Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/rUhHFsCg4GYc-WTm-WJr9uwa76g.roa
File: rUhHFsCg4GYc-WTm-WJr9uwa76g.roa (raw, json)
Hash identifier: +JdgrHYu/TqFWOPffL3el6Z/AUNTkwpwWT1ff6JUw8g=
Subject key identifier: AD:48:47:16:C0:A0:E0:66:1C:F9:64:E6:F9:62:6B:F6:EC:1A:EF:A8
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0824
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/rUhHFsCg4GYc-WTm-WJr9uwa76g.roa
Signing time: Sat 17 May 2025 22:38:51 +0000
ROA not before: Sat 17 May 2025 22:38:51 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 125.169.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2084 (0x824)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 17 22:38:51 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=AD484716C0A0E0661CF964E6F9626BF6EC1AEFA8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:72:e9:97:fc:f0:df:16:ce:32:75:6b:39:48:
60:89:de:96:b8:67:47:f1:ee:15:af:0e:f7:46:04:
07:91:ad:01:18:b0:de:e0:68:0a:61:04:e8:dc:90:
8f:6a:42:c1:7a:23:e5:2b:86:02:77:c2:af:3a:9f:
6a:f7:09:36:ab:32:3b:9b:49:e4:33:a3:50:b0:79:
e2:f1:b3:b5:c6:2a:0e:8d:b4:b0:d3:6d:fc:2e:45:
49:6d:fc:d7:0b:c8:0c:a0:4f:44:69:83:24:b0:63:
db:c0:fc:6e:29:5b:c4:1a:9f:09:5f:56:ce:99:07:
1b:33:a1:e6:e0:0a:0e:42:af:2c:97:6b:84:d7:b4:
ea:7a:b8:0c:0f:9b:ad:5e:b6:77:94:ed:38:53:2c:
0b:99:a0:e0:b7:28:fb:f2:9f:91:90:50:9e:34:bd:
00:11:dc:36:8e:dc:8f:58:1f:ac:f7:af:da:f5:c1:
ba:f6:45:4d:5e:6d:09:1b:8a:9f:94:7a:a5:51:1b:
4c:b4:58:70:3a:84:63:9a:2a:c3:31:32:24:9d:24:
fe:8f:d0:2b:7d:ac:d5:33:ed:c7:ce:0a:16:e7:d2:
85:c2:0c:6b:16:53:f6:d9:7d:71:14:2f:89:7e:0f:
80:d6:00:50:2d:94:d3:6b:2b:c0:1f:2f:87:fe:14:
3f:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:48:47:16:C0:A0:E0:66:1C:F9:64:E6:F9:62:6B:F6:EC:1A:EF:A8
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/rUhHFsCg4GYc-WTm-WJr9uwa76g.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
125.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
66:5e:53:15:42:cb:47:70:d1:5f:b0:99:fb:93:1b:a5:ba:80:
c1:3d:a4:df:80:57:29:3d:b8:bf:9f:72:42:7a:16:50:75:69:
ba:ee:ed:41:da:0b:e6:8c:94:50:c2:14:fe:e8:57:2c:f4:11:
23:be:bd:f5:40:95:d9:9b:92:21:89:d5:b8:79:be:72:48:ce:
f2:68:23:33:ec:95:ba:ec:a0:5d:6f:40:8e:3d:bf:17:95:2f:
67:f4:4d:3d:46:e0:44:eb:82:95:19:72:2c:28:68:74:8a:56:
ee:0e:eb:8b:63:f3:e1:ce:eb:7d:d4:a3:33:3a:bc:37:e6:91:
10:c8:39:eb:d3:43:f8:37:30:3e:7f:39:6e:64:71:7c:9c:0c:
3b:75:b4:83:8f:b4:df:16:55:e5:cd:59:a9:23:27:3a:05:35:
7c:f5:5d:3c:61:d8:fb:34:a7:44:55:0e:45:f1:d9:28:07:56:
85:3e:04:0e:1f:0f:a9:cd:a8:3a:fc:fc:e2:7c:15:74:e5:9e:
2e:de:3b:b0:d1:18:3e:92:95:59:14:35:b2:fc:05:5d:71:01:
a7:c2:3f:a5:c0:6b:93:bf:12:ec:4b:68:01:90:da:8e:94:6c:
53:0c:29:e1:0f:cd:50:7b:df:56:6e:36:d2:a3:af:d5:a9:1f:
62:1b:28:53
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICCCQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTcy
MjM4NTFaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEFENDg0NzE2QzBBMEUw
NjYxQ0Y5NjRFNkY5NjI2QkY2RUMxQUVGQTgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDqcumX/PDfFs4ydWs5SGCJ3pa4Z0fx7hWvDvdGBAeRrQEYsN7g
aAphBOjckI9qQsF6I+UrhgJ3wq86n2r3CTarMjubSeQzo1CweeLxs7XGKg6NtLDT
bfwuRUlt/NcLyAygT0RpgySwY9vA/G4pW8QanwlfVs6ZBxszoebgCg5CryyXa4TX
tOp6uAwPm61etneU7ThTLAuZoOC3KPvyn5GQUJ40vQAR3DaO3I9YH6z3r9r1wbr2
RU1ebQkbip+UeqVRG0y0WHA6hGOaKsMxMiSdJP6P0Ct9rNUz7cfOChbn0oXCDGsW
U/bZfXEUL4l+D4DWAFAtlNNrK8AfL4f+FD9fAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUrUhHFsCg4GYc+WTm+WJr9uwa76gwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9yVWhIRnNDZzRHWWMtV1Rt
LVdKcjl1d2E3Nmcucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
fakwDQYJKoZIhvcNAQELBQADggEBAGZeUxVCy0dw0V+wmfuTG6W6gME9pN+AVyk9
uL+fckJ6FlB1abru7UHaC+aMlFDCFP7oVyz0ESO+vfVAldmbkiGJ1bh5vnJIzvJo
IzPslbrsoF1vQI49vxeVL2f0TT1G4ETrgpUZciwoaHSKVu4O64tj8+HO633UozM6
vDfmkRDIOevTQ/g3MD5/OW5kcXycDDt1tIOPtN8WVeXNWakjJzoFNXz1XTxh2Ps0
p0RVDkXx2SgHVoU+BA4fD6nNqDr8/OJ8FXTlni7eO7DRGD6SlVkUNbL8BV1xAafC
P6XAa5O/EuxLaAGQ2o6UbFMMKeEPzVB731ZuNtKjr9WpH2IbKFM=
-----END CERTIFICATE-----
Generated at Sat Jun 21 00:09:34 2025 by rpki-client