Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/UJuHaZ9TDT-f3byYx5FM92XJOhw.roa
File: UJuHaZ9TDT-f3byYx5FM92XJOhw.roa (raw, json)
Hash identifier: KVF/Xc66znR/4LmEHP8QUX/eDB8OUutw+HSNQZsIqQA=
Subject key identifier: 50:9B:87:69:9F:53:0D:3F:9F:DD:BC:98:C7:91:4C:F7:65:C9:3A:1C
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 16C8
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/UJuHaZ9TDT-f3byYx5FM92XJOhw.roa
Signing time: Fri 06 Jun 2025 11:09:26 +0000
ROA not before: Fri 06 Jun 2025 11:09:26 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 125.169.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5832 (0x16c8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 6 11:09:26 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=509B87699F530D3F9FDDBC98C7914CF765C93A1C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:34:d5:bb:11:c7:61:61:9c:5b:0a:23:87:68:
54:6a:7a:92:c7:9e:81:b9:f7:cc:c2:76:fa:00:8a:
94:61:21:9c:01:6c:3a:44:bf:42:cc:f4:b7:09:26:
ee:ec:b4:3f:c9:24:f7:04:0a:32:d1:57:06:16:74:
65:e3:9a:a3:28:66:29:d1:ad:47:f9:a9:61:06:a8:
3e:f8:c0:46:b8:d9:f4:42:96:a4:ed:46:cf:b1:bd:
ac:bf:8e:13:08:68:f7:b9:a6:fd:ef:fa:ba:cb:13:
ab:60:8d:c2:46:70:c2:90:87:4e:7b:50:71:0b:20:
17:63:98:2e:d7:b8:47:6f:44:4d:1c:4a:99:f1:98:
e0:2c:6a:dc:b4:52:9a:40:db:b2:b0:79:54:a0:ad:
eb:9d:91:04:cd:5c:31:77:04:99:1c:71:e1:69:54:
c8:d9:b1:ea:f2:2b:d7:4a:21:90:c5:4f:ec:06:0f:
8b:45:d5:73:d6:e5:72:9b:33:3a:c1:8f:0f:de:ce:
10:da:1f:74:da:a4:c9:18:7c:e7:35:f7:65:a7:37:
74:47:6a:fc:ab:79:65:cb:14:61:3a:93:30:d8:32:
97:de:5e:17:63:76:a2:d2:b6:5c:19:9e:1a:da:aa:
c6:e8:c3:8c:a2:78:6a:a6:24:06:d2:2f:49:71:6f:
a7:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:9B:87:69:9F:53:0D:3F:9F:DD:BC:98:C7:91:4C:F7:65:C9:3A:1C
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/UJuHaZ9TDT-f3byYx5FM92XJOhw.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
125.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
80:b6:7c:7b:1e:24:5d:1b:72:63:8c:65:13:8c:cd:39:48:e6:
ff:c2:0a:8b:54:92:e9:31:db:50:92:3e:f9:a0:47:11:52:f3:
20:40:85:e8:36:b3:b3:b2:98:9d:dc:83:ca:5f:d8:a4:2c:18:
e4:98:33:e7:55:fb:92:2b:c6:3d:d8:b7:18:55:1e:3a:e6:6e:
e6:ec:6d:6b:8a:ec:18:56:71:ca:06:d9:77:56:0a:61:2e:3b:
f9:4b:43:ee:04:1d:66:4c:3c:0a:78:55:a9:82:88:10:a1:19:
87:34:9b:5b:13:44:da:6b:da:37:06:50:c3:1e:3d:20:92:cf:
b8:b7:6e:2d:16:ff:53:8f:d1:6e:a0:8b:ab:ae:b4:bb:40:b3:
82:f6:8d:52:94:25:92:75:cf:4a:aa:56:7f:d7:df:94:a7:07:
3e:a4:b7:d6:20:9b:6c:26:9e:3e:07:c8:1b:a7:94:cb:3e:d6:
6d:b0:10:7b:49:a0:c9:f4:05:5b:55:f3:fb:2b:b1:5c:be:11:
e2:cf:d4:34:47:1a:14:56:6f:6c:18:8b:c1:56:2b:65:b7:22:
0a:4c:a6:ce:ec:a8:da:29:38:8f:2c:03:dc:28:65:95:9b:a3:
50:21:4f:6c:fc:75:60:ad:81:46:97:a1:39:f5:ca:d6:62:d5:
cb:7c:2d:74
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICFsgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MDYx
MTA5MjZaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDUwOUI4NzY5OUY1MzBE
M0Y5RkREQkM5OEM3OTE0Q0Y3NjVDOTNBMUMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDxNNW7EcdhYZxbCiOHaFRqepLHnoG598zCdvoAipRhIZwBbDpE
v0LM9LcJJu7stD/JJPcECjLRVwYWdGXjmqMoZinRrUf5qWEGqD74wEa42fRClqTt
Rs+xvay/jhMIaPe5pv3v+rrLE6tgjcJGcMKQh057UHELIBdjmC7XuEdvRE0cSpnx
mOAsaty0UppA27KweVSgreudkQTNXDF3BJkcceFpVMjZseryK9dKIZDFT+wGD4tF
1XPW5XKbMzrBjw/ezhDaH3TapMkYfOc192WnN3RHavyreWXLFGE6kzDYMpfeXhdj
dqLStlwZnhraqsbow4yieGqmJAbSL0lxb6cdAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUUJuHaZ9TDT+f3byYx5FM92XJOhwwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9VSnVIYVo5VERULWYzYnlZ
eDVGTTkyWEpPaHcucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
fakwDQYJKoZIhvcNAQELBQADggEBAIC2fHseJF0bcmOMZROMzTlI5v/CCotUkukx
21CSPvmgRxFS8yBAheg2s7OymJ3cg8pf2KQsGOSYM+dV+5Irxj3YtxhVHjrmbubs
bWuK7BhWccoG2XdWCmEuO/lLQ+4EHWZMPAp4VamCiBChGYc0m1sTRNpr2jcGUMMe
PSCSz7i3bi0W/1OP0W6gi6uutLtAs4L2jVKUJZJ1z0qqVn/X35SnBz6kt9Ygm2wm
nj4HyBunlMs+1m2wEHtJoMn0BVtV8/srsVy+EeLP1DRHGhRWb2wYi8FWK2W3IgpM
ps7sqNopOI8sA9woZZWbo1AhT2z8dWCtgUaXoTn1ytZi1ct8LXQ=
-----END CERTIFICATE-----
Generated at Sun Jun 22 17:37:31 2025 by rpki-client