Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/aWXgfoP60gcGCp9SkUfT4eZPAEk.roa
File: aWXgfoP60gcGCp9SkUfT4eZPAEk.roa (raw, json)
Hash identifier: sLcY+7nrQmx7JRbV4JWze8P5DUGOe+s8FDc9rhwFghg=
Subject key identifier: 69:65:E0:7E:83:FA:D2:07:06:0A:9F:52:91:47:D3:E1:E6:4F:00:49
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0370
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/aWXgfoP60gcGCp9SkUfT4eZPAEk.roa
Signing time: Sun 11 May 2025 16:07:52 +0000
ROA not before: Sun 11 May 2025 16:07:52 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 125.169.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 880 (0x370)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 11 16:07:52 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=6965E07E83FAD207060A9F529147D3E1E64F0049
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:dd:83:f0:94:66:a8:a0:4c:c8:ea:38:ef:af:
0d:11:8f:70:11:27:b7:9f:6f:d1:3e:ed:b9:20:f4:
6a:6f:58:e3:da:63:50:33:bd:21:3c:9e:72:88:5f:
fa:42:73:f3:96:45:90:6e:58:49:c3:3e:f1:6c:ae:
6d:1f:4c:bd:1e:e9:3f:35:fc:08:03:09:37:85:60:
43:43:d4:5b:87:ed:ae:dc:13:a1:f1:1c:11:e2:0b:
0a:87:ab:ef:0f:6b:db:ed:ed:e1:d5:7d:d0:f9:82:
a8:c3:a0:63:04:e3:82:21:ef:84:35:41:fe:95:72:
ca:ba:94:61:13:35:c9:d2:a4:f2:80:3b:49:e1:bc:
e0:3c:f8:76:9e:c6:eb:db:29:09:39:89:8b:fa:12:
e8:fa:17:d7:5c:bb:fd:5c:21:8c:20:76:3e:1a:0e:
57:61:1e:0d:e2:7e:cf:85:12:77:f8:8d:26:04:a6:
60:d4:9e:5d:09:32:78:2f:8d:04:c5:8b:e8:ad:58:
d3:58:4d:4c:2c:4b:73:3f:ce:4d:9c:d8:49:12:30:
09:3a:f0:56:09:60:96:56:2e:1a:6d:6b:bc:ec:ae:
32:04:1d:33:85:6b:07:2a:2d:c9:69:19:cb:33:d6:
47:6f:37:df:20:1a:e6:6c:72:f8:63:7e:aa:87:8c:
c8:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:65:E0:7E:83:FA:D2:07:06:0A:9F:52:91:47:D3:E1:E6:4F:00:49
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/aWXgfoP60gcGCp9SkUfT4eZPAEk.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
125.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
09:db:29:bf:7c:96:df:d7:42:b8:23:27:84:cb:2c:ae:67:c5:
72:d5:dc:68:e0:4f:08:7d:04:a7:73:c8:43:90:f2:18:d4:2f:
d1:d4:3f:b1:38:be:c1:2f:e4:6c:7e:7c:6a:bb:ea:d0:f8:48:
0b:f3:d2:a3:ed:be:59:3a:b4:ff:fd:3b:17:ca:bd:cf:a5:60:
72:f9:5d:31:35:b6:3d:e0:ce:74:d0:76:95:00:c8:5c:e3:15:
1e:2f:60:b9:82:82:c5:ff:dc:f8:3f:96:87:97:17:d8:01:5c:
15:69:74:f9:04:de:55:9f:c4:57:69:e6:51:45:a0:45:6a:df:
13:f2:46:26:4c:d2:df:6b:58:d7:4d:ea:b3:bf:36:68:5c:30:
c4:4e:44:80:44:cc:fc:55:37:6b:d7:17:79:69:6a:bc:44:08:
52:67:7a:3c:20:34:f3:30:a0:ae:1c:09:5d:35:05:d5:f3:08:
5e:81:78:35:a2:68:66:1c:aa:c2:a9:95:c0:47:d7:c3:d3:39:
47:38:f9:01:6b:00:87:13:7c:80:6e:1d:7f:8b:e8:c5:b8:1f:
30:57:9a:b1:83:5b:9c:6c:15:87:30:65:a5:e4:97:e2:98:ec:
2c:2f:ad:8c:4b:87:8f:29:79:c8:e9:32:70:31:18:1c:73:8f:
38:ab:a6:1c
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICA3AwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTEx
NjA3NTJaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDY5NjVFMDdFODNGQUQy
MDcwNjBBOUY1MjkxNDdEM0UxRTY0RjAwNDkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCm3YPwlGaooEzI6jjvrw0Rj3ARJ7efb9E+7bkg9GpvWOPaY1Az
vSE8nnKIX/pCc/OWRZBuWEnDPvFsrm0fTL0e6T81/AgDCTeFYEND1FuH7a7cE6Hx
HBHiCwqHq+8Pa9vt7eHVfdD5gqjDoGME44Ih74Q1Qf6Vcsq6lGETNcnSpPKAO0nh
vOA8+HaexuvbKQk5iYv6Euj6F9dcu/1cIYwgdj4aDldhHg3ifs+FEnf4jSYEpmDU
nl0JMngvjQTFi+itWNNYTUwsS3M/zk2c2EkSMAk68FYJYJZWLhpta7zsrjIEHTOF
awcqLclpGcsz1kdvN98gGuZscvhjfqqHjMgNAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUaWXgfoP60gcGCp9SkUfT4eZPAEkwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9hV1hnZm9QNjBnY0dDcDlT
a1VmVDRlWlBBRWsucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
fakwDQYJKoZIhvcNAQELBQADggEBAAnbKb98lt/XQrgjJ4TLLK5nxXLV3GjgTwh9
BKdzyEOQ8hjUL9HUP7E4vsEv5Gx+fGq76tD4SAvz0qPtvlk6tP/9OxfKvc+lYHL5
XTE1tj3gznTQdpUAyFzjFR4vYLmCgsX/3Pg/loeXF9gBXBVpdPkE3lWfxFdp5lFF
oEVq3xPyRiZM0t9rWNdN6rO/NmhcMMRORIBEzPxVN2vXF3lparxECFJnejwgNPMw
oK4cCV01BdXzCF6BeDWiaGYcqsKplcBH18PTOUc4+QFrAIcTfIBuHX+L6MW4HzBX
mrGDW5xsFYcwZaXkl+KY7CwvrYxLh48pecjpMnAxGBxzjzirphw=
-----END CERTIFICATE-----
Generated at Sat May 17 23:42:09 2025 by rpki-client