Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/2sqBbV1azdb_DGuOsrSGl4wn3M4.roa
File: 2sqBbV1azdb_DGuOsrSGl4wn3M4.roa (raw, json)
Hash identifier: aWwTgzwUvDXNSMZYirIKO1dEOJyiEs5KzmHg1DChc+I=
Subject key identifier: DA:CA:81:6D:5D:5A:CD:D6:FF:0C:6B:8E:B2:B4:86:97:8C:27:DC:CE
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 07DC
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/2sqBbV1azdb_DGuOsrSGl4wn3M4.roa
Signing time: Sat 17 May 2025 13:38:11 +0000
ROA not before: Sat 17 May 2025 13:38:11 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 125.169.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2012 (0x7dc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 17 13:38:11 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=DACA816D5D5ACDD6FF0C6B8EB2B486978C27DCCE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:55:67:36:c5:50:c3:83:d6:20:d6:7b:4b:9c:
66:54:e1:87:ba:6c:e6:aa:57:9f:b1:0f:a7:6f:ff:
c0:0e:54:84:58:21:19:15:0d:52:5f:54:82:62:ad:
0b:7b:9f:5d:9c:04:e7:ac:38:39:54:8f:2c:48:af:
a9:b6:03:f3:cf:cd:c4:81:32:0a:90:75:46:42:db:
c1:83:56:18:a6:c6:04:c6:42:31:7c:3d:ce:d6:ab:
4d:91:d8:b2:fd:15:b3:b2:78:1d:a6:76:3d:d8:fd:
9a:a3:00:be:f8:e9:36:b3:09:3c:38:e0:6f:ff:7c:
6b:d5:59:28:b7:d3:a3:ac:74:82:b3:cc:94:b0:97:
6b:50:f7:2d:af:c4:c6:f6:6b:18:d5:5d:f0:d5:8a:
ae:df:c4:7b:5a:2b:98:d3:62:bf:bc:61:c2:eb:21:
83:dc:7f:92:d6:24:6b:32:09:66:9e:21:bd:0b:95:
40:b0:d0:ab:19:b1:37:cf:96:31:99:33:94:94:86:
a8:23:94:61:25:e4:46:d2:e3:55:98:6b:9f:51:8d:
c1:d3:b3:4a:c0:21:44:d6:fe:60:67:0b:33:a4:c4:
3f:aa:94:f3:43:91:ae:78:02:4e:42:3d:cb:66:54:
9a:c6:af:fa:fc:d5:7e:d8:e9:ea:2c:8d:71:af:59:
9d:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:CA:81:6D:5D:5A:CD:D6:FF:0C:6B:8E:B2:B4:86:97:8C:27:DC:CE
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/2sqBbV1azdb_DGuOsrSGl4wn3M4.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
125.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
68:9d:86:26:6f:69:9e:85:8d:df:2e:49:7e:dc:f0:f8:31:b2:
2d:e4:a3:32:7f:53:de:6c:aa:4e:bb:7e:48:39:47:e7:30:ae:
69:cd:9d:c6:5e:f9:1f:d8:63:3d:ee:e6:1b:79:b5:44:04:80:
73:c8:94:8e:2d:1d:70:0f:81:3a:5b:3a:93:37:95:78:d4:1f:
48:e6:d2:b4:e5:fd:8d:10:87:2a:6b:6b:f8:1b:78:08:cf:6a:
74:3b:9e:39:8c:aa:d2:91:d7:48:2f:de:0f:95:02:cd:d8:13:
db:e4:33:7d:d2:3d:51:6a:24:61:e4:f4:eb:fd:27:14:fc:fa:
16:fd:3b:19:ce:f7:68:09:8b:8f:2c:d5:59:99:85:69:b5:68:
56:a8:d0:f0:e5:2f:24:80:74:02:c3:62:b9:fd:bd:1b:7d:a2:
79:d9:27:5c:ae:82:46:a8:5d:f3:e2:0a:24:0c:14:28:39:20:
b6:fe:cb:b7:22:84:79:22:c4:5a:a4:06:68:84:c1:03:6f:51:
68:43:f1:cf:35:63:f5:7f:16:45:b5:ee:6d:82:c1:bd:fb:55:
14:d8:6f:75:8b:6c:ae:92:37:c2:b9:9c:31:c1:ce:05:c4:52:
fa:ed:95:fc:46:7b:2a:ae:52:53:85:4a:e6:5f:3c:ef:9d:df:
18:8c:5c:ed
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICB9wwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTcx
MzM4MTFaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKERBQ0E4MTZENUQ1QUNE
RDZGRjBDNkI4RUIyQjQ4Njk3OEMyN0RDQ0UwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDKVWc2xVDDg9Yg1ntLnGZU4Ye6bOaqV5+xD6dv/8AOVIRYIRkV
DVJfVIJirQt7n12cBOesODlUjyxIr6m2A/PPzcSBMgqQdUZC28GDVhimxgTGQjF8
Pc7Wq02R2LL9FbOyeB2mdj3Y/ZqjAL746TazCTw44G//fGvVWSi306OsdIKzzJSw
l2tQ9y2vxMb2axjVXfDViq7fxHtaK5jTYr+8YcLrIYPcf5LWJGsyCWaeIb0LlUCw
0KsZsTfPljGZM5SUhqgjlGEl5EbS41WYa59RjcHTs0rAIUTW/mBnCzOkxD+qlPND
ka54Ak5CPctmVJrGr/r81X7Y6eosjXGvWZ2XAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQU2sqBbV1azdb/DGuOsrSGl4wn3M4wHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni8yc3FCYlYxYXpkYl9ER3VP
c3JTR2w0d24zTTQucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
fakwDQYJKoZIhvcNAQELBQADggEBAGidhiZvaZ6Fjd8uSX7c8Pgxsi3kozJ/U95s
qk67fkg5R+cwrmnNncZe+R/YYz3u5ht5tUQEgHPIlI4tHXAPgTpbOpM3lXjUH0jm
0rTl/Y0Qhypra/gbeAjPanQ7njmMqtKR10gv3g+VAs3YE9vkM33SPVFqJGHk9Ov9
JxT8+hb9OxnO92gJi48s1VmZhWm1aFao0PDlLySAdALDYrn9vRt9onnZJ1yugkao
XfPiCiQMFCg5ILb+y7cihHkixFqkBmiEwQNvUWhD8c81Y/V/FkW17m2Cwb37VRTY
b3WLbK6SN8K5nDHBzgXEUvrtlfxGeyquUlOFSuZfPO+d3xiMXO0=
-----END CERTIFICATE-----
Generated at Thu Jun 5 20:28:03 2025 by rpki-client