Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/82a4xoTccBnhNCN1vE2l5M_PRxY.roa
File: 82a4xoTccBnhNCN1vE2l5M_PRxY.roa (raw, json)
Hash identifier: 1I8h+554pc+wqyxqSO+I/iNrKeoFyizbOIkQN/84Yn4=
Subject key identifier: F3:66:B8:C6:84:DC:70:19:E1:34:23:75:BC:4D:A5:E4:CF:CF:47:16
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 1620
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/82a4xoTccBnhNCN1vE2l5M_PRxY.roa
Signing time: Thu 05 Jun 2025 14:09:26 +0000
ROA not before: Thu 05 Jun 2025 14:09:26 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 125.169.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5664 (0x1620)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 5 14:09:26 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=F366B8C684DC7019E1342375BC4DA5E4CFCF4716
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:46:58:03:3f:98:83:87:c9:27:50:16:9d:19:
2f:93:29:4d:a0:96:3a:87:51:19:fa:28:b8:57:2d:
6e:fa:d6:23:fa:88:54:12:3c:6e:f0:7d:08:6d:92:
36:e7:eb:b2:f5:0a:c4:75:8a:a0:f3:7a:fb:90:77:
03:15:f2:07:cb:5d:5d:fd:b6:f6:80:2d:57:4d:9f:
5b:60:f1:43:28:38:d5:c7:8e:bd:31:ae:3a:4a:a2:
30:ea:77:ce:d4:c2:d3:8e:96:65:5e:7c:1f:20:89:
37:df:77:70:09:12:c8:bd:e5:32:c7:60:21:7c:8e:
b9:86:c8:66:a1:e6:f2:42:0b:7f:67:4d:68:36:51:
19:c5:60:13:96:8d:0d:8c:25:5c:ac:cc:87:ca:80:
d7:5e:7c:4d:04:fe:02:8c:33:4c:6e:7b:11:53:f6:
b1:7a:6c:ae:6c:31:76:87:fe:29:4a:ee:53:9c:17:
88:38:b8:80:c6:12:a1:3c:5e:74:69:38:4c:8e:65:
71:d8:05:2e:03:a1:19:a9:3a:7e:4e:38:a0:7d:53:
45:7f:6e:eb:01:3b:a2:90:14:52:1e:02:aa:99:08:
14:df:ba:37:87:97:a5:9b:67:35:11:c3:b2:75:20:
9c:cf:22:b0:ab:52:10:d8:56:a0:a9:db:bc:87:c8:
fb:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:66:B8:C6:84:DC:70:19:E1:34:23:75:BC:4D:A5:E4:CF:CF:47:16
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/82a4xoTccBnhNCN1vE2l5M_PRxY.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
125.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
6e:ad:04:5e:9a:97:97:73:21:93:10:41:97:38:a8:06:a5:9d:
64:b4:f2:ab:b6:67:1e:ed:5b:ad:85:b6:8d:4a:3a:43:6f:b5:
97:c9:d9:30:42:41:4f:d6:db:17:2c:40:6e:ac:4f:05:f4:07:
6a:fb:94:1a:d0:c7:3f:46:0c:6e:fb:24:ce:6e:3a:8b:ce:fc:
c9:df:90:cf:3c:fb:03:d8:0a:22:3e:ea:24:c6:3c:ce:32:76:
42:31:88:a4:d7:5f:e3:fa:50:2c:38:2a:38:1b:ff:0c:21:9e:
48:e4:1e:39:d7:b1:da:74:c2:bf:e8:85:f1:c2:c3:d5:56:61:
0e:29:a2:fb:39:0b:58:69:26:74:30:ac:7c:dd:33:b9:f4:2e:
f5:56:84:08:07:35:b4:b4:f1:96:10:ec:07:d1:cc:a2:66:46:
83:4d:7f:e7:54:4e:85:8e:fb:6a:f2:32:31:73:be:69:b4:11:
5a:49:ba:51:4a:ae:9d:b1:b2:e2:a8:18:cd:2f:9e:9a:7b:53:
5a:24:3b:dd:94:63:53:3b:7f:22:f0:2f:f1:e7:b4:d4:8c:e6:
8e:f8:f6:ec:8b:de:b0:bf:1e:bf:42:66:e8:c1:47:0c:f8:e9:
84:33:5e:51:0d:73:19:29:5d:b8:a4:2b:8b:b0:e0:93:d4:68:
58:a5:82:49
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICFiAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MDUx
NDA5MjZaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEYzNjZCOEM2ODREQzcw
MTlFMTM0MjM3NUJDNERBNUU0Q0ZDRjQ3MTYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDNRlgDP5iDh8knUBadGS+TKU2gljqHURn6KLhXLW761iP6iFQS
PG7wfQhtkjbn67L1CsR1iqDzevuQdwMV8gfLXV39tvaALVdNn1tg8UMoONXHjr0x
rjpKojDqd87UwtOOlmVefB8giTffd3AJEsi95TLHYCF8jrmGyGah5vJCC39nTWg2
URnFYBOWjQ2MJVyszIfKgNdefE0E/gKMM0xuexFT9rF6bK5sMXaH/ilK7lOcF4g4
uIDGEqE8XnRpOEyOZXHYBS4DoRmpOn5OOKB9U0V/busBO6KQFFIeAqqZCBTfujeH
l6WbZzURw7J1IJzPIrCrUhDYVqCp27yHyPtLAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQU82a4xoTccBnhNCN1vE2l5M/PRxYwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni84MmE0eG9UY2NCbmhOQ04x
dkUybDVNX1BSeFkucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
fakwDQYJKoZIhvcNAQELBQADggEBAG6tBF6al5dzIZMQQZc4qAalnWS08qu2Zx7t
W62Fto1KOkNvtZfJ2TBCQU/W2xcsQG6sTwX0B2r7lBrQxz9GDG77JM5uOovO/Mnf
kM88+wPYCiI+6iTGPM4ydkIxiKTXX+P6UCw4Kjgb/wwhnkjkHjnXsdp0wr/ohfHC
w9VWYQ4povs5C1hpJnQwrHzdM7n0LvVWhAgHNbS08ZYQ7AfRzKJmRoNNf+dUToWO
+2ryMjFzvmm0EVpJulFKrp2xsuKoGM0vnpp7U1okO92UY1M7fyLwL/HntNSM5o74
9uyL3rC/Hr9CZujBRwz46YQzXlENcxkpXbikK4uw4JPUaFilgkk=
-----END CERTIFICATE-----
Generated at Sun Jul 20 22:33:37 2025 by rpki-client