Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/An8Fz3LpsCMpyYwZU07kUUK9EgA.roa
File: An8Fz3LpsCMpyYwZU07kUUK9EgA.roa (raw, json)
Hash identifier: pT2lL1EBwc9buwlrGrW6QVylvRDZmf0kqW6PXTa42ME=
Subject key identifier: 02:7F:05:CF:72:E9:B0:23:29:C9:8C:19:53:4E:E4:51:42:BD:12:00
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 1FC0
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/An8Fz3LpsCMpyYwZU07kUUK9EgA.roa
Signing time: Wed 18 Jun 2025 10:31:58 +0000
ROA not before: Wed 18 Jun 2025 10:31:58 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 125.169.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8128 (0x1fc0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 18 10:31:58 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=027F05CF72E9B02329C98C19534EE45142BD1200
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:c1:67:a5:15:15:55:8c:cd:18:b0:a9:7c:13:
ca:ff:ab:d4:2f:2a:a3:1f:03:bb:bc:3a:ab:b8:fc:
6c:73:51:58:29:64:75:7e:22:67:af:f3:67:8d:57:
14:4e:85:94:5b:32:a9:40:28:a7:52:f5:83:5b:ba:
35:0b:aa:28:e1:a5:fa:5c:98:25:a0:88:b3:87:c2:
49:07:2c:2d:ae:41:02:88:55:ed:33:fb:57:2d:a2:
92:97:78:00:8a:e9:2c:d8:f4:9d:71:ab:48:9d:ee:
c6:82:05:21:68:74:f9:70:b3:52:ea:25:29:22:91:
b7:52:a9:cb:db:96:39:e4:c7:ed:87:24:09:20:e1:
7a:06:6d:01:0f:6f:ca:de:1f:31:cd:2a:21:bf:a0:
e6:55:09:48:46:bc:db:56:59:a3:50:00:35:e6:ba:
61:17:56:5e:02:84:e2:f8:76:fb:39:ad:52:2d:ca:
29:d0:14:0d:4d:a9:44:cf:13:05:da:aa:e7:67:c6:
ee:8a:51:94:4e:01:a9:0a:8b:36:fd:34:64:21:63:
7f:22:4a:28:9c:b7:b4:26:db:ee:f0:e8:9a:a9:8d:
74:83:d9:37:f0:97:71:45:83:ed:ed:6d:e1:a1:02:
6a:32:af:be:9c:f5:eb:f1:7d:9c:bc:99:85:c7:d7:
59:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:7F:05:CF:72:E9:B0:23:29:C9:8C:19:53:4E:E4:51:42:BD:12:00
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/An8Fz3LpsCMpyYwZU07kUUK9EgA.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
125.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
20:1d:9a:ee:6e:11:30:5e:db:7b:e7:06:32:e1:2f:cd:5f:07:
02:86:ba:83:89:c8:9b:6e:28:e1:7b:19:f1:43:cf:37:90:33:
2d:35:aa:fe:57:65:9a:d8:d8:3b:4c:a4:3f:5b:d5:34:e3:4e:
53:0a:cf:f8:d9:54:16:00:15:f3:84:cd:18:86:e0:9f:b6:b4:
78:5b:e2:30:c5:b6:27:d6:98:64:6f:23:e1:9b:4e:c2:b4:fb:
23:c7:0e:93:61:d1:d8:a7:97:96:60:59:34:ce:91:3a:60:f1:
ce:64:ba:17:fd:a0:f3:be:d9:a2:0a:4c:56:14:31:7b:ff:3d:
e7:d7:a8:52:fb:2a:db:19:3b:05:97:87:63:dc:af:c9:c7:17:
49:03:e7:9c:22:0f:8a:b1:f7:d7:05:fb:af:91:87:b0:09:8c:
de:b5:31:6c:2f:5f:c7:bf:53:40:fb:5c:46:e8:cc:1e:2c:aa:
90:b0:94:c3:4c:21:62:0c:de:cf:f2:96:9a:88:21:67:9e:8e:
63:49:a3:d2:db:1f:85:03:de:a4:a0:b2:2b:60:8c:14:c9:74:
de:7d:f2:79:59:bd:20:af:e5:b8:92:39:18:a7:15:62:70:0f:
d0:7f:ee:96:22:da:94:aa:33:55:07:2d:69:31:b9:9b:5b:74:
df:c5:f1:2f
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICH8AwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MTgx
MDMxNThaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDAyN0YwNUNGNzJFOUIw
MjMyOUM5OEMxOTUzNEVFNDUxNDJCRDEyMDAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC/wWelFRVVjM0YsKl8E8r/q9QvKqMfA7u8Oqu4/GxzUVgpZHV+
Imev82eNVxROhZRbMqlAKKdS9YNbujULqijhpfpcmCWgiLOHwkkHLC2uQQKIVe0z
+1ctopKXeACK6SzY9J1xq0id7saCBSFodPlws1LqJSkikbdSqcvbljnkx+2HJAkg
4XoGbQEPb8reHzHNKiG/oOZVCUhGvNtWWaNQADXmumEXVl4ChOL4dvs5rVItyinQ
FA1NqUTPEwXaqudnxu6KUZROAakKizb9NGQhY38iSiict7Qm2+7w6JqpjXSD2Tfw
l3FFg+3tbeGhAmoyr76c9evxfZy8mYXH11n7AgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUAn8Fz3LpsCMpyYwZU07kUUK9EgAwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9BbjhGejNMcHNDTXB5WXda
VTA3a1VVSzlFZ0Eucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
fakwDQYJKoZIhvcNAQELBQADggEBACAdmu5uETBe23vnBjLhL81fBwKGuoOJyJtu
KOF7GfFDzzeQMy01qv5XZZrY2DtMpD9b1TTjTlMKz/jZVBYAFfOEzRiG4J+2tHhb
4jDFtifWmGRvI+GbTsK0+yPHDpNh0dinl5ZgWTTOkTpg8c5kuhf9oPO+2aIKTFYU
MXv/PefXqFL7KtsZOwWXh2Pcr8nHF0kD55wiD4qx99cF+6+Rh7AJjN61MWwvX8e/
U0D7XEbozB4sqpCwlMNMIWIM3s/ylpqIIWeejmNJo9LbH4UD3qSgsitgjBTJdN59
8nlZvSCv5biSORinFWJwD9B/7pYi2pSqM1UHLWkxuZtbdN/F8S8=
-----END CERTIFICATE-----
Generated at Sun Jul 20 13:20:08 2025 by rpki-client