Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/axsJPVBgJ3n4EL3op56_jXqQVjc.roa
File: axsJPVBgJ3n4EL3op56_jXqQVjc.roa (raw, json)
Hash identifier: PuACUXPIShYVpLxJmYv30txdMYu53sS8x6bgq5Ju8hM=
Subject key identifier: 6B:1B:09:3D:50:60:27:79:F8:10:BD:E8:A7:9E:BF:8D:7A:90:56:37
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0F00
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/axsJPVBgJ3n4EL3op56_jXqQVjc.roa
Signing time: Tue 27 May 2025 02:09:02 +0000
ROA not before: Tue 27 May 2025 02:09:02 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 125.169.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3840 (0xf00)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 27 02:09:02 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=6B1B093D50602779F810BDE8A79EBF8D7A905637
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:10:9a:b3:82:60:da:82:6d:f3:1b:b2:e5:87:
2a:91:3b:c9:5b:73:ab:27:a8:d3:f2:07:0a:46:84:
0b:de:11:e6:57:8c:0b:16:10:c9:9e:d1:06:06:43:
ba:5d:e3:07:25:da:22:0d:98:3f:55:17:55:90:75:
c7:48:7e:65:a2:be:ec:3b:71:f9:ce:12:26:ed:57:
b5:61:e4:12:2f:dd:5a:96:45:88:de:f8:36:fd:72:
de:94:5d:0d:b8:2c:78:31:0a:ff:31:f5:9f:ef:51:
93:35:05:d2:42:51:a6:94:be:b5:b9:da:1e:14:5a:
23:90:c7:77:3a:4d:76:04:25:d8:45:61:96:b4:49:
89:8c:b7:1f:08:b0:e9:2a:31:87:db:17:fd:9f:96:
96:fe:ae:0d:8f:8a:32:70:cd:66:09:2a:d0:91:72:
1a:50:ac:f5:d8:2a:40:ec:8f:2b:cb:f1:65:36:14:
6f:66:16:ef:ba:ed:0f:e6:fe:3e:45:de:90:0f:0e:
5f:6e:9d:f0:36:a6:78:5f:9b:ca:e9:fd:b6:96:b3:
02:f4:5a:49:71:af:aa:1b:49:ac:b0:26:c6:2b:d2:
3d:c1:e6:3f:17:d6:ff:5c:b1:dd:5b:1b:da:0c:5a:
0b:f2:03:70:d3:7f:61:8b:34:66:8e:fa:77:b9:71:
47:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:1B:09:3D:50:60:27:79:F8:10:BD:E8:A7:9E:BF:8D:7A:90:56:37
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/axsJPVBgJ3n4EL3op56_jXqQVjc.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
125.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
39:85:f1:4e:de:44:b8:af:a8:cd:cc:3f:2e:b6:75:1a:e0:01:
28:25:91:68:e7:ba:a6:92:ed:1f:81:3c:69:19:3a:29:df:5c:
dc:bd:58:2e:b0:bc:74:1b:29:ee:0d:8e:0b:b7:c9:ab:bc:ff:
23:38:32:92:b3:c7:1a:f1:2c:47:d7:a1:7a:c3:0e:a3:99:c4:
be:21:fc:1f:63:b3:2c:b6:9d:ba:85:b5:8d:d8:1c:80:c0:81:
5e:d1:76:41:74:40:ec:70:2f:50:45:33:21:b0:e3:37:70:00:
41:c0:ef:97:a2:02:b6:da:bf:68:a1:c1:a5:47:21:1f:6e:9a:
78:ba:d1:9a:b1:b7:17:cc:00:47:36:51:1c:21:2b:c6:6e:7f:
8c:50:ac:81:14:86:03:65:88:84:26:c1:19:af:a5:17:5a:44:
d7:a5:18:4f:e7:9e:0d:e1:4e:54:e2:07:e0:62:f8:53:24:2b:
91:17:56:fa:95:35:db:49:5a:4c:aa:00:bf:4c:39:e5:8a:69:
bd:a0:47:be:e1:99:bc:3e:94:14:cf:9c:21:f9:7e:0e:43:ac:
48:4b:12:5b:78:03:b3:8a:6a:a1:f0:bf:1f:19:59:ed:76:e2:
57:43:bc:8c:99:a3:ee:7b:58:eb:c5:8b:c4:81:b3:a6:0f:ff:
06:48:29:8c
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICDwAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1Mjcw
MjA5MDJaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDZCMUIwOTNENTA2MDI3
NzlGODEwQkRFOEE3OUVCRjhEN0E5MDU2MzcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDmEJqzgmDagm3zG7LlhyqRO8lbc6snqNPyBwpGhAveEeZXjAsW
EMme0QYGQ7pd4wcl2iINmD9VF1WQdcdIfmWivuw7cfnOEibtV7Vh5BIv3VqWRYje
+Db9ct6UXQ24LHgxCv8x9Z/vUZM1BdJCUaaUvrW52h4UWiOQx3c6TXYEJdhFYZa0
SYmMtx8IsOkqMYfbF/2flpb+rg2PijJwzWYJKtCRchpQrPXYKkDsjyvL8WU2FG9m
Fu+67Q/m/j5F3pAPDl9unfA2pnhfm8rp/baWswL0Wklxr6obSaywJsYr0j3B5j8X
1v9csd1bG9oMWgvyA3DTf2GLNGaO+ne5cUfHAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUaxsJPVBgJ3n4EL3op56/jXqQVjcwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9heHNKUFZCZ0ozbjRFTDNv
cDU2X2pYcVFWamMucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
fakwDQYJKoZIhvcNAQELBQADggEBADmF8U7eRLivqM3MPy62dRrgASglkWjnuqaS
7R+BPGkZOinfXNy9WC6wvHQbKe4Njgu3yau8/yM4MpKzxxrxLEfXoXrDDqOZxL4h
/B9jsyy2nbqFtY3YHIDAgV7RdkF0QOxwL1BFMyGw4zdwAEHA75eiArbav2ihwaVH
IR9umni60ZqxtxfMAEc2URwhK8Zuf4xQrIEUhgNliIQmwRmvpRdaRNelGE/nng3h
TlTiB+Bi+FMkK5EXVvqVNdtJWkyqAL9MOeWKab2gR77hmbw+lBTPnCH5fg5DrEhL
Elt4A7OKaqHwvx8ZWe124ldDvIyZo+57WOvFi8SBs6YP/wZIKYw=
-----END CERTIFICATE-----
Generated at Wed Jun 4 00:49:22 2025 by rpki-client