Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/ZiugLsP00jl0xgzZlBz26Th0Shk.roa
File: ZiugLsP00jl0xgzZlBz26Th0Shk.roa (raw, json)
Hash identifier: BF5o94EjC4p1wJFuZ1Sgp26Ul393l5GRJTUufTgdeyc=
Subject key identifier: 66:2B:A0:2E:C3:F4:D2:39:74:C6:0C:D9:94:1C:F6:E9:38:74:4A:19
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0288
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/ZiugLsP00jl0xgzZlBz26Th0Shk.roa
Signing time: Sat 10 May 2025 11:07:51 +0000
ROA not before: Sat 10 May 2025 11:07:51 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 125.169.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 648 (0x288)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 10 11:07:51 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=662BA02EC3F4D23974C60CD9941CF6E938744A19
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:44:6a:e0:e7:46:b3:1d:0c:0e:a6:d3:59:14:
b6:b8:07:1c:20:0d:e2:62:4c:14:92:be:f2:ef:4e:
99:3f:97:5a:40:0e:a5:7d:50:f4:23:36:c1:24:19:
22:77:04:ea:ea:8f:11:9e:49:3f:54:1c:2a:17:de:
c0:84:39:94:81:91:0a:76:62:2f:10:be:cc:9e:54:
ea:cc:28:d4:b7:ef:92:68:e3:20:a9:ab:10:24:5c:
ca:d5:3f:1b:55:e7:67:18:d2:fd:21:1d:05:12:95:
fa:dd:2a:dd:e1:30:fb:19:b6:6f:a5:11:cd:e5:06:
f8:a9:39:33:65:21:05:26:2c:88:fa:60:ba:2b:bf:
a8:bf:f3:2a:72:3f:34:98:18:58:60:9c:5c:c2:f0:
3b:a6:07:d4:de:b2:45:32:2c:b1:03:72:c8:9e:0d:
1b:2e:79:61:e8:e4:85:1c:7c:63:bb:f6:a2:9c:9e:
13:4d:2f:ad:51:5f:ca:2c:e8:8b:d4:82:0c:cc:5e:
e6:02:a6:f9:32:54:13:6c:4b:2d:12:43:40:5e:1c:
bb:43:f8:33:54:f0:e4:41:31:b2:b3:82:ac:9c:89:
c5:fb:83:fb:22:76:6a:ba:27:a1:09:16:72:49:b6:
ce:8e:c5:78:9b:a2:0b:3b:c3:66:27:f3:fb:15:6c:
e2:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:2B:A0:2E:C3:F4:D2:39:74:C6:0C:D9:94:1C:F6:E9:38:74:4A:19
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/ZiugLsP00jl0xgzZlBz26Th0Shk.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
125.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
20:09:cf:d8:f8:c8:0d:d9:23:95:15:78:e3:e5:ae:e6:00:65:
d3:08:a4:11:01:24:10:60:f0:59:af:80:83:6c:8d:16:2e:35:
4e:92:d6:8c:e7:b4:3c:8a:13:94:9e:75:81:6e:6f:c8:06:ce:
f1:43:05:9c:ad:3b:37:8c:fe:5e:97:11:1b:be:69:5a:d1:2a:
d2:54:32:ce:08:3e:41:52:cd:53:df:36:f6:e1:f3:db:00:ae:
d5:dc:ab:f0:46:85:a9:0e:79:f4:17:1b:97:75:72:37:92:8e:
0e:f9:ab:56:41:03:40:6e:ff:d8:72:45:62:ba:74:cb:d1:3d:
a3:bb:43:f0:fb:d7:a1:1e:63:d7:12:85:8a:f8:37:6b:72:70:
36:06:47:c2:18:1d:1e:ed:0b:80:af:dd:b6:46:7a:8c:7e:70:
82:42:6e:60:6e:2c:b2:91:81:e6:02:a5:dd:72:d2:5e:b5:66:
c6:67:ad:00:7d:a5:51:7a:7d:24:35:66:b6:7c:bd:b1:cd:d4:
5e:02:6b:57:ed:e8:d3:3a:35:1e:37:9b:59:96:b3:d0:da:a4:
3a:ae:b0:1e:42:80:68:52:b5:c3:9a:89:31:f4:08:12:19:be:
68:81:0f:56:a6:c0:97:e0:d4:af:02:04:1c:30:ac:80:53:f1:
d8:02:92:b2
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICAogwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTAx
MTA3NTFaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDY2MkJBMDJFQzNGNEQy
Mzk3NEM2MENEOTk0MUNGNkU5Mzg3NDRBMTkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCvRGrg50azHQwOptNZFLa4BxwgDeJiTBSSvvLvTpk/l1pADqV9
UPQjNsEkGSJ3BOrqjxGeST9UHCoX3sCEOZSBkQp2Yi8QvsyeVOrMKNS375Jo4yCp
qxAkXMrVPxtV52cY0v0hHQUSlfrdKt3hMPsZtm+lEc3lBvipOTNlIQUmLIj6YLor
v6i/8ypyPzSYGFhgnFzC8DumB9TeskUyLLEDcsieDRsueWHo5IUcfGO79qKcnhNN
L61RX8os6IvUggzMXuYCpvkyVBNsSy0SQ0BeHLtD+DNU8ORBMbKzgqycicX7g/si
dmq6J6EJFnJJts6OxXibogs7w2Yn8/sVbOJLAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUZiugLsP00jl0xgzZlBz26Th0ShkwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9aaXVnTHNQMDBqbDB4Z3pa
bEJ6MjZUaDBTaGsucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
fakwDQYJKoZIhvcNAQELBQADggEBACAJz9j4yA3ZI5UVeOPlruYAZdMIpBEBJBBg
8FmvgINsjRYuNU6S1ozntDyKE5SedYFub8gGzvFDBZytOzeM/l6XERu+aVrRKtJU
Ms4IPkFSzVPfNvbh89sArtXcq/BGhakOefQXG5d1cjeSjg75q1ZBA0Bu/9hyRWK6
dMvRPaO7Q/D716EeY9cShYr4N2tycDYGR8IYHR7tC4Cv3bZGeox+cIJCbmBuLLKR
geYCpd1y0l61ZsZnrQB9pVF6fSQ1ZrZ8vbHN1F4Ca1ft6NM6NR43m1mWs9DapDqu
sB5CgGhStcOaiTH0CBIZvmiBD1amwJfg1K8CBBwwrIBT8dgCkrI=
-----END CERTIFICATE-----
Generated at Thu Jun 5 20:32:00 2025 by rpki-client