Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/6QtbufHYkiiQNR1wXADBuTJ_beE.roa
File: 6QtbufHYkiiQNR1wXADBuTJ_beE.roa (raw, json)
Hash identifier: mCmUwoSXIm3IwKIoRERRp8U0GxadAueVNUnh1jIlLqg=
Subject key identifier: E9:0B:5B:B9:F1:D8:92:28:90:35:1D:70:5C:00:C1:B9:32:7F:6D:E1
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 13CC
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/6QtbufHYkiiQNR1wXADBuTJ_beE.roa
Signing time: Mon 02 Jun 2025 11:39:12 +0000
ROA not before: Mon 02 Jun 2025 11:39:12 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 125.169.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5068 (0x13cc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 2 11:39:12 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=E90B5BB9F1D8922890351D705C00C1B9327F6DE1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:2b:ae:12:b8:db:f9:2d:49:ac:68:0b:74:c0:
64:de:da:48:cd:cd:88:0d:bf:19:0f:34:95:76:29:
50:ce:81:bb:79:f2:a1:da:c8:00:20:5d:3e:c9:b1:
68:83:68:ce:41:29:28:19:af:c6:a4:f2:df:a9:f6:
80:3b:c0:00:55:86:7c:af:b6:86:f6:f1:fc:22:1a:
0d:e9:dc:b6:97:db:5d:ec:8e:c3:3e:eb:73:d4:b0:
ff:70:5a:7b:0f:31:72:5f:e0:fc:eb:db:cd:10:78:
4d:5f:7f:51:bd:84:60:f3:ed:a3:c8:82:f8:32:3c:
33:41:ba:2b:9f:57:5d:9d:6e:d1:cc:cb:6f:2a:30:
cb:08:01:69:36:ba:53:97:5f:9b:7c:08:8a:61:0b:
4c:fe:6a:f4:19:0a:ab:31:67:1a:72:e7:f7:1a:c5:
dd:53:b4:56:20:67:84:4e:45:7f:c9:ed:f6:29:64:
71:7f:06:4f:86:80:c4:aa:86:65:68:e6:92:12:09:
7c:17:df:30:6c:cf:aa:21:0d:94:f1:68:ee:ea:e9:
47:5a:7a:95:13:d2:23:d7:4e:83:51:69:2d:26:a6:
51:82:5c:1c:67:5f:3c:51:30:a6:c7:01:73:04:99:
95:91:c5:28:4a:84:24:a1:4c:83:7f:b3:28:56:4c:
f1:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:0B:5B:B9:F1:D8:92:28:90:35:1D:70:5C:00:C1:B9:32:7F:6D:E1
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/6QtbufHYkiiQNR1wXADBuTJ_beE.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
125.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
49:ce:32:e6:51:70:14:10:3a:a6:60:fe:5a:9c:b7:4b:fd:bb:
36:6c:41:a0:b8:7d:a4:e1:41:93:a3:2f:88:19:ea:06:51:20:
fb:c9:f5:44:a0:08:21:42:8f:3e:73:86:e8:4a:ec:51:f5:c5:
95:8c:20:a5:15:26:ce:a3:25:a4:1d:ab:33:79:c3:f9:42:42:
22:05:cf:f4:23:b6:d9:66:88:a3:c5:73:cb:81:73:aa:b1:2c:
2b:ee:5c:db:ef:60:f0:6e:65:bb:01:fe:e4:b9:3c:c3:70:2e:
c1:fa:a2:23:d5:1a:16:1f:77:fc:e1:8a:2f:0b:0b:ce:e5:a1:
46:3b:30:da:f7:80:0c:6e:50:71:1f:82:6c:27:df:88:a7:7e:
74:a3:f3:d2:f5:92:71:10:84:8a:a4:09:63:fb:de:c5:6a:8c:
ca:40:c6:da:4d:f5:b5:1a:c9:dd:3e:8c:fe:16:20:2a:3e:1f:
34:b5:3d:bc:bc:75:b3:b4:2b:d7:f5:63:13:e1:a2:79:b2:4a:
ee:c6:bd:8e:d1:16:d5:bc:c8:47:c9:32:07:75:fd:82:ac:3e:
73:ef:00:67:ae:df:0f:88:32:1a:2a:74:94:d3:43:cf:f3:ee:
5d:0f:f6:8c:b9:00:8c:d0:2e:28:8b:83:a7:b8:98:62:82:25:
f2:5c:f4:46
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICE8wwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MDIx
MTM5MTJaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEU5MEI1QkI5RjFEODky
Mjg5MDM1MUQ3MDVDMDBDMUI5MzI3RjZERTEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC8K64SuNv5LUmsaAt0wGTe2kjNzYgNvxkPNJV2KVDOgbt58qHa
yAAgXT7JsWiDaM5BKSgZr8ak8t+p9oA7wABVhnyvtob28fwiGg3p3LaX213sjsM+
63PUsP9wWnsPMXJf4Pzr280QeE1ff1G9hGDz7aPIgvgyPDNBuiufV12dbtHMy28q
MMsIAWk2ulOXX5t8CIphC0z+avQZCqsxZxpy5/caxd1TtFYgZ4RORX/J7fYpZHF/
Bk+GgMSqhmVo5pISCXwX3zBsz6ohDZTxaO7q6UdaepUT0iPXToNRaS0mplGCXBxn
XzxRMKbHAXMEmZWRxShKhCShTIN/syhWTPEzAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQU6QtbufHYkiiQNR1wXADBuTJ/beEwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni82UXRidWZIWWtpaVFOUjF3
WEFEQnVUSl9iZUUucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
fakwDQYJKoZIhvcNAQELBQADggEBAEnOMuZRcBQQOqZg/lqct0v9uzZsQaC4faTh
QZOjL4gZ6gZRIPvJ9USgCCFCjz5zhuhK7FH1xZWMIKUVJs6jJaQdqzN5w/lCQiIF
z/QjttlmiKPFc8uBc6qxLCvuXNvvYPBuZbsB/uS5PMNwLsH6oiPVGhYfd/zhii8L
C87loUY7MNr3gAxuUHEfgmwn34infnSj89L1knEQhIqkCWP73sVqjMpAxtpN9bUa
yd0+jP4WICo+HzS1Pby8dbO0K9f1YxPhonmySu7GvY7RFtW8yEfJMgd1/YKsPnPv
AGeu3w+IMhoqdJTTQ8/z7l0P9oy5AIzQLiiLg6e4mGKCJfJc9EY=
-----END CERTIFICATE-----
Generated at Sun Jun 22 22:44:35 2025 by rpki-client