Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/_lSlQf3CmijQ361xk0UVQpKUwb4.roa
File: _lSlQf3CmijQ361xk0UVQpKUwb4.roa (raw, json)
Hash identifier: /zSwzhc+G0Nam/C9ds9kzuRtwqHu8k1uAJHPeRi1Thg=
Subject key identifier: FE:54:A5:41:FD:C2:9A:28:D0:DF:AD:71:93:45:15:42:92:94:C1:BE
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 1900
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/_lSlQf3CmijQ361xk0UVQpKUwb4.roa
Signing time: Mon 09 Jun 2025 10:09:36 +0000
ROA not before: Mon 09 Jun 2025 10:09:36 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 125.169.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6400 (0x1900)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 9 10:09:36 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=FE54A541FDC29A28D0DFAD71934515429294C1BE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:c8:70:d6:58:85:f2:36:95:ce:b8:d9:d3:20:
42:ad:13:b7:e6:d0:35:ad:62:c5:3b:88:0b:76:02:
e0:3c:86:22:fe:ee:5b:b4:20:24:8e:23:70:03:69:
6b:7c:a8:d8:12:ac:44:98:99:25:4c:ca:83:c0:92:
da:bd:b6:cd:bc:57:fa:e8:ee:f3:a1:08:e0:88:c9:
38:85:ff:96:c0:0f:c4:d3:b4:f9:10:27:a9:44:4f:
f7:91:00:f8:e2:8f:48:d3:fe:a5:c4:08:fc:ed:0d:
08:a7:88:d8:22:81:f4:fa:c6:fc:ff:5f:0f:12:36:
e6:0d:08:ba:11:c3:68:1e:7b:ea:d0:c1:0b:b4:87:
aa:7e:68:59:c9:1a:dd:73:0a:81:8c:8f:1e:ab:a3:
d3:f8:68:81:6d:49:e6:05:38:1b:f2:a2:80:bd:f1:
ed:c8:3f:0e:64:74:e7:14:99:8b:c4:c1:a9:34:96:
3b:3a:ff:af:da:01:68:a1:cb:3e:41:d0:fc:a2:49:
39:6c:7c:fd:12:88:e5:a5:a0:74:00:7e:76:8a:b5:
63:93:df:46:55:4a:bf:32:53:19:0f:c6:0d:d7:8e:
34:63:ef:e2:d6:16:95:c9:3e:f9:f4:81:b2:30:1b:
b8:64:d4:50:d1:ca:a0:ca:fe:da:f0:f1:b1:32:27:
37:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:54:A5:41:FD:C2:9A:28:D0:DF:AD:71:93:45:15:42:92:94:C1:BE
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/_lSlQf3CmijQ361xk0UVQpKUwb4.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
125.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
5e:cd:12:86:fd:4d:dc:13:81:c4:fb:bd:94:8e:23:8b:f5:3a:
51:b3:2f:91:12:05:9a:3a:d7:0c:9b:ec:83:0d:25:a2:20:7b:
d4:c1:c7:31:ff:26:fd:1a:50:cd:a7:3d:e8:66:df:ce:b0:cb:
76:ca:6c:3f:cb:c1:44:59:94:51:d8:be:dd:3c:da:ea:4e:c1:
d7:5e:a9:da:1f:5f:eb:ab:a9:30:2a:b7:04:b5:76:68:ec:18:
3f:6e:fe:9c:d5:ac:ee:67:bd:4c:0e:37:66:34:7a:5f:bb:15:
f0:30:a7:f3:e4:25:7a:ef:e7:7d:87:b6:8b:78:e4:8f:25:9d:
ea:e9:5f:3a:74:ec:c3:e4:61:f5:67:1e:40:bb:44:71:c5:91:
db:0c:54:13:06:05:12:89:20:fd:c4:fa:a5:77:10:93:bd:5a:
f4:09:dd:61:c0:30:fa:7b:33:fa:6a:2b:d4:3b:6c:dd:7f:88:
74:23:9b:01:24:3c:3a:2b:dc:07:cb:92:b7:4a:66:34:b7:19:
5d:f4:5b:94:91:b9:df:2b:ea:14:6f:93:8e:6e:f8:55:b5:10:
11:79:00:c5:9f:62:93:ae:86:f3:5a:16:ea:f7:f9:97:4b:d0:
9d:2d:af:12:69:81:73:e0:d5:39:e9:d8:55:84:8d:c2:ee:9a:
15:01:bf:82
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICGQAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MDkx
MDA5MzZaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEZFNTRBNTQxRkRDMjlB
MjhEMERGQUQ3MTkzNDUxNTQyOTI5NEMxQkUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCvyHDWWIXyNpXOuNnTIEKtE7fm0DWtYsU7iAt2AuA8hiL+7lu0
ICSOI3ADaWt8qNgSrESYmSVMyoPAktq9ts28V/ro7vOhCOCIyTiF/5bAD8TTtPkQ
J6lET/eRAPjij0jT/qXECPztDQiniNgigfT6xvz/Xw8SNuYNCLoRw2gee+rQwQu0
h6p+aFnJGt1zCoGMjx6ro9P4aIFtSeYFOBvyooC98e3IPw5kdOcUmYvEwak0ljs6
/6/aAWihyz5B0PyiSTlsfP0SiOWloHQAfnaKtWOT30ZVSr8yUxkPxg3XjjRj7+LW
FpXJPvn0gbIwG7hk1FDRyqDK/trw8bEyJzcZAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQU/lSlQf3CmijQ361xk0UVQpKUwb4wHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9fbFNsUWYzQ21palEzNjF4
azBVVlFwS1V3YjQucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
fakwDQYJKoZIhvcNAQELBQADggEBAF7NEob9TdwTgcT7vZSOI4v1OlGzL5ESBZo6
1wyb7IMNJaIge9TBxzH/Jv0aUM2nPehm386wy3bKbD/LwURZlFHYvt082upOwdde
qdofX+urqTAqtwS1dmjsGD9u/pzVrO5nvUwON2Y0el+7FfAwp/PkJXrv532Htot4
5I8lnerpXzp07MPkYfVnHkC7RHHFkdsMVBMGBRKJIP3E+qV3EJO9WvQJ3WHAMPp7
M/pqK9Q7bN1/iHQjmwEkPDor3AfLkrdKZjS3GV30W5SRud8r6hRvk45u+FW1EBF5
AMWfYpOuhvNaFur3+ZdL0J0trxJpgXPg1Tnp2FWEjcLumhUBv4I=
-----END CERTIFICATE-----
Generated at Sun Jul 20 20:47:09 2025 by rpki-client