Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/tuL7rmCMb3j-VHO7Zg5qhW1ZL2s.roa
File: tuL7rmCMb3j-VHO7Zg5qhW1ZL2s.roa (raw, json)
Hash identifier: URipw1/grNbkGGbRKERRIYr4dGTTtbfqixgyZtP7OHI=
Subject key identifier: B6:E2:FB:AE:60:8C:6F:78:FE:54:73:BB:66:0E:6A:85:6D:59:2F:6B
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 03A8
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/tuL7rmCMb3j-VHO7Zg5qhW1ZL2s.roa
Signing time: Sun 11 May 2025 23:07:54 +0000
ROA not before: Sun 11 May 2025 23:07:54 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 125.169.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 936 (0x3a8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 11 23:07:54 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=B6E2FBAE608C6F78FE5473BB660E6A856D592F6B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:43:3f:f1:17:48:0f:d6:7f:a6:5f:eb:45:a8:
78:1a:15:e9:6d:11:e1:d2:dd:cb:ec:2d:5b:39:c4:
68:a4:fd:5f:2a:33:e6:c3:ca:d9:cb:60:62:b2:da:
28:c5:20:89:7d:96:c7:c9:23:99:ba:87:cc:89:12:
59:a4:f4:23:38:7b:ac:f0:d5:12:27:07:d6:57:cf:
2c:af:30:57:7f:37:4d:4d:ab:93:ad:30:5f:78:98:
66:2c:49:2f:1f:fb:7c:b7:b8:29:8f:e8:2b:aa:c8:
0a:dc:3e:6c:fe:67:f0:7a:c7:3f:21:f7:fb:33:9c:
0d:ea:ce:88:ba:50:65:13:2d:4e:a5:c2:52:62:e9:
59:26:56:e2:9c:6e:a4:11:10:a1:77:75:70:cc:d8:
8d:39:c2:36:35:67:72:98:c8:92:c7:34:bd:1b:cc:
2b:b4:3a:bd:b9:f9:54:87:4e:3a:ec:bc:de:cd:3f:
91:b5:8f:30:78:ce:b6:15:d7:25:61:71:fa:db:eb:
d5:82:ce:8c:56:8e:65:fc:ff:be:bf:a8:85:37:55:
30:c0:13:26:c3:6e:01:10:aa:f2:72:8a:48:aa:e7:
e0:59:65:7b:2d:f1:ea:10:c4:63:56:6c:2d:34:46:
1d:cd:76:b8:9e:7f:b1:63:2f:30:d5:b0:29:02:1a:
7b:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:E2:FB:AE:60:8C:6F:78:FE:54:73:BB:66:0E:6A:85:6D:59:2F:6B
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/tuL7rmCMb3j-VHO7Zg5qhW1ZL2s.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
125.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
01:25:40:4b:af:9a:b1:1b:3d:87:81:6e:69:df:d9:34:0c:a2:
fd:c3:e8:90:57:61:c2:bf:7c:96:c8:6c:b7:10:d2:08:99:70:
b5:39:80:6b:44:12:41:78:35:c6:aa:82:2a:b6:31:af:81:4e:
44:7e:a7:0d:cb:ad:44:43:b7:7c:eb:43:f7:40:e1:54:93:60:
de:04:bb:4b:c0:06:d5:95:e1:af:d3:23:3d:d2:38:15:d1:f2:
b0:36:88:ee:dc:16:d0:c4:74:d2:c3:47:2f:1e:c2:0f:d1:96:
73:26:55:52:c7:75:cc:ef:16:25:b2:66:ec:3d:0d:87:d0:78:
23:0c:1f:90:76:0e:32:ce:4d:68:ee:0a:a5:c3:64:3e:c3:ab:
af:f8:65:13:8b:21:45:47:d5:e9:1e:86:62:94:10:6a:24:44:
fe:f7:b7:fa:1f:d6:36:2e:6f:a4:39:30:e8:43:c4:20:b3:90:
c5:67:a9:28:b5:77:46:5e:e2:2e:32:6f:42:45:fe:58:48:dd:
62:2e:69:05:52:c9:85:2d:ab:80:96:3f:72:6e:67:ef:c9:ee:
9a:c4:cf:fb:9a:be:82:03:dd:bb:52:15:e5:00:15:7a:67:e4:
f8:85:28:f6:ca:79:d1:29:57:43:de:a8:4c:70:8b:ac:fc:60:
d7:cf:08:a9
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICA6gwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTEy
MzA3NTRaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEI2RTJGQkFFNjA4QzZG
NzhGRTU0NzNCQjY2MEU2QTg1NkQ1OTJGNkIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCzQz/xF0gP1n+mX+tFqHgaFeltEeHS3cvsLVs5xGik/V8qM+bD
ytnLYGKy2ijFIIl9lsfJI5m6h8yJElmk9CM4e6zw1RInB9ZXzyyvMFd/N01Nq5Ot
MF94mGYsSS8f+3y3uCmP6CuqyArcPmz+Z/B6xz8h9/sznA3qzoi6UGUTLU6lwlJi
6VkmVuKcbqQREKF3dXDM2I05wjY1Z3KYyJLHNL0bzCu0Or25+VSHTjrsvN7NP5G1
jzB4zrYV1yVhcfrb69WCzoxWjmX8/76/qIU3VTDAEybDbgEQqvJyikiq5+BZZXst
8eoQxGNWbC00Rh3Ndrief7FjLzDVsCkCGntLAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUtuL7rmCMb3j+VHO7Zg5qhW1ZL2swHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni90dUw3cm1DTWIzai1WSE83
Wmc1cWhXMVpMMnMucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
fakwDQYJKoZIhvcNAQELBQADggEBAAElQEuvmrEbPYeBbmnf2TQMov3D6JBXYcK/
fJbIbLcQ0giZcLU5gGtEEkF4Ncaqgiq2Ma+BTkR+pw3LrURDt3zrQ/dA4VSTYN4E
u0vABtWV4a/TIz3SOBXR8rA2iO7cFtDEdNLDRy8ewg/RlnMmVVLHdczvFiWyZuw9
DYfQeCMMH5B2DjLOTWjuCqXDZD7Dq6/4ZROLIUVH1ekehmKUEGokRP73t/of1jYu
b6Q5MOhDxCCzkMVnqSi1d0Ze4i4yb0JF/lhI3WIuaQVSyYUtq4CWP3JuZ+/J7prE
z/uavoID3btSFeUAFXpn5PiFKPbKedEpV0PeqExwi6z8YNfPCKk=
-----END CERTIFICATE-----
Generated at Sat May 17 21:30:20 2025 by rpki-client