgfce0nztCaa93qXzKyNluw2FUhVAgMBAAGjggHyMIIB7jAdBgNVHQ4E
FgQU2ULSEoLp8a96LQmAA7rmnL8hYtAwHwYDVR0jBBgwFoAUzIz3JvIyMpkQh0TW
kwvvGNZ3RF0wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzY3
L3pJejNKdkl5TXBrUWgwVFdrd3Z2R05aM1JGMC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvekl6M0p2SXlNcGtRaDBUV2t3dnZHTlozUkYwLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzY3LzJVTFNFb0xwOGE5NkxR
bUFBN3Jtbkw4aFl0QS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcD
BQAkAz2AMA0GCSqGSIb3DQEBCwUAA4IBAQBtOHKVq0nbV8/mKjHRTUrGQJksXxGo
4Y4LynaBlm8kPvjUMBzKftrSMfexxwIYTSvg/4J9R3sF0d1kw6rrLESA71XrSRvs
JIs/U5BPuFBzEaaTXAPSl/z9nfff4ccCtzktwia3CFodWog+GN9LhGBuLXUCzgos
0tQl8Dh7Y7NSCUUF6g+0p+xJK2gHSQhaXsc1QV9zYYbxhk26owTWT+rPIdSqCltQ
va0vJTXcUQbzi+2ds6ukaa9s93zIEF5EuX1oPpRZOc/kSN+WJ4ylcXu2912CYs80
pFSv8k187sPufE6DAWZ9cBJlccV0n3pUn5qK4zTBhMkQnfEWvIoIRTSc
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:35:12 2025 by rpki-client