Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/v4tUiPuYrsZrttZErGXHztHyyDg.roa
File: v4tUiPuYrsZrttZErGXHztHyyDg.roa (raw, json)
Hash identifier: l+hASom4nWJ8/93rgOrN4nN8MWyJQNS4mBR81y037KM=
Subject key identifier: BF:8B:54:88:FB:98:AE:C6:6B:B6:D6:44:AC:65:C7:CE:D1:F2:C8:38
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 20A0
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/v4tUiPuYrsZrttZErGXHztHyyDg.roa
Signing time: Thu 19 Jun 2025 23:04:28 +0000
ROA not before: Thu 19 Jun 2025 23:04:28 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 125.169.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8352 (0x20a0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 19 23:04:28 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=BF8B5488FB98AEC66BB6D644AC65C7CED1F2C838
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:65:f1:f6:e3:91:ef:a7:13:b2:f5:ff:b8:af:
ce:2a:4d:d1:81:c3:cb:96:06:ca:f2:22:f4:78:49:
32:11:81:d8:ee:55:8c:f4:03:ec:6b:06:5f:61:ac:
fe:f0:6d:2b:62:d4:c0:a3:69:9a:6a:57:58:c8:c1:
92:c9:3b:9b:b9:ad:b6:0f:1b:c4:f3:1c:8a:90:32:
2d:c4:a2:2e:33:43:0a:bd:61:93:70:c5:43:c8:85:
ea:56:8a:16:a4:55:fe:ed:af:fe:76:f6:d5:81:76:
d4:dd:e9:60:2e:fb:d4:12:38:d5:e8:f2:0f:3b:43:
04:b6:64:99:37:d4:5e:4e:64:6e:c9:2c:f8:63:9e:
ca:e8:06:9f:88:ac:db:aa:2a:3f:31:cc:8c:97:dd:
c9:4d:fb:c8:b1:05:7c:1c:71:e5:ff:20:67:86:c6:
41:61:13:1a:7b:cd:ee:19:58:2d:c2:e5:ec:22:5d:
12:81:fb:22:ee:ec:f4:e1:50:eb:59:4e:1e:aa:1a:
4d:4a:df:02:6b:24:2c:d1:87:12:25:37:07:70:5b:
65:45:f9:66:37:d9:75:72:96:b9:30:e8:4a:bb:e1:
1c:e0:2a:31:5b:21:ce:3b:91:f1:73:f8:ca:d6:98:
d9:cd:89:ba:db:c1:4f:17:16:40:8d:8e:d0:29:d2:
48:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:8B:54:88:FB:98:AE:C6:6B:B6:D6:44:AC:65:C7:CE:D1:F2:C8:38
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/v4tUiPuYrsZrttZErGXHztHyyDg.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
125.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
82:7c:6f:b3:2f:9c:83:57:aa:ff:f3:47:5a:c1:28:c8:1c:ca:
0f:45:9a:c6:a0:ba:ad:e4:7a:fe:2e:bc:6e:28:0a:54:d9:54:
30:65:f5:01:f8:f7:b5:36:1a:a9:90:06:7e:38:ef:93:46:1b:
10:b3:03:40:72:82:ea:2d:8a:f8:1d:b7:f6:87:63:67:00:f5:
66:32:f2:fe:4f:59:8d:4a:00:0f:4b:50:43:4e:9d:5c:d4:d9:
fa:78:19:b2:be:d7:98:af:d5:fc:ad:aa:6a:37:44:91:4d:ee:
c4:e4:69:38:9b:57:12:5e:c7:4d:d6:19:62:1d:ff:52:8e:12:
1b:df:70:f4:cf:92:18:ac:9b:e4:d0:e1:06:09:90:00:7e:41:
20:ef:48:bd:08:e0:c9:a2:0d:e9:1e:dd:57:51:d4:3d:76:6b:
29:89:0c:2a:45:07:ca:75:06:77:76:21:91:84:89:51:22:54:
d2:8f:66:eb:d6:f1:b6:63:48:fd:a2:d9:c5:16:38:b8:a5:3b:
85:4f:3f:9a:65:5c:e1:89:14:a4:cb:5b:72:bc:53:bd:45:f7:
30:56:38:2d:e6:19:95:89:c6:1e:59:c9:59:ae:c2:56:eb:26:
d9:25:61:a5:67:f5:98:02:30:0f:75:92:f9:88:32:9c:4d:c8:
b3:eb:f3:b5
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICIKAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MTky
MzA0MjhaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEJGOEI1NDg4RkI5OEFF
QzY2QkI2RDY0NEFDNjVDN0NFRDFGMkM4MzgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCnZfH245HvpxOy9f+4r84qTdGBw8uWBsryIvR4STIRgdjuVYz0
A+xrBl9hrP7wbSti1MCjaZpqV1jIwZLJO5u5rbYPG8TzHIqQMi3Eoi4zQwq9YZNw
xUPIhepWihakVf7tr/529tWBdtTd6WAu+9QSONXo8g87QwS2ZJk31F5OZG7JLPhj
nsroBp+IrNuqKj8xzIyX3clN+8ixBXwcceX/IGeGxkFhExp7ze4ZWC3C5ewiXRKB
+yLu7PThUOtZTh6qGk1K3wJrJCzRhxIlNwdwW2VF+WY32XVylrkw6Eq74RzgKjFb
Ic47kfFz+MrWmNnNibrbwU8XFkCNjtAp0kjpAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUv4tUiPuYrsZrttZErGXHztHyyDgwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni92NHRVaVB1WXJzWnJ0dFpF
ckdYSHp0SHl5RGcucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
fakwDQYJKoZIhvcNAQELBQADggEBAIJ8b7MvnINXqv/zR1rBKMgcyg9Fmsaguq3k
ev4uvG4oClTZVDBl9QH497U2GqmQBn4475NGGxCzA0Byguotivgdt/aHY2cA9WYy
8v5PWY1KAA9LUENOnVzU2fp4GbK+15iv1fytqmo3RJFN7sTkaTibVxJex03WGWId
/1KOEhvfcPTPkhism+TQ4QYJkAB+QSDvSL0I4MmiDeke3VdR1D12aymJDCpFB8p1
Bnd2IZGEiVEiVNKPZuvW8bZjSP2i2cUWOLilO4VPP5plXOGJFKTLW3K8U71F9zBW
OC3mGZWJxh5ZyVmuwlbrJtklYaVn9ZgCMA91kvmIMpxNyLPr87U=
-----END CERTIFICATE-----
Generated at Sun Jul 20 12:55:36 2025 by rpki-client