Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/4u1sIJZHjtTZKJv1KbNpzs7KybA.roa
File: 4u1sIJZHjtTZKJv1KbNpzs7KybA.roa (raw, json)
Hash identifier: xlPt/GDDKQfF1yGctq3p4RkSKm9DTpmtNsS1z1ll0r0=
Subject key identifier: E2:ED:6C:20:96:47:8E:D4:D9:28:9B:F5:29:B3:69:CE:CE:CA:C9:B0
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 14C8
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/4u1sIJZHjtTZKJv1KbNpzs7KybA.roa
Signing time: Tue 03 Jun 2025 19:09:15 +0000
ROA not before: Tue 03 Jun 2025 19:09:15 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 125.169.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5320 (0x14c8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 3 19:09:15 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=E2ED6C2096478ED4D9289BF529B369CECECAC9B0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:73:3a:59:15:a9:48:53:a3:46:e6:5e:03:68:
aa:4f:60:05:69:7b:f4:db:ac:a3:0f:86:2c:6d:43:
5a:af:4f:cd:7c:c5:89:1b:fb:6f:aa:7d:da:95:aa:
a9:8b:13:45:ba:3f:cb:d3:fb:fc:a7:04:9a:a4:8b:
05:25:0f:63:4d:95:d8:3d:3e:34:34:1a:d5:92:cb:
0f:0a:5a:3a:ca:ad:ef:a5:60:80:c0:d1:45:cb:df:
38:7f:6c:73:fe:a9:dc:2c:ec:95:05:18:30:8b:34:
f6:24:03:83:df:7b:24:ea:2a:74:30:dd:e5:37:d6:
97:0a:1c:5b:1e:77:5d:4f:03:e1:55:60:8a:b9:89:
ce:03:fd:b2:17:13:5d:46:b0:82:f6:cc:ef:fe:d1:
25:88:0f:0b:6d:40:0a:48:a6:a9:37:57:cf:e3:17:
15:f0:33:15:46:4b:6f:ae:11:27:24:3e:74:c3:05:
61:e8:07:05:3b:22:bc:6e:69:3c:f9:17:c2:cd:02:
6d:9c:63:fb:d0:d4:d7:44:ad:fd:63:2e:59:39:5d:
12:bf:af:44:af:05:30:b6:63:71:36:28:94:bb:f1:
42:1f:d3:22:25:fc:e8:33:cd:b1:ea:f0:14:c1:7b:
65:36:0b:78:bb:b6:7a:c3:cb:e8:f0:77:a2:af:9a:
18:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:ED:6C:20:96:47:8E:D4:D9:28:9B:F5:29:B3:69:CE:CE:CA:C9:B0
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/4u1sIJZHjtTZKJv1KbNpzs7KybA.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
125.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
15:17:cc:97:58:ff:c4:a6:74:8a:1d:9a:87:42:e3:3f:69:73:
6e:9e:19:c2:28:88:6a:eb:53:29:e6:5d:55:2b:d8:f2:7d:00:
86:f5:30:c0:98:eb:cc:34:ac:8b:4b:6d:d1:33:9e:8b:91:50:
57:bb:68:1e:d9:3c:49:00:a3:af:36:29:a6:01:ef:ee:9a:00:
62:83:ae:97:4b:fe:7e:80:73:b8:90:6a:4f:20:e5:34:f9:69:
16:a0:2f:f2:bf:be:f3:50:78:b2:ad:a1:c5:da:c8:f7:bc:83:
52:2e:41:4b:e5:d8:f4:0d:52:c6:fd:9b:62:ee:ef:37:7b:e8:
31:a1:af:f2:7d:4e:b7:d7:77:ae:0b:e5:5b:45:94:e7:73:e6:
ee:dc:94:7c:73:3b:44:0e:74:f1:8b:f5:1f:3c:64:a7:34:90:
32:4d:11:f6:f8:27:4e:48:44:b0:4a:a7:4a:df:b4:43:21:5e:
aa:f8:45:14:41:b1:ac:03:a5:a8:91:eb:c6:a5:7a:0a:dd:cd:
33:b5:d0:6e:25:ee:9a:8f:1e:5f:96:0d:cb:f7:9a:3e:4b:bc:
45:93:8c:2b:f0:66:ab:f5:84:8c:64:0e:7a:2b:58:57:82:67:
54:4b:82:3b:0d:a8:9d:1a:56:5c:6b:84:ee:d4:08:4c:9a:19:
d5:75:8e:c8
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICFMgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MDMx
OTA5MTVaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEUyRUQ2QzIwOTY0NzhF
RDREOTI4OUJGNTI5QjM2OUNFQ0VDQUM5QjAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDhczpZFalIU6NG5l4DaKpPYAVpe/TbrKMPhixtQ1qvT818xYkb
+2+qfdqVqqmLE0W6P8vT+/ynBJqkiwUlD2NNldg9PjQ0GtWSyw8KWjrKre+lYIDA
0UXL3zh/bHP+qdws7JUFGDCLNPYkA4PfeyTqKnQw3eU31pcKHFsed11PA+FVYIq5
ic4D/bIXE11GsIL2zO/+0SWIDwttQApIpqk3V8/jFxXwMxVGS2+uESckPnTDBWHo
BwU7IrxuaTz5F8LNAm2cY/vQ1NdErf1jLlk5XRK/r0SvBTC2Y3E2KJS78UIf0yIl
/OgzzbHq8BTBe2U2C3i7tnrDy+jwd6KvmhjLAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQU4u1sIJZHjtTZKJv1KbNpzs7KybAwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni80dTFzSUpaSGp0VFpLSnYx
S2JOcHpzN0t5YkEucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
fakwDQYJKoZIhvcNAQELBQADggEBABUXzJdY/8SmdIodmodC4z9pc26eGcIoiGrr
UynmXVUr2PJ9AIb1MMCY68w0rItLbdEznouRUFe7aB7ZPEkAo682KaYB7+6aAGKD
rpdL/n6Ac7iQak8g5TT5aRagL/K/vvNQeLKtocXayPe8g1IuQUvl2PQNUsb9m2Lu
7zd76DGhr/J9TrfXd64L5VtFlOdz5u7clHxzO0QOdPGL9R88ZKc0kDJNEfb4J05I
RLBKp0rftEMhXqr4RRRBsawDpaiR68alegrdzTO10G4l7pqPHl+WDcv3mj5LvEWT
jCvwZqv1hIxkDnorWFeCZ1RLgjsNqJ0aVlxrhO7UCEyaGdV1jsg=
-----END CERTIFICATE-----
Generated at Sat Jun 21 20:58:08 2025 by rpki-client