Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/6sFjuRkOPHM199z1KCjwfDdl7SQ.roa
File: 6sFjuRkOPHM199z1KCjwfDdl7SQ.roa (raw, json)
Hash identifier: 43AjHDnMyDAEnL0huIHg94ej8GFSppegelA9tJcE9lI=
Subject key identifier: EA:C1:63:B9:19:0E:3C:73:35:F7:DC:F5:28:28:F0:7C:37:65:ED:24
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0BF4
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/6sFjuRkOPHM199z1KCjwfDdl7SQ.roa
Signing time: Fri 23 May 2025 00:38:25 +0000
ROA not before: Fri 23 May 2025 00:38:25 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 125.169.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3060 (0xbf4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 23 00:38:25 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=EAC163B9190E3C7335F7DCF52828F07C3765ED24
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:60:60:cd:de:39:3d:1d:22:77:77:d3:3e:05:
fc:4f:b7:48:64:23:19:08:55:8c:c4:c1:9f:b1:73:
9b:75:2c:b0:08:9e:a6:3c:53:10:1f:60:08:91:70:
89:53:3b:25:0d:8f:01:dd:16:d0:68:3f:d8:dc:8c:
c3:eb:97:68:e6:a0:74:88:e4:8c:39:dd:d3:a0:06:
f1:68:f2:67:60:56:96:18:45:b5:03:07:15:e7:dd:
98:35:af:5b:b8:e3:38:dd:8b:47:f8:9c:74:4c:55:
c0:c7:6d:ce:87:b2:6d:f3:24:1c:3d:8f:69:aa:ea:
10:b1:eb:a1:fb:b7:ba:f7:d8:18:90:b2:76:21:65:
9d:00:23:3d:d8:a1:97:38:b0:aa:83:9a:19:38:46:
57:3e:e0:f4:36:8d:6a:e0:3b:ca:dd:c7:c5:20:79:
2e:0d:17:7a:fe:c5:67:cf:04:c3:f1:01:f5:7a:d4:
23:ff:3a:70:0f:6e:03:b2:f6:91:a1:a9:38:69:c4:
e6:07:58:17:f4:12:c2:e2:8c:de:ff:bc:32:d2:b5:
26:c3:94:7f:e2:09:db:1c:19:c5:72:55:76:6e:0a:
6f:ab:30:2d:52:e0:77:d5:51:7e:bb:fd:b9:e3:2b:
bf:77:58:bb:26:c9:53:83:da:30:cf:0c:4a:a5:85:
15:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:C1:63:B9:19:0E:3C:73:35:F7:DC:F5:28:28:F0:7C:37:65:ED:24
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/6sFjuRkOPHM199z1KCjwfDdl7SQ.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
125.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
28:34:58:4a:92:44:0f:0a:74:1e:37:4a:a0:aa:d2:69:15:8f:
53:62:c3:cf:d9:91:b1:f5:aa:dc:57:55:ee:00:af:c6:3a:a7:
9b:73:ea:65:ed:4b:1a:38:c8:43:b7:dd:54:01:b3:9d:cc:88:
ec:28:1d:ef:f6:8a:c0:a7:2c:29:47:8e:bb:6c:93:74:a9:fa:
1f:7b:30:a5:94:dd:07:4f:d0:12:a6:24:ac:42:45:78:02:7f:
8f:94:3b:f7:04:93:8f:2e:43:c2:ef:35:b4:eb:a6:47:1e:65:
11:c5:13:12:c5:e7:00:53:e7:ab:31:fc:38:c3:3f:1b:bb:77:
d2:e2:7e:80:e1:a3:dd:ab:64:98:55:73:09:30:e2:dc:45:5a:
05:e5:60:69:c8:91:e7:f8:59:04:a7:59:61:b0:b5:90:e3:36:
6e:0e:48:2a:81:df:8f:c1:77:f6:ff:c2:34:a0:2b:72:9e:cb:
be:d0:49:3c:76:0c:a8:75:60:f7:6f:b5:ba:0c:f4:4b:a9:d8:
67:1f:0a:65:df:97:b5:bb:81:22:6e:f2:b0:01:84:6b:18:be:
3a:36:fd:4f:37:dc:75:aa:a0:bb:7e:99:05:e8:5d:b5:f2:93:
93:0f:f8:1e:01:b6:4c:7c:48:12:6f:77:2a:33:82:d9:2b:3c:
94:02:ac:35
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICC/QwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MjMw
MDM4MjVaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEVBQzE2M0I5MTkwRTND
NzMzNUY3RENGNTI4MjhGMDdDMzc2NUVEMjQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC+YGDN3jk9HSJ3d9M+BfxPt0hkIxkIVYzEwZ+xc5t1LLAInqY8
UxAfYAiRcIlTOyUNjwHdFtBoP9jcjMPrl2jmoHSI5Iw53dOgBvFo8mdgVpYYRbUD
BxXn3Zg1r1u44zjdi0f4nHRMVcDHbc6Hsm3zJBw9j2mq6hCx66H7t7r32BiQsnYh
ZZ0AIz3YoZc4sKqDmhk4Rlc+4PQ2jWrgO8rdx8UgeS4NF3r+xWfPBMPxAfV61CP/
OnAPbgOy9pGhqThpxOYHWBf0EsLijN7/vDLStSbDlH/iCdscGcVyVXZuCm+rMC1S
4HfVUX67/bnjK793WLsmyVOD2jDPDEqlhRVnAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQU6sFjuRkOPHM199z1KCjwfDdl7SQwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni82c0ZqdVJrT1BITTE5OXox
S0Nqd2ZEZGw3U1Eucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
fakwDQYJKoZIhvcNAQELBQADggEBACg0WEqSRA8KdB43SqCq0mkVj1Niw8/ZkbH1
qtxXVe4Ar8Y6p5tz6mXtSxo4yEO33VQBs53MiOwoHe/2isCnLClHjrtsk3Sp+h97
MKWU3QdP0BKmJKxCRXgCf4+UO/cEk48uQ8LvNbTrpkceZRHFExLF5wBT56sx/DjD
Pxu7d9LifoDho92rZJhVcwkw4txFWgXlYGnIkef4WQSnWWGwtZDjNm4OSCqB34/B
d/b/wjSgK3Key77QSTx2DKh1YPdvtboM9Eup2GcfCmXfl7W7gSJu8rABhGsYvjo2
/U833HWqoLt+mQXoXbXyk5MP+B4Btkx8SBJvdyozgtkrPJQCrDU=
-----END CERTIFICATE-----
Generated at Wed Jun 4 02:20:16 2025 by rpki-client