Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/bubh2WKm4d2FldX5WRjG4Qdb2U4.roa
File: bubh2WKm4d2FldX5WRjG4Qdb2U4.roa (raw, json)
Hash identifier: mgekcyuurTchK4hWMnvsn+wqrBzgJn5qYrwjlTCd+rc=
Subject key identifier: 6E:E6:E1:D9:62:A6:E1:DD:85:95:D5:F9:59:18:C6:E1:07:5B:D9:4E
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 1348
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/bubh2WKm4d2FldX5WRjG4Qdb2U4.roa
Signing time: Sun 01 Jun 2025 19:09:57 +0000
ROA not before: Sun 01 Jun 2025 19:09:57 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 125.169.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4936 (0x1348)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 1 19:09:57 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=6EE6E1D962A6E1DD8595D5F95918C6E1075BD94E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:cd:b5:f9:ee:ff:3f:53:54:3e:93:57:1d:7c:
97:7b:14:48:4c:11:11:bd:31:d3:d8:f4:74:f1:33:
f9:5d:17:a6:dd:96:c4:9a:a8:81:45:89:91:34:4a:
7d:08:5e:c3:c8:3e:b6:36:10:b9:5f:ef:27:f3:31:
a5:7d:f5:9d:5c:25:b7:12:a5:16:78:37:c9:2b:c1:
08:4f:2d:e0:0a:d1:74:6a:d2:81:b6:62:1d:ea:d6:
ff:83:11:a3:d6:ed:c5:8a:d2:dc:f8:37:48:6d:5b:
27:18:90:22:48:be:79:1d:0c:6c:45:e2:5a:e0:69:
9a:c1:db:6a:e3:2c:0b:fa:ad:83:6a:f8:33:c8:9e:
46:ac:b8:dc:d2:97:01:7e:6e:2f:ca:68:bd:5e:d8:
27:4c:93:f5:47:42:91:6f:5c:15:7a:b7:70:ae:c7:
0e:cf:3b:70:84:83:c0:fa:42:07:64:96:8f:8c:b9:
3e:5f:b6:02:d9:48:4e:da:2f:d3:cf:16:43:9d:30:
b4:02:fc:e2:0a:40:ac:eb:6f:d6:09:6b:f2:22:47:
aa:f0:ed:f4:23:3b:59:6c:d9:04:bd:0d:b7:3d:7a:
ee:d7:d3:27:6f:32:2f:c7:2f:e6:5f:a6:c6:69:4b:
ba:5d:65:1e:a6:66:0a:d8:21:3d:e9:5f:ff:b5:c1:
2e:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:E6:E1:D9:62:A6:E1:DD:85:95:D5:F9:59:18:C6:E1:07:5B:D9:4E
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/bubh2WKm4d2FldX5WRjG4Qdb2U4.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
125.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
ae:38:37:61:19:3d:2c:3f:f0:10:22:6d:e0:93:02:c8:13:c3:
8e:00:8b:7f:78:2a:11:b9:1b:b5:70:5f:5f:99:ec:7d:b9:a1:
6c:24:b4:75:26:e9:47:31:d4:4b:89:cd:35:eb:09:c3:2c:4b:
cf:f9:a5:a8:a8:79:cf:52:78:62:08:3e:9d:86:75:e4:e7:68:
b1:09:90:e8:ce:0c:06:ec:7e:95:2d:72:5a:79:38:4f:d2:11:
3c:00:06:54:d6:3e:2a:24:25:e4:af:8c:98:7c:14:ec:b4:f8:
2e:37:57:fb:71:9d:3b:62:c5:5f:95:f1:cb:75:15:13:54:05:
8b:51:f5:eb:d8:e4:da:19:a5:93:23:50:27:8d:f9:7c:7c:f4:
e5:94:16:39:d6:52:ae:b5:06:ee:1b:54:59:c4:30:58:a4:0e:
8b:d2:a7:ed:32:6c:1e:ff:ad:42:67:ad:9c:68:6e:31:2e:2c:
80:ad:5d:a2:70:7f:37:51:0b:fb:49:33:e4:a0:d2:16:cc:de:
02:b9:0a:1a:c7:ee:d9:92:85:b8:5a:33:db:85:a3:71:ce:86:
24:41:90:69:b2:65:a6:2a:28:de:dd:ae:42:91:cd:5d:fe:6d:
66:93:45:09:8c:a9:c2:09:01:d0:78:92:80:7c:df:b0:b7:44:
79:e2:60:40
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICE0gwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MDEx
OTA5NTdaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDZFRTZFMUQ5NjJBNkUx
REQ4NTk1RDVGOTU5MThDNkUxMDc1QkQ5NEUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCnzbX57v8/U1Q+k1cdfJd7FEhMERG9MdPY9HTxM/ldF6bdlsSa
qIFFiZE0Sn0IXsPIPrY2ELlf7yfzMaV99Z1cJbcSpRZ4N8krwQhPLeAK0XRq0oG2
Yh3q1v+DEaPW7cWK0tz4N0htWycYkCJIvnkdDGxF4lrgaZrB22rjLAv6rYNq+DPI
nkasuNzSlwF+bi/KaL1e2CdMk/VHQpFvXBV6t3Cuxw7PO3CEg8D6Qgdklo+MuT5f
tgLZSE7aL9PPFkOdMLQC/OIKQKzrb9YJa/IiR6rw7fQjO1ls2QS9Dbc9eu7X0ydv
Mi/HL+ZfpsZpS7pdZR6mZgrYIT3pX/+1wS6zAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUbubh2WKm4d2FldX5WRjG4Qdb2U4wHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9idWJoMldLbTRkMkZsZFg1
V1JqRzRRZGIyVTQucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
fakwDQYJKoZIhvcNAQELBQADggEBAK44N2EZPSw/8BAibeCTAsgTw44Ai394KhG5
G7VwX1+Z7H25oWwktHUm6Ucx1EuJzTXrCcMsS8/5paioec9SeGIIPp2GdeTnaLEJ
kOjODAbsfpUtclp5OE/SETwABlTWPiokJeSvjJh8FOy0+C43V/txnTtixV+V8ct1
FRNUBYtR9evY5NoZpZMjUCeN+Xx89OWUFjnWUq61Bu4bVFnEMFikDovSp+0ybB7/
rUJnrZxobjEuLICtXaJwfzdRC/tJM+Sg0hbM3gK5ChrH7tmShbhaM9uFo3HOhiRB
kGmyZaYqKN7drkKRzV3+bWaTRQmMqcIJAdB4koB837C3RHniYEA=
-----END CERTIFICATE-----
Generated at Sat Jun 7 12:30:33 2025 by rpki-client