Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/tTzPAFNmvF5xY3P6IfyEvN0vd5M.roa
File: tTzPAFNmvF5xY3P6IfyEvN0vd5M.roa (raw, json)
Hash identifier: lFeZ7GbIMY69hQIG1jh7LfG552x0ee3WSP32DI5N5kI=
Subject key identifier: B5:3C:CF:00:53:66:BC:5E:71:63:73:FA:21:FC:84:BC:DD:2F:77:93
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 202C
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/tTzPAFNmvF5xY3P6IfyEvN0vd5M.roa
Signing time: Thu 19 Jun 2025 03:36:45 +0000
ROA not before: Thu 19 Jun 2025 03:36:45 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 125.169.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8236 (0x202c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 19 03:36:45 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=B53CCF005366BC5E716373FA21FC84BCDD2F7793
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:68:a2:f2:a5:5c:73:24:e8:e6:85:d0:46:ba:
b1:ab:ba:4b:ee:50:d1:08:39:ad:85:98:d3:25:7f:
14:12:53:4b:e0:9a:a5:5c:ee:5d:17:7a:b0:7c:33:
8a:e1:fa:67:e3:e3:87:27:71:5f:ce:e9:ae:61:a4:
19:5d:82:1a:e5:22:10:f4:44:1d:f4:9a:af:b3:4c:
99:96:31:96:b2:ac:a2:d2:b6:63:2a:af:26:2e:08:
d1:f6:e0:b2:66:58:e5:15:2d:fd:bf:dd:71:ee:8a:
ee:df:e0:bf:73:9f:02:fc:a9:e3:6e:42:cd:80:fe:
ce:8c:23:e4:b3:43:ce:ac:06:50:a4:bc:4c:ff:91:
84:f6:0a:cc:0e:1f:d1:e6:75:60:bf:8e:e8:5d:8b:
b6:87:02:4a:cd:8d:26:55:a6:ec:17:9c:cc:47:20:
9e:9b:c3:c3:4b:28:85:7f:b6:08:2d:30:52:ea:cc:
1f:c2:a7:cb:5b:93:83:86:74:39:1a:73:b5:24:94:
99:3c:5d:01:ce:05:af:e7:82:61:4a:f2:4b:b6:0e:
5b:ed:0f:5c:8e:64:c6:7a:55:43:5b:fe:7f:72:dd:
45:5c:e6:c8:fb:e5:84:48:ec:51:56:aa:fc:65:5c:
f0:b4:e7:cd:58:a0:d2:bc:1b:29:aa:ee:37:19:e4:
95:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:3C:CF:00:53:66:BC:5E:71:63:73:FA:21:FC:84:BC:DD:2F:77:93
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/tTzPAFNmvF5xY3P6IfyEvN0vd5M.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
125.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
62:64:49:07:08:8b:e3:3c:5b:65:31:d4:75:3f:22:b6:22:b3:
5a:bd:b6:8a:18:83:fe:7c:1f:63:fc:55:37:d3:39:6d:fb:92:
0a:cd:d9:7d:5f:79:e0:86:2a:bf:fd:45:0a:de:f1:2d:f9:e7:
4e:3e:3d:d7:42:34:9a:e7:b1:99:a5:da:0b:5a:ef:5f:03:fa:
9e:bd:04:ca:69:f7:29:e9:4b:68:03:90:fa:c4:3f:60:9d:d1:
3d:fe:38:f0:bc:12:2f:e8:d1:89:17:0a:d2:36:3c:c6:cd:3f:
54:70:2a:86:6d:18:a0:74:ef:16:0d:07:e3:95:08:ba:4b:c7:
f7:20:e1:81:9b:df:b6:2b:a6:e8:2a:d7:b2:5b:f9:21:59:f8:
7c:00:f2:50:7b:a6:83:c8:ba:99:0a:2c:4c:8d:ac:21:0d:c8:
dc:54:c3:28:f5:ea:35:03:50:72:c6:7a:8d:9c:4d:1e:2e:3f:
fd:79:39:99:a6:f0:a7:a2:4c:09:d7:bc:cd:6a:48:e0:16:0d:
11:3c:ff:e9:24:e3:ca:54:f0:55:b6:14:bc:02:b4:9a:2a:15:
6f:b9:6f:23:b4:27:c8:96:15:7b:6b:46:26:03:0e:3f:a9:0c:
69:5d:35:80:ff:5e:ec:2f:3c:0c:ab:2a:a5:d4:7a:bc:53:46:
69:16:5d:ae
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICICwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MTkw
MzM2NDVaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEI1M0NDRjAwNTM2NkJD
NUU3MTYzNzNGQTIxRkM4NEJDREQyRjc3OTMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCzaKLypVxzJOjmhdBGurGrukvuUNEIOa2FmNMlfxQSU0vgmqVc
7l0XerB8M4rh+mfj44cncV/O6a5hpBldghrlIhD0RB30mq+zTJmWMZayrKLStmMq
ryYuCNH24LJmWOUVLf2/3XHuiu7f4L9znwL8qeNuQs2A/s6MI+SzQ86sBlCkvEz/
kYT2CswOH9HmdWC/juhdi7aHAkrNjSZVpuwXnMxHIJ6bw8NLKIV/tggtMFLqzB/C
p8tbk4OGdDkac7UklJk8XQHOBa/ngmFK8ku2DlvtD1yOZMZ6VUNb/n9y3UVc5sj7
5YRI7FFWqvxlXPC0581YoNK8Gymq7jcZ5JXVAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUtTzPAFNmvF5xY3P6IfyEvN0vd5MwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni90VHpQQUZObXZGNXhZM1A2
SWZ5RXZOMHZkNU0ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
fakwDQYJKoZIhvcNAQELBQADggEBAGJkSQcIi+M8W2Ux1HU/IrYis1q9tooYg/58
H2P8VTfTOW37kgrN2X1feeCGKr/9RQre8S35504+PddCNJrnsZml2gta718D+p69
BMpp9ynpS2gDkPrEP2Cd0T3+OPC8Ei/o0YkXCtI2PMbNP1RwKoZtGKB07xYNB+OV
CLpLx/cg4YGb37Yrpugq17Jb+SFZ+HwA8lB7poPIupkKLEyNrCENyNxUwyj16jUD
UHLGeo2cTR4uP/15OZmm8KeiTAnXvM1qSOAWDRE8/+kk48pU8FW2FLwCtJoqFW+5
byO0J8iWFXtrRiYDDj+pDGldNYD/XuwvPAyrKqXUerxTRmkWXa4=
-----END CERTIFICATE-----
Generated at Sun Jul 20 12:51:17 2025 by rpki-client