Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/dZIMHZN_OV8nmVpkImewspYttGA.roa
File: dZIMHZN_OV8nmVpkImewspYttGA.roa (raw, json)
Hash identifier: UMaHosziGGn4fEfNOKAKobfs9jAvNm6M4djScBSi+lk=
Subject key identifier: 75:92:0C:1D:93:7F:39:5F:27:99:5A:64:22:67:B0:B2:96:2D:B4:60
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0344
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/dZIMHZN_OV8nmVpkImewspYttGA.roa
Signing time: Sun 11 May 2025 10:37:50 +0000
ROA not before: Sun 11 May 2025 10:37:50 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 125.169.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 836 (0x344)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 11 10:37:50 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=75920C1D937F395F27995A642267B0B2962DB460
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:bc:d8:d7:ac:44:13:97:cd:42:c6:14:0b:ea:
ca:4b:88:17:2c:ce:1d:3b:13:3f:29:81:9a:d5:ee:
52:d9:be:bf:0a:f6:d4:b7:27:d3:70:e0:21:dc:12:
25:fd:17:7b:57:76:ff:58:ae:5d:bf:21:62:85:3a:
4c:36:1e:38:c3:a3:4c:0e:29:1f:f4:97:ca:8f:d5:
7a:ee:38:e3:fd:36:63:9b:26:6a:47:16:9b:e4:fe:
a4:3d:44:f4:7d:f7:f3:03:75:e1:87:61:3d:f2:bd:
ad:b9:ee:b5:a1:ec:5b:c3:1d:42:73:bb:c5:7b:7c:
b1:d6:e2:b7:29:7a:a7:15:af:6c:f3:6d:f0:16:09:
ae:fb:86:3d:40:26:f3:d9:06:22:e1:4f:ff:1c:dd:
f9:ec:0d:c0:15:4f:93:66:49:b3:b5:3a:ec:4b:96:
76:00:ff:41:83:24:b8:34:4e:fd:0b:6a:06:e4:be:
31:f5:f7:27:25:fd:9b:7d:d5:bd:9b:c0:89:9f:4c:
c5:8a:f2:f3:57:ab:74:29:99:b1:6c:46:96:a8:58:
e6:1e:b6:fd:eb:ca:61:c2:42:43:d2:1f:a5:45:2b:
c6:16:e4:cd:02:26:a3:4e:29:e7:85:54:d7:a8:9d:
fb:49:dc:c0:33:25:f5:e5:dd:62:b4:cb:98:54:6c:
54:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:92:0C:1D:93:7F:39:5F:27:99:5A:64:22:67:B0:B2:96:2D:B4:60
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/dZIMHZN_OV8nmVpkImewspYttGA.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
125.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
74:b2:97:ba:6b:17:69:dc:03:c0:e7:69:bd:01:7b:12:7c:7b:
3d:c8:d1:a7:65:2a:69:e1:95:38:9c:4b:c3:01:ce:82:52:c2:
51:1b:5a:62:e9:60:ae:a7:70:a9:1d:42:03:4b:5f:3d:86:45:
a0:ed:37:ca:63:94:9b:b8:14:e7:12:b2:d6:38:d9:5f:c5:3a:
41:d9:9d:a1:f3:d1:f7:2b:84:d4:68:3e:ca:0f:f5:a8:a3:f4:
c3:b8:e6:e7:07:ad:5c:b3:e9:4c:e7:8d:57:7e:01:5f:15:c0:
a9:29:0c:5c:0a:2f:56:35:ee:54:0f:2f:f3:74:7e:be:e0:59:
90:48:f2:98:a8:31:13:6d:6b:a4:10:57:33:00:d8:c2:29:ce:
6f:4e:46:28:ec:3b:d7:5d:b6:5e:8c:d2:f8:bf:1f:ad:b5:ae:
75:99:55:a7:37:71:1f:81:14:88:b0:91:03:2a:71:c1:2f:18:
61:21:64:5f:c1:0b:f4:89:e4:20:10:38:0a:28:63:74:22:15:
eb:ce:ac:85:9c:d9:7a:0f:75:30:c8:b0:a1:fb:13:93:3b:fc:
16:7a:da:db:b3:a2:00:e9:19:32:76:84:47:dc:75:e6:88:f9:
49:02:83:1f:d3:e1:7d:2f:1e:84:99:fc:bc:d5:dd:3f:c0:f5:
67:b8:41:0c
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICA0QwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTEx
MDM3NTBaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDc1OTIwQzFEOTM3RjM5
NUYyNzk5NUE2NDIyNjdCMEIyOTYyREI0NjAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDSvNjXrEQTl81CxhQL6spLiBcszh07Ez8pgZrV7lLZvr8K9tS3
J9Nw4CHcEiX9F3tXdv9Yrl2/IWKFOkw2HjjDo0wOKR/0l8qP1XruOOP9NmObJmpH
Fpvk/qQ9RPR99/MDdeGHYT3yva257rWh7FvDHUJzu8V7fLHW4rcpeqcVr2zzbfAW
Ca77hj1AJvPZBiLhT/8c3fnsDcAVT5NmSbO1OuxLlnYA/0GDJLg0Tv0LagbkvjH1
9ycl/Zt91b2bwImfTMWK8vNXq3QpmbFsRpaoWOYetv3rymHCQkPSH6VFK8YW5M0C
JqNOKeeFVNeonftJ3MAzJfXl3WK0y5hUbFRVAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUdZIMHZN/OV8nmVpkImewspYttGAwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9kWklNSFpOX09WOG5tVnBr
SW1ld3NwWXR0R0Eucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
fakwDQYJKoZIhvcNAQELBQADggEBAHSyl7prF2ncA8Dnab0BexJ8ez3I0adlKmnh
lTicS8MBzoJSwlEbWmLpYK6ncKkdQgNLXz2GRaDtN8pjlJu4FOcSstY42V/FOkHZ
naHz0fcrhNRoPsoP9aij9MO45ucHrVyz6UznjVd+AV8VwKkpDFwKL1Y17lQPL/N0
fr7gWZBI8pioMRNta6QQVzMA2MIpzm9ORijsO9ddtl6M0vi/H621rnWZVac3cR+B
FIiwkQMqccEvGGEhZF/BC/SJ5CAQOAooY3QiFevOrIWc2XoPdTDIsKH7E5M7/BZ6
2tuzogDpGTJ2hEfcdeaI+UkCgx/T4X0vHoSZ/LzV3T/A9We4QQw=
-----END CERTIFICATE-----
Generated at Wed Jun 4 01:14:33 2025 by rpki-client