Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/6AQV1wniYfCqQ5RnK9JjAMt3imo.roa
File: 6AQV1wniYfCqQ5RnK9JjAMt3imo.roa (raw, json)
Hash identifier: J3vPShNCISzcgHk835SbTqRu9IT9QsDT5LDMHCnujzE=
Subject key identifier: E8:04:15:D7:09:E2:61:F0:AA:43:94:67:2B:D2:63:00:CB:77:8A:6A
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0BBC
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/6AQV1wniYfCqQ5RnK9JjAMt3imo.roa
Signing time: Thu 22 May 2025 17:38:23 +0000
ROA not before: Thu 22 May 2025 17:38:23 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 125.169.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3004 (0xbbc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 22 17:38:23 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=E80415D709E261F0AA4394672BD26300CB778A6A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:57:94:3b:8c:25:2f:66:ff:ef:0d:1b:95:1e:
28:be:5e:a4:8b:6c:b9:38:1a:96:49:17:5b:fc:0d:
14:0e:dc:46:86:59:47:c0:f7:28:ec:07:51:9c:e0:
ac:07:93:5a:65:78:a8:51:e6:a1:95:1d:a3:33:c1:
82:d5:45:a3:b9:23:63:a9:4c:ca:74:86:50:4c:94:
3e:6f:24:45:44:0d:08:34:a2:cd:46:09:68:9e:35:
e9:27:19:f3:cd:36:9f:c9:a6:9a:d2:f7:56:5d:ce:
94:f3:cd:5f:67:fa:02:e3:c1:13:97:ef:6d:8c:ba:
48:95:7f:d6:53:06:cb:58:47:1d:c4:2f:50:5b:cf:
f0:65:a9:39:c5:39:8f:38:18:9d:77:c5:64:95:8b:
dd:8a:cc:dc:27:3d:93:b7:45:14:cc:03:97:85:93:
17:69:1b:a6:b0:70:10:6f:ca:35:33:bd:db:67:3a:
bd:4b:5a:bb:57:35:9d:11:12:f9:54:6d:56:a6:48:
c3:8d:8b:a9:ea:8b:18:7d:29:5d:43:e0:cb:ec:e6:
a4:36:5e:40:ba:5d:81:8f:7a:f3:be:2d:03:b7:3a:
65:a2:da:c8:ee:91:56:d5:17:a9:07:05:91:94:52:
ed:65:a5:e2:70:ef:db:6d:67:b2:ec:ef:4c:96:19:
fe:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:04:15:D7:09:E2:61:F0:AA:43:94:67:2B:D2:63:00:CB:77:8A:6A
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/6AQV1wniYfCqQ5RnK9JjAMt3imo.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
125.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
76:43:68:d3:86:38:de:3b:24:61:67:fc:1a:65:ee:61:eb:de:
5b:fc:ac:a5:55:fc:b5:50:54:1c:96:58:24:23:03:c9:cb:09:
93:23:98:22:b2:49:f4:36:73:14:55:68:a7:ca:d3:be:17:0b:
f9:1c:ba:cf:1d:f8:f7:41:74:2c:c5:a5:a5:ef:f9:2f:16:5e:
41:4e:04:f2:dc:ab:c9:eb:b2:61:e2:ce:19:b4:46:24:66:34:
59:1a:2a:5b:e3:76:c5:ac:45:b7:ed:28:84:f2:1d:70:90:98:
68:e9:12:16:c7:a0:ef:11:8e:c0:f6:40:f9:8a:a7:e6:46:8e:
56:56:45:6e:89:ed:fb:5e:b2:57:8e:00:71:d5:b1:bb:72:06:
96:fd:12:ec:ca:fa:f5:37:0e:b5:7a:f7:8d:58:ed:50:8a:1d:
29:e8:a9:c3:21:4e:9a:fa:a5:2c:e3:59:0e:4b:55:57:e7:67:
25:df:bf:1e:87:e9:9d:cb:78:a8:1e:97:a4:e7:48:b9:5e:4e:
a6:87:14:6a:3a:ee:36:ac:fa:cb:ba:17:27:8f:2d:0a:87:c6:
32:ff:93:5e:55:cf:fd:49:63:f8:64:f2:bf:8f:84:c1:d2:89:
4c:c8:14:c8:87:99:88:3d:97:1e:2c:12:92:3d:f3:cb:ea:51:
de:7e:71:10
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICC7wwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MjIx
NzM4MjNaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEU4MDQxNUQ3MDlFMjYx
RjBBQTQzOTQ2NzJCRDI2MzAwQ0I3NzhBNkEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC9V5Q7jCUvZv/vDRuVHii+XqSLbLk4GpZJF1v8DRQO3EaGWUfA
9yjsB1Gc4KwHk1pleKhR5qGVHaMzwYLVRaO5I2OpTMp0hlBMlD5vJEVEDQg0os1G
CWieNeknGfPNNp/JpprS91ZdzpTzzV9n+gLjwROX722MukiVf9ZTBstYRx3EL1Bb
z/BlqTnFOY84GJ13xWSVi92KzNwnPZO3RRTMA5eFkxdpG6awcBBvyjUzvdtnOr1L
WrtXNZ0REvlUbVamSMONi6nqixh9KV1D4Mvs5qQ2XkC6XYGPevO+LQO3OmWi2sju
kVbVF6kHBZGUUu1lpeJw79ttZ7Ls70yWGf4vAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQU6AQV1wniYfCqQ5RnK9JjAMt3imowHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni82QVFWMXduaVlmQ3FRNVJu
SzlKakFNdDNpbW8ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
fakwDQYJKoZIhvcNAQELBQADggEBAHZDaNOGON47JGFn/Bpl7mHr3lv8rKVV/LVQ
VByWWCQjA8nLCZMjmCKySfQ2cxRVaKfK074XC/kcus8d+PdBdCzFpaXv+S8WXkFO
BPLcq8nrsmHizhm0RiRmNFkaKlvjdsWsRbftKITyHXCQmGjpEhbHoO8RjsD2QPmK
p+ZGjlZWRW6J7ftesleOAHHVsbtyBpb9EuzK+vU3DrV6941Y7VCKHSnoqcMhTpr6
pSzjWQ5LVVfnZyXfvx6H6Z3LeKgel6TnSLleTqaHFGo67jas+su6FyePLQqHxjL/
k15Vz/1JY/hk8r+PhMHSiUzIFMiHmYg9lx4sEpI988vqUd5+cRA=
-----END CERTIFICATE-----
Generated at Sun Jun 22 08:17:53 2025 by rpki-client