Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/I7uC5ETu5UDDaY-022lM8UNLOG4.roa
File: I7uC5ETu5UDDaY-022lM8UNLOG4.roa (raw, json)
Hash identifier: oWQ0OqhrFQQXDR6HW9lMjZuchm55TVnCiLoF5XzkYqg=
Subject key identifier: 23:BB:82:E4:44:EE:E5:40:C3:69:8F:B4:DB:69:4C:F1:43:4B:38:6E
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 2244
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/I7uC5ETu5UDDaY-022lM8UNLOG4.roa
Signing time: Sun 22 Jun 2025 06:12:39 +0000
ROA not before: Sun 22 Jun 2025 06:12:39 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 125.169.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8772 (0x2244)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 22 06:12:39 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=23BB82E444EEE540C3698FB4DB694CF1434B386E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:8e:83:ca:18:df:a9:d1:69:b7:8d:3d:17:99:
67:45:12:f4:78:6b:6f:ee:de:15:a6:66:63:08:40:
7f:45:d6:3b:85:68:08:28:5d:a0:1f:2f:be:ce:63:
14:9a:80:d6:a6:48:5c:25:cb:d3:b1:ce:da:84:f6:
88:82:4d:e1:a1:9d:d2:28:35:be:31:13:08:e3:0b:
bf:2d:1e:ef:3a:0d:a8:c9:6b:44:15:b7:70:3e:c5:
f5:b9:2f:e3:3d:50:bc:4b:50:c9:94:4a:5c:66:0e:
43:79:5e:6c:79:b8:e4:fc:40:a7:1d:cb:9a:a3:3e:
04:10:4e:4a:bf:36:99:c3:bf:df:e1:e9:65:7e:51:
a5:57:22:a5:68:be:77:e5:c7:ba:e7:65:30:3a:94:
1c:dd:a9:20:b7:54:d1:54:0c:50:82:4c:7a:7e:96:
26:d4:79:a7:0a:95:57:13:fb:bc:e5:bc:76:0f:36:
51:2c:81:75:5e:8f:18:4c:b2:82:65:21:46:a3:af:
eb:bb:a6:15:c0:5f:f4:27:2f:cb:8e:3f:bb:9f:fe:
f2:cd:93:fc:3a:56:39:29:76:e3:5e:c8:3f:6c:f6:
f2:95:b1:96:21:ee:c7:8f:68:b3:cd:34:f5:36:92:
31:f9:fa:70:b4:83:17:c2:8a:ca:7d:0b:d9:68:53:
a0:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:BB:82:E4:44:EE:E5:40:C3:69:8F:B4:DB:69:4C:F1:43:4B:38:6E
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/I7uC5ETu5UDDaY-022lM8UNLOG4.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
125.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
99:96:b1:b5:a2:93:e0:ef:ca:d8:6d:ff:eb:75:d7:42:fa:b3:
6d:1a:15:b7:ed:6f:71:b0:a9:4d:67:9f:1d:12:cf:03:ba:84:
eb:88:fd:60:80:f1:87:29:fd:ed:d4:db:96:71:aa:e4:4f:41:
a7:e2:f3:1d:6c:5e:30:a0:97:77:69:a3:b3:fb:94:b5:67:f5:
b3:24:11:c6:b9:2c:47:a6:b6:06:47:69:7e:23:9d:40:f0:fe:
f6:44:43:9d:c3:1a:6c:08:35:13:da:ec:bf:b2:67:f9:45:1a:
5d:41:9a:21:47:99:a9:b0:8a:fb:0a:d4:f8:39:04:c7:51:f5:
71:02:0d:66:67:19:44:98:d3:bf:04:99:8b:d6:25:57:cf:56:
32:d8:28:4b:ae:58:f5:64:3c:1e:5c:32:b2:73:2e:cc:c4:be:
55:16:9b:79:0a:08:e0:11:3f:c8:c4:ba:84:da:f8:b7:b7:99:
0f:f7:be:08:90:ba:18:d2:84:3d:9f:b8:43:17:17:e0:60:0b:
17:a2:45:eb:7d:78:70:36:32:e4:bf:33:dc:c2:cd:b3:91:6a:
94:38:ee:a0:0e:43:8d:ce:91:99:15:29:ed:5d:9f:6d:71:9a:
82:ca:68:f4:56:31:3e:95:62:6a:0e:d2:37:1e:46:4d:96:ef:
7e:99:c8:39
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICIkQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MjIw
NjEyMzlaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDIzQkI4MkU0NDRFRUU1
NDBDMzY5OEZCNERCNjk0Q0YxNDM0QjM4NkUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC8joPKGN+p0Wm3jT0XmWdFEvR4a2/u3hWmZmMIQH9F1juFaAgo
XaAfL77OYxSagNamSFwly9OxztqE9oiCTeGhndIoNb4xEwjjC78tHu86DajJa0QV
t3A+xfW5L+M9ULxLUMmUSlxmDkN5Xmx5uOT8QKcdy5qjPgQQTkq/NpnDv9/h6WV+
UaVXIqVovnflx7rnZTA6lBzdqSC3VNFUDFCCTHp+libUeacKlVcT+7zlvHYPNlEs
gXVejxhMsoJlIUajr+u7phXAX/QnL8uOP7uf/vLNk/w6VjkpduNeyD9s9vKVsZYh
7sePaLPNNPU2kjH5+nC0gxfCisp9C9loU6AVAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUI7uC5ETu5UDDaY+022lM8UNLOG4wHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9JN3VDNUVUdTVVRERhWS0w
MjJsTThVTkxPRzQucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
fakwDQYJKoZIhvcNAQELBQADggEBAJmWsbWik+Dvytht/+t110L6s20aFbftb3Gw
qU1nnx0SzwO6hOuI/WCA8Ycp/e3U25ZxquRPQafi8x1sXjCgl3dpo7P7lLVn9bMk
Eca5LEemtgZHaX4jnUDw/vZEQ53DGmwINRPa7L+yZ/lFGl1BmiFHmamwivsK1Pg5
BMdR9XECDWZnGUSY078EmYvWJVfPVjLYKEuuWPVkPB5cMrJzLszEvlUWm3kKCOAR
P8jEuoTa+Le3mQ/3vgiQuhjShD2fuEMXF+BgCxeiRet9eHA2MuS/M9zCzbORapQ4
7qAOQ43OkZkVKe1dn21xmoLKaPRWMT6VYmoO0jceRk2W736ZyDk=
-----END CERTIFICATE-----
Generated at Sun Jul 20 19:07:05 2025 by rpki-client