Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/CJnzcTzILFxoigwC3o3hK8aSv4w.roa
File: CJnzcTzILFxoigwC3o3hK8aSv4w.roa (raw, json)
Hash identifier: nwy4yEds1i/ArmvtaVw2IY/tDTxMlcsjNHv+By4OX6o=
Subject key identifier: 08:99:F3:71:3C:C8:2C:5C:68:8A:0C:02:DE:8D:E1:2B:C6:92:BF:8C
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 223C
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/CJnzcTzILFxoigwC3o3hK8aSv4w.roa
Signing time: Sun 22 Jun 2025 05:11:51 +0000
ROA not before: Sun 22 Jun 2025 05:11:51 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 125.169.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8764 (0x223c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 22 05:11:51 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=0899F3713CC82C5C688A0C02DE8DE12BC692BF8C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fa:39:43:d1:08:97:d7:91:16:69:56:8a:0c:77:
6e:70:8d:1f:20:1d:04:ea:34:8d:85:7d:6a:9f:08:
76:71:a9:5b:83:c8:72:ec:97:3a:44:47:86:82:cd:
57:0c:30:70:c2:fb:50:18:f2:32:99:c4:c5:34:34:
a5:02:f3:a9:ba:f9:9b:57:cf:b0:f8:76:f0:ae:53:
14:90:b3:2f:ae:23:ea:74:31:0a:70:2e:40:f5:b8:
cd:0f:19:58:40:4e:c4:38:8a:2f:31:49:cb:e5:e7:
ab:15:24:82:51:f4:32:98:ad:22:4e:61:7d:65:a3:
bf:66:23:e8:c9:e3:b2:ab:ba:df:9f:2c:47:ae:6a:
3a:56:ec:ba:f0:dc:b4:7e:5c:90:df:05:33:23:f6:
96:df:4c:e7:ce:d4:3d:72:ad:e9:23:53:cd:71:bc:
6c:ed:4f:4b:14:f3:04:01:18:9f:f8:28:df:7d:22:
ce:06:5b:05:91:a6:e7:3d:40:25:a2:30:8e:c5:1f:
6a:26:56:eb:bb:f5:43:e7:0f:2f:74:a0:db:c4:cc:
9e:73:a7:0f:04:aa:9c:56:b1:2f:bc:d6:01:34:69:
3b:04:c4:d6:e2:dd:d6:e8:a7:b8:35:ee:09:7b:ff:
db:65:5d:08:34:b1:20:dd:cc:4c:9d:7f:46:2f:ef:
84:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:99:F3:71:3C:C8:2C:5C:68:8A:0C:02:DE:8D:E1:2B:C6:92:BF:8C
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/CJnzcTzILFxoigwC3o3hK8aSv4w.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
125.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
07:b4:77:fb:85:81:b6:c1:77:e5:90:7d:b7:fd:0c:e8:37:18:
66:ea:4f:1b:b6:45:9e:8e:27:ee:34:90:df:1b:91:47:7b:f7:
6c:86:c3:c7:7a:01:36:e3:62:0b:a9:e1:a3:2c:38:47:2a:85:
08:84:28:87:1b:9b:63:9e:99:63:89:26:20:32:60:84:5e:55:
40:3b:e9:4d:ee:db:71:61:1f:81:65:b1:77:b6:a2:0b:7c:fa:
a6:36:da:15:8f:9c:bc:74:10:ab:2a:9b:ab:95:24:5f:32:bf:
9c:5f:57:28:d9:28:d1:26:24:dc:a9:1e:de:c1:a9:c6:c4:d0:
c7:d0:db:a6:25:4d:6a:7b:c0:dd:c3:9a:61:1a:6d:89:3b:e6:
4c:fb:4a:86:6f:fd:c2:23:6b:28:8e:73:fa:94:d2:6c:8d:45:
50:c9:fa:db:41:e5:a8:68:f1:85:c3:17:aa:f8:85:5f:a6:f9:
fb:10:ca:3e:7f:97:52:9b:67:50:a1:44:bc:de:d2:3f:e4:9e:
60:4a:36:af:02:b7:c5:5f:ac:47:52:e4:58:aa:f8:56:14:c4:
25:05:65:ea:4e:be:8b:f8:16:5c:f8:24:e5:e5:34:78:07:24:
a3:1b:5c:d4:77:0d:76:40:c9:22:18:6d:2b:ed:3e:71:aa:ca:
b7:82:92:48
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICIjwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MjIw
NTExNTFaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDA4OTlGMzcxM0NDODJD
NUM2ODhBMEMwMkRFOERFMTJCQzY5MkJGOEMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQD6OUPRCJfXkRZpVooMd25wjR8gHQTqNI2FfWqfCHZxqVuDyHLs
lzpER4aCzVcMMHDC+1AY8jKZxMU0NKUC86m6+ZtXz7D4dvCuUxSQsy+uI+p0MQpw
LkD1uM0PGVhATsQ4ii8xScvl56sVJIJR9DKYrSJOYX1lo79mI+jJ47Krut+fLEeu
ajpW7Lrw3LR+XJDfBTMj9pbfTOfO1D1yrekjU81xvGztT0sU8wQBGJ/4KN99Is4G
WwWRpuc9QCWiMI7FH2omVuu79UPnDy90oNvEzJ5zpw8EqpxWsS+81gE0aTsExNbi
3dbop7g17gl7/9tlXQg0sSDdzEydf0Yv74RTAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUCJnzcTzILFxoigwC3o3hK8aSv4wwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9DSm56Y1R6SUxGeG9pZ3dD
M28zaEs4YVN2NHcucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
fakwDQYJKoZIhvcNAQELBQADggEBAAe0d/uFgbbBd+WQfbf9DOg3GGbqTxu2RZ6O
J+40kN8bkUd792yGw8d6ATbjYgup4aMsOEcqhQiEKIcbm2OemWOJJiAyYIReVUA7
6U3u23FhH4FlsXe2ogt8+qY22hWPnLx0EKsqm6uVJF8yv5xfVyjZKNEmJNypHt7B
qcbE0MfQ26YlTWp7wN3DmmEabYk75kz7SoZv/cIjayiOc/qU0myNRVDJ+ttB5aho
8YXDF6r4hV+m+fsQyj5/l1KbZ1ChRLze0j/knmBKNq8Ct8VfrEdS5Fiq+FYUxCUF
ZepOvov4Flz4JOXlNHgHJKMbXNR3DXZAySIYbSvtPnGqyreCkkg=
-----END CERTIFICATE-----
Generated at Mon Jul 21 03:03:42 2025 by rpki-client