Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/-W2eYnebIvwWmfwPYwozYzzaGpk.roa
File: -W2eYnebIvwWmfwPYwozYzzaGpk.roa (raw, json)
Hash identifier: 3EeB4AENkyhJF6KdKEskp6ASfE+lpEXrwLClGTvi66Q=
Subject key identifier: F9:6D:9E:62:77:9B:22:FC:16:99:FC:0F:63:0A:33:63:3C:DA:1A:99
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 1258
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/-W2eYnebIvwWmfwPYwozYzzaGpk.roa
Signing time: Sat 31 May 2025 13:09:05 +0000
ROA not before: Sat 31 May 2025 13:09:05 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 125.169.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4696 (0x1258)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 31 13:09:05 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=F96D9E62779B22FC1699FC0F630A33633CDA1A99
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:36:64:1f:e7:38:13:64:e5:66:26:30:b8:01:
a3:d8:47:22:10:48:6c:50:3e:02:05:ee:29:1a:71:
41:a3:84:65:3d:23:8f:c4:56:f1:d0:da:9b:36:cc:
27:a7:a0:74:cf:99:32:93:e8:3c:45:67:44:6f:aa:
bf:74:7c:bb:c8:30:d3:a8:27:67:a4:90:a4:9c:64:
a1:c7:d5:aa:8c:28:c5:29:ef:d7:63:26:9f:30:e2:
7d:0d:5e:90:d3:27:b8:02:17:a7:51:a7:fd:0c:9f:
8f:48:63:cf:1d:42:d5:70:ff:2c:09:6e:9c:b6:bb:
de:ce:28:6d:2c:6c:ff:93:5c:dd:00:1d:86:0b:94:
6e:d0:27:3d:e1:0d:8a:97:45:c9:ad:da:1a:b6:a5:
25:3f:75:4f:6e:54:09:75:67:5c:42:95:a4:e7:7a:
72:c5:61:55:37:f2:e8:2f:51:09:e9:6d:47:d9:12:
2b:a3:12:2d:ce:f2:e7:3d:1c:cf:41:59:25:82:ab:
9b:79:06:9d:7c:08:25:43:cf:59:c9:da:c8:c4:29:
cb:25:4f:ff:e3:1c:0e:06:07:07:36:56:16:aa:e6:
0c:cc:b6:58:e4:b8:f4:19:bf:4e:cd:da:3f:5f:d6:
85:ca:39:10:cb:60:03:da:ed:19:15:4f:d5:20:d0:
9c:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:6D:9E:62:77:9B:22:FC:16:99:FC:0F:63:0A:33:63:3C:DA:1A:99
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/-W2eYnebIvwWmfwPYwozYzzaGpk.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
125.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
0b:77:58:6c:b4:fa:17:5e:1a:fb:72:99:89:30:ed:72:6b:6a:
0f:03:b4:25:40:fb:e0:c8:d4:4b:56:09:e7:24:7d:0d:26:ab:
09:39:c5:1a:d2:37:cb:b1:07:b9:c8:d6:61:dd:7d:ff:40:b7:
f5:82:10:20:b4:66:78:31:9c:a8:e4:dc:f6:bf:29:9f:46:4d:
c7:5e:c4:0a:fa:40:a3:8f:55:37:36:73:32:8a:01:02:bb:af:
ee:0a:83:f4:20:c9:eb:70:d6:b6:31:dd:07:b0:c9:05:08:3c:
b3:b9:49:d2:4e:d4:18:58:4e:1c:08:74:19:b4:69:2e:39:be:
48:af:fd:02:44:83:c0:0f:eb:58:34:fb:57:34:c9:df:30:91:
9b:ba:21:3a:98:5a:bd:cb:78:14:3c:ec:b4:9e:cc:e1:b8:f8:
cb:78:ad:dd:8f:36:65:b3:9e:c2:4e:e1:a5:f0:f0:5d:ed:9f:
2b:94:2a:27:8f:2c:ef:72:0c:ef:51:17:e2:7d:9f:49:9f:dd:
24:b6:e3:f3:79:14:95:5f:e4:6b:a8:55:6b:8b:e8:dd:a1:9f:
91:e1:79:e5:b2:76:39:d7:8a:12:d1:de:97:3a:f4:1f:32:6f:
dd:4d:47:7b:3f:19:9e:9c:69:40:8d:21:a4:1d:ed:63:c8:30:
65:d1:85:43
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICElgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MzEx
MzA5MDVaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEY5NkQ5RTYyNzc5QjIy
RkMxNjk5RkMwRjYzMEEzMzYzM0NEQTFBOTkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC2NmQf5zgTZOVmJjC4AaPYRyIQSGxQPgIF7ikacUGjhGU9I4/E
VvHQ2ps2zCenoHTPmTKT6DxFZ0Rvqr90fLvIMNOoJ2ekkKScZKHH1aqMKMUp79dj
Jp8w4n0NXpDTJ7gCF6dRp/0Mn49IY88dQtVw/ywJbpy2u97OKG0sbP+TXN0AHYYL
lG7QJz3hDYqXRcmt2hq2pSU/dU9uVAl1Z1xClaTnenLFYVU38ugvUQnpbUfZEiuj
Ei3O8uc9HM9BWSWCq5t5Bp18CCVDz1nJ2sjEKcslT//jHA4GBwc2Vhaq5gzMtljk
uPQZv07N2j9f1oXKORDLYAPa7RkVT9Ug0JzbAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQU+W2eYnebIvwWmfwPYwozYzzaGpkwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni8tVzJlWW5lYkl2d1dtZndQ
WXdvell6emFHcGsucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
fakwDQYJKoZIhvcNAQELBQADggEBAAt3WGy0+hdeGvtymYkw7XJrag8DtCVA++DI
1EtWCeckfQ0mqwk5xRrSN8uxB7nI1mHdff9At/WCECC0ZngxnKjk3Pa/KZ9GTcde
xAr6QKOPVTc2czKKAQK7r+4Kg/Qgyetw1rYx3QewyQUIPLO5SdJO1BhYThwIdBm0
aS45vkiv/QJEg8AP61g0+1c0yd8wkZu6ITqYWr3LeBQ87LSezOG4+Mt4rd2PNmWz
nsJO4aXw8F3tnyuUKiePLO9yDO9RF+J9n0mf3SS24/N5FJVf5GuoVWuL6N2hn5Hh
eeWydjnXihLR3pc69B8yb91NR3s/GZ6caUCNIaQd7WPIMGXRhUM=
-----END CERTIFICATE-----
Generated at Wed Jun 4 00:39:21 2025 by rpki-client