Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/CNUQkuGA1Fe2LlUWpdlCDWLdqZs.roa
File: CNUQkuGA1Fe2LlUWpdlCDWLdqZs.roa (raw, json)
Hash identifier: y7PE3i/HFW4fCK6eKhiJ2l8ZOFc5GTSec46l9yZLy9M=
Subject key identifier: 08:D5:10:92:E1:80:D4:57:B6:2E:55:16:A5:D9:42:0D:62:DD:A9:9B
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 2370
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/CNUQkuGA1Fe2LlUWpdlCDWLdqZs.roa
Signing time: Mon 23 Jun 2025 19:41:56 +0000
ROA not before: Mon 23 Jun 2025 19:41:56 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 125.169.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 9072 (0x2370)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 23 19:41:56 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=08D51092E180D457B62E5516A5D9420D62DDA99B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:c6:fa:f5:30:7f:5e:89:09:d9:4b:76:8f:55:
6b:3d:8a:6b:4c:db:d8:c5:89:15:0d:80:3f:2d:79:
af:22:b8:c0:c4:5a:f0:a5:84:e7:01:2f:af:33:1a:
1e:53:a6:1d:62:a9:18:ba:96:8a:7f:41:bb:9c:43:
67:ab:ac:da:1a:f7:63:09:7c:9d:c2:55:fb:cc:39:
78:82:e8:f0:24:fe:49:1f:06:dd:0d:a6:c3:e9:f0:
18:e1:97:59:dd:a3:c4:39:84:bf:d2:f9:ca:99:0b:
54:60:ec:5e:ee:91:ef:7e:d9:b6:90:97:d5:20:27:
cd:9d:8a:3b:a1:58:b7:ef:3f:19:b1:d2:a9:27:19:
47:69:a2:64:7e:7d:48:db:83:54:da:83:a4:a2:42:
36:ba:e9:e6:d8:ab:27:08:e8:08:fc:b8:41:2f:c8:
d2:4e:68:69:f5:16:c3:97:74:7d:ce:72:82:73:f7:
99:95:32:e7:4a:54:45:1c:a0:96:af:be:ab:46:a8:
95:95:6f:b7:33:09:fe:a6:15:70:24:c7:e0:92:60:
17:92:33:c1:b0:e3:0f:d1:43:17:c8:4d:b6:b7:bf:
c1:68:bf:64:47:be:ae:84:f7:3e:6a:52:0a:ba:84:
d9:1c:d3:ba:68:82:6d:e3:af:5a:7d:e7:3a:2a:44:
0e:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:D5:10:92:E1:80:D4:57:B6:2E:55:16:A5:D9:42:0D:62:DD:A9:9B
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/CNUQkuGA1Fe2LlUWpdlCDWLdqZs.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
125.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
47:91:3b:c9:76:fd:80:6a:f3:97:61:14:eb:20:a6:b7:0b:ca:
d7:43:6f:1d:d3:0e:50:d8:3a:8d:a9:7c:0b:28:d8:51:22:a7:
d8:8e:33:c6:4a:0e:de:a0:17:f3:e3:66:a2:94:b8:8e:3e:52:
5f:c7:74:80:72:b0:eb:a0:d1:00:21:2e:10:f4:1a:5f:e0:7b:
65:a7:31:7f:a1:8f:ba:66:a0:a6:89:7f:fb:6f:bd:e6:97:87:
ba:dd:4d:cf:93:26:cf:31:81:9b:a1:ea:4d:47:cc:8f:cc:4c:
4b:a9:96:bd:28:3a:eb:d1:72:f1:26:ff:d8:92:9a:a0:e3:2c:
ba:78:d0:0c:d7:8d:0b:15:b9:b2:04:bc:57:98:61:01:cf:ba:
d8:2a:de:d4:6a:05:90:95:24:57:b3:76:e9:cc:b1:49:4e:9a:
a7:e3:eb:8a:e7:28:9c:6b:fd:ba:9f:74:9f:7f:d7:2c:47:61:
83:f5:23:19:1a:7c:d9:99:57:a2:39:7f:0c:d8:31:68:5e:a8:
f3:88:e8:97:69:24:f0:61:7d:b0:3d:a5:24:b6:9a:32:b4:15:
0c:96:85:b7:0f:92:0f:81:a3:dc:12:28:e9:71:93:44:60:39:
d6:a3:e6:f2:b3:92:36:05:09:e9:73:0c:77:fc:b2:77:69:a9:
da:e5:ad:b3
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICI3AwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MjMx
OTQxNTZaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDA4RDUxMDkyRTE4MEQ0
NTdCNjJFNTUxNkE1RDk0MjBENjJEREE5OUIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCsxvr1MH9eiQnZS3aPVWs9imtM29jFiRUNgD8tea8iuMDEWvCl
hOcBL68zGh5Tph1iqRi6lop/QbucQ2errNoa92MJfJ3CVfvMOXiC6PAk/kkfBt0N
psPp8Bjhl1ndo8Q5hL/S+cqZC1Rg7F7uke9+2baQl9UgJ82dijuhWLfvPxmx0qkn
GUdpomR+fUjbg1Tag6SiQja66ebYqycI6Aj8uEEvyNJOaGn1FsOXdH3OcoJz95mV
MudKVEUcoJavvqtGqJWVb7czCf6mFXAkx+CSYBeSM8Gw4w/RQxfITba3v8Fov2RH
vq6E9z5qUgq6hNkc07pogm3jr1p95zoqRA7/AgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUCNUQkuGA1Fe2LlUWpdlCDWLdqZswHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9DTlVRa3VHQTFGZTJMbFVX
cGRsQ0RXTGRxWnMucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
fakwDQYJKoZIhvcNAQELBQADggEBAEeRO8l2/YBq85dhFOsgprcLytdDbx3TDlDY
Oo2pfAso2FEip9iOM8ZKDt6gF/PjZqKUuI4+Ul/HdIBysOug0QAhLhD0Gl/ge2Wn
MX+hj7pmoKaJf/tvveaXh7rdTc+TJs8xgZuh6k1HzI/MTEuplr0oOuvRcvEm/9iS
mqDjLLp40AzXjQsVubIEvFeYYQHPutgq3tRqBZCVJFezdunMsUlOmqfj64rnKJxr
/bqfdJ9/1yxHYYP1IxkafNmZV6I5fwzYMWheqPOI6JdpJPBhfbA9pSS2mjK0FQyW
hbcPkg+Bo9wSKOlxk0RgOdaj5vKzkjYFCelzDHf8sndpqdrlrbM=
-----END CERTIFICATE-----
Generated at Sun Jul 20 19:08:39 2025 by rpki-client