Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/aTSIWwavr3_lHk2lDTcuq0j9Bms.roa
File: aTSIWwavr3_lHk2lDTcuq0j9Bms.roa (raw, json)
Hash identifier: 6+/FJPxEBkVaiYvSpx5wAZGHxRyBiG3yUsVyOJ+y/V4=
Subject key identifier: 69:34:88:5B:06:AF:AF:7F:E5:1E:4D:A5:0D:37:2E:AB:48:FD:06:6B
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 06F4
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/aTSIWwavr3_lHk2lDTcuq0j9Bms.roa
Signing time: Fri 16 May 2025 08:38:04 +0000
ROA not before: Fri 16 May 2025 08:38:04 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 125.169.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1780 (0x6f4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 16 08:38:04 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=6934885B06AFAF7FE51E4DA50D372EAB48FD066B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:83:06:17:c0:47:15:fc:ee:68:97:87:dd:0b:
90:49:86:da:37:ab:ad:4d:e7:39:26:92:93:d1:54:
9e:0f:36:62:c0:d3:de:72:1d:f7:5e:07:2c:57:25:
28:1c:38:b8:7b:e6:46:3c:da:51:c0:63:2d:04:a8:
7d:e5:96:87:6e:56:5a:28:eb:bf:82:6e:f1:77:9a:
4a:02:bf:f4:15:2e:14:26:ea:87:ac:9a:27:47:91:
27:67:a9:41:07:74:ee:53:54:91:15:16:f9:31:dd:
b0:80:09:c6:c9:06:7b:3f:d0:86:94:09:e9:51:bd:
a5:ca:a9:e1:2b:c1:ab:30:2c:d4:5f:e8:1e:d3:f6:
4d:b2:67:da:f6:ce:a2:39:4f:22:96:18:37:3d:17:
a2:6e:24:d3:31:96:bd:24:ed:9a:a7:d5:a4:d5:4e:
0b:5e:49:c2:7c:75:55:6e:65:e1:4b:4e:99:a4:e9:
31:87:e9:00:00:2e:52:df:f8:6c:15:ef:b1:d1:cf:
38:de:fa:c7:4a:2b:72:72:fe:a9:88:14:3f:15:85:
04:b2:22:0b:ad:d9:82:46:e4:2c:87:27:b2:ec:52:
8c:d1:ee:af:31:df:5f:99:51:55:59:f3:5b:98:6f:
45:5d:7d:69:8c:6f:db:6f:1e:78:c2:a7:a8:c4:dc:
a2:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:34:88:5B:06:AF:AF:7F:E5:1E:4D:A5:0D:37:2E:AB:48:FD:06:6B
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/aTSIWwavr3_lHk2lDTcuq0j9Bms.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
125.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
7c:eb:29:ca:af:cf:94:a8:cc:33:c5:5b:ca:cd:e2:a6:1f:94:
ce:71:53:58:91:17:e9:18:82:67:52:1e:34:f0:f4:eb:28:d4:
50:d0:37:2e:11:f2:b9:3e:88:4a:0b:c9:68:c9:b9:22:05:13:
f2:69:69:25:88:ae:cf:84:2d:d5:68:13:fc:e5:10:32:97:04:
28:73:71:77:20:9d:c3:12:5c:6d:03:7f:45:dd:43:e5:65:79:
16:e7:15:60:0e:f1:39:79:10:24:dd:94:a0:56:84:9a:83:d8:
4c:a5:4b:ac:89:4b:fe:7f:17:c4:65:3c:b9:90:4d:58:73:a7:
62:06:86:69:a3:97:30:60:9f:f5:1d:b3:d7:54:ad:5d:df:10:
e6:12:27:22:b4:00:b4:7d:63:0a:08:a1:07:0f:f2:dc:af:44:
25:b4:2f:2c:9d:3a:81:f1:57:59:00:81:b7:9b:86:b3:10:1f:
7c:8a:fe:15:b0:15:57:83:92:b2:ab:08:c8:dc:3f:a6:18:1c:
43:ab:ba:45:d0:39:4b:08:ab:d3:fa:51:f8:a5:9c:29:7e:90:
11:5c:56:39:49:2b:f9:99:8b:3f:49:6f:52:e9:96:0d:34:16:
ce:91:31:28:2c:38:02:c8:27:a0:b6:cb:4b:eb:4b:b8:02:64:
ca:06:66:53
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICBvQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTYw
ODM4MDRaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDY5MzQ4ODVCMDZBRkFG
N0ZFNTFFNERBNTBEMzcyRUFCNDhGRDA2NkIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDGgwYXwEcV/O5ol4fdC5BJhto3q61N5zkmkpPRVJ4PNmLA095y
HfdeByxXJSgcOLh75kY82lHAYy0EqH3lloduVloo67+CbvF3mkoCv/QVLhQm6oes
midHkSdnqUEHdO5TVJEVFvkx3bCACcbJBns/0IaUCelRvaXKqeErwaswLNRf6B7T
9k2yZ9r2zqI5TyKWGDc9F6JuJNMxlr0k7Zqn1aTVTgteScJ8dVVuZeFLTpmk6TGH
6QAALlLf+GwV77HRzzje+sdKK3Jy/qmIFD8VhQSyIgut2YJG5CyHJ7LsUozR7q8x
31+ZUVVZ81uYb0VdfWmMb9tvHnjCp6jE3KLFAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUaTSIWwavr3/lHk2lDTcuq0j9BmswHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9hVFNJV3dhdnIzX2xIazJs
RFRjdXEwajlCbXMucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
fakwDQYJKoZIhvcNAQELBQADggEBAHzrKcqvz5SozDPFW8rN4qYflM5xU1iRF+kY
gmdSHjTw9Oso1FDQNy4R8rk+iEoLyWjJuSIFE/JpaSWIrs+ELdVoE/zlEDKXBChz
cXcgncMSXG0Df0XdQ+VleRbnFWAO8Tl5ECTdlKBWhJqD2EylS6yJS/5/F8RlPLmQ
TVhzp2IGhmmjlzBgn/Uds9dUrV3fEOYSJyK0ALR9YwoIoQcP8tyvRCW0LyydOoHx
V1kAgbebhrMQH3yK/hWwFVeDkrKrCMjcP6YYHEOrukXQOUsIq9P6UfilnCl+kBFc
VjlJK/mZiz9Jb1Lplg00Fs6RMSgsOALIJ6C2y0vrS7gCZMoGZlM=
-----END CERTIFICATE-----
Generated at Sat May 17 21:29:17 2025 by rpki-client