Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/R9Et4sj5emTNI5QIT-tuvZIqads.roa
File: R9Et4sj5emTNI5QIT-tuvZIqads.roa (raw, json)
Hash identifier: xG7B3eLyi1YNGMKNvRcwngCr+e1ZbfDDf6IZsviu0Iw=
Subject key identifier: 47:D1:2D:E2:C8:F9:7A:64:CD:23:94:08:4F:EB:6E:BD:92:2A:69:DB
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 1D34
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/R9Et4sj5emTNI5QIT-tuvZIqads.roa
Signing time: Sun 15 Jun 2025 00:39:57 +0000
ROA not before: Sun 15 Jun 2025 00:39:57 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 125.169.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7476 (0x1d34)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 15 00:39:57 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=47D12DE2C8F97A64CD2394084FEB6EBD922A69DB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:60:ce:02:9d:30:3b:d4:41:1d:de:d4:13:1c:
29:8f:0d:4b:e0:b7:62:cc:57:4b:1c:cb:65:e4:d9:
0f:00:9c:fa:78:bc:85:b2:20:ce:5f:f9:ef:7f:b2:
c8:39:2d:fd:aa:7c:00:3a:fd:67:a1:0c:47:ae:5e:
43:2a:43:22:1d:79:c2:18:c7:fb:32:78:e0:f3:22:
1b:c1:f6:76:8e:ce:d1:a8:90:ef:a4:03:da:7e:77:
d7:dc:8a:0b:20:b4:0a:38:ed:d9:0d:8a:9a:30:87:
d3:e6:b4:b7:8f:cf:32:5b:31:c7:f4:3b:ec:41:98:
e1:33:5a:4b:45:5f:a4:b8:43:3e:10:94:6e:28:7d:
28:c9:9b:ab:8b:a1:16:3b:f0:ea:50:7d:90:2b:2e:
7a:e6:b1:24:1a:36:f3:c1:c2:35:5b:3c:e3:69:b4:
e6:74:9c:a4:97:19:de:92:fd:11:28:b9:34:b5:83:
0a:21:3f:90:2c:9e:76:78:6b:91:49:f6:3b:a8:f0:
8b:98:89:78:25:5d:fd:f4:1e:e6:db:88:41:f7:c4:
aa:78:c9:42:4f:b8:bd:69:da:ce:13:ff:5e:a3:c1:
91:4e:3a:35:a5:9b:85:e4:72:f5:84:1c:4e:4d:58:
c2:bc:f5:5f:48:96:ea:8a:0d:c0:0e:f9:00:b0:5a:
a9:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:D1:2D:E2:C8:F9:7A:64:CD:23:94:08:4F:EB:6E:BD:92:2A:69:DB
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/R9Et4sj5emTNI5QIT-tuvZIqads.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
125.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
76:eb:b7:0b:8e:4b:46:ec:ab:26:68:81:9b:48:28:47:ef:a1:
c9:36:bd:cd:48:c5:a8:df:9c:b1:f3:be:92:0d:b6:04:66:3f:
40:01:0a:bf:a4:44:09:3a:64:1c:e8:1d:ca:d6:1c:bc:db:db:
df:02:44:c8:5e:e2:00:38:20:7f:fa:15:01:b9:a8:79:57:5b:
58:ba:4e:ac:e9:58:d5:cc:95:90:d0:03:41:01:7f:84:de:b2:
26:d5:a1:ff:75:d8:0d:e7:24:77:92:01:29:cb:94:5b:79:ba:
96:09:a2:ea:3e:c9:5a:2a:0f:09:d5:fe:6a:23:22:43:fe:06:
d4:db:2a:0f:ec:a4:f5:24:9a:83:b4:86:29:63:c1:91:21:07:
d0:f1:a1:ce:7c:56:81:b9:8f:5e:1b:2e:84:cd:05:cb:92:bc:
0b:f0:5b:0e:70:2d:46:d7:91:07:7e:37:90:28:3f:e5:ec:d2:
28:d5:a4:e1:30:2c:d2:0b:bf:17:c0:84:26:57:cc:8f:06:76:
9a:15:8e:04:6e:6e:b6:d7:5d:b4:b7:53:8d:21:86:42:e0:69:
94:bf:bd:8f:b7:39:3a:c2:9d:7b:da:25:85:a3:fa:c6:9d:bd:
21:60:94:df:28:1e:a6:20:ed:63:d8:4e:2b:45:7a:9b:20:86:
22:67:e0:31
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICHTQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MTUw
MDM5NTdaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDQ3RDEyREUyQzhGOTdB
NjRDRDIzOTQwODRGRUI2RUJEOTIyQTY5REIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCrYM4CnTA71EEd3tQTHCmPDUvgt2LMV0scy2Xk2Q8AnPp4vIWy
IM5f+e9/ssg5Lf2qfAA6/WehDEeuXkMqQyIdecIYx/syeODzIhvB9naOztGokO+k
A9p+d9fcigsgtAo47dkNipowh9PmtLePzzJbMcf0O+xBmOEzWktFX6S4Qz4QlG4o
fSjJm6uLoRY78OpQfZArLnrmsSQaNvPBwjVbPONptOZ0nKSXGd6S/REouTS1gwoh
P5AsnnZ4a5FJ9juo8IuYiXglXf30HubbiEH3xKp4yUJPuL1p2s4T/16jwZFOOjWl
m4XkcvWEHE5NWMK89V9IluqKDcAO+QCwWqlHAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUR9Et4sj5emTNI5QIT+tuvZIqadswHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9SOUV0NHNqNWVtVE5JNVFJ
VC10dXZaSXFhZHMucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
fakwDQYJKoZIhvcNAQELBQADggEBAHbrtwuOS0bsqyZogZtIKEfvock2vc1Ixajf
nLHzvpINtgRmP0ABCr+kRAk6ZBzoHcrWHLzb298CRMhe4gA4IH/6FQG5qHlXW1i6
TqzpWNXMlZDQA0EBf4TesibVof912A3nJHeSASnLlFt5upYJouo+yVoqDwnV/moj
IkP+BtTbKg/spPUkmoO0hiljwZEhB9Dxoc58VoG5j14bLoTNBcuSvAvwWw5wLUbX
kQd+N5AoP+Xs0ijVpOEwLNILvxfAhCZXzI8GdpoVjgRubrbXXbS3U40hhkLgaZS/
vY+3OTrCnXvaJYWj+sadvSFglN8oHqYg7WPYTitFepsghiJn4DE=
-----END CERTIFICATE-----
Generated at Sun Jul 20 23:10:06 2025 by rpki-client