Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/vI2to2vH-p2djcsv6Q8l_uU6BOI.roa
File: vI2to2vH-p2djcsv6Q8l_uU6BOI.roa (raw, json)
Hash identifier: 1iRqM9u/L+qI7MUlsAgXPIDbGcZu0GPWR5uRZoQZkgM=
Subject key identifier: BC:8D:AD:A3:6B:C7:FA:9D:9D:8D:CB:2F:E9:0F:25:FE:E5:3A:04:E2
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0E3C
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/vI2to2vH-p2djcsv6Q8l_uU6BOI.roa
Signing time: Mon 26 May 2025 01:38:38 +0000
ROA not before: Mon 26 May 2025 01:38:38 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 125.169.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3644 (0xe3c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 26 01:38:38 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=BC8DADA36BC7FA9D9D8DCB2FE90F25FEE53A04E2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:6d:ff:5a:41:2f:29:5b:05:e8:f0:82:df:0d:
98:13:5f:5b:7f:16:56:ff:27:2f:d0:7d:ce:0b:b2:
96:3d:e3:07:3d:12:ea:ef:a0:52:89:bb:b3:c1:32:
31:12:93:94:b9:c2:f6:32:dc:b8:73:cb:91:db:78:
37:b9:81:8a:b2:58:7a:99:e7:0a:b0:4c:ee:36:23:
3d:50:55:b5:ab:7e:d9:db:d1:b6:f1:ad:8e:c7:c8:
d4:63:14:e3:22:89:b3:c8:2d:ff:25:c1:30:cc:24:
08:2f:1a:57:ef:d8:1d:01:9b:0e:4b:cd:22:4a:ca:
98:f2:e7:ad:ba:80:80:45:9e:84:b1:38:55:79:2d:
2d:63:15:e6:ae:61:35:2b:12:d2:71:74:7d:e9:43:
76:03:c8:fa:83:c4:9c:f7:8a:2b:dd:61:99:8a:de:
5c:64:91:ed:7a:51:de:c9:9f:06:ad:ac:15:ed:35:
86:dc:22:ae:d5:03:d7:6a:66:79:56:e9:eb:ff:79:
73:b0:37:2e:46:05:a6:62:97:45:22:cf:27:54:4f:
87:77:4b:25:bb:75:cf:f9:15:d9:03:fd:a2:e1:13:
cf:1f:c7:d2:b4:f5:8e:96:2c:5b:c4:6b:ba:b5:a7:
d0:6d:5a:4e:f8:6e:54:7f:d6:14:0e:e4:38:f3:0f:
a4:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:8D:AD:A3:6B:C7:FA:9D:9D:8D:CB:2F:E9:0F:25:FE:E5:3A:04:E2
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/vI2to2vH-p2djcsv6Q8l_uU6BOI.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
125.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
44:c5:ef:d4:1b:28:18:e9:fe:05:37:96:d0:f1:35:e0:43:1e:
b5:df:d8:19:df:dd:ca:60:2a:b2:fe:b0:c7:d9:da:02:4e:a3:
af:e5:fe:f9:55:23:bc:32:6c:fd:65:32:b4:62:12:de:d3:c7:
4a:73:f1:65:75:31:1f:b0:e1:22:c2:e9:99:c9:38:d1:ca:9e:
fe:e1:39:51:e4:03:6a:1d:38:65:79:fb:e6:cc:64:4d:e7:36:
28:8a:c2:fe:d4:45:d4:42:7f:11:26:b2:a9:e8:32:20:cf:6c:
30:6b:7f:65:6b:dc:3a:e1:1c:fb:5a:46:29:80:a3:ed:82:c3:
56:a5:28:e5:d9:9e:90:61:38:b1:5f:60:bb:cb:3b:55:e0:5a:
27:b3:2a:20:ef:e6:39:a4:06:f4:57:79:e1:f9:a9:11:1f:28:
0e:64:11:cd:85:51:ef:85:5d:1e:41:b9:1c:d7:84:28:32:98:
f3:7c:a2:2d:98:1b:c2:31:d1:6c:df:f9:d7:74:0e:4f:12:47:
57:e1:47:6c:95:1f:ac:17:cb:36:da:70:4e:71:c4:f3:1e:48:
5d:fe:d7:e1:4f:5b:98:40:4e:b1:ba:21:02:25:29:47:db:c8:
30:2c:b6:07:f1:89:5d:fa:69:91:95:e2:b4:00:89:0c:b1:71:
9d:7b:c2:3f
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICDjwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MjYw
MTM4MzhaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEJDOERBREEzNkJDN0ZB
OUQ5RDhEQ0IyRkU5MEYyNUZFRTUzQTA0RTIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCjbf9aQS8pWwXo8ILfDZgTX1t/Flb/Jy/Qfc4LspY94wc9Eurv
oFKJu7PBMjESk5S5wvYy3Lhzy5HbeDe5gYqyWHqZ5wqwTO42Iz1QVbWrftnb0bbx
rY7HyNRjFOMiibPILf8lwTDMJAgvGlfv2B0Bmw5LzSJKypjy5626gIBFnoSxOFV5
LS1jFeauYTUrEtJxdH3pQ3YDyPqDxJz3iivdYZmK3lxkke16Ud7JnwatrBXtNYbc
Iq7VA9dqZnlW6ev/eXOwNy5GBaZil0UizydUT4d3SyW7dc/5FdkD/aLhE88fx9K0
9Y6WLFvEa7q1p9BtWk74blR/1hQO5DjzD6QFAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUvI2to2vH+p2djcsv6Q8l/uU6BOIwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni92STJ0bzJ2SC1wMmRqY3N2
NlE4bF91VTZCT0kucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
fakwDQYJKoZIhvcNAQELBQADggEBAETF79QbKBjp/gU3ltDxNeBDHrXf2Bnf3cpg
KrL+sMfZ2gJOo6/l/vlVI7wybP1lMrRiEt7Tx0pz8WV1MR+w4SLC6ZnJONHKnv7h
OVHkA2odOGV5++bMZE3nNiiKwv7URdRCfxEmsqnoMiDPbDBrf2Vr3DrhHPtaRimA
o+2Cw1alKOXZnpBhOLFfYLvLO1XgWiezKiDv5jmkBvRXeeH5qREfKA5kEc2FUe+F
XR5BuRzXhCgymPN8oi2YG8Ix0Wzf+dd0Dk8SR1fhR2yVH6wXyzbacE5xxPMeSF3+
1+FPW5hATrG6IQIlKUfbyDAstgfxiV36aZGV4rQAiQyxcZ17wj8=
-----END CERTIFICATE-----
Generated at Sat Jun 7 05:24:47 2025 by rpki-client