Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/dW6sh7zhFuEhDKvvLdSzu_5_LrA.roa
File: dW6sh7zhFuEhDKvvLdSzu_5_LrA.roa (raw, json)
Hash identifier: arnGIEUnWoiyy57VSw2prqclMWqgBKHGlo2fhz2+LDY=
Subject key identifier: 75:6E:AC:87:BC:E1:16:E1:21:0C:AB:EF:2D:D4:B3:BB:FE:7F:2E:B0
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 197C
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/dW6sh7zhFuEhDKvvLdSzu_5_LrA.roa
Signing time: Tue 10 Jun 2025 01:39:44 +0000
ROA not before: Tue 10 Jun 2025 01:39:44 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 125.169.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6524 (0x197c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 10 01:39:44 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=756EAC87BCE116E1210CABEF2DD4B3BBFE7F2EB0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:5d:53:47:60:34:6b:f1:5c:e0:2e:93:b9:d5:
aa:61:f1:bb:bc:e0:f3:ea:d7:d9:19:67:47:c7:29:
32:fb:f8:58:e7:ef:e6:74:46:08:0f:32:58:05:0f:
38:cc:99:22:0d:76:15:83:7e:44:32:33:45:56:2b:
20:a0:f8:5b:f9:80:e2:12:29:08:3b:91:f4:29:aa:
44:f9:25:d5:f3:f3:7a:0d:2c:56:28:f9:49:0c:42:
ce:af:f4:46:c9:32:bb:30:ab:78:53:19:17:04:ea:
0e:88:a3:b2:e3:26:50:93:76:d9:7e:59:61:c4:42:
4a:b9:91:8e:20:40:4b:7f:4e:dc:67:44:d0:6d:02:
d8:e3:e6:c9:56:90:83:f2:36:9d:c8:3f:73:91:8f:
e1:74:d3:e9:80:c6:cb:80:b0:3f:1d:fa:17:a8:76:
f9:ca:6d:ab:f0:2b:83:64:8e:fe:d1:91:8f:21:dd:
8b:52:a8:72:27:2b:3e:24:7e:8a:f8:34:46:7d:19:
65:7a:4d:25:66:35:da:22:64:fc:cb:ea:a6:17:b3:
c3:02:08:38:66:82:30:a3:15:33:7b:ce:83:6f:3d:
85:94:d7:08:e2:d1:ba:b9:a3:06:48:9b:19:a3:27:
78:15:24:61:d1:c2:99:78:0a:53:00:7b:00:00:df:
0e:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:6E:AC:87:BC:E1:16:E1:21:0C:AB:EF:2D:D4:B3:BB:FE:7F:2E:B0
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/dW6sh7zhFuEhDKvvLdSzu_5_LrA.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
125.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
a1:43:8c:76:0d:dc:53:4e:c2:83:b9:09:c8:f3:ee:97:26:a7:
19:fb:93:f0:07:2b:0b:08:82:85:39:66:61:91:ed:4f:64:8a:
18:98:2d:aa:24:fb:d9:e9:a7:69:15:31:d1:6c:c1:19:f0:2a:
2d:b6:40:5e:40:04:f5:38:4c:81:fc:e0:ac:e0:29:8b:4f:b6:
cc:9b:e3:63:c9:af:58:09:46:81:ac:20:42:63:30:dc:cb:c6:
2e:5d:2a:87:4f:b4:a2:6a:12:c5:33:70:f3:dd:d6:f3:c3:a8:
05:f9:6b:76:d6:33:6e:56:f3:a4:c5:2a:8e:67:f4:76:95:4b:
85:5c:8b:63:88:e5:37:33:5b:3d:d5:30:96:48:69:d2:c2:1c:
89:3a:e7:04:52:82:b4:e9:5e:57:98:54:de:08:78:3d:6b:40:
a9:48:6b:1d:0e:00:a8:7d:09:4b:14:52:ad:f8:4b:15:60:20:
20:24:8e:e0:53:1d:79:cc:a9:71:72:7a:68:e7:a1:62:34:b1:
17:76:ac:83:58:48:8d:0b:ac:e6:f2:8d:c6:9f:5c:91:53:85:
8a:23:19:5c:c8:e3:4c:96:68:90:58:22:be:f3:16:fc:44:26:
d0:3e:c8:78:42:5c:cb:60:ca:7b:7f:e3:f4:28:93:e8:24:36:
3c:88:84:d5
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICGXwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MTAw
MTM5NDRaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDc1NkVBQzg3QkNFMTE2
RTEyMTBDQUJFRjJERDRCM0JCRkU3RjJFQjAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCbXVNHYDRr8VzgLpO51aph8bu84PPq19kZZ0fHKTL7+Fjn7+Z0
RggPMlgFDzjMmSINdhWDfkQyM0VWKyCg+Fv5gOISKQg7kfQpqkT5JdXz83oNLFYo
+UkMQs6v9EbJMrswq3hTGRcE6g6Io7LjJlCTdtl+WWHEQkq5kY4gQEt/TtxnRNBt
Atjj5slWkIPyNp3IP3ORj+F00+mAxsuAsD8d+heodvnKbavwK4Nkjv7RkY8h3YtS
qHInKz4kfor4NEZ9GWV6TSVmNdoiZPzL6qYXs8MCCDhmgjCjFTN7zoNvPYWU1wji
0bq5owZImxmjJ3gVJGHRwpl4ClMAewAA3w5XAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUdW6sh7zhFuEhDKvvLdSzu/5/LrAwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9kVzZzaDd6aEZ1RWhES3Z2
TGRTenVfNV9MckEucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
fakwDQYJKoZIhvcNAQELBQADggEBAKFDjHYN3FNOwoO5Ccjz7pcmpxn7k/AHKwsI
goU5ZmGR7U9kihiYLaok+9npp2kVMdFswRnwKi22QF5ABPU4TIH84KzgKYtPtsyb
42PJr1gJRoGsIEJjMNzLxi5dKodPtKJqEsUzcPPd1vPDqAX5a3bWM25W86TFKo5n
9HaVS4Vci2OI5TczWz3VMJZIadLCHIk65wRSgrTpXleYVN4IeD1rQKlIax0OAKh9
CUsUUq34SxVgICAkjuBTHXnMqXFyemjnoWI0sRd2rINYSI0LrObyjcafXJFThYoj
GVzI40yWaJBYIr7zFvxEJtA+yHhCXMtgynt/4/Qok+gkNjyIhNU=
-----END CERTIFICATE-----
Generated at Sun Jun 22 06:33:30 2025 by rpki-client