Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/uN94AqenTCb0pTB9sin2a52RqXE.roa
File: uN94AqenTCb0pTB9sin2a52RqXE.roa (raw, json)
Hash identifier: XBPS8fiXS0WUMoQ5EHpmemyEdGVG5jkkDRW9WmNtiyY=
Subject key identifier: B8:DF:78:02:A7:A7:4C:26:F4:A5:30:7D:B2:29:F6:6B:9D:91:A9:71
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 056C
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/uN94AqenTCb0pTB9sin2a52RqXE.roa
Signing time: Wed 14 May 2025 07:38:01 +0000
ROA not before: Wed 14 May 2025 07:38:01 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 125.169.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1388 (0x56c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 14 07:38:01 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=B8DF7802A7A74C26F4A5307DB229F66B9D91A971
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:4a:1f:db:7c:9f:3b:59:e3:2e:da:86:e7:f0:
55:92:9f:e5:84:1a:a0:89:a4:f9:47:d4:f3:be:25:
92:ab:19:75:63:29:ee:50:01:dc:ed:b9:06:d2:06:
a6:8a:8d:55:22:af:7a:26:62:c7:68:1c:04:d4:e7:
c3:95:be:79:4b:44:ae:76:43:6f:17:4e:dc:94:b6:
df:0d:8e:24:4a:1f:27:76:8f:ca:44:0d:85:6a:17:
0e:ed:34:0c:86:9d:42:01:7d:6c:e8:6f:98:d4:a9:
7b:b1:b1:fa:ff:46:65:ea:53:ab:44:d6:4d:4a:32:
92:12:b4:49:07:1c:97:4e:cb:cd:6d:5f:81:1e:59:
d9:1c:b1:e1:30:00:22:f3:b0:b9:fe:2a:19:3a:19:
b3:f6:1e:d4:69:fa:48:97:5e:d5:8d:ff:9d:3a:44:
11:88:b3:a7:91:71:3a:ab:17:26:95:c9:f1:90:03:
77:e1:55:3e:47:a3:e4:5f:3b:79:bd:21:f0:21:9b:
43:28:fa:5b:07:d6:db:e3:60:3c:5f:09:ee:d5:70:
6f:b0:f8:01:e8:74:1b:f0:07:b9:0c:e3:2d:bc:da:
95:19:f4:5f:22:4e:75:7e:77:7f:e7:f1:25:a6:5f:
97:bd:3d:1b:74:52:73:8d:fb:6d:64:5e:b5:eb:32:
b5:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:DF:78:02:A7:A7:4C:26:F4:A5:30:7D:B2:29:F6:6B:9D:91:A9:71
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/uN94AqenTCb0pTB9sin2a52RqXE.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
125.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
98:9d:2f:2c:05:e2:a5:bf:bf:a2:95:63:8a:13:e1:85:24:92:
0c:c7:22:dc:6a:65:14:ca:2f:22:63:32:37:f9:7a:12:a1:dd:
f3:ec:e7:20:53:8c:0a:d0:a3:72:7b:b2:61:05:ac:57:91:12:
3b:7d:72:13:92:9a:dc:31:03:75:fb:80:a2:88:2b:d5:36:61:
31:ed:b8:93:47:c4:05:d9:3e:70:96:0c:5b:9f:ce:5b:4e:2f:
a0:f5:e5:e0:70:c0:39:b3:03:d4:ae:2e:ba:50:0c:e0:e8:ef:
eb:e8:28:aa:d3:2d:a6:47:82:78:44:c0:c3:0d:d2:be:01:79:
dd:7a:65:f2:df:ad:d3:ed:b5:67:fe:75:a4:a9:de:db:26:23:
9e:62:4a:4c:e5:77:1d:d6:0d:75:ea:23:17:f8:b2:ce:7a:d6:
2a:67:2d:94:64:67:cb:1e:d4:ee:7e:2d:ea:64:a8:c9:31:3f:
4c:b4:46:8a:a4:34:b0:03:b0:cf:38:c8:37:fc:8a:df:fa:f9:
78:15:5d:29:5b:26:49:7d:f8:b0:63:9e:69:34:ed:ab:f6:1f:
e3:96:0b:d9:de:91:a2:aa:95:8b:85:1c:c9:eb:b6:3d:4e:16:
10:65:1a:59:8a:60:50:0f:2c:9f:bc:31:29:18:8a:5b:cd:6e:
dd:20:11:76
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICBWwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTQw
NzM4MDFaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEI4REY3ODAyQTdBNzRD
MjZGNEE1MzA3REIyMjlGNjZCOUQ5MUE5NzEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDASh/bfJ87WeMu2obn8FWSn+WEGqCJpPlH1PO+JZKrGXVjKe5Q
AdztuQbSBqaKjVUir3omYsdoHATU58OVvnlLRK52Q28XTtyUtt8NjiRKHyd2j8pE
DYVqFw7tNAyGnUIBfWzob5jUqXuxsfr/RmXqU6tE1k1KMpIStEkHHJdOy81tX4Ee
WdkcseEwACLzsLn+Khk6GbP2HtRp+kiXXtWN/506RBGIs6eRcTqrFyaVyfGQA3fh
VT5Ho+RfO3m9IfAhm0Mo+lsH1tvjYDxfCe7VcG+w+AHodBvwB7kM4y282pUZ9F8i
TnV+d3/n8SWmX5e9PRt0UnON+21kXrXrMrUTAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUuN94AqenTCb0pTB9sin2a52RqXEwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni91Tjk0QXFlblRDYjBwVEI5
c2luMmE1MlJxWEUucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
fakwDQYJKoZIhvcNAQELBQADggEBAJidLywF4qW/v6KVY4oT4YUkkgzHItxqZRTK
LyJjMjf5ehKh3fPs5yBTjArQo3J7smEFrFeREjt9chOSmtwxA3X7gKKIK9U2YTHt
uJNHxAXZPnCWDFufzltOL6D15eBwwDmzA9SuLrpQDODo7+voKKrTLaZHgnhEwMMN
0r4Bed16ZfLfrdPttWf+daSp3tsmI55iSkzldx3WDXXqIxf4ss561ipnLZRkZ8se
1O5+LepkqMkxP0y0RoqkNLADsM84yDf8it/6+XgVXSlbJkl9+LBjnmk07av2H+OW
C9nekaKqlYuFHMnrtj1OFhBlGlmKYFAPLJ+8MSkYilvNbt0gEXY=
-----END CERTIFICATE-----
Generated at Sun Jun 22 00:48:38 2025 by rpki-client