Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/vr7V7b7RUIDEjbDXrawC6tipanU.roa
File: vr7V7b7RUIDEjbDXrawC6tipanU.roa (raw, json)
Hash identifier: AK2fmaXD1/WOsht6hNxSv94hqDb8jwiKClNJKABtZo8=
Subject key identifier: BE:BE:D5:ED:BE:D1:50:80:C4:8D:B0:D7:AD:AC:02:EA:D8:A9:6A:75
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0B48
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/vr7V7b7RUIDEjbDXrawC6tipanU.roa
Signing time: Thu 22 May 2025 03:08:20 +0000
ROA not before: Thu 22 May 2025 03:08:20 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 125.169.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2888 (0xb48)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 22 03:08:20 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=BEBED5EDBED15080C48DB0D7ADAC02EAD8A96A75
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:44:bd:1b:5c:c2:65:51:4a:76:91:0a:3f:6d:
c6:54:49:00:1e:bd:0c:f6:e9:66:5a:8b:97:6f:74:
87:b6:17:43:82:e6:ec:19:f0:b6:d3:6c:21:f1:26:
c4:83:3d:c7:da:ac:ae:26:0a:58:3d:03:b8:a0:c2:
13:e1:45:9b:88:15:05:0e:f9:00:8d:fd:b0:18:7c:
af:e2:35:4e:5b:9a:16:69:33:4b:0e:13:cc:a5:16:
b1:87:82:32:45:dd:51:1a:ad:d4:82:e8:6d:1b:25:
41:1d:20:c0:0f:16:14:dd:2c:79:ab:af:df:7a:36:
81:a7:c9:cc:99:22:32:70:2d:53:80:c5:11:51:28:
23:1b:19:46:b0:ec:d3:a7:0b:95:cf:76:4c:34:31:
5b:8e:65:f0:6a:a3:f9:90:58:19:87:92:a9:90:d4:
fc:8b:d7:e0:ff:dd:c2:05:46:4e:70:b0:c6:18:65:
30:ea:15:b5:ae:8a:20:82:4e:6e:66:70:55:e6:ea:
77:55:ad:8a:85:c8:5c:d4:3f:45:0d:fb:4c:8c:95:
30:d4:58:8e:37:84:04:f5:d8:a5:68:b1:6c:71:24:
f7:b2:e1:93:76:46:ed:a0:03:9f:a9:96:dc:53:d5:
03:7d:30:23:b3:12:c6:81:14:a6:72:49:d7:a1:b5:
5f:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:BE:D5:ED:BE:D1:50:80:C4:8D:B0:D7:AD:AC:02:EA:D8:A9:6A:75
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/vr7V7b7RUIDEjbDXrawC6tipanU.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
125.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
25:fd:8d:d7:9a:6c:33:6b:95:9f:33:65:db:33:15:ee:61:b6:
a2:ba:95:e6:53:27:98:07:7f:bf:8d:af:c8:cb:71:48:e3:e2:
d8:4e:50:17:41:ed:66:9f:f0:16:e5:8f:ba:88:27:d7:09:d5:
a0:45:89:a4:a4:29:0c:56:e1:cb:77:c0:3a:ab:b6:f3:7b:c1:
e3:76:61:68:53:de:64:87:28:75:8d:f4:43:7e:7d:95:31:0a:
90:8d:1f:48:04:6e:72:99:df:7c:91:03:47:4f:3c:b1:e0:0a:
ba:33:d7:c2:af:51:42:f4:d1:16:fc:8b:ee:94:ab:98:b4:d6:
7d:ed:e2:97:98:5a:5c:5a:f3:7c:8f:06:30:5c:3f:66:aa:c4:
a9:c2:c5:c5:4d:31:6b:0a:02:4b:55:ae:04:2c:14:36:cb:2e:
c1:58:39:a8:f0:85:d9:52:6c:c8:cd:f5:03:88:06:6a:00:e1:
47:0c:ae:b5:8e:f2:7d:85:c6:13:00:c3:14:67:41:06:8c:b5:
6d:c6:29:3a:78:d3:78:7d:46:37:61:6c:d0:c6:31:51:e4:67:
39:f7:75:12:2e:26:a2:b8:7a:d9:6f:52:57:2f:19:56:c8:1e:
71:4a:d9:e1:1d:94:e4:56:75:b5:d5:c1:55:4a:22:5f:70:7d:
f6:43:0d:06
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICC0gwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MjIw
MzA4MjBaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEJFQkVENUVEQkVEMTUw
ODBDNDhEQjBEN0FEQUMwMkVBRDhBOTZBNzUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC9RL0bXMJlUUp2kQo/bcZUSQAevQz26WZai5dvdIe2F0OC5uwZ
8LbTbCHxJsSDPcfarK4mClg9A7igwhPhRZuIFQUO+QCN/bAYfK/iNU5bmhZpM0sO
E8ylFrGHgjJF3VEardSC6G0bJUEdIMAPFhTdLHmrr996NoGnycyZIjJwLVOAxRFR
KCMbGUaw7NOnC5XPdkw0MVuOZfBqo/mQWBmHkqmQ1PyL1+D/3cIFRk5wsMYYZTDq
FbWuiiCCTm5mcFXm6ndVrYqFyFzUP0UN+0yMlTDUWI43hAT12KVosWxxJPey4ZN2
Ru2gA5+pltxT1QN9MCOzEsaBFKZySdehtV+dAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUvr7V7b7RUIDEjbDXrawC6tipanUwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni92cjdWN2I3UlVJREVqYkRY
cmF3QzZ0aXBhblUucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
fakwDQYJKoZIhvcNAQELBQADggEBACX9jdeabDNrlZ8zZdszFe5htqK6leZTJ5gH
f7+Nr8jLcUjj4thOUBdB7Waf8Bblj7qIJ9cJ1aBFiaSkKQxW4ct3wDqrtvN7weN2
YWhT3mSHKHWN9EN+fZUxCpCNH0gEbnKZ33yRA0dPPLHgCroz18KvUUL00Rb8i+6U
q5i01n3t4peYWlxa83yPBjBcP2aqxKnCxcVNMWsKAktVrgQsFDbLLsFYOajwhdlS
bMjN9QOIBmoA4UcMrrWO8n2FxhMAwxRnQQaMtW3GKTp403h9RjdhbNDGMVHkZzn3
dRIuJqK4etlvUlcvGVbIHnFK2eEdlORWdbXVwVVKIl9wffZDDQY=
-----END CERTIFICATE-----
Generated at Wed Jun 4 01:02:19 2025 by rpki-client