Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/CU6cEgLeIOc0BONe3n8d9kQwWzk.roa
File: CU6cEgLeIOc0BONe3n8d9kQwWzk.roa (raw, json)
Hash identifier: //4r3POBR/9GePzCm5eLJnc2BmlBD683ugTpad5Jkbw=
Subject key identifier: 09:4E:9C:12:02:DE:20:E7:34:04:E3:5E:DE:7F:1D:F6:44:30:5B:39
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0350
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/CU6cEgLeIOc0BONe3n8d9kQwWzk.roa
Signing time: Sun 11 May 2025 12:07:52 +0000
ROA not before: Sun 11 May 2025 12:07:52 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 125.169.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 848 (0x350)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 11 12:07:52 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=094E9C1202DE20E73404E35EDE7F1DF644305B39
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:73:d9:09:95:09:a3:17:0f:5b:76:ad:7a:87:
87:ef:3f:45:cd:7c:7d:e8:f2:d4:f1:db:d9:df:d0:
79:72:98:87:3f:15:5a:d5:00:36:0d:41:79:ec:ed:
a2:46:47:0c:af:81:e8:e0:27:a6:3d:f2:dd:20:d5:
d4:fe:2b:2c:2f:a6:ce:78:0c:41:f0:78:f1:a7:1f:
87:16:cf:8e:f4:9d:45:42:31:d2:73:e3:f2:1d:80:
aa:db:eb:fe:df:ff:59:f3:4a:93:f2:3e:45:10:1e:
cb:49:e7:f6:9c:4e:e6:36:81:7e:85:0f:86:d2:58:
a1:40:d6:1b:36:95:79:9e:73:54:24:f3:04:7e:1b:
18:72:70:31:bc:ae:35:3a:3a:55:f4:9c:1d:ad:be:
b7:e1:93:3d:e7:a2:0d:f8:59:5c:b6:e6:22:df:4b:
7f:87:99:c5:41:57:1c:9e:68:13:eb:a0:e9:d0:83:
a8:d2:46:82:a3:22:36:8d:e7:1e:84:7e:5a:9d:b4:
3b:85:ce:13:38:b0:eb:5b:4f:df:9c:58:2c:ed:0e:
af:25:52:21:bc:62:55:e8:10:f1:48:1d:4d:90:d6:
c1:11:db:fe:04:e1:39:09:81:9b:d2:b3:e8:e7:ac:
e9:ca:9e:9b:a3:1c:23:9d:ea:ec:0f:c6:9e:e6:d1:
76:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:4E:9C:12:02:DE:20:E7:34:04:E3:5E:DE:7F:1D:F6:44:30:5B:39
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/CU6cEgLeIOc0BONe3n8d9kQwWzk.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
125.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
6a:37:10:30:06:69:4f:b0:72:b3:de:ff:c5:91:15:21:ee:11:
c8:a2:50:ae:0b:56:1f:8e:61:45:e9:42:5d:db:27:d9:0f:65:
5e:78:ca:17:06:f4:28:9c:ce:c5:6c:32:9b:41:e1:b4:7f:81:
b2:86:fe:ae:68:72:f8:5c:7b:f8:c1:21:e0:5d:e4:35:9c:6e:
74:0d:54:05:5a:c9:42:a2:ac:a3:cb:05:b3:45:99:75:b5:be:
52:f3:2e:d8:dc:e5:74:bd:eb:08:80:7d:d4:1b:c2:89:70:f5:
d3:c7:ea:1d:1a:83:cc:47:59:75:f2:b0:1e:65:18:2a:f4:47:
76:d2:39:ec:e5:25:2e:33:78:a3:83:96:39:92:73:4f:43:34:
b5:34:3c:2d:a1:4e:ed:22:23:55:2b:8f:6c:b2:70:06:e4:18:
88:9c:17:4f:2e:eb:c3:b1:ac:9b:c6:ab:31:c8:8f:6e:7f:2e:
73:30:66:76:c0:f9:96:e3:09:76:93:a9:57:0c:0c:07:d8:61:
c8:3c:7f:51:9b:05:e8:c9:e5:bf:cc:89:41:77:1a:ef:4b:fc:
3a:f4:41:98:8d:07:cc:72:e7:da:b4:f0:bd:59:f1:cd:dc:b3:
ff:11:b1:ea:dc:a7:f5:d6:47:51:c6:3f:93:19:f8:df:8f:fd:
4e:19:a7:7b
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICA1AwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTEx
MjA3NTJaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDA5NEU5QzEyMDJERTIw
RTczNDA0RTM1RURFN0YxREY2NDQzMDVCMzkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC5c9kJlQmjFw9bdq16h4fvP0XNfH3o8tTx29nf0HlymIc/FVrV
ADYNQXns7aJGRwyvgejgJ6Y98t0g1dT+Kywvps54DEHwePGnH4cWz470nUVCMdJz
4/IdgKrb6/7f/1nzSpPyPkUQHstJ5/acTuY2gX6FD4bSWKFA1hs2lXmec1Qk8wR+
GxhycDG8rjU6OlX0nB2tvrfhkz3nog34WVy25iLfS3+HmcVBVxyeaBProOnQg6jS
RoKjIjaN5x6EflqdtDuFzhM4sOtbT9+cWCztDq8lUiG8YlXoEPFIHU2Q1sER2/4E
4TkJgZvSs+jnrOnKnpujHCOd6uwPxp7m0XaHAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUCU6cEgLeIOc0BONe3n8d9kQwWzkwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9DVTZjRWdMZUlPYzBCT05l
M244ZDlrUXdXemsucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
fakwDQYJKoZIhvcNAQELBQADggEBAGo3EDAGaU+wcrPe/8WRFSHuEciiUK4LVh+O
YUXpQl3bJ9kPZV54yhcG9CiczsVsMptB4bR/gbKG/q5ocvhce/jBIeBd5DWcbnQN
VAVayUKirKPLBbNFmXW1vlLzLtjc5XS96wiAfdQbwolw9dPH6h0ag8xHWXXysB5l
GCr0R3bSOezlJS4zeKODljmSc09DNLU0PC2hTu0iI1Urj2yycAbkGIicF08u68Ox
rJvGqzHIj25/LnMwZnbA+ZbjCXaTqVcMDAfYYcg8f1GbBejJ5b/MiUF3Gu9L/Dr0
QZiNB8xy59q08L1Z8c3cs/8Rsercp/XWR1HGP5MZ+N+P/U4Zp3s=
-----END CERTIFICATE-----
Generated at Fri Jun 20 22:38:20 2025 by rpki-client