Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/bsdekbkWfWjxZMV57_woXn_YmNw.roa
File: bsdekbkWfWjxZMV57_woXn_YmNw.roa (raw, json)
Hash identifier: O6h/zlfJUSHXQpZO2kCnVx/yDhgmU/iZzsBd6sEamtI=
Subject key identifier: 6E:C7:5E:91:B9:16:7D:68:F1:64:C5:79:EF:FC:28:5E:7F:D8:98:DC
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 17CC
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/bsdekbkWfWjxZMV57_woXn_YmNw.roa
Signing time: Sat 07 Jun 2025 19:39:31 +0000
ROA not before: Sat 07 Jun 2025 19:39:31 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 125.169.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6092 (0x17cc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 7 19:39:31 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=6EC75E91B9167D68F164C579EFFC285E7FD898DC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:94:8d:49:48:fa:ba:6c:0b:28:21:9e:bf:3f:
98:b5:64:15:39:ee:3e:8f:ff:3f:9f:22:60:23:31:
b0:1e:61:78:95:de:4b:d4:60:47:df:26:21:3f:d5:
53:33:db:9f:14:31:32:81:d3:4c:ab:41:9f:a9:24:
99:27:85:76:2c:44:23:d9:e1:6b:47:ce:b8:b0:3d:
61:fb:94:5f:52:63:5d:01:69:23:52:54:61:77:a5:
0a:5f:79:3c:48:7e:14:e4:d8:7a:79:eb:ff:30:70:
5a:d0:06:db:18:6c:a4:91:1b:bb:34:72:c2:8c:f1:
1f:8f:08:83:07:b2:a9:1c:6f:3e:f3:e1:49:c6:0d:
61:1b:e8:59:e3:85:20:f8:b4:fb:62:a1:c0:bb:3a:
a2:1b:ac:92:cf:6a:f4:47:18:32:75:35:d1:cc:e9:
b7:b1:60:9b:33:75:74:5d:f7:ec:c9:54:7a:32:48:
9f:42:98:59:70:0f:75:db:8f:06:b5:1d:08:36:b4:
27:af:65:04:c6:43:eb:59:50:08:0c:e2:33:49:17:
b5:08:e7:4e:41:43:ba:1b:e4:e4:1a:67:c1:ac:a1:
67:25:64:b8:cd:be:fc:09:43:69:26:1e:78:5f:c1:
86:c4:02:83:83:cd:b5:55:56:b2:69:5b:e0:99:fb:
a4:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:C7:5E:91:B9:16:7D:68:F1:64:C5:79:EF:FC:28:5E:7F:D8:98:DC
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/bsdekbkWfWjxZMV57_woXn_YmNw.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
125.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
5e:70:18:51:81:a1:27:be:2d:fd:fb:54:45:56:65:6a:be:41:
19:10:ed:d3:73:26:ec:66:86:fe:13:45:0b:f0:8e:6a:5e:fe:
b0:d7:26:69:8f:f3:be:31:0e:16:e8:9b:8f:59:0c:11:11:9d:
6a:18:b1:60:a0:7e:d1:af:14:66:21:52:1e:91:12:f9:18:9a:
94:22:df:95:0d:f5:51:7b:76:f5:81:aa:75:da:ed:19:ac:6b:
fe:68:95:6b:be:e9:79:77:b3:b6:f2:db:06:ea:72:75:ca:73:
b2:65:5d:45:65:ba:be:60:ba:e2:7f:d5:f7:dc:0d:ea:b8:f7:
e7:22:05:4e:67:65:64:73:9d:ad:9e:fa:69:79:7c:98:18:dc:
a2:1b:47:e9:18:cc:ed:7e:2c:7b:22:df:fd:f4:8f:b3:e4:5a:
3f:0e:fa:05:27:67:4a:c3:30:7c:4b:a8:b6:19:86:3d:cb:09:
cd:75:7d:39:2d:61:60:fb:63:9f:a0:db:ad:23:7f:73:66:bb:
0d:45:b3:82:ba:96:96:db:c9:63:43:b7:2a:ae:91:e0:b9:15:
60:d5:bc:c6:a6:ca:2d:d4:3a:50:c0:f2:f8:89:50:31:dd:8f:
20:b5:58:a9:3b:10:3b:f6:4f:d5:c0:65:02:bc:ea:59:28:98:
3d:4f:a1:08
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICF8wwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MDcx
OTM5MzFaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDZFQzc1RTkxQjkxNjdE
NjhGMTY0QzU3OUVGRkMyODVFN0ZEODk4REMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDzlI1JSPq6bAsoIZ6/P5i1ZBU57j6P/z+fImAjMbAeYXiV3kvU
YEffJiE/1VMz258UMTKB00yrQZ+pJJknhXYsRCPZ4WtHzriwPWH7lF9SY10BaSNS
VGF3pQpfeTxIfhTk2Hp56/8wcFrQBtsYbKSRG7s0csKM8R+PCIMHsqkcbz7z4UnG
DWEb6FnjhSD4tPtiocC7OqIbrJLPavRHGDJ1NdHM6bexYJszdXRd9+zJVHoySJ9C
mFlwD3Xbjwa1HQg2tCevZQTGQ+tZUAgM4jNJF7UI505BQ7ob5OQaZ8GsoWclZLjN
vvwJQ2kmHnhfwYbEAoODzbVVVrJpW+CZ+6QHAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUbsdekbkWfWjxZMV57/woXn/YmNwwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9ic2Rla2JrV2ZXanhaTVY1
N193b1huX1ltTncucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
fakwDQYJKoZIhvcNAQELBQADggEBAF5wGFGBoSe+Lf37VEVWZWq+QRkQ7dNzJuxm
hv4TRQvwjmpe/rDXJmmP874xDhbom49ZDBERnWoYsWCgftGvFGYhUh6REvkYmpQi
35UN9VF7dvWBqnXa7Rmsa/5olWu+6Xl3s7by2wbqcnXKc7JlXUVlur5guuJ/1ffc
Deq49+ciBU5nZWRzna2e+ml5fJgY3KIbR+kYzO1+LHsi3/30j7PkWj8O+gUnZ0rD
MHxLqLYZhj3LCc11fTktYWD7Y5+g260jf3Nmuw1Fs4K6lpbbyWNDtyqukeC5FWDV
vMamyi3UOlDA8viJUDHdjyC1WKk7EDv2T9XAZQK86lkomD1PoQg=
-----END CERTIFICATE-----
Generated at Sun Jun 22 06:05:55 2025 by rpki-client