Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/6XkqSiYvP1dXYakzy5ugMgAFayI.roa
File: 6XkqSiYvP1dXYakzy5ugMgAFayI.roa (raw, json)
Hash identifier: B7AJcWMy5b1nPM/uTxHMbxGsrN83YBESm0Iwxa6HXOY=
Subject key identifier: E9:79:2A:4A:26:2F:3F:57:57:61:A9:33:CB:9B:A0:32:00:05:6B:22
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0170
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/6XkqSiYvP1dXYakzy5ugMgAFayI.roa
Signing time: Fri 09 May 2025 00:07:43 +0000
ROA not before: Fri 09 May 2025 00:07:43 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 125.169.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 368 (0x170)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 9 00:07:43 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=E9792A4A262F3F575761A933CB9BA03200056B22
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:70:e5:43:22:6f:8e:4a:da:fc:94:76:c0:eb:
16:e5:94:9c:cb:9c:4f:c0:5e:15:ea:8e:76:64:3c:
d0:c6:53:5f:ee:da:be:84:f4:68:19:e4:cf:cf:b9:
4c:b8:13:d4:cf:17:5f:63:74:20:dc:95:a1:15:18:
df:05:37:ea:07:b2:ad:47:fb:56:3a:c6:45:9c:8f:
c9:66:41:95:54:cd:ab:e2:78:60:95:7b:ea:fb:7b:
c1:eb:b9:9a:54:8e:ce:0c:5d:de:99:6e:1f:6e:2e:
f2:79:c4:2e:25:65:8f:94:28:6c:03:a7:4e:fd:ea:
38:fd:b4:c5:08:36:c2:3d:ed:13:7f:0e:7c:82:0c:
ed:46:40:6c:af:5b:78:65:18:8d:01:e9:f6:7d:2a:
b5:d1:2c:fb:ac:70:97:0c:17:ad:e2:e2:a3:bc:44:
3e:d2:a4:89:b8:6d:e6:3f:b4:c3:78:cd:56:21:a0:
ef:19:fb:39:3d:6b:eb:fe:de:11:56:c3:bb:f9:0b:
97:0a:30:a4:f7:0f:f7:d9:47:e6:ab:48:33:27:07:
ff:d2:d7:48:20:3a:df:f5:e0:18:c8:06:35:0b:26:
e9:f2:96:d9:ee:a8:9b:50:3e:b6:62:ca:c2:cc:ed:
ec:94:07:f8:a0:81:2e:7a:0a:a7:63:32:ff:c0:1b:
24:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:79:2A:4A:26:2F:3F:57:57:61:A9:33:CB:9B:A0:32:00:05:6B:22
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/6XkqSiYvP1dXYakzy5ugMgAFayI.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
125.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
5a:1a:bf:14:8e:42:07:7f:37:1a:64:ce:2b:4f:8d:f4:4f:97:
8c:fe:6c:0d:ef:23:17:fc:22:3a:5a:b6:b4:bb:3b:f2:2c:fd:
59:7b:38:31:62:6d:c6:e8:20:3a:ba:c1:91:c6:68:65:e3:42:
5e:60:ea:70:49:14:e3:7b:75:39:02:a7:a0:55:91:b7:fb:81:
44:33:cd:58:83:27:2c:fe:a7:eb:97:de:f8:4f:bb:06:a7:eb:
e5:ff:77:87:da:04:7f:57:68:16:fb:ea:fc:e4:60:1f:9f:6d:
ee:5d:29:4e:7d:6e:d1:40:27:59:08:80:66:bd:0d:d7:14:1c:
e0:c9:52:f3:6f:bd:c2:da:a5:35:60:ab:a7:57:69:08:83:2a:
c8:90:58:e8:81:fc:92:1a:16:b6:8c:ae:09:cd:79:c2:15:f5:
b9:82:de:8d:b3:c8:04:90:d8:d5:1d:cd:d8:53:40:7f:79:4e:
3e:f3:90:cd:e3:2b:f8:cc:96:8a:1b:b8:77:a3:44:c8:f0:a8:
30:a4:00:ca:f9:c1:d4:d5:4c:96:37:aa:25:a3:57:a4:97:cf:
ea:5c:86:2d:99:85:d6:00:90:02:13:00:84:78:e5:ad:79:9a:
84:6d:1f:74:87:27:b8:b7:8f:db:f6:0e:4f:2d:da:38:0b:df:
52:e7:33:3f
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICAXAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MDkw
MDA3NDNaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEU5NzkyQTRBMjYyRjNG
NTc1NzYxQTkzM0NCOUJBMDMyMDAwNTZCMjIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC+cOVDIm+OStr8lHbA6xbllJzLnE/AXhXqjnZkPNDGU1/u2r6E
9GgZ5M/PuUy4E9TPF19jdCDclaEVGN8FN+oHsq1H+1Y6xkWcj8lmQZVUzavieGCV
e+r7e8HruZpUjs4MXd6Zbh9uLvJ5xC4lZY+UKGwDp0796jj9tMUINsI97RN/DnyC
DO1GQGyvW3hlGI0B6fZ9KrXRLPuscJcMF63i4qO8RD7SpIm4beY/tMN4zVYhoO8Z
+zk9a+v+3hFWw7v5C5cKMKT3D/fZR+arSDMnB//S10ggOt/14BjIBjULJunyltnu
qJtQPrZiysLM7eyUB/iggS56CqdjMv/AGyTnAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQU6XkqSiYvP1dXYakzy5ugMgAFayIwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni82WGtxU2lZdlAxZFhZYWt6
eTV1Z01nQUZheUkucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
fakwDQYJKoZIhvcNAQELBQADggEBAFoavxSOQgd/NxpkzitPjfRPl4z+bA3vIxf8
IjpatrS7O/Is/Vl7ODFibcboIDq6wZHGaGXjQl5g6nBJFON7dTkCp6BVkbf7gUQz
zViDJyz+p+uX3vhPuwan6+X/d4faBH9XaBb76vzkYB+fbe5dKU59btFAJ1kIgGa9
DdcUHODJUvNvvcLapTVgq6dXaQiDKsiQWOiB/JIaFraMrgnNecIV9bmC3o2zyASQ
2NUdzdhTQH95Tj7zkM3jK/jMloobuHejRMjwqDCkAMr5wdTVTJY3qiWjV6SXz+pc
hi2ZhdYAkAITAIR45a15moRtH3SHJ7i3j9v2Dk8t2jgL31LnMz8=
-----END CERTIFICATE-----
Generated at Sat May 17 21:30:15 2025 by rpki-client