Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/cLAOJ8sLgkTvba4N2y5TYSxiKqo.roa
File: cLAOJ8sLgkTvba4N2y5TYSxiKqo.roa (raw, json)
Hash identifier: mN/yZ/z1dGR0uiGls6TA0UhmjpaINXzlJxwfG/5rsN4=
Subject key identifier: 70:B0:0E:27:CB:0B:82:44:EF:6D:AE:0D:DB:2E:53:61:2C:62:2A:AA
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 176C
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/cLAOJ8sLgkTvba4N2y5TYSxiKqo.roa
Signing time: Sat 07 Jun 2025 07:40:13 +0000
ROA not before: Sat 07 Jun 2025 07:40:13 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 125.169.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5996 (0x176c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 7 07:40:13 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=70B00E27CB0B8244EF6DAE0DDB2E53612C622AAA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:6a:6b:33:05:57:d7:f5:12:eb:dc:70:ba:bd:
58:83:8a:f9:26:cb:97:54:1f:d8:0d:c9:01:f7:48:
5a:77:6b:b2:66:0a:67:fe:35:23:81:64:9f:90:71:
db:91:f1:3e:00:7d:06:40:2a:01:0f:ff:73:94:3c:
85:be:e2:ed:45:b9:3c:8e:08:29:f0:30:05:87:67:
24:81:b8:44:de:67:bf:0c:94:ff:c8:21:67:27:60:
a1:c8:2b:6d:a1:7d:de:ee:8e:30:da:3c:5c:0b:15:
7d:93:b6:95:79:44:e9:da:c0:ae:4e:ee:f3:54:a6:
8d:54:a2:3e:59:16:06:3f:50:fc:e0:0f:aa:ec:09:
f8:02:e2:b9:8c:c4:48:a9:59:87:fc:ae:b0:57:41:
12:e0:40:b2:f8:74:1f:41:8f:63:01:f1:10:ed:16:
1e:0e:14:e1:24:23:27:8b:fc:26:73:64:da:d1:b7:
8a:0a:51:7b:60:f4:df:36:b8:f1:94:ba:4c:ba:33:
fb:81:ff:43:1d:0a:19:a5:38:3e:fd:4e:9d:6d:64:
7c:bd:1a:6c:00:1b:b2:7c:41:f7:eb:d1:fe:e4:ab:
b1:4a:22:55:06:0b:29:06:6a:72:78:36:31:7b:d4:
43:4b:1d:da:64:74:06:08:bd:9b:fd:ed:6d:42:8b:
22:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:B0:0E:27:CB:0B:82:44:EF:6D:AE:0D:DB:2E:53:61:2C:62:2A:AA
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/cLAOJ8sLgkTvba4N2y5TYSxiKqo.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
125.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
38:59:c2:2c:82:e6:35:b8:64:e0:5f:48:e7:01:f1:e5:7c:78:
de:40:fc:1b:a5:1c:97:a2:b4:6f:ac:e2:91:2b:2b:f1:d2:e5:
16:69:f3:58:b6:56:ef:83:79:61:ef:92:f3:8f:84:0a:d2:84:
12:6d:9c:70:bc:30:0d:fb:62:b5:20:27:5c:15:dd:33:81:15:
fc:2d:f9:f5:f3:00:4a:3b:25:23:b7:41:04:9d:1a:89:bf:66:
8b:14:b6:bf:c2:19:b8:6a:28:bd:68:a5:46:27:cd:2a:a4:f1:
27:21:99:f6:a9:db:7d:42:4d:ef:44:cc:80:0f:22:5c:ce:dc:
2f:6a:ce:04:49:75:66:b5:c8:f6:85:b2:39:16:11:59:21:40:
2d:20:d1:aa:48:ee:49:d6:82:28:c2:aa:33:69:3c:28:fd:62:
e5:69:ce:5d:d0:ce:4e:a4:8b:df:8a:d6:6b:10:6f:41:de:b6:
d6:0b:2a:12:5f:d3:54:92:6c:b6:3f:e3:3f:6d:b4:21:aa:6f:
16:e0:4b:11:ed:00:06:ec:3a:d5:53:23:2b:0f:b2:69:34:27:
f8:81:7d:b4:1c:2b:42:ba:09:9b:07:7e:06:1b:d3:38:de:0b:
5d:f9:00:7e:ab:a4:8b:43:36:62:d2:89:b7:1a:09:5c:19:b2:
3f:b2:6b:a1
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICF2wwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MDcw
NzQwMTNaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDcwQjAwRTI3Q0IwQjgy
NDRFRjZEQUUwRERCMkU1MzYxMkM2MjJBQUEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC+amszBVfX9RLr3HC6vViDivkmy5dUH9gNyQH3SFp3a7JmCmf+
NSOBZJ+QcduR8T4AfQZAKgEP/3OUPIW+4u1FuTyOCCnwMAWHZySBuETeZ78MlP/I
IWcnYKHIK22hfd7ujjDaPFwLFX2TtpV5ROnawK5O7vNUpo1Uoj5ZFgY/UPzgD6rs
CfgC4rmMxEipWYf8rrBXQRLgQLL4dB9Bj2MB8RDtFh4OFOEkIyeL/CZzZNrRt4oK
UXtg9N82uPGUuky6M/uB/0MdChmlOD79Tp1tZHy9GmwAG7J8Qffr0f7kq7FKIlUG
CykGanJ4NjF71ENLHdpkdAYIvZv97W1CiyKfAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUcLAOJ8sLgkTvba4N2y5TYSxiKqowHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9jTEFPSjhzTGdrVHZiYTRO
Mnk1VFlTeGlLcW8ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
fakwDQYJKoZIhvcNAQELBQADggEBADhZwiyC5jW4ZOBfSOcB8eV8eN5A/BulHJei
tG+s4pErK/HS5RZp81i2Vu+DeWHvkvOPhArShBJtnHC8MA37YrUgJ1wV3TOBFfwt
+fXzAEo7JSO3QQSdGom/ZosUtr/CGbhqKL1opUYnzSqk8Schmfap231CTe9EzIAP
IlzO3C9qzgRJdWa1yPaFsjkWEVkhQC0g0apI7knWgijCqjNpPCj9YuVpzl3Qzk6k
i9+K1msQb0HettYLKhJf01SSbLY/4z9ttCGqbxbgSxHtAAbsOtVTIysPsmk0J/iB
fbQcK0K6CZsHfgYb0zjeC135AH6rpItDNmLSibcaCVwZsj+ya6E=
-----END CERTIFICATE-----
Generated at Sun Jun 15 09:14:42 2025 by rpki-client