Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/aEFmAANTV74_hhnyi9cqW417Qvk.roa
File: aEFmAANTV74_hhnyi9cqW417Qvk.roa (raw, json)
Hash identifier: d+qI1PBy/LVq7in4I2fEHGd2yjHvsekoA5A6kr9Qu9g=
Subject key identifier: 68:41:66:00:03:53:57:BE:3F:86:19:F2:8B:D7:2A:5B:8D:7B:42:F9
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 1C40
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/aEFmAANTV74_hhnyi9cqW417Qvk.roa
Signing time: Fri 13 Jun 2025 18:09:52 +0000
ROA not before: Fri 13 Jun 2025 18:09:52 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 125.169.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7232 (0x1c40)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 13 18:09:52 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=68416600035357BE3F8619F28BD72A5B8D7B42F9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:9a:25:12:28:51:e7:cd:5c:6d:29:c7:f4:f3:
29:ec:47:ae:7d:74:72:97:94:f0:80:b7:47:a0:bd:
8d:ee:48:1a:bd:d6:b2:37:1c:20:26:a4:77:c4:05:
7a:21:62:95:d4:ba:c2:26:16:5b:5a:21:8f:15:99:
c6:26:2e:73:74:14:c4:83:c1:a7:fb:73:7a:f2:76:
69:74:0b:4b:26:be:50:6f:92:7f:8e:b5:31:1c:88:
57:45:13:cf:29:13:b4:7a:5d:0c:47:9e:90:cf:ef:
9e:ba:fb:90:a5:a6:91:62:ca:b7:19:70:3a:56:40:
45:23:79:f6:3d:65:c2:fe:cb:55:21:7f:53:1a:58:
73:43:87:af:c3:94:27:f3:5a:82:b4:f7:f1:a9:0c:
78:b1:74:84:d9:4e:a3:ce:c6:5d:02:ec:0e:62:1d:
27:2e:90:53:84:fe:6c:b0:65:a1:93:e8:1b:ea:a8:
ab:ce:9c:dd:92:8b:14:93:cf:72:82:b7:de:1b:bc:
c4:35:06:ff:06:a8:f7:ea:f7:b1:8a:73:2c:d7:6d:
93:d3:fd:ab:6f:ab:86:c1:48:85:ec:36:6f:94:87:
c9:80:40:22:94:05:bf:e7:7b:ac:3d:ee:c3:c8:79:
96:4a:7a:bc:58:b2:23:8f:22:3f:05:67:d4:1f:f9:
7e:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:41:66:00:03:53:57:BE:3F:86:19:F2:8B:D7:2A:5B:8D:7B:42:F9
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/aEFmAANTV74_hhnyi9cqW417Qvk.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
125.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
9c:b1:fe:50:45:2f:f7:ab:3a:e1:6f:e7:81:27:37:1a:14:3f:
82:f5:05:9d:e3:ac:92:93:f6:16:3e:e1:21:45:6a:ce:51:a6:
4e:0b:c7:85:4d:df:b9:87:5c:2e:56:11:f6:08:42:8c:d4:a1:
9c:c2:0a:7a:af:65:0d:86:7f:f9:a9:f8:43:07:48:76:4c:3e:
dc:1f:b8:2f:ef:7c:bd:ee:e5:26:64:f9:11:fa:cd:08:2a:f8:
7f:64:48:88:54:52:cb:aa:c6:5d:47:36:da:c5:0b:16:4e:da:
03:70:b6:db:0e:ff:6e:9a:fb:37:4e:37:7a:23:c3:07:8c:51:
19:85:28:70:ee:06:c5:35:a4:9a:27:8b:d5:d5:dd:4e:07:7c:
f3:b8:ca:72:2e:f8:35:56:e1:d3:ce:fc:3b:49:2f:d8:d5:38:
7a:6d:63:3a:46:00:d1:28:6b:1f:58:d6:3a:06:22:20:a3:6e:
f0:4e:a9:10:db:df:3a:55:ed:c7:f0:39:60:99:67:2f:41:49:
1e:22:2f:11:b4:08:73:86:3d:87:38:31:d9:a1:ae:48:f2:f4:
f1:9f:b4:e5:77:74:ec:ca:03:b7:4d:d4:88:16:ae:e6:26:d8:
cd:c9:e7:dc:a7:b4:79:2c:ba:d7:60:3e:f7:02:8b:c7:94:cf:
d9:6e:8c:61
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICHEAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MTMx
ODA5NTJaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDY4NDE2NjAwMDM1MzU3
QkUzRjg2MTlGMjhCRDcyQTVCOEQ3QjQyRjkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDtmiUSKFHnzVxtKcf08ynsR659dHKXlPCAt0egvY3uSBq91rI3
HCAmpHfEBXohYpXUusImFltaIY8VmcYmLnN0FMSDwaf7c3rydml0C0smvlBvkn+O
tTEciFdFE88pE7R6XQxHnpDP7566+5ClppFiyrcZcDpWQEUjefY9ZcL+y1Uhf1Ma
WHNDh6/DlCfzWoK09/GpDHixdITZTqPOxl0C7A5iHScukFOE/mywZaGT6BvqqKvO
nN2SixSTz3KCt94bvMQ1Bv8GqPfq97GKcyzXbZPT/atvq4bBSIXsNm+Uh8mAQCKU
Bb/ne6w97sPIeZZKerxYsiOPIj8FZ9Qf+X6LAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUaEFmAANTV74/hhnyi9cqW417QvkwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9hRUZtQUFOVFY3NF9oaG55
aTljcVc0MTdRdmsucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
fakwDQYJKoZIhvcNAQELBQADggEBAJyx/lBFL/erOuFv54EnNxoUP4L1BZ3jrJKT
9hY+4SFFas5Rpk4Lx4VN37mHXC5WEfYIQozUoZzCCnqvZQ2Gf/mp+EMHSHZMPtwf
uC/vfL3u5SZk+RH6zQgq+H9kSIhUUsuqxl1HNtrFCxZO2gNwttsO/26a+zdON3oj
wweMURmFKHDuBsU1pJoni9XV3U4HfPO4ynIu+DVW4dPO/DtJL9jVOHptYzpGANEo
ax9Y1joGIiCjbvBOqRDb3zpV7cfwOWCZZy9BSR4iLxG0CHOGPYc4Mdmhrkjy9PGf
tOV3dOzKA7dN1IgWruYm2M3J59yntHksutdgPvcCi8eUz9lujGE=
-----END CERTIFICATE-----
Generated at Sun Jun 22 01:09:19 2025 by rpki-client