Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/A6njuPIfkz6lltkY5f_78gaxg6k.roa
File: A6njuPIfkz6lltkY5f_78gaxg6k.roa (raw, json)
Hash identifier: zsabBZPo5lQLKT2E7Xvx63CDP7t32M1sL0EVe/GAE0c=
Subject key identifier: 03:A9:E3:B8:F2:1F:93:3E:A5:96:D9:18:E5:FF:FB:F2:06:B1:83:A9
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 1B44
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/A6njuPIfkz6lltkY5f_78gaxg6k.roa
Signing time: Thu 12 Jun 2025 10:40:02 +0000
ROA not before: Thu 12 Jun 2025 10:40:02 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 125.169.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6980 (0x1b44)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 12 10:40:02 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=03A9E3B8F21F933EA596D918E5FFFBF206B183A9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:e6:86:de:f4:73:fc:53:38:ec:34:83:51:76:
7a:1e:a5:a4:5c:76:81:3a:d9:82:a2:a2:76:81:45:
aa:b1:6e:6b:6b:db:5f:9b:be:cb:d3:98:9c:6c:5a:
c6:db:ea:14:0e:ba:40:4d:64:e4:3b:9a:cb:7e:93:
f9:7b:a2:7c:55:71:11:6c:17:25:eb:56:af:21:ec:
1b:f0:10:c2:bc:97:88:7c:c5:30:90:d9:11:4b:d4:
43:c2:4c:4f:9c:99:c8:0e:05:30:97:f1:04:59:7d:
a0:73:c2:da:92:98:87:0a:63:01:6d:54:6a:70:17:
fe:03:c8:e2:3e:8f:ac:6f:bc:0e:7b:0e:7e:b0:9b:
3e:dd:42:19:5d:64:62:76:43:26:ee:9e:f8:12:ba:
70:77:4b:df:bf:c1:1a:ae:0c:b0:b8:4e:57:60:6e:
6f:bb:13:fa:e9:b5:d6:3e:d7:2b:e7:8a:81:fc:d7:
d5:30:bf:f0:60:9e:29:21:0c:85:9f:b5:cb:62:77:
f1:b1:f8:ab:05:3d:59:ff:29:8f:aa:e4:0d:ab:55:
7a:01:e6:2d:a4:f3:77:4e:f0:b3:dd:ce:7b:55:91:
0c:87:c4:06:45:dc:95:a0:5a:45:51:7d:81:73:36:
8a:91:c8:4a:90:53:66:69:4e:61:6f:31:13:55:c4:
4b:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:A9:E3:B8:F2:1F:93:3E:A5:96:D9:18:E5:FF:FB:F2:06:B1:83:A9
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/A6njuPIfkz6lltkY5f_78gaxg6k.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
125.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
27:61:94:0b:4c:1e:45:59:b5:69:4a:c3:85:e3:2a:bc:e7:79:
f4:01:78:0b:89:c1:10:60:8b:9f:ef:61:fe:fe:28:74:30:a0:
15:3e:3f:f6:0f:04:ca:6d:d1:3b:52:e0:53:56:f2:a9:ae:54:
e5:d6:0a:cf:ee:96:55:21:dd:37:da:2f:2f:fb:46:0b:05:3b:
5a:51:7b:03:30:f6:ab:e3:f0:46:0b:9b:27:3e:7c:5d:25:75:
2d:70:ac:4e:07:4f:d9:e0:11:d0:3b:70:3a:7c:c4:1e:69:3a:
f3:21:2e:54:c9:65:e7:51:9d:ee:ce:25:74:62:22:e4:ce:4f:
10:15:53:42:f2:a6:8e:64:5a:4f:ea:6c:19:e4:91:5c:e1:08:
bd:c8:0b:14:66:59:c2:ba:df:52:46:b3:e0:56:e6:cb:3d:d8:
f4:7a:b8:3b:bd:fe:9a:c4:9d:52:85:9f:89:6d:e1:38:1b:b8:
67:c9:a5:bb:28:da:b4:97:ff:d0:c3:68:c0:e6:1e:c1:2c:a9:
2c:ef:2b:41:f9:95:6a:6f:02:52:ba:c5:ae:7c:3e:85:44:a7:
6d:1a:7e:88:9e:88:ed:2e:66:e1:6c:df:19:d4:87:1a:75:5e:
d1:25:c2:5c:0b:6f:00:05:90:a8:8f:3a:c0:33:61:5c:84:77:
88:ed:11:92
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICG0QwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MTIx
MDQwMDJaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDAzQTlFM0I4RjIxRjkz
M0VBNTk2RDkxOEU1RkZGQkYyMDZCMTgzQTkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDG5obe9HP8UzjsNINRdnoepaRcdoE62YKionaBRaqxbmtr21+b
vsvTmJxsWsbb6hQOukBNZOQ7mst+k/l7onxVcRFsFyXrVq8h7BvwEMK8l4h8xTCQ
2RFL1EPCTE+cmcgOBTCX8QRZfaBzwtqSmIcKYwFtVGpwF/4DyOI+j6xvvA57Dn6w
mz7dQhldZGJ2QybunvgSunB3S9+/wRquDLC4Tldgbm+7E/rptdY+1yvnioH819Uw
v/BgnikhDIWftctid/Gx+KsFPVn/KY+q5A2rVXoB5i2k83dO8LPdzntVkQyHxAZF
3JWgWkVRfYFzNoqRyEqQU2ZpTmFvMRNVxEvHAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUA6njuPIfkz6lltkY5f/78gaxg6kwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9BNm5qdVBJZmt6NmxsdGtZ
NWZfNzhnYXhnNmsucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
fakwDQYJKoZIhvcNAQELBQADggEBACdhlAtMHkVZtWlKw4XjKrznefQBeAuJwRBg
i5/vYf7+KHQwoBU+P/YPBMpt0TtS4FNW8qmuVOXWCs/ullUh3TfaLy/7RgsFO1pR
ewMw9qvj8EYLmyc+fF0ldS1wrE4HT9ngEdA7cDp8xB5pOvMhLlTJZedRne7OJXRi
IuTOTxAVU0Lypo5kWk/qbBnkkVzhCL3ICxRmWcK631JGs+BW5ss92PR6uDu9/prE
nVKFn4lt4TgbuGfJpbso2rSX/9DDaMDmHsEsqSzvK0H5lWpvAlK6xa58PoVEp20a
foieiO0uZuFs3xnUhxp1XtElwlwLbwAFkKiPOsAzYVyEd4jtEZI=
-----END CERTIFICATE-----
Generated at Sun Jun 22 01:10:56 2025 by rpki-client