Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/A5V04FYNQMl7f2bl9AP3y38L8_4.roa
File: A5V04FYNQMl7f2bl9AP3y38L8_4.roa (raw, json)
Hash identifier: D+8nbQhpOh1C8AgBtpUivBcrkZHjkN3KJQ0BNv6U+pg=
Subject key identifier: 03:95:74:E0:56:0D:40:C9:7B:7F:66:E5:F4:03:F7:CB:7F:0B:F3:FE
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 1BB0
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/A5V04FYNQMl7f2bl9AP3y38L8_4.roa
Signing time: Fri 13 Jun 2025 00:09:51 +0000
ROA not before: Fri 13 Jun 2025 00:09:51 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 125.169.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7088 (0x1bb0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 13 00:09:51 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=039574E0560D40C97B7F66E5F403F7CB7F0BF3FE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f4:7d:29:5b:7f:66:d5:08:66:79:21:ad:e8:64:
6f:48:da:6b:41:66:d3:80:95:47:94:c1:7e:6d:14:
de:31:8e:56:19:77:ab:44:9e:1b:e2:51:6c:15:92:
bf:45:c3:11:2a:87:b9:78:95:8b:06:30:23:e5:56:
17:43:d2:c8:a7:8b:7b:61:6a:ed:17:5a:68:69:c3:
84:8d:a7:ef:02:1e:0d:4c:5f:54:74:13:9f:d7:55:
b3:8e:4c:97:e3:ff:67:bd:ed:99:ca:b8:73:ab:6c:
dc:7a:47:d9:87:cc:da:07:ba:e7:ee:c4:8b:24:81:
84:a5:ee:a0:38:3a:2d:df:c2:fc:21:73:64:b0:ec:
20:74:e4:c0:44:a6:ef:ec:cb:bd:97:d7:7d:02:3b:
7e:44:b8:6a:86:36:07:f3:95:60:15:68:7d:7a:d8:
36:54:74:11:4c:4c:24:73:f2:29:81:d0:29:63:5c:
4f:41:11:d9:eb:d5:04:40:87:1d:eb:00:78:8a:0b:
8b:ad:a7:0a:30:ad:d3:20:2b:5d:8a:fb:32:fb:ef:
56:42:8b:31:16:42:5f:e2:74:0a:1c:bd:2c:05:64:
03:72:b6:d0:24:dd:60:34:7d:54:c4:51:04:3b:99:
79:d3:f1:0b:06:c6:a3:61:13:33:13:c7:dc:5b:b6:
a2:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:95:74:E0:56:0D:40:C9:7B:7F:66:E5:F4:03:F7:CB:7F:0B:F3:FE
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/A5V04FYNQMl7f2bl9AP3y38L8_4.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
125.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
4c:a9:26:ee:79:6f:d0:dd:bd:1a:60:21:f3:c6:e2:b7:46:43:
fe:53:2a:0b:99:f9:db:4a:d0:ee:1e:62:cd:bd:94:a8:f3:10:
93:36:9d:b6:29:2f:ee:c7:2b:03:cf:b7:c7:a4:d9:0a:2e:21:
6d:d9:a3:91:95:32:d3:ca:10:32:21:3d:ba:48:8a:69:08:0d:
6b:6a:10:5d:4a:35:8a:49:4f:4d:a3:5b:cf:87:4c:99:96:f4:
04:20:26:57:46:42:60:d2:f4:28:50:aa:bb:a7:71:5a:80:a5:
40:27:17:e5:ff:7a:05:1e:1a:c4:60:27:6a:4d:e0:8e:82:33:
76:98:1e:a6:5b:cf:21:9e:5d:50:b2:0a:6f:b4:13:30:f3:89:
14:cc:f1:72:92:0e:26:9a:0b:77:78:aa:db:30:bc:e0:f0:06:
9e:14:dd:4d:49:71:50:f4:f6:79:22:29:63:a8:0d:fd:c1:b5:
78:bd:ee:1e:53:43:d9:6b:7d:a5:d7:e8:dc:6f:58:1d:0c:a2:
d9:5e:f7:f2:ec:85:5a:be:8c:f8:6d:c5:ba:2b:ba:0e:e1:c2:
40:31:19:76:45:41:81:67:11:95:ef:ad:c2:f5:a8:4e:cb:ef:
c2:aa:60:ab:2c:2a:4a:1e:ec:76:b2:da:25:79:de:0c:22:ca:
fd:34:f8:b5
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICG7AwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MTMw
MDA5NTFaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDAzOTU3NEUwNTYwRDQw
Qzk3QjdGNjZFNUY0MDNGN0NCN0YwQkYzRkUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQD0fSlbf2bVCGZ5Ia3oZG9I2mtBZtOAlUeUwX5tFN4xjlYZd6tE
nhviUWwVkr9FwxEqh7l4lYsGMCPlVhdD0sini3thau0XWmhpw4SNp+8CHg1MX1R0
E5/XVbOOTJfj/2e97ZnKuHOrbNx6R9mHzNoHuufuxIskgYSl7qA4Oi3fwvwhc2Sw
7CB05MBEpu/sy72X130CO35EuGqGNgfzlWAVaH162DZUdBFMTCRz8imB0CljXE9B
Ednr1QRAhx3rAHiKC4utpwowrdMgK12K+zL771ZCizEWQl/idAocvSwFZANyttAk
3WA0fVTEUQQ7mXnT8QsGxqNhEzMTx9xbtqIjAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUA5V04FYNQMl7f2bl9AP3y38L8/4wHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9BNVYwNEZZTlFNbDdmMmJs
OUFQM3kzOEw4XzQucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
fakwDQYJKoZIhvcNAQELBQADggEBAEypJu55b9DdvRpgIfPG4rdGQ/5TKguZ+dtK
0O4eYs29lKjzEJM2nbYpL+7HKwPPt8ek2QouIW3Zo5GVMtPKEDIhPbpIimkIDWtq
EF1KNYpJT02jW8+HTJmW9AQgJldGQmDS9ChQqruncVqApUAnF+X/egUeGsRgJ2pN
4I6CM3aYHqZbzyGeXVCyCm+0EzDziRTM8XKSDiaaC3d4qtswvODwBp4U3U1JcVD0
9nkiKWOoDf3BtXi97h5TQ9lrfaXX6NxvWB0Motle9/LshVq+jPhtxborug7hwkAx
GXZFQYFnEZXvrcL1qE7L78KqYKssKkoe7Hay2iV53gwiyv00+LU=
-----END CERTIFICATE-----
Generated at Sun Jul 20 19:06:55 2025 by rpki-client