Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/uCytR-c9w1s-8OKzVBVbR09znmU.roa
File: uCytR-c9w1s-8OKzVBVbR09znmU.roa (raw, json)
Hash identifier: ome7y6v1AwuiCp3vtNW23C4ZrxtGA7lsdKDztzoseHA=
Subject key identifier: B8:2C:AD:47:E7:3D:C3:5B:3E:F0:E2:B3:54:15:5B:47:4F:73:9E:65
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 12D0
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/uCytR-c9w1s-8OKzVBVbR09znmU.roa
Signing time: Sun 01 Jun 2025 04:09:07 +0000
ROA not before: Sun 01 Jun 2025 04:09:07 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 125.169.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4816 (0x12d0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 1 04:09:07 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=B82CAD47E73DC35B3EF0E2B354155B474F739E65
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:7e:b0:fe:17:4e:25:8e:4d:9f:02:e0:87:e8:
8e:ab:1d:e9:44:48:93:a0:b2:b6:9f:b1:f1:31:26:
93:5a:0b:ed:49:a8:bd:69:1e:ce:bb:53:23:d8:fd:
3c:bf:d8:d1:28:2d:bf:bb:e6:54:a5:3b:ac:9a:3f:
1e:a6:6c:4a:60:0c:49:9f:39:d7:a5:26:d2:f0:e1:
73:39:e4:85:c5:a1:43:1c:4c:33:83:cb:84:0c:ea:
70:28:9e:46:ac:98:8e:2c:66:ce:1b:d5:af:4c:3f:
9e:60:fa:53:e0:59:3f:ed:53:33:6e:71:00:a0:44:
d9:18:5a:fa:20:33:d0:25:7e:e9:0c:3c:7b:1f:a0:
e1:e7:a0:60:2e:f1:fe:6a:22:48:9d:87:f4:9b:1b:
43:33:0f:91:03:e4:55:4f:cc:5c:55:d8:3d:10:61:
a5:97:9c:5f:00:21:e3:70:a7:e2:d6:f9:f6:b3:09:
d8:5d:63:8a:bb:c2:aa:27:b1:1c:f9:4d:32:fc:f0:
10:18:33:11:6f:80:b5:78:d7:82:4d:39:8d:aa:74:
92:40:80:e9:99:53:08:d6:ff:c7:b8:99:57:9e:77:
c1:05:d1:f7:9c:97:11:41:eb:09:5b:d5:8f:8a:37:
99:6d:f0:8f:1f:75:f6:38:26:9f:82:26:4b:6a:e9:
8b:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:2C:AD:47:E7:3D:C3:5B:3E:F0:E2:B3:54:15:5B:47:4F:73:9E:65
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/uCytR-c9w1s-8OKzVBVbR09znmU.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
125.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
60:a4:ba:ee:da:f3:e8:54:56:cb:07:d0:86:28:4d:3c:a7:06:
5f:53:29:5f:6e:09:9e:2b:61:b0:20:1c:df:11:70:a0:5b:69:
8e:c7:d8:ed:e7:4d:ed:79:b7:46:6a:1a:86:2a:ed:00:dc:6a:
1a:2a:4a:0d:32:2d:dc:4e:8e:e9:9a:18:19:3d:54:39:72:4b:
a8:fb:a1:15:fd:bf:b5:ca:f5:a1:af:a9:cf:3e:43:93:09:bd:
8f:58:4d:33:ee:99:0c:df:c4:62:c0:84:34:fe:39:9a:8f:c0:
ef:8d:f0:79:fd:47:82:06:46:6b:14:49:0d:bb:ba:50:9c:f5:
19:2e:a5:3b:c3:37:16:56:61:8e:3e:12:00:52:71:7e:db:58:
fc:05:d9:42:84:ea:e2:40:01:6d:7e:06:96:5d:a5:87:97:65:
2d:32:2a:2d:4b:56:b9:33:39:77:e3:f5:58:0c:a7:e1:4b:06:
24:dd:f8:cf:30:06:c6:27:b7:57:20:00:02:be:40:ca:8a:bd:
fd:a9:f4:25:54:56:f5:69:23:6d:33:82:6a:71:38:e7:d0:42:
38:3b:54:10:ac:d7:83:32:bf:22:5f:36:02:13:f6:1e:40:ef:
74:64:91:a2:93:55:c3:48:66:dc:77:af:d5:c0:17:7c:bb:c7:
65:87:93:0b
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICEtAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MDEw
NDA5MDdaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEI4MkNBRDQ3RTczREMz
NUIzRUYwRTJCMzU0MTU1QjQ3NEY3MzlFNjUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCafrD+F04ljk2fAuCH6I6rHelESJOgsrafsfExJpNaC+1JqL1p
Hs67UyPY/Ty/2NEoLb+75lSlO6yaPx6mbEpgDEmfOdelJtLw4XM55IXFoUMcTDOD
y4QM6nAonkasmI4sZs4b1a9MP55g+lPgWT/tUzNucQCgRNkYWvogM9AlfukMPHsf
oOHnoGAu8f5qIkidh/SbG0MzD5ED5FVPzFxV2D0QYaWXnF8AIeNwp+LW+fazCdhd
Y4q7wqonsRz5TTL88BAYMxFvgLV414JNOY2qdJJAgOmZUwjW/8e4mVeed8EF0fec
lxFB6wlb1Y+KN5lt8I8fdfY4Jp+CJktq6Yv7AgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUuCytR+c9w1s+8OKzVBVbR09znmUwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni91Q3l0Ui1jOXcxcy04T0t6
VkJWYlIwOXpubVUucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
fakwDQYJKoZIhvcNAQELBQADggEBAGCkuu7a8+hUVssH0IYoTTynBl9TKV9uCZ4r
YbAgHN8RcKBbaY7H2O3nTe15t0ZqGoYq7QDcahoqSg0yLdxOjumaGBk9VDlyS6j7
oRX9v7XK9aGvqc8+Q5MJvY9YTTPumQzfxGLAhDT+OZqPwO+N8Hn9R4IGRmsUSQ27
ulCc9RkupTvDNxZWYY4+EgBScX7bWPwF2UKE6uJAAW1+BpZdpYeXZS0yKi1LVrkz
OXfj9VgMp+FLBiTd+M8wBsYnt1cgAAK+QMqKvf2p9CVUVvVpI20zgmpxOOfQQjg7
VBCs14MyvyJfNgIT9h5A73RkkaKTVcNIZtx3r9XAF3y7x2WHkws=
-----END CERTIFICATE-----
Generated at Wed Jun 4 01:28:04 2025 by rpki-client