Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/yEi6GoDDpvy4yWeu1XkLN1EeJvA.roa
File: yEi6GoDDpvy4yWeu1XkLN1EeJvA.roa (raw, json)
Hash identifier: SV9ih/4bHESJnnZiceeyPxk49ekJ6GMCBr6uuIglMs0=
Subject key identifier: C8:48:BA:1A:80:C3:A6:FC:B8:C9:67:AE:D5:79:0B:37:51:1E:26:F0
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 1668
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/yEi6GoDDpvy4yWeu1XkLN1EeJvA.roa
Signing time: Thu 05 Jun 2025 23:09:24 +0000
ROA not before: Thu 05 Jun 2025 23:09:24 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 125.169.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5736 (0x1668)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 5 23:09:24 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=C848BA1A80C3A6FCB8C967AED5790B37511E26F0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:51:25:42:6d:aa:0f:66:90:ec:d5:2f:67:4c:
c9:a5:6a:68:51:89:f9:a8:a3:33:51:a4:5f:0f:27:
f1:b4:4a:93:28:d4:86:61:84:27:05:75:63:9c:97:
24:08:65:9f:04:44:34:0c:e6:20:e2:8f:1e:64:1e:
32:69:49:e5:14:d1:6c:2e:34:54:80:36:ab:3b:8c:
78:7a:60:44:c1:7e:95:3c:e8:77:d0:81:cb:76:b3:
f3:de:10:64:13:56:d9:07:b5:35:7f:8d:6e:17:ca:
18:5c:ca:ad:55:60:28:ec:e7:48:8f:9c:97:1b:ec:
6b:b4:78:76:38:18:0e:e5:05:a6:c0:f3:ca:80:ff:
50:0b:b1:22:bf:11:4f:e6:2a:e9:35:c0:78:dc:02:
61:18:c0:82:6d:35:6c:bb:85:67:2a:a7:e8:2d:21:
1b:36:73:e5:b9:9e:7a:22:c3:40:d2:9d:76:3d:34:
8d:f2:b1:f3:02:02:1a:6d:15:40:14:d8:43:8f:b0:
05:c3:7a:2c:f9:c9:c6:e9:18:15:70:a1:dd:c0:a3:
d2:2d:b4:14:fe:4b:fe:dd:bc:08:cd:10:3e:a2:48:
8d:1e:a7:d9:00:87:1c:2f:44:94:97:0e:af:80:c0:
35:7b:0c:42:1b:7d:d1:b8:92:9c:70:ac:68:3d:0d:
4a:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:48:BA:1A:80:C3:A6:FC:B8:C9:67:AE:D5:79:0B:37:51:1E:26:F0
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/yEi6GoDDpvy4yWeu1XkLN1EeJvA.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
125.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
65:c1:a3:f1:8b:31:d5:ac:9f:cd:0c:8e:14:24:8f:04:27:a5:
d5:65:d3:37:b5:11:80:cd:56:67:ff:72:ab:0b:b8:57:30:8a:
bd:b6:72:0d:9f:e8:de:59:47:d5:75:8d:e5:3b:60:31:d0:49:
41:81:87:55:ce:c6:69:ae:02:7f:5c:94:2e:4d:08:db:b1:c3:
9a:1c:ff:13:37:63:21:fe:92:36:f4:12:e2:15:0f:89:a9:39:
68:af:71:75:4b:c2:ed:8f:95:79:41:dc:9e:23:5b:f8:f4:59:
4b:32:8d:78:56:00:5d:fb:cb:0b:f5:4d:f2:13:70:f9:ef:3d:
9e:b1:4a:49:80:2b:50:ce:89:81:78:00:1f:f4:bb:95:4f:66:
eb:80:e0:85:3b:8d:b7:b3:dd:88:f4:e0:6b:1d:72:8f:e6:f6:
75:1c:19:75:c2:44:46:25:85:84:26:ac:d0:b4:57:6c:1c:4a:
58:25:49:f6:83:6c:d1:28:e9:fd:71:a6:b9:3a:4f:9e:fb:dc:
bc:9e:0f:4b:dc:bf:3f:a5:d7:e1:bb:c9:c4:ab:fd:a2:73:a3:
81:71:d2:33:67:28:20:a4:74:87:f6:ac:79:a7:74:7f:a2:04:
b1:47:b6:16:d2:0b:e4:ae:07:67:27:1c:96:15:5b:fe:73:fc:
75:ad:ff:f9
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICFmgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MDUy
MzA5MjRaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEM4NDhCQTFBODBDM0E2
RkNCOEM5NjdBRUQ1NzkwQjM3NTExRTI2RjAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDZUSVCbaoPZpDs1S9nTMmlamhRifmoozNRpF8PJ/G0SpMo1IZh
hCcFdWOclyQIZZ8ERDQM5iDijx5kHjJpSeUU0WwuNFSANqs7jHh6YETBfpU86HfQ
gct2s/PeEGQTVtkHtTV/jW4Xyhhcyq1VYCjs50iPnJcb7Gu0eHY4GA7lBabA88qA
/1ALsSK/EU/mKuk1wHjcAmEYwIJtNWy7hWcqp+gtIRs2c+W5nnoiw0DSnXY9NI3y
sfMCAhptFUAU2EOPsAXDeiz5ycbpGBVwod3Ao9IttBT+S/7dvAjNED6iSI0ep9kA
hxwvRJSXDq+AwDV7DEIbfdG4kpxwrGg9DUodAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUyEi6GoDDpvy4yWeu1XkLN1EeJvAwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni95RWk2R29ERHB2eTR5V2V1
MVhrTE4xRWVKdkEucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
fakwDQYJKoZIhvcNAQELBQADggEBAGXBo/GLMdWsn80MjhQkjwQnpdVl0ze1EYDN
Vmf/cqsLuFcwir22cg2f6N5ZR9V1jeU7YDHQSUGBh1XOxmmuAn9clC5NCNuxw5oc
/xM3YyH+kjb0EuIVD4mpOWivcXVLwu2PlXlB3J4jW/j0WUsyjXhWAF37ywv1TfIT
cPnvPZ6xSkmAK1DOiYF4AB/0u5VPZuuA4IU7jbez3Yj04Gsdco/m9nUcGXXCREYl
hYQmrNC0V2wcSlglSfaDbNEo6f1xprk6T5773LyeD0vcvz+l1+G7ycSr/aJzo4Fx
0jNnKCCkdIf2rHmndH+iBLFHthbSC+SuB2cnHJYVW/5z/HWt//k=
-----END CERTIFICATE-----
Generated at Sun Jun 22 14:45:23 2025 by rpki-client