
Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/doFfnngNzPyGnHvPuCUmNTIjSoY.roa
File: doFfnngNzPyGnHvPuCUmNTIjSoY.roa (raw, json)
Hash identifier: 11ckV7Bb64TUVhJh7NabfNqoKnuW9H+6YWUHbhTWziU=
Subject key identifier: 76:81:5F:9E:78:0D:CC:FC:86:9C:7B:CF:B8:25:26:35:32:23:4A:86
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 22CC
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/doFfnngNzPyGnHvPuCUmNTIjSoY.roa
Signing time: Sun 22 Jun 2025 23:11:57 +0000
ROA not before: Sun 22 Jun 2025 23:11:57 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 125.169.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8908 (0x22cc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 22 23:11:57 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=76815F9E780DCCFC869C7BCFB825263532234A86
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:e1:84:08:65:f2:7e:1e:1a:72:e9:5b:5e:5d:
b8:bd:67:ee:60:0c:9c:e9:12:d5:99:7e:13:96:08:
df:b7:6c:a4:66:ee:be:e7:5b:15:ec:1c:26:13:55:
d4:c9:88:c7:33:d1:8c:bf:36:b4:02:b5:b2:7d:c0:
c8:c9:c1:46:1a:3d:31:0c:4f:12:ff:e1:66:de:23:
0d:7d:5a:f1:b7:89:28:13:dd:74:a5:b5:c2:b0:c4:
3d:fd:e2:3a:8a:a0:04:93:b6:63:7a:8d:94:38:91:
52:3d:25:03:d8:01:ba:33:18:f3:25:79:a1:b9:bb:
ce:4f:e2:04:f1:69:fa:d0:86:8c:32:73:96:a0:61:
ed:58:cb:03:20:29:36:60:89:49:a5:b6:a3:17:89:
11:0a:60:b1:6a:4c:80:92:ae:2b:51:57:c5:4f:d5:
e4:7b:a5:6b:90:66:0e:de:ae:85:c4:9d:02:53:7a:
bd:14:8e:80:85:33:8e:17:07:5c:c9:c3:e0:aa:9f:
39:18:51:59:4e:c5:31:39:97:87:25:46:f1:1a:51:
7c:c8:d5:3b:5f:4c:16:6e:af:e9:37:e1:4e:de:61:
64:e8:16:10:b5:6f:26:83:15:dd:cc:a7:59:1d:a8:
d9:d7:2c:47:e8:39:81:ff:82:8e:6b:ac:e7:7e:be:
ad:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:81:5F:9E:78:0D:CC:FC:86:9C:7B:CF:B8:25:26:35:32:23:4A:86
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/doFfnngNzPyGnHvPuCUmNTIjSoY.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
125.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
83:a2:79:14:e3:fe:64:9c:cf:1a:6b:b8:b6:b3:1c:84:fe:2d:
5c:f1:4a:10:fa:25:7b:43:59:a9:6e:b7:67:ad:83:92:99:a2:
12:f2:16:cb:fb:41:f1:0e:f2:fc:58:b8:a1:7b:7a:b9:14:c3:
fe:ec:ca:f9:d0:42:30:67:7b:25:88:90:f3:a4:47:2d:3f:65:
d3:9f:8b:61:49:83:74:b1:d8:52:dd:d6:e2:4f:4c:53:49:46:
08:ee:0a:3e:b9:c6:be:81:45:56:b8:13:4a:d6:1a:71:ab:02:
ca:b3:d5:56:1f:a7:f5:db:ff:06:2c:67:04:ab:c2:ec:c5:ac:
55:16:01:06:85:9d:41:1f:30:bc:97:bd:03:7f:3f:a0:af:11:
4f:7a:f4:da:97:ea:7c:32:60:0a:05:c8:c8:80:63:12:66:ac:
6e:be:87:b1:53:af:d4:ea:59:24:58:f0:20:a9:e6:c9:47:f6:
2d:cf:19:29:89:34:a7:e7:b1:a6:e1:52:39:36:ad:d4:88:8e:
a6:df:b9:11:09:bb:49:6d:70:b5:3a:88:0d:7d:f6:3c:ee:31:
b7:18:33:33:5f:2c:6e:58:ad:81:d0:22:a0:8d:1a:6b:0a:47:
44:b1:72:18:c4:cf:5d:ae:52:bb:8a:bb:ec:a4:83:ca:95:f8:
9b:6a:85:47
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICIswwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MjIy
MzExNTdaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDc2ODE1RjlFNzgwREND
RkM4NjlDN0JDRkI4MjUyNjM1MzIyMzRBODYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDj4YQIZfJ+Hhpy6VteXbi9Z+5gDJzpEtWZfhOWCN+3bKRm7r7n
WxXsHCYTVdTJiMcz0Yy/NrQCtbJ9wMjJwUYaPTEMTxL/4WbeIw19WvG3iSgT3XSl
tcKwxD394jqKoASTtmN6jZQ4kVI9JQPYAbozGPMleaG5u85P4gTxafrQhowyc5ag
Ye1YywMgKTZgiUmltqMXiREKYLFqTICSritRV8VP1eR7pWuQZg7eroXEnQJTer0U
joCFM44XB1zJw+CqnzkYUVlOxTE5l4clRvEaUXzI1TtfTBZur+k34U7eYWToFhC1
byaDFd3Mp1kdqNnXLEfoOYH/go5rrOd+vq17AgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUdoFfnngNzPyGnHvPuCUmNTIjSoYwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9kb0Zmbm5nTnpQeUduSHZQ
dUNVbU5USWpTb1kucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
fakwDQYJKoZIhvcNAQELBQADggEBAIOieRTj/mSczxpruLazHIT+LVzxShD6JXtD
Walut2etg5KZohLyFsv7QfEO8vxYuKF7erkUw/7syvnQQjBneyWIkPOkRy0/ZdOf
i2FJg3Sx2FLd1uJPTFNJRgjuCj65xr6BRVa4E0rWGnGrAsqz1VYfp/Xb/wYsZwSr
wuzFrFUWAQaFnUEfMLyXvQN/P6CvEU969NqX6nwyYAoFyMiAYxJmrG6+h7FTr9Tq
WSRY8CCp5slH9i3PGSmJNKfnsabhUjk2rdSIjqbfuREJu0ltcLU6iA199jzuMbcY
MzNfLG5YrYHQIqCNGmsKR0SxchjEz12uUruKu+ykg8qV+JtqhUc=
-----END CERTIFICATE-----
Generated at Sun Jul 20 12:48:33 2025 by rpki-client