Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/7DNIZ0qbhCbBmIInRjtgQaJ-Jew.roa
File: 7DNIZ0qbhCbBmIInRjtgQaJ-Jew.roa (raw, json)
Hash identifier: NuZVgL5m5wvsnJi3oEFBxu13xiALeRxhljqwv+cwFZs=
Subject key identifier: EC:33:48:67:4A:9B:84:26:C1:98:82:27:46:3B:60:41:A2:7E:25:EC
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 2088
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/7DNIZ0qbhCbBmIInRjtgQaJ-Jew.roa
Signing time: Thu 19 Jun 2025 18:49:39 +0000
ROA not before: Thu 19 Jun 2025 18:49:39 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 125.169.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8328 (0x2088)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 19 18:49:39 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=EC3348674A9B8426C1988227463B6041A27E25EC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:a9:82:4f:3e:dc:c7:23:7f:51:78:6c:65:f8:
c2:a3:ca:9d:cf:50:43:60:72:bf:7b:a4:c5:b0:e3:
bb:6d:67:d2:2c:61:1e:b8:63:3c:c3:ad:7b:a0:18:
66:16:be:e9:eb:c1:57:3f:ec:c7:85:a7:a8:a8:6f:
0e:db:85:2f:f0:aa:55:af:1f:99:93:6d:d7:fd:6f:
aa:44:d2:3b:0d:de:53:a6:7e:df:03:ac:1b:c7:da:
60:b6:07:70:51:41:24:42:7d:fd:40:db:8b:b0:ed:
7e:e5:f0:42:bf:1c:a2:f6:a1:ba:ec:29:57:7c:24:
42:44:9c:1e:f7:0c:7a:5f:d6:c0:75:50:8d:59:09:
54:38:ce:d8:5a:0e:b3:71:2e:44:34:21:1c:5e:16:
98:31:01:88:95:22:7d:ed:4d:64:91:fa:a6:d2:50:
c2:5a:64:ef:8a:66:ee:a2:65:71:66:7c:d8:52:0e:
dd:88:ea:d6:27:2c:32:99:8e:db:f4:14:ab:7a:30:
89:36:3f:5b:dc:8d:be:12:f8:10:47:c4:ad:df:d8:
7d:13:2d:06:40:94:0f:c0:22:4b:17:b9:0a:98:b1:
e0:39:13:62:39:b5:e6:d6:56:35:e5:34:51:26:22:
ef:c9:ce:f9:c9:a8:3e:8f:c9:6c:60:32:3c:c3:16:
f2:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:33:48:67:4A:9B:84:26:C1:98:82:27:46:3B:60:41:A2:7E:25:EC
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/7DNIZ0qbhCbBmIInRjtgQaJ-Jew.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
125.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
69:8d:95:88:90:09:a3:3f:07:a7:c8:5c:ae:3d:19:3d:06:a5:
25:4d:dc:3a:db:19:27:f6:7d:6e:f6:51:61:f1:74:53:37:e9:
ee:b8:fb:16:34:9a:64:c8:10:0e:85:80:e6:5d:00:4c:b7:ac:
97:c0:3f:95:48:d8:d0:da:a0:ae:44:31:8d:e8:40:b0:ee:09:
2d:54:65:f4:0a:4e:58:c8:c4:e9:09:e7:af:17:6e:65:40:88:
92:74:ae:e6:87:b6:04:a0:4c:7f:a8:6d:88:70:a9:3e:68:3c:
83:61:07:73:0a:65:f1:1f:15:4b:10:bc:82:89:95:fe:c5:aa:
f7:8a:c2:62:e6:06:d5:65:91:62:09:65:59:e5:8b:d3:f0:56:
19:fa:89:58:e2:48:c6:b8:fb:78:94:b3:33:61:ed:53:83:7d:
66:aa:48:56:4e:4f:2a:3c:e5:22:ba:7a:38:76:82:c0:17:b5:
57:e1:e8:cc:51:ac:63:cb:fe:85:02:da:74:35:8c:b4:95:27:
7c:39:a7:bb:06:a1:0d:11:d3:c1:27:d3:21:0a:15:79:64:9d:
d4:68:57:10:10:e4:7c:42:25:7a:55:da:2b:e4:64:1f:29:82:
e2:f8:07:00:60:f6:c7:53:13:d3:ad:e9:0d:8c:8d:a7:59:4c:
1e:40:e3:e8
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICIIgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MTkx
ODQ5MzlaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEVDMzM0ODY3NEE5Qjg0
MjZDMTk4ODIyNzQ2M0I2MDQxQTI3RTI1RUMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDaqYJPPtzHI39ReGxl+MKjyp3PUENgcr97pMWw47ttZ9IsYR64
YzzDrXugGGYWvunrwVc/7MeFp6iobw7bhS/wqlWvH5mTbdf9b6pE0jsN3lOmft8D
rBvH2mC2B3BRQSRCff1A24uw7X7l8EK/HKL2obrsKVd8JEJEnB73DHpf1sB1UI1Z
CVQ4zthaDrNxLkQ0IRxeFpgxAYiVIn3tTWSR+qbSUMJaZO+KZu6iZXFmfNhSDt2I
6tYnLDKZjtv0FKt6MIk2P1vcjb4S+BBHxK3f2H0TLQZAlA/AIksXuQqYseA5E2I5
tebWVjXlNFEmIu/JzvnJqD6PyWxgMjzDFvJlAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQU7DNIZ0qbhCbBmIInRjtgQaJ+JewwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni83RE5JWjBxYmhDYkJtSUlu
Ump0Z1FhSi1KZXcucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
fakwDQYJKoZIhvcNAQELBQADggEBAGmNlYiQCaM/B6fIXK49GT0GpSVN3DrbGSf2
fW72UWHxdFM36e64+xY0mmTIEA6FgOZdAEy3rJfAP5VI2NDaoK5EMY3oQLDuCS1U
ZfQKTljIxOkJ568XbmVAiJJ0ruaHtgSgTH+obYhwqT5oPINhB3MKZfEfFUsQvIKJ
lf7FqveKwmLmBtVlkWIJZVnli9PwVhn6iVjiSMa4+3iUszNh7VODfWaqSFZOTyo8
5SK6ejh2gsAXtVfh6MxRrGPL/oUC2nQ1jLSVJ3w5p7sGoQ0R08En0yEKFXlkndRo
VxAQ5HxCJXpV2ivkZB8pguL4BwBg9sdTE9Ot6Q2MjadZTB5A4+g=
-----END CERTIFICATE-----
Generated at Mon Jul 21 08:10:13 2025 by rpki-client