Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/cDj30VQSusig3ta-iq0Mj43yPJI.roa
File: cDj30VQSusig3ta-iq0Mj43yPJI.roa (raw, json)
Hash identifier: FHvRp5NO9rzkRy4vJYhNaR8Q5QttxtHyz9Qa+vr9uVU=
Subject key identifier: 70:38:F7:D1:54:12:BA:C8:A0:DE:D6:BE:8A:AD:0C:8F:8D:F2:3C:92
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 20C0
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/cDj30VQSusig3ta-iq0Mj43yPJI.roa
Signing time: Fri 20 Jun 2025 04:39:50 +0000
ROA not before: Fri 20 Jun 2025 04:39:50 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 125.169.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8384 (0x20c0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 20 04:39:50 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=7038F7D15412BAC8A0DED6BE8AAD0C8F8DF23C92
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:f8:77:0c:8f:fa:09:eb:e1:0d:1f:d5:c8:a3:
64:93:cb:4a:21:7d:98:ad:3f:db:c1:62:a3:cb:01:
0b:b6:a4:22:29:f6:27:26:98:c8:bd:38:44:db:28:
99:08:8b:bf:f2:4c:8e:04:44:65:b9:3d:37:9c:8b:
dd:90:37:c7:4a:40:6e:71:fd:73:a4:59:3f:28:c6:
6e:cd:19:c9:fe:55:fe:d6:2b:fe:09:c1:52:24:a3:
a3:0e:34:5d:48:b1:52:69:00:dc:fd:0e:04:9b:df:
95:b8:f4:b3:61:21:9e:86:bd:a2:e4:03:d9:25:f6:
b7:cd:8a:b4:e0:66:e4:d3:ba:a6:d1:e6:98:c9:88:
7e:22:3b:5b:f1:e9:f7:37:63:22:b1:b6:81:38:10:
5b:ee:a7:a6:86:cf:d7:fc:9f:f0:ed:7f:0a:a2:f5:
02:19:5a:0b:00:b1:80:2a:f4:af:45:98:22:55:5c:
6a:3b:3e:b9:8d:3c:70:7d:1a:46:77:3e:cb:eb:f6:
a4:83:0a:9f:e3:b8:a8:8b:1e:af:57:2c:ef:fa:4c:
61:61:24:41:8a:49:1b:7d:10:68:53:f5:dd:ca:a8:
cf:91:bb:31:50:d2:ec:4b:2f:2d:fe:1e:77:3b:4c:
6d:41:0a:8d:63:4e:57:93:78:e1:d3:c8:c9:39:18:
26:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:38:F7:D1:54:12:BA:C8:A0:DE:D6:BE:8A:AD:0C:8F:8D:F2:3C:92
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/cDj30VQSusig3ta-iq0Mj43yPJI.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
125.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
9f:9a:e6:58:11:8a:45:15:27:16:2a:53:6e:0a:27:20:6b:e0:
af:c3:ab:06:04:95:e3:99:2d:63:f4:f0:f7:89:16:fc:11:2a:
f0:89:e0:cd:b1:5a:83:9c:6a:7f:8e:97:b3:9b:ed:b4:b9:90:
f6:e4:4d:c9:48:90:46:c9:36:c6:78:a4:97:0d:3e:e3:e7:2c:
87:07:5b:37:90:eb:2e:28:b7:11:bb:f2:b5:71:e3:fa:18:c5:
91:0c:a4:84:a4:e5:bf:e1:62:41:94:de:8f:da:81:fe:f7:e5:
a7:ea:49:7c:63:bd:d7:74:68:bd:9a:b5:57:fc:bf:d8:9c:24:
02:fe:46:97:d7:c8:e6:bf:4d:b8:c8:ab:88:ff:56:5f:1b:b4:
b0:c9:d8:e6:02:25:4d:73:4b:f8:cc:c0:86:80:70:c6:8d:4d:
82:02:89:d3:38:9a:60:90:28:5e:d5:e0:11:67:43:c2:c9:33:
e6:54:d6:8e:c4:23:da:da:dd:0d:cb:2a:88:c7:a8:de:a3:18:
8e:c2:f8:e3:c6:d1:c1:21:1b:08:d1:bb:81:25:33:dc:c7:d2:
ca:5b:88:e5:eb:67:b2:4f:43:e4:c3:93:5d:3f:e1:c1:e3:f0:
5d:8c:54:c9:83:4a:79:62:83:53:e5:0a:27:29:19:75:51:b5:
40:23:73:07
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICIMAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MjAw
NDM5NTBaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDcwMzhGN0QxNTQxMkJB
QzhBMERFRDZCRThBQUQwQzhGOERGMjNDOTIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDA+HcMj/oJ6+ENH9XIo2STy0ohfZitP9vBYqPLAQu2pCIp9icm
mMi9OETbKJkIi7/yTI4ERGW5PTeci92QN8dKQG5x/XOkWT8oxm7NGcn+Vf7WK/4J
wVIko6MONF1IsVJpANz9DgSb35W49LNhIZ6GvaLkA9kl9rfNirTgZuTTuqbR5pjJ
iH4iO1vx6fc3YyKxtoE4EFvup6aGz9f8n/Dtfwqi9QIZWgsAsYAq9K9FmCJVXGo7
PrmNPHB9GkZ3Psvr9qSDCp/juKiLHq9XLO/6TGFhJEGKSRt9EGhT9d3KqM+RuzFQ
0uxLLy3+Hnc7TG1BCo1jTleTeOHTyMk5GCatAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUcDj30VQSusig3ta+iq0Mj43yPJIwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9jRGozMFZRU3VzaWczdGEt
aXEwTWo0M3lQSkkucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
fakwDQYJKoZIhvcNAQELBQADggEBAJ+a5lgRikUVJxYqU24KJyBr4K/DqwYEleOZ
LWP08PeJFvwRKvCJ4M2xWoOcan+Ol7Ob7bS5kPbkTclIkEbJNsZ4pJcNPuPnLIcH
WzeQ6y4otxG78rVx4/oYxZEMpISk5b/hYkGU3o/agf735afqSXxjvdd0aL2atVf8
v9icJAL+RpfXyOa/TbjIq4j/Vl8btLDJ2OYCJU1zS/jMwIaAcMaNTYICidM4mmCQ
KF7V4BFnQ8LJM+ZU1o7EI9ra3Q3LKojHqN6jGI7C+OPG0cEhGwjRu4ElM9zH0spb
iOXrZ7JPQ+TDk10/4cHj8F2MVMmDSnlig1PlCicpGXVRtUAjcwc=
-----END CERTIFICATE-----
Generated at Sun Jul 20 12:45:18 2025 by rpki-client