Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/8SP4EuU7Bjs6tyuGmmiqRFPbM94.roa
File: 8SP4EuU7Bjs6tyuGmmiqRFPbM94.roa (raw, json)
Hash identifier: eAfLNZgguPoN0Hbk9XuWW68MJ/I/JnFZOBsvoISEu90=
Subject key identifier: F1:23:F8:12:E5:3B:06:3B:3A:B7:2B:86:9A:68:AA:44:53:DB:33:DE
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 07D4
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/8SP4EuU7Bjs6tyuGmmiqRFPbM94.roa
Signing time: Sat 17 May 2025 12:38:38 +0000
ROA not before: Sat 17 May 2025 12:38:38 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 125.169.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2004 (0x7d4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 17 12:38:38 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=F123F812E53B063B3AB72B869A68AA4453DB33DE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:7f:5c:95:46:e2:0b:af:cc:78:2d:a1:ce:26:
eb:39:64:42:7a:d4:ff:b0:20:b6:e1:44:23:24:2a:
65:61:cb:47:d2:6c:16:92:71:9b:b4:29:9b:56:d2:
7b:b0:64:52:1c:6e:4f:51:61:eb:2e:65:52:b3:ac:
25:4c:17:a2:5f:75:17:e9:0a:b3:4d:a9:e0:ee:ac:
a7:c1:92:97:74:e9:32:a6:30:d3:84:b2:3d:04:04:
fc:f8:96:5e:c0:1a:23:06:99:90:e8:a9:db:b9:53:
bc:d3:89:b9:5d:53:22:d1:21:67:c0:46:d0:35:24:
86:56:38:6a:ff:92:f6:12:e7:8e:f8:7d:c3:3c:81:
f9:dd:ad:d7:7f:8f:de:6d:6d:81:dc:e5:45:24:9b:
1b:ab:a6:58:11:87:73:81:e6:da:16:78:b7:13:c1:
66:39:56:66:42:18:80:40:07:b3:5a:e9:3e:70:75:
f7:fa:52:23:ec:50:90:e8:24:2b:35:eb:1c:6f:02:
b4:0f:9b:8d:ac:de:3e:cf:d0:49:91:b1:68:13:76:
2a:19:f4:3f:d5:eb:a8:9e:b8:2c:08:f2:35:68:c7:
d4:aa:ff:49:f7:30:42:ae:66:19:f7:c4:66:09:84:
d1:6a:fa:f5:c3:13:87:d4:c5:21:e1:57:d2:79:06:
63:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:23:F8:12:E5:3B:06:3B:3A:B7:2B:86:9A:68:AA:44:53:DB:33:DE
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/8SP4EuU7Bjs6tyuGmmiqRFPbM94.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
125.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
9d:27:3b:32:fa:59:d5:d5:7c:02:33:83:5b:c2:1d:10:a6:e3:
04:1e:84:0a:99:ce:a3:8c:54:1d:f8:d2:33:40:3e:63:73:a8:
d6:05:96:29:46:23:e3:36:15:06:6e:20:13:d4:e1:a7:a7:c4:
8a:05:65:6f:83:7f:eb:87:ae:29:ba:d4:a1:44:b0:f2:2a:f8:
05:f2:c0:62:df:92:68:4b:17:74:ff:73:8b:f0:9c:95:e6:86:
d4:0a:37:4c:32:fa:f6:5b:46:bb:fb:a5:5a:b6:13:7b:c2:30:
04:8f:e8:a8:84:41:50:fe:16:a3:a3:03:c9:69:e3:bf:01:75:
3c:bf:4d:2b:86:45:54:b8:8b:55:c6:71:93:c3:65:5d:65:b0:
3a:78:ae:d0:30:92:fb:21:21:d4:7f:1f:7b:c7:75:f4:a1:3d:
b2:15:02:6e:2a:cb:2e:f4:7d:de:34:ec:1f:70:d9:85:00:c2:
5f:b9:c4:26:a9:cd:a1:99:c6:dd:f0:28:6e:2c:42:c4:17:a1:
9b:f3:c5:02:7d:a2:6d:ef:8d:92:bc:67:2f:41:f4:b0:31:bb:
88:eb:3c:ee:b9:00:3f:d3:a6:f9:89:50:9f:11:79:51:7b:87:
ae:a5:4d:99:37:74:12:0b:01:4f:20:a9:e3:78:55:61:a5:ef:
6c:9f:f5:96
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICB9QwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTcx
MjM4MzhaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEYxMjNGODEyRTUzQjA2
M0IzQUI3MkI4NjlBNjhBQTQ0NTNEQjMzREUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDhf1yVRuILr8x4LaHOJus5ZEJ61P+wILbhRCMkKmVhy0fSbBaS
cZu0KZtW0nuwZFIcbk9RYesuZVKzrCVMF6JfdRfpCrNNqeDurKfBkpd06TKmMNOE
sj0EBPz4ll7AGiMGmZDoqdu5U7zTibldUyLRIWfARtA1JIZWOGr/kvYS5474fcM8
gfndrdd/j95tbYHc5UUkmxurplgRh3OB5toWeLcTwWY5VmZCGIBAB7Na6T5wdff6
UiPsUJDoJCs16xxvArQPm42s3j7P0EmRsWgTdioZ9D/V66ieuCwI8jVox9Sq/0n3
MEKuZhn3xGYJhNFq+vXDE4fUxSHhV9J5BmNnAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQU8SP4EuU7Bjs6tyuGmmiqRFPbM94wHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni84U1A0RXVVN0JqczZ0eXVH
bW1pcVJGUGJNOTQucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
fakwDQYJKoZIhvcNAQELBQADggEBAJ0nOzL6WdXVfAIzg1vCHRCm4wQehAqZzqOM
VB340jNAPmNzqNYFlilGI+M2FQZuIBPU4aenxIoFZW+Df+uHrim61KFEsPIq+AXy
wGLfkmhLF3T/c4vwnJXmhtQKN0wy+vZbRrv7pVq2E3vCMASP6KiEQVD+FqOjA8lp
478BdTy/TSuGRVS4i1XGcZPDZV1lsDp4rtAwkvshIdR/H3vHdfShPbIVAm4qyy70
fd407B9w2YUAwl+5xCapzaGZxt3wKG4sQsQXoZvzxQJ9om3vjZK8Zy9B9LAxu4jr
PO65AD/TpvmJUJ8ReVF7h66lTZk3dBILAU8gqeN4VWGl72yf9ZY=
-----END CERTIFICATE-----
Generated at Wed Jun 4 01:12:03 2025 by rpki-client