Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/nu1pr9ekCgOufGH0jvBhp5NUsvE.roa
File: nu1pr9ekCgOufGH0jvBhp5NUsvE.roa (raw, json)
Hash identifier: q68IshjWCShnKHMnElQWWpWmxktr3gPX/lMUInd0mUw=
Subject key identifier: 9E:ED:69:AF:D7:A4:0A:03:AE:7C:61:F4:8E:F0:61:A7:93:54:B2:F1
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 15FC
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/nu1pr9ekCgOufGH0jvBhp5NUsvE.roa
Signing time: Thu 05 Jun 2025 09:39:24 +0000
ROA not before: Thu 05 Jun 2025 09:39:24 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 125.169.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5628 (0x15fc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 5 09:39:24 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=9EED69AFD7A40A03AE7C61F48EF061A79354B2F1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:49:ed:d0:48:44:1d:9b:8a:9e:ff:aa:96:ec:
76:b1:03:11:d1:78:91:89:e0:9f:76:b7:bf:96:c6:
c6:a9:a3:0c:75:15:ec:17:4a:df:d8:1d:91:84:d3:
31:eb:8e:90:ad:c2:aa:2e:ac:f1:8f:41:7c:78:e2:
4b:23:7f:d8:4c:00:10:5c:40:8d:fb:92:47:58:ed:
3a:d0:b4:b5:06:66:a7:42:ec:6b:3a:ac:8d:d6:68:
7c:12:48:f8:ff:bb:98:0c:1a:c5:29:66:b2:5c:d4:
93:73:59:dc:20:95:be:da:1e:a8:35:eb:db:f5:0e:
27:85:f8:95:ef:1b:db:dc:79:2b:5a:9c:8a:d2:de:
e3:10:89:6c:28:45:7d:e5:8f:ac:59:82:2d:fa:8b:
a8:20:47:44:54:23:3d:0f:57:83:17:43:74:f2:a9:
ea:8a:63:f4:2e:e2:33:fe:68:b0:bd:46:5e:c1:4d:
32:3a:f4:7b:82:6f:2d:53:0f:ce:54:b2:33:18:f6:
48:fb:8e:36:cf:be:d8:01:b4:ac:55:d1:7d:01:b0:
86:c3:fe:6e:6a:67:da:1a:f5:5c:3d:04:e2:25:5e:
0b:95:4c:8c:d4:6b:69:73:5f:10:87:67:11:33:c2:
bb:0b:03:cb:e2:11:07:69:19:25:44:24:32:78:05:
ce:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:ED:69:AF:D7:A4:0A:03:AE:7C:61:F4:8E:F0:61:A7:93:54:B2:F1
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/nu1pr9ekCgOufGH0jvBhp5NUsvE.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
125.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
8c:a8:c3:bd:41:19:ee:da:98:d2:5c:f3:52:06:29:e4:c1:00:
44:50:17:69:dd:59:1a:48:bb:2c:70:01:d1:75:5d:b9:10:fd:
e6:a4:35:34:27:2e:bc:a0:fc:a3:02:71:1d:f1:db:2b:5e:ca:
83:48:5f:b0:64:ec:8b:d3:52:54:2f:82:ae:f7:87:5a:d4:7b:
11:80:fb:ad:42:2a:32:4f:04:4d:4a:04:49:0a:9e:4a:91:c9:
74:5d:dd:22:22:55:1f:73:ac:1b:ce:4f:0d:7e:63:6e:5c:f9:
21:2b:0e:de:65:f4:89:c7:8b:8b:e4:2d:7d:45:c1:b4:a7:34:
1e:cb:1c:52:0a:87:45:ff:fc:24:dd:ef:56:55:8b:7f:ce:cf:
ac:3a:09:7b:c6:ef:bb:77:81:e3:a2:c1:7a:a8:93:30:75:77:
44:5e:42:d7:00:4e:ba:40:55:79:16:b5:f0:cd:ed:fe:2c:63:
ce:cd:32:7d:5f:12:76:2f:f5:c8:55:38:f8:ca:8c:3e:05:8f:
37:1d:d3:09:f2:b1:64:58:6d:72:58:f7:82:93:81:db:43:d1:
fc:0e:bf:5e:b1:03:e8:70:d5:32:08:cd:e5:d8:f6:e5:b4:e8:
be:52:1d:61:9c:48:b7:f7:91:8e:37:3d:86:a4:62:c0:b8:5b:
2a:29:44:1b
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICFfwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MDUw
OTM5MjRaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDlFRUQ2OUFGRDdBNDBB
MDNBRTdDNjFGNDhFRjA2MUE3OTM1NEIyRjEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCnSe3QSEQdm4qe/6qW7HaxAxHReJGJ4J92t7+Wxsapowx1FewX
St/YHZGE0zHrjpCtwqourPGPQXx44ksjf9hMABBcQI37kkdY7TrQtLUGZqdC7Gs6
rI3WaHwSSPj/u5gMGsUpZrJc1JNzWdwglb7aHqg169v1DieF+JXvG9vceStanIrS
3uMQiWwoRX3lj6xZgi36i6ggR0RUIz0PV4MXQ3TyqeqKY/Qu4jP+aLC9Rl7BTTI6
9HuCby1TD85UsjMY9kj7jjbPvtgBtKxV0X0BsIbD/m5qZ9oa9Vw9BOIlXguVTIzU
a2lzXxCHZxEzwrsLA8viEQdpGSVEJDJ4Bc7tAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUnu1pr9ekCgOufGH0jvBhp5NUsvEwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9udTFwcjlla0NnT3VmR0gw
anZCaHA1TlVzdkUucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
fakwDQYJKoZIhvcNAQELBQADggEBAIyow71BGe7amNJc81IGKeTBAERQF2ndWRpI
uyxwAdF1XbkQ/eakNTQnLryg/KMCcR3x2yteyoNIX7Bk7IvTUlQvgq73h1rUexGA
+61CKjJPBE1KBEkKnkqRyXRd3SIiVR9zrBvOTw1+Y25c+SErDt5l9InHi4vkLX1F
wbSnNB7LHFIKh0X//CTd71ZVi3/Oz6w6CXvG77t3geOiwXqokzB1d0ReQtcATrpA
VXkWtfDN7f4sY87NMn1fEnYv9chVOPjKjD4Fjzcd0wnysWRYbXJY94KTgdtD0fwO
v16xA+hw1TIIzeXY9uW06L5SHWGcSLf3kY43PYakYsC4WyopRBs=
-----END CERTIFICATE-----
Generated at Sun Jun 22 03:55:18 2025 by rpki-client