Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/AeeMJ6Te68clkySe2uPKWnBOT-A.roa
File: AeeMJ6Te68clkySe2uPKWnBOT-A.roa (raw, json)
Hash identifier: TtKmE6m9YQ1scrPmYs4mIG1/+QivMZqyRhzM4XirLN4=
Subject key identifier: 01:E7:8C:27:A4:DE:EB:C7:25:93:24:9E:DA:E3:CA:5A:70:4E:4F:E0
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0744
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/AeeMJ6Te68clkySe2uPKWnBOT-A.roa
Signing time: Fri 16 May 2025 18:38:04 +0000
ROA not before: Fri 16 May 2025 18:38:04 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 125.169.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1860 (0x744)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 16 18:38:04 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=01E78C27A4DEEBC72593249EDAE3CA5A704E4FE0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:ee:1d:89:6b:f9:b7:c0:cd:6e:66:3e:fe:70:
34:8f:f3:b6:54:25:2e:ea:4f:79:0d:ae:a5:74:c1:
23:3b:a6:b6:5a:13:7f:b7:5e:ce:f0:b1:4a:66:64:
40:d8:9b:01:bc:5e:0d:17:86:18:5c:07:a7:ee:b3:
55:81:77:c9:57:63:73:a2:32:07:82:17:32:b2:a7:
46:54:b2:56:52:b2:6f:f2:e1:84:9e:67:b2:4e:59:
34:3a:dc:b8:17:b2:1b:fe:41:d2:f5:80:b5:ba:57:
52:36:35:39:64:6f:07:fc:61:06:a3:1c:7a:88:45:
e5:02:5e:82:e3:c9:91:26:1a:b1:54:b2:da:ec:a7:
16:ee:13:f9:6a:7a:4a:20:e3:4a:44:42:a2:6d:43:
2d:6b:65:4d:e7:f8:0c:28:4d:65:cb:95:97:1b:84:
d7:a2:f2:d8:45:f9:34:20:4a:ff:26:fe:21:78:ae:
09:46:b8:72:9f:46:29:72:1d:ed:ce:67:8b:7d:96:
61:b2:4f:ea:fc:6c:6e:e2:20:cc:f8:da:b4:e4:20:
dd:21:a5:9a:d9:3b:17:b0:c8:a6:c2:e7:ac:c0:20:
d7:ca:59:ea:30:dc:c1:95:94:40:c3:56:0b:dc:6a:
2b:35:7a:e4:3c:1d:ad:52:9f:13:41:4d:2f:cf:76:
52:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:E7:8C:27:A4:DE:EB:C7:25:93:24:9E:DA:E3:CA:5A:70:4E:4F:E0
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/AeeMJ6Te68clkySe2uPKWnBOT-A.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
125.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
94:15:82:60:78:9a:81:ce:fd:80:e4:f9:3d:cf:70:94:72:c3:
62:f4:9b:0a:7f:dc:cf:cc:a8:7b:8e:4d:90:66:49:96:11:16:
70:76:d8:ac:33:2d:61:e0:6b:56:5c:c1:1d:6a:1a:4d:21:2f:
10:4b:51:88:a6:db:65:bf:db:f6:3e:51:ad:ab:fe:6f:bc:ea:
12:01:a9:c1:43:23:f2:12:aa:2b:69:89:98:3d:89:47:6b:8f:
64:6b:c7:76:83:ee:2f:96:1b:a8:3b:9d:06:0c:64:5c:4a:05:
b0:df:9c:f7:7c:48:bd:a1:68:a4:a7:80:f7:50:d0:ba:fd:b5:
dd:d3:82:2e:2c:2a:c6:bc:63:f7:38:c9:33:99:0a:68:5b:4b:
c9:5c:6f:3a:0a:11:89:64:b9:48:c4:2c:57:1c:44:17:cc:fc:
6c:cc:86:4b:7e:7d:8b:64:39:52:ff:ac:97:22:fe:f7:c4:7c:
2c:bd:3e:45:ca:dc:97:fe:e6:60:90:c9:bf:77:98:e1:a4:a3:
d7:4f:aa:83:87:7c:5b:87:a5:57:8e:c0:90:5f:b2:5b:6b:59:
22:76:1b:a8:9f:83:7a:19:38:f8:77:0d:92:b7:c7:2f:a2:a5:
52:49:9c:93:41:2c:51:ed:f3:04:f6:11:8c:31:5c:96:1e:fe:
c4:b6:9d:4d
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICB0QwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTYx
ODM4MDRaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDAxRTc4QzI3QTRERUVC
QzcyNTkzMjQ5RURBRTNDQTVBNzA0RTRGRTAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDC7h2Ja/m3wM1uZj7+cDSP87ZUJS7qT3kNrqV0wSM7prZaE3+3
Xs7wsUpmZEDYmwG8Xg0XhhhcB6fus1WBd8lXY3OiMgeCFzKyp0ZUslZSsm/y4YSe
Z7JOWTQ63LgXshv+QdL1gLW6V1I2NTlkbwf8YQajHHqIReUCXoLjyZEmGrFUstrs
pxbuE/lqekog40pEQqJtQy1rZU3n+AwoTWXLlZcbhNei8thF+TQgSv8m/iF4rglG
uHKfRilyHe3OZ4t9lmGyT+r8bG7iIMz42rTkIN0hpZrZOxewyKbC56zAINfKWeow
3MGVlEDDVgvcais1euQ8Ha1SnxNBTS/PdlLlAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUAeeMJ6Te68clkySe2uPKWnBOT+AwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9BZWVNSjZUZTY4Y2xreVNl
MnVQS1duQk9ULUEucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
fakwDQYJKoZIhvcNAQELBQADggEBAJQVgmB4moHO/YDk+T3PcJRyw2L0mwp/3M/M
qHuOTZBmSZYRFnB22KwzLWHga1ZcwR1qGk0hLxBLUYim22W/2/Y+Ua2r/m+86hIB
qcFDI/ISqitpiZg9iUdrj2Rrx3aD7i+WG6g7nQYMZFxKBbDfnPd8SL2haKSngPdQ
0Lr9td3Tgi4sKsa8Y/c4yTOZCmhbS8lcbzoKEYlkuUjELFccRBfM/GzMhkt+fYtk
OVL/rJci/vfEfCy9PkXK3Jf+5mCQyb93mOGko9dPqoOHfFuHpVeOwJBfsltrWSJ2
G6ifg3oZOPh3DZK3xy+ipVJJnJNBLFHt8wT2EYwxXJYe/sS2nU0=
-----END CERTIFICATE-----
Generated at Sat Jun 21 16:53:18 2025 by rpki-client