Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/bPRylfadr0SG0i90omxvCKND62Y.roa
File: bPRylfadr0SG0i90omxvCKND62Y.roa (raw, json)
Hash identifier: 6pkkvDblXI79jOy1ueQfLaP5KUHNWtnD0Z5ArCyZwSQ=
Subject key identifier: 6C:F4:72:95:F6:9D:AF:44:86:D2:2F:74:A2:6C:6F:08:A3:43:EB:66
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0D70
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/bPRylfadr0SG0i90omxvCKND62Y.roa
Signing time: Sun 25 May 2025 00:08:31 +0000
ROA not before: Sun 25 May 2025 00:08:31 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 125.169.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3440 (0xd70)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 25 00:08:31 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=6CF47295F69DAF4486D22F74A26C6F08A343EB66
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f4:bf:b1:d6:86:9e:6a:97:be:a6:06:4d:b2:93:
d1:48:5b:cc:97:e8:3f:c5:42:dc:94:6a:eb:72:11:
8c:8b:9a:2f:e2:6d:3c:76:5f:c8:ab:82:77:00:28:
00:c3:6e:fb:c6:69:d5:46:78:7a:e5:43:55:92:d8:
0d:89:c6:30:81:9c:89:42:09:91:43:b1:5b:50:91:
2c:11:61:e5:cd:fb:19:cd:7d:46:17:00:c5:54:9f:
47:85:c1:b7:2a:2d:6b:1a:1f:d4:21:f0:51:06:21:
18:8d:0d:8b:47:db:d2:48:24:a5:91:82:ba:3a:dc:
ae:1d:d0:93:fa:79:30:71:0d:79:87:db:6d:f5:bf:
ea:b1:d3:c3:6f:32:32:0b:66:4d:10:1f:ff:59:7b:
b6:08:59:46:9f:6a:35:8e:23:af:1a:c7:d2:9d:50:
bd:44:5b:a1:a9:23:07:fa:65:99:89:35:cc:29:95:
d0:27:c6:55:77:30:89:3f:ee:17:a9:94:82:ec:b4:
ba:9f:32:57:3b:1f:44:de:17:9b:f6:81:ac:d4:10:
14:a5:af:87:fb:fc:75:c1:68:a2:f9:5b:8c:f7:16:
85:ff:2f:64:87:d1:43:91:9d:36:38:ea:d0:3a:64:
b4:92:98:ac:64:26:03:6a:d9:4c:25:a6:4a:0e:7a:
9c:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:F4:72:95:F6:9D:AF:44:86:D2:2F:74:A2:6C:6F:08:A3:43:EB:66
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/bPRylfadr0SG0i90omxvCKND62Y.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
125.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
37:e6:ef:78:b2:d2:a1:c6:7a:3c:ba:5f:9a:71:d5:a0:7b:c2:
fd:81:52:b4:dc:96:37:73:ce:35:e8:28:e2:0a:07:51:ea:a5:
a5:61:04:64:f5:a5:84:7a:fc:29:11:64:4f:15:0d:8f:a9:ee:
32:28:eb:9b:72:b6:ee:86:59:49:34:c7:a2:a0:1b:7e:6c:40:
b2:41:b6:dc:e1:72:ee:da:70:28:24:a7:9b:f1:8d:c9:14:39:
ac:5a:df:b8:86:2d:85:82:9f:a7:9f:19:80:eb:56:ab:14:6f:
35:fb:da:31:4a:22:a1:8d:10:46:01:e3:79:1e:cc:46:19:1a:
91:09:24:dd:23:c9:fe:36:bd:f8:14:de:7c:3d:3b:99:d8:1d:
93:f7:ad:e9:2b:fb:7f:d0:55:73:39:4c:d9:9a:db:76:e7:21:
09:4d:7b:3f:be:a2:18:7a:6a:36:43:aa:6e:8a:91:f4:6f:c7:
e6:41:9f:be:2a:c1:7b:9d:47:b6:28:04:cf:7a:a4:e3:8c:63:
7f:e8:73:54:2b:45:67:f0:ac:77:c2:a5:fd:f0:41:2f:ed:86:
57:82:b6:f9:9a:ae:c6:b4:d8:21:ca:03:14:7b:aa:f5:91:4d:
3a:2c:cf:c4:21:fa:b4:d7:c7:14:71:d4:30:ba:96:08:53:45:
f6:1b:a2:c7
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICDXAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MjUw
MDA4MzFaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDZDRjQ3Mjk1RjY5REFG
NDQ4NkQyMkY3NEEyNkM2RjA4QTM0M0VCNjYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQD0v7HWhp5ql76mBk2yk9FIW8yX6D/FQtyUautyEYyLmi/ibTx2
X8irgncAKADDbvvGadVGeHrlQ1WS2A2JxjCBnIlCCZFDsVtQkSwRYeXN+xnNfUYX
AMVUn0eFwbcqLWsaH9Qh8FEGIRiNDYtH29JIJKWRgro63K4d0JP6eTBxDXmH2231
v+qx08NvMjILZk0QH/9Ze7YIWUafajWOI68ax9KdUL1EW6GpIwf6ZZmJNcwpldAn
xlV3MIk/7heplILstLqfMlc7H0TeF5v2gazUEBSlr4f7/HXBaKL5W4z3FoX/L2SH
0UORnTY46tA6ZLSSmKxkJgNq2UwlpkoOepznAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUbPRylfadr0SG0i90omxvCKND62YwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9iUFJ5bGZhZHIwU0cwaTkw
b214dkNLTkQ2Mlkucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
fakwDQYJKoZIhvcNAQELBQADggEBADfm73iy0qHGejy6X5px1aB7wv2BUrTcljdz
zjXoKOIKB1HqpaVhBGT1pYR6/CkRZE8VDY+p7jIo65tytu6GWUk0x6KgG35sQLJB
ttzhcu7acCgkp5vxjckUOaxa37iGLYWCn6efGYDrVqsUbzX72jFKIqGNEEYB43ke
zEYZGpEJJN0jyf42vfgU3nw9O5nYHZP3rekr+3/QVXM5TNma23bnIQlNez++ohh6
ajZDqm6KkfRvx+ZBn74qwXudR7YoBM96pOOMY3/oc1QrRWfwrHfCpf3wQS/thleC
tvmarsa02CHKAxR7qvWRTTosz8Qh+rTXxxRx1DC6lghTRfYbosc=
-----END CERTIFICATE-----
Generated at Wed Jun 4 02:23:09 2025 by rpki-client