Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/c8m2pgk-49fska2qL_xn0umBqLo.roa
File: c8m2pgk-49fska2qL_xn0umBqLo.roa (raw, json)
Hash identifier: LvoL0FBz8QEFkuFON4PfNnLfo4odCICrSfy7u5Idync=
Subject key identifier: 73:C9:B6:A6:09:3E:E3:D7:EC:91:AD:AA:2F:FC:67:D2:E9:81:A8:BA
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 1E84
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/c8m2pgk-49fska2qL_xn0umBqLo.roa
Signing time: Mon 16 Jun 2025 18:40:01 +0000
ROA not before: Mon 16 Jun 2025 18:40:01 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 125.169.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7812 (0x1e84)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 16 18:40:01 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=73C9B6A6093EE3D7EC91ADAA2FFC67D2E981A8BA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:e5:20:eb:62:06:4c:1d:bc:01:57:2b:c0:98:
68:50:7f:ac:a5:2b:61:21:22:c7:d7:6a:7a:23:80:
7c:29:f1:42:26:ea:e4:45:30:0f:fa:36:95:b7:41:
e4:76:ff:f1:d7:db:31:ef:32:ef:03:4b:3b:6e:af:
97:bf:34:0f:3d:a6:87:65:a9:16:29:42:d7:73:e3:
b5:62:86:a3:00:2f:ed:10:9d:5e:ad:b7:dc:e4:19:
53:ad:7a:bf:31:45:e8:88:a6:ca:3e:81:e0:0e:6c:
94:43:d5:e6:c6:9e:0f:78:75:8a:40:94:79:b2:2d:
3a:1b:4c:a4:47:b8:fe:09:f8:a4:3d:21:d6:24:00:
df:cc:47:2c:3c:fa:00:54:ba:94:87:0f:b0:03:3a:
0b:fc:98:db:ef:94:bd:81:d1:3d:da:a2:e1:71:48:
18:35:52:53:57:b5:77:cd:16:11:9c:3b:0b:e6:dd:
fa:5b:9e:9a:22:5d:b8:a6:2a:bf:80:5d:2c:64:fd:
54:60:55:b8:e7:ee:75:f1:76:81:01:bc:09:67:d2:
fa:4d:96:08:e0:cc:1e:d0:6a:55:d6:ad:d6:b2:91:
de:bc:a7:86:82:63:8a:f7:3b:56:65:13:71:4a:6b:
09:b4:4b:19:df:a6:16:e6:c8:84:f1:49:d3:99:5d:
b8:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:C9:B6:A6:09:3E:E3:D7:EC:91:AD:AA:2F:FC:67:D2:E9:81:A8:BA
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/c8m2pgk-49fska2qL_xn0umBqLo.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
125.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
7c:96:98:0c:a9:c8:8d:dc:d3:81:7c:16:8b:12:59:67:7e:c4:
59:c8:ae:bd:ea:e6:13:6c:0c:c0:05:20:4d:cc:5b:95:9e:d7:
d5:37:17:ed:a8:58:e9:39:21:79:99:ea:ef:e3:3d:ec:55:ae:
ec:18:c5:61:ad:6d:a5:1b:36:8b:0e:d5:c1:da:7d:f0:97:d4:
e1:c4:cf:d2:0a:ae:d8:1d:c4:43:10:aa:9b:2d:74:49:3c:53:
7f:1c:37:72:8a:36:10:12:b9:85:76:70:c6:98:62:69:c5:77:
22:73:13:04:c3:d6:78:0d:fb:ca:8e:e2:f4:07:9b:56:d2:61:
dc:84:05:86:06:77:a5:2f:85:ba:7d:1b:c3:28:20:47:e2:34:
23:97:ca:17:e1:62:44:ea:25:30:06:0b:7e:67:a8:16:75:7d:
a4:0d:1e:36:44:7f:31:fe:2b:6c:6f:cc:db:73:d8:90:b3:d8:
7a:fc:99:a4:1e:48:73:af:e7:fd:df:73:1f:4a:d5:c0:c6:2d:
b9:25:ae:da:68:3f:ec:2e:f1:ab:c5:f9:8e:80:c8:ae:40:c4:
c9:fd:e5:7c:bb:3b:3d:d2:a8:f4:87:ac:78:69:b0:92:4f:9f:
34:5b:19:db:83:da:9f:3a:bf:af:08:38:29:4b:a1:42:17:83:
d9:a7:15:22
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICHoQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MTYx
ODQwMDFaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDczQzlCNkE2MDkzRUUz
RDdFQzkxQURBQTJGRkM2N0QyRTk4MUE4QkEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDT5SDrYgZMHbwBVyvAmGhQf6ylK2EhIsfXanojgHwp8UIm6uRF
MA/6NpW3QeR2//HX2zHvMu8DSztur5e/NA89podlqRYpQtdz47VihqMAL+0QnV6t
t9zkGVOter8xReiIpso+geAObJRD1ebGng94dYpAlHmyLTobTKRHuP4J+KQ9IdYk
AN/MRyw8+gBUupSHD7ADOgv8mNvvlL2B0T3aouFxSBg1UlNXtXfNFhGcOwvm3fpb
npoiXbimKr+AXSxk/VRgVbjn7nXxdoEBvAln0vpNlgjgzB7QalXWrdaykd68p4aC
Y4r3O1ZlE3FKawm0SxnfphbmyITxSdOZXbiBAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUc8m2pgk+49fska2qL/xn0umBqLowHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9jOG0ycGdrLTQ5ZnNrYTJx
TF94bjB1bUJxTG8ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
fakwDQYJKoZIhvcNAQELBQADggEBAHyWmAypyI3c04F8FosSWWd+xFnIrr3q5hNs
DMAFIE3MW5We19U3F+2oWOk5IXmZ6u/jPexVruwYxWGtbaUbNosO1cHaffCX1OHE
z9IKrtgdxEMQqpstdEk8U38cN3KKNhASuYV2cMaYYmnFdyJzEwTD1ngN+8qO4vQH
m1bSYdyEBYYGd6Uvhbp9G8MoIEfiNCOXyhfhYkTqJTAGC35nqBZ1faQNHjZEfzH+
K2xvzNtz2JCz2Hr8maQeSHOv5/3fcx9K1cDGLbklrtpoP+wu8avF+Y6AyK5AxMn9
5Xy7Oz3SqPSHrHhpsJJPnzRbGduD2p86v68IOClLoUIXg9mnFSI=
-----END CERTIFICATE-----
Generated at Sun Jul 20 12:55:36 2025 by rpki-client